Sydney Identity, Authentication & Access Management Summit 2025

This session will explore the future of Identity and Access Management (IAM) and how organisations can adapt to the evolving cybersecurity landscape while providing seamless, secure experiences for users.

As the digital landscape evolves, organizations face both opportunities and risks across their expanding digital footprint - from users and devices to networks, applications, and data. Learn how to protect against common vulnerabilities, including credential-based attacks which account for 89% of web application breaches, through a comprehensive identity security approach.

This forward-looking panel will explore the evolving landscape of Identity and Access Management (IAM) over the next decade. Experts will discuss the cutting-edge trends and technologies that are expected to reshape IAM, including:

• AI-powered Identity Management: AI and ML driving smarter, adaptive identity management and real-time threat detection.
• Self-Sovereign Identity (SSI): Empowering users with control over digital identities for better privacy and security.
• Decentralised Authentication: Blockchain and distributed ledgers creating decentralised, trust-based authentication systems across platforms.
• The Rise of Automation: Automation streamlining IAM processes and enabling real-time, context-aware access control.

‍

In this innovative session, attendees will be faced with a series of scenarios that they may face in their roles. Attendees will discuss the possible courses of action with their peers to consider the ramifications of each option before logging their own course of action.

‍

Results will be tallied and analysed by our session facilitator and results will impact the way the group moves through the activity.

‍

Will we collectively choose the right course of action?

‍

According to the Australian Signals Directorate (ASD), Microsoft’s Windows Active Directory is the most widely used authentication and authorisation solution in enterprise IT (and OT) networks globally. 

This makes it a valuable target for malicious cyber actors and it is routinely targeted as part of attacks against enterprise networks.  

With Windows Active Directory being a regular factor in the increasing amount of data theft and business disruptions by attackers gaining unauthorised access to systems and data:

• What are common blind-spots that organisations face and that attackers exploit?
• How modern identity-security controls help mitigate the risk exposure organisations face?
• Demonstration of applying these controls where it was difficult/impossible to do before!

‍

‍

‍

‍

Discover how reimagining digital authority transforms data security and digital ownership, and why breaches soon won’t matter.

• Super-admin altering any permissions, vendor devops with a backdoor, sysadmin accessing root keys,  db-admin accessing any record – takes only one to compromise
• Understanding the fundamental flaw in today’s cybersecurity
• How ineffable cryptography ensures digital authority can no longer be stolen or abused
• How application of the technology to your IAM will turn a breach from a catastrophe into a non-event

‍

‍

‍

• Understanding the risks associated with service accounts, bots, and machine identities, and how to bring them under governance
• Implementing access controls, automated policy enforcement, and real-time monitoring to detect and prevent unauthorised privilege escalations
• Demonstrating how to unify identity security across on-prem, cloud, and third-party applications without disrupting operation

‍

• Why is Zero Trust IAM becoming the standard for Cloud Security: Zero Trust principles, such as least-privilege access and continuous identity verification, are crucial for securing modern cloud environments and reducing risk
• Challenges in Implementing Zero Trust for IAM: Implementing Zero Trust in hybrid and multi-cloud environments presents challenges, such as integrating legacy systems and managing diverse identity sources
• Evolving IAM Models for Continuous Verification: Organisations must evolve their IAM strategies to support real-time authentication, adaptive access control, and continuous identity verification
• Success Stories and Lessons Learned: Successful enterprise adoption of Zero Trust for IAM demonstrates its impact on security and the valuable lessons learned along the way

‍

Choose 1 topic from the following:

1. Secure Your Identity Infrastructure from Insider Threats
2. What is the future of Identity Governance and Security?
3. Implementing Adaptive Authentication to Combat Evolving Threats
4. The role of Unified Identity Security in protecting your organisation from malicious cyber actors
5. Bridging the Gap: Integrating Privileged Access Management and Identity Access Governance
6. Secure identity before, during, and after authentication:  Addressing additional roadblocks in your IAM solution
7. Leveraging AI in Modern Privileged Access Management: Uncovering Threats and Hidden Paths to Privilege 

‍

‍

AI-powered deepfakes have become more sophisticated, which means organisations must stay ahead of evolving threats to digital identity, authentication, and trust. In this presentation, we’ll unpack: 

• The increasing role of AI deepfakes in identity fraud and authentication
• Emerging detection techniques and AI-driven countermeasures
• Best practices for safeguarding digital identities in a deepfake-driven landscape

‍

‍

As identity, authentication, and access management practices evolve, the industry is rife with debate over which technologies and models best serve security and user experience. This session challenges thought leaders to examine the pros, cons, and trade-offs of emerging trends that are reshaping the IAM landscape.

‍

Contentious Trends Up for Debate:

• Should we focus on centralised or decentralised identity?
• Is passwordless authentication the next big thing?
• Is there more to come for consumer biometrics or has the novelty worn off?
• Is the digital identity bill achieving its goal? 
• Should UX be considered in choosing IAM methods?

‍