Beat the rush and join us early for complimentary barista-made coffee and breakfast.

Identity is now the most valuable signal in cyber  and the earliest indicator of attacker intent. In high-threat environments, waiting for alerts isn’t enough.

‍

This session breaks down how critical organisations are using identity telemetry. Logins, privilege shifts, access anomalies, and behavioural patterns  to detect hostile activity earlier, disrupt lateral movement, and respond before impact. Hear the practical playbook for shifting identity from a static control to a live threat-intelligence capability, and what it takes to operationalise identity data at scale.

‍

The number of non-human identities, from AI agents to service accounts and automation scripts, now far exceeds human users in many environments. But these identities often lack clear ownership, lifecycle management, or access controls. In this session, we’ll unpack why they’ve become one of the most overlooked and risky parts of modern identity programs.You’ll learn how to:

• Identify and inventory non-human identities across your environment
• Set lifecycle, ownership, and access policies that actually stick
• Reduce risk by securing tokens, automation credentials, and embedded secrets

‍

As hybrid environments expand and automation increases, privileged access has become the most exploited pathway in breaches. Identities, human and machine, now hold powerful permissions across cloud, APIs, SaaS, and operational systems, making traditional PAM models too slow and siloed.This panel will explore how organisations are unifying Identity and PAM strategies to gain visibility, enforce least privilege, and detect misuse in real time. Hear how leaders are reducing privileged sprawl, managing machine credentials, and aligning PAM with Zero Trust without slowing operations.

• Why converging IAM and PAM is critical for controlling high-risk access across cloud and hybrid environments.
• Practical approaches to reducing privileged sprawl and managing machine identities at scale.
• How to automate least privilege and real-time monitoring without disrupting productivity.

‍

When we uncovered privilege creep, inconsistent approvals, and legacy access pathways, the obvious solution was a large-scale IAM overhaul. Instead, we focused on targeted controls, clearer accountability, and practical automation to close the highest-risk gaps without introducing heavyweight enterprise complexity.

• Prioritise real risk over perfect architecture
• Clarify ownership before adding tooling
• Automate guardrails, not bureaucracy

‍

An interactive session where attendees participate in handling a simulated breach due to compromised credentials, focusing on containment and remediation strategies.

Synthetic voice technologies are advancing rapidly, placing increasing pressure on voice-based authentication and verification systems. This session examines how deepfake audio is beginning to surface in real security-relevant contexts and what this means for identity and access management (IAM).

Drawing on applied research and real-world deployments across speech science and AI security, the talk highlights documented cases of synthetic voice misuse and detection, and what they reveal about current system limitations. It also outlines practical strategies for improving resilience as voice synthesis continues to evolve.

• Where deepfake voice risks are already emerging in operational workflows
• How detection and layered defences can strengthen voice authentication
• What IAM teams should prepare for as synthetic speech capabilities advance

‍

‍

As organisations move beyond human users, non‑human identities (NHIs) have become critical to trust, security, and governance. In this session, I demonstrate an NHI architecture built using IBM Verify IAM integrated with HashiCorp Vault, showing how identity, authentication, and secrets management work together in practice.

Using a stock trading scenario, I walk through how AI agents securely authenticate, retrieve credentials, and interact with systems without exposing sensitive data. The demo brings to life an end‑to‑end, zero‑trust approach to securing agent-based workflows—illustrating how enterprises can confidently scale AI while maintaining control, compliance, and resilience.

‍

Users expect fast, seamless access - while attackers increasingly target identity as the weakest link. This session explores how organisations can deliver frictionless experiences without sacrificing security, using adaptive authentication, passwordless approaches, and smart UX design. Learn practical ways to reduce drop-off, strengthen trust, and align security and product goals.

• Apply adaptive, risk-based authentication to reduce friction while improving protection.
• Use design patterns like passwordless and progressive profiling to streamline user journeys.
• Align security and product teams to create identity experiences that drive engagement and trust.

‍

Delegates will chose from a list of pertinent peer-to-peer discussion topics focussing on evolving and emerging trends, techniques and technologies.

Put your knowledge to the test in this fast-paced quiz covering real-world identity trivia, key concepts, and emerging trends. Compete for bragging rights—and a travel voucher—as the top scorer takes the crown.

‍

Identity and Access Management often promises control and efficiency. In practice, many enterprises face complex role catalogs, slow approval cycles, inconsistent certification reviews, and emergency access processes that strain security teams and auditors.

This session explores how Agentic AI introduces structured intelligence across the full identity lifecycle without disrupting existing governance frameworks or security controls. Rather than replacing human oversight, AI agents operate within defined guardrails to augment decision-making, strengthen least-privilege enforcement, and reduce operational load.

We will examine practical use cases across enterprise IAM environments, including:

• Intent-driven access request conversations that guide users to the right access, reducing dependency on static role catalogs
• Birthright role mapping and AI-based approval recommendations that improve speed and consistency in access approvals and certification campaigns
• Automated compliance summarization and contextual review support for managers and application owners
• Emergency access reviews reduced from hours to minutes, improving audit readiness and control transparency

‍

As quantum computing advances, today’s encryption standards (RSA, ECC) that underpin most identity and access management systems could become obsolete.

‍

This session explores how organisations can prepare IAM programs for a quantum-ready future. What quantum computing means for IAM and why today’s cryptography won’t hold up.

• Post-quantum cryptographic (PQC) standards emerging from NIST and their IAM implications.
• Transition strategies: crypto-agility, hybrid models, and vendor roadmaps to quantum-safe IAM.
• Business impact: how to balance long-term resilience with short-term cost and complexity.

‍

In this session we will take a live pulse of the room with a series of multiple questions discussing Interoperability, digital wallets, and citizen identity and where Australia fits in the global identity landscape and have our panel of leaders discuss in this open forum think tank.

‍

This interactive session puts these questions directly to the audience. Participants vote live on a series of real-world scenarios, explore the results together, and vote again as perspectives shift through the discussion.

• How close do you think Australia is to making digital wallets part of everyday life?
• In your view, what’s the hardest challenge to overcome for digital identity adoption?
• Which sector is best placed to push digital identity forward in Australia?
• When thinking about interoperability, where should Australia focus its first big step?
• By 2030, what form of citizen identity do you think Australians will rely on most?
• How do you see Australia’s position in the global identity landscape by the end of the decade?

‍

Unwind with your peers for a couple of drinks on us!