Identity Day 2025

You are very likely to have heard of an Identity Fabric, but many of us have not had the necessary time or opportunity to delve into it. In this session we will consider what it is, why there is a focus on it and what we as individual Identity Security professionals should be thinking about in our approach to it.

API breaches continue to rise, driving some of the most significant data exposures in recent years. In this talk, Daniel Lindau explores how flawed access patterns and mismanaged tokens leave APIs and identity data vulnerable to misuse.

You’ll gain insights into why traditional OAuth patterns often fall short in today’s complex API environments. By adopting modern techniques like the token handler and FAPI standards, you can tighten access control and build resilience into your API architecture.

At the core of this challenge is Customer Identity and Access Management (CIAM). As organizations expose APIs to customers, partners, and developers, CIAM is key to enforcing identity-aware access policies, managing user consent, and protecting sensitive data. Robust CIAM is essential for both API security and delivering secure, compliant digital experiences at scale.

Daniel will also cover B2B and partner use cases, where external integrations add complexity. Expect practical, identity-driven strategies to secure public APIs, internal systems, and third-party interfaces.

The B2B landscape is evolving beyond transactions. In the era of B2B(2X), organisations must securely interact with partners, suppliers, employees, and customers. Trust is now a strategic imperative. To unlock opportunities, businesses need intelligent identity solutions. AI-driven risk analysis, decentralized identity, and advanced verification frameworks help mitigate risks, prevent fraud, and ensure seamless access. Join this session to learn how companies are reducing onboarding times, strengthening security, and streamlining digital interactions with scalable identity frameworks.

Modernization isn’t just an option in today’s fast-moving digital world – it’s essential for organizations that want to stay secure and competitive. Transform your identity security approach. Ensure audit readiness and governance across your environment with enhanced data hygiene. Proactively detect identity and access risks before they become incidents while minimizing manual efforts and prioritizing risk remediation. Cut costs, save time, and stay compliant, all with one powerful platform.

Dagen leds av Johanna Samuelson – en erfaren och engagerande konferencier som med skärpa, värme och humor guidar dig genom programmet.

Organisations today face a critical privileged access problem that puts them in constant firefighting mode. Despite deploying the ”right” tools such as PAM or IGA, privilege controls continue to fail, leaving security teams reactive rather than strategic.

Drawing from real-world experience scaling IAM at a large multi-national retailers and insights from red team exercises, this session reveals why traditional approaches fall short and presents a practical framework for building resilient privileged access controls, designed for today’s threat environment.

Key Takeaways:

• Why current privilege management strategies fail in complex environments
• Battle-tested tactics for breaking the reactive cycle
• How to establish a robust ”identity floor” as your defensive foundation
• Practical lessons from enterprise-scale implementations
• Moving from compliance-driven to threat-driven security posture

This session provides actionable strategies for security and identity professionals looking to move beyond firefighting toward proactive, confident privileged access protection.

Digital identities have been part of our lives long enough to leave behind a patchwork of databases, rigid processes, vendor lock-ins, and outdated architectures. This session challenges the notion that a ”one-vendor IAM stack” is the only path forward. Anders Björk will explore the power of a truly agnostic approach to Identity and Access Management—one that puts flexibility, scalability, and user experience first. From internal workforce identities to CIAM, external access, and JML (Joiner-Mover-Leaver) flows, discover how decoupling your IAM strategy can future-proof your architecture and empower your organization to adapt faster, integrate smarter, and innovate freely.

By using existing AI and Machine Learning functionality in combination with integrated IGA and PAM, organizations can achieve significant security benefits. As a result, higher security can be achieved and where affected actors, such as managers, system administrators and IT auditors, are effectively supported in their work.

Identity is more critical than ever, it´s the foundation of who we are, guiding our values, decisions, and interactions with the world. Within the context of compliance and digital security, identity becomes even more significant. In a world where personal data is constantly at risk of being hacked or manipulated, maintaining a clear and secure sense of identity is essential to protect not just our personal information, but our autonomy and control.

Imagine a future where AI seamlessly handles Identity Governance and Administration (IGA) tasks—whether you’re an administrator, a helpdesk agent, or an end user. Instead of navigating complex workflows and esoteric User Interfaces, AI will be at your service, executing tasks through natural language interactions. Join us as we walk through a dream scenario of reliable AI integration, showcasing how conversational AI can revolutionize identity management, streamline operations, and enhance security—all while reducing manual effort and human error.