Identity Day 2025

Ta del av ett spännande scensamtal där Sara Wimmercranz möter vår moderator Johanna Samuelsson för en inspirerande diskussion om trender och insikter som formar framtidens näringsliv och samhälle.

You are very likely to have heard of an Identity Fabric, but many of us have not had the necessary time or opportunity to delve into it. In this session we will consider what it is, why there is a focus on it and what we as individual Identity Security professionals should be thinking about in our approach to it.

API breaches continue to rise, driving some of the most significant data exposures in recent years. In this talk, Daniel Lindau explores how flawed access patterns and mismanaged tokens leave APIs and identity data vulnerable to misuse.

You’ll gain insights into why traditional OAuth patterns often fall short in today’s complex API environments. By adopting modern techniques like the token handler and FAPI standards, you can tighten access control and build resilience into your API architecture.

At the core of this challenge is Customer Identity and Access Management (CIAM). As organizations expose APIs to customers, partners, and developers, CIAM is key to enforcing identity-aware access policies, managing user consent, and protecting sensitive data. Robust CIAM is essential for both API security and delivering secure, compliant digital experiences at scale.

Daniel will also cover B2B and partner use cases, where external integrations add complexity. Expect practical, identity-driven strategies to secure public APIs, internal systems, and third-party interfaces.

The B2B landscape is evolving beyond transactions. In the era of B2B(2X), organisations must securely interact with partners, suppliers, employees, and customers. Trust is now a strategic imperative. To unlock opportunities, businesses need intelligent identity solutions. AI-driven risk analysis, decentralized identity, and advanced verification frameworks help mitigate risks, prevent fraud, and ensure seamless access. Join this session to learn how companies are reducing onboarding times, strengthening security, and streamlining digital interactions with scalable identity frameworks.

Modernization isn’t just an option in today’s fast-moving digital world – it’s essential for organizations that want to stay secure and competitive. Transform your identity security approach. Ensure audit readiness and governance across your environment with enhanced data hygiene. Proactively detect identity and access risks before they become incidents while minimizing manual efforts and prioritizing risk remediation. Cut costs, save time, and stay compliant, all with one powerful platform.

Dagen leds av Johanna Samuelson – en erfaren och engagerande konferencier som med skärpa, värme och humor guidar dig genom programmet.

Organisations today face a critical privileged access problem that puts them in constant firefighting mode. Despite deploying the ”right” tools such as PAM or IGA, privilege controls continue to fail, leaving security teams reactive rather than strategic.

Drawing from real-world experience scaling IAM at a large multi-national retailers and insights from red team exercises, this session reveals why traditional approaches fall short and presents a practical framework for building resilient privileged access controls, designed for today’s threat environment.

Key Takeaways:

• Why current privilege management strategies fail in complex environments
• Battle-tested tactics for breaking the reactive cycle
• How to establish a robust ”identity floor” as your defensive foundation
• Practical lessons from enterprise-scale implementations
• Moving from compliance-driven to threat-driven security posture

This session provides actionable strategies for security and identity professionals looking to move beyond firefighting toward proactive, confident privileged access protection.

Digital identities have been part of our lives long enough to leave behind a patchwork of databases, rigid processes, vendor lock-ins, and outdated architectures. This session challenges the notion that a ”one-vendor IAM stack” is the only path forward. Anders Björk will explore the power of a truly agnostic approach to Identity and Access Management—one that puts flexibility, scalability, and user experience first. From internal workforce identities to CIAM, external access, and JML (Joiner-Mover-Leaver) flows, discover how decoupling your IAM strategy can future-proof your architecture and empower your organization to adapt faster, integrate smarter, and innovate freely.

By using existing AI and Machine Learning functionality in combination with integrated IGA and PAM, organizations can achieve significant security benefits. As a result, higher security can be achieved and where affected actors, such as managers, system administrators and IT auditors, are effectively supported in their work.

Identity is more critical than ever, it´s the foundation of who we are, guiding our values, decisions, and interactions with the world. Within the context of compliance and digital security, identity becomes even more significant. In a world where personal data is constantly at risk of being hacked or manipulated, maintaining a clear and secure sense of identity is essential to protect not just our personal information, but our autonomy and control.

Imagine a future where AI seamlessly handles Identity Governance and Administration (IGA) tasks—whether you’re an administrator, a helpdesk agent, or an end user. Instead of navigating complex workflows and esoteric User Interfaces, AI will be at your service, executing tasks through natural language interactions. Join us as we walk through a dream scenario of reliable AI integration, showcasing how conversational AI can revolutionize identity management, streamline operations, and enhance security—all while reducing manual effort and human error.

Traditional perimeter-based identity models are no longer sufficient in an environment where threats are persistent, identities are dynamic, and user interactions span multiple devices and platforms. This technical workshop will dive deep into how continuous trust models can be architected using decentralized identity technologies, low-friction authentication mechanisms, and real-time verification processes.

Even with growing budgets and stricter compliance mandates, cyber risk is still on the rise. Identities are a top target, with attackers exploiting hidden Paths to Privilege™ to gain access. Managing elevated permissions across hybrid environments is complex, and traditional PAM tools—focused only on privileged accounts—often leave gaps. This session will look at how modern, identity-focused PAM secures all users, reduces risk, and simplifies access to keep your organization both protected and productive.

The future is spelled A.I., and it’s rewriting Identity Security in more ways than we dare to admit.

Get ready for a thought-provoking journey from the messy present to the autonomous future of Identity. This talk explores the explosive evolution of both AI and Identity Security, challenging us to look beyond today’s manual toil and into a redefined world powered by AI Native technology.

• Learn why governance and security always starts with insight

• Discover how a modern data model strengthens identity security

• Hear how a platform approach simplifies and enhances identity management

• Learn from the leader in Identity Security why this is just the beginning – and find out what’s next for identity security

Identity is no longer an IT side note it’s the foundation of digital trust and business growth.

This session uncovers how Identity Fabric turns today’s fragmented systems into one unified strategy, driving ROI, agility, and resilience in the AI era. The organizations that master it will lead. The rest will be left unraveling the loose threads.

Identity is no longer an IT side note it’s the foundation of digital trust and business growth.

This session uncovers how Identity Fabric turns today’s fragmented systems into one unified strategy, driving ROI, agility, and resilience in the AI era. The organizations that master it will lead. The rest will be left unraveling the loose threads.

Managing compliance manually can be time-consuming and prone to errors. Removing the errors of manual evidence collecting to using a solution that automates the compliance process, enabling organisations to maintain continuous adherence to frameworks like NIS 2, DORA, SOC 2, ISO, and beyond.

An employee’s digital identity has a lifecycle that starts even before their first day and continues until after they leave the organization. In this session, we will follow that journey step by step:

Before day one – the individual’s identity is securely verified, establishing trust from the very beginning.
First day and beyond – the right access is automatically granted based on role and responsibility. Additional access can be requested through self-service with optional approval, while regular access reviews ensure that permissions remain appropriate over time.
Adaptive protection – risks and threats are continuously assessed, keeping logins and access secure, with self-remediation options for users.
Secure connectivity anywhere – whether resources are in the cloud, on-premises, or across the internet, employees gain consistent, secure access from any device and location, ensuring productivity without compromising security.
End of the journey – when employment ends, access is swiftly and cleanly removed, minimizing risks to the organization.
This session demonstrates how modern identity solutions based on Microsoft Entra Suite can deliver both stronger protection and a smoother user experience throughout the entire employee journey.

As hybrid environments grow more complex and remote work becomes the norm, identity has emerged as the new security perimeter. This session explores the tools and strategies needed to build and maintain a modern, identity-centric security model aligned with Zero Trust principles.We’ll cover practical insights and real-world examples that show how leading organizations achieve continuous trust and compliance by:
– Eliminating Standing Privilege: Implementing Zero Standing Privilege (ZSP) to minimize the attack surface across systems and applications.
– Driving Intelligent Access: Leveraging Identity Governance and Privileged Access Management (PAM) to automate access reviews and enable Just-in-Time (JIT) elevation based on context and risk.
– Scaling Security with AI: Using machine learning to streamline compliance, detect anomalous behavior, and simplify audits in complex environments.
Discover how to integrate governance and privilege capabilities to gain end-to-end visibility, reduce manual overhead, and significantly lower enterprise risk.