Programme

In today’s rapidly evolving digital world, identity management is no longer a nice-to-have—it’s a critical foundation for security and compliance. This dynamic session dives into the transformative power of Identity Governance & Administration (IGA) and how it can help organizations reduce manual workloads, tighten access controls, and stay aligned with regulations like NIS2.

Discover how to align identity processes with your enterprise architecture and design a scalable roadmap for onboarding applications. We’ll explore proven practices in role modeling, stakeholder engagement, and change management that drive adoption and long-term success.

Packed with real-world insights and actionable strategies, this session will equip you with the tools and vision to build a future-ready identity strategy.

From business case to effectively rolling out privileged access management is easier written than done.  Performing this in an intercontinental organisation, 55 entities wide and on a mission to actively measure risk posture increase is a whole different ball game.  During this session, we touch on the concepts, challenges and lessons learned on how Securitas drives Privileged Access Management in Core IT,  Industrial IT and its business applications.

By 2026, every European citizen should have access to a secure, user-friendly, and trusted Digital Identity Wallet, enabling seamless interaction with both public and private services. Belgium is actively preparing for the integration of this European Wallet into its national infrastructure.

But what exactly is the European Digital Identity Wallet? Where do we stand with the Implementing Acts and the Architectural Reference Framework? And how is Belgium progressing in terms of implementation?

In this keynote, BOSA will outline Belgium’s roadmap towards adoption—highlighting the milestones ahead and what this means for citizens, businesses, and public authorities. With mandatory acceptance by key private sector players on the horizon by the end of 2027, this session provides essential insight into the digital transformation journey Belgium is undertaking within the European context.

The European Digital Identity (EUDI) Wallet is set to reshape the private sector by enabling secure identity verification and the exchange of so-called electronic attestations of attributes. For businesses, this means more efficient customer onboarding, reduced fraud risk, and increased consumer trust.

From instant identity checks in banking to simplified checkouts in e-commerce and secure remote signing of contracts, the EUDI Wallet presents a wide range of practical applications. But what does this mean in practice?

Europe has already invested—and continues to invest—tens of millions of euros in large-scale pilot projects such as POTENTIAL, EWC, WEBUILD and APTITUDE. This session will explore the early findings of these pilots, what has worked, what remains challenging, and what the next wave of pilots aims to achieve.

Join us for a forward-looking discussion on how the EUDI Wallet could unlock real value for the private sector.

Identity theft is a growing threat in our digital age, where personal information can be stolen and misused by cybercriminals. This crime can lead to financial loss, damaged credit, and even legal issues for the victims. In this context it is eg crucial to regularly monitor your financial statements and credit reports. Additionally, one should be very cautious about sharing personal information online and one should ensure devices-used are protected with up-to-date security software. Come and learn to to understand this threat and how to reduce the risk of falling victim to identity theft.

Passkeys, a modern authentication method supported by mobiles phones these days), are designed to replace traditional passwords with more secure and user-friendly alternatives. They leverage the FIDO (Fast Identity Online) standards, which use public key cryptography to provide strong, phishing-resistant authentication. Unlike passwords, passkeys are unique to each device and service, making them much harder for attackers to steal or reuse. To use passkeys, users typically authenticate with biometrics or a PIN on their device, ensuring a seamless and secure login experience. By adopting passkeys and FIDO standards, we can significantly enhance online security and protect against common threats like phishing and credential theft. So come and learn how to do that and understand how these even defend against phishing attacks.

Protecting access to sensitive data is crucial, especially in sectors like healthcare where privacy is paramount. Lessons learned from healthcare highlight the importance of strong authentication as-well-as robust access control and encryption to safeguard patient information. Implementing the correct measures ensures that only authorized personnel can access sensitive data. In addition, regular audits and monitoring can help detect and respond to potential breaches swiftly. Let’s discuss how we can better protect sensitive data and maintain trust in our systems.

Effective access controls for APIs are essential to ensure data security. Implementing strong authentication and authorization mechanisms are there to control accesses to your APIs. However, proper resource managements, access rules management, token or API policies are mandatory to achieve this goal. In addition, vulnerability management and monitoring of API activity is required to ensure timely detection of suspicious behavior and quick response to potential threats. Goal of this session will be to discuss lessons learned and help to strengthen those omni-present APIs.

The identity of non-human actors, such as robots or full-blown AI agents, is becoming increasingly important as they “act” on their own behalf or on behalf of humans and other systems. These AI agents need robust identity management to ensure their actions are secure and traceable. Proper implementation of eg digital certificates and secure tokens can help verify their identity and authenticate/authorize their interactions. By doing so, we can ensure that these “new animals” will only operate within defined boundaries and maintain trust in their actions. As AI continues to evolve, so must our strategies for managing their identities.

So beware and address this issue in time…