Agenda

Grab the latest insights on risk management, cybersecurity, cloud security and more at Gartner Security & Risk Management Summit 2023 in Sydney, Australia.

Agenda / Track

View By:

Agenda / Track

Tuesday, 28 March, 2023 / 12:15 PM - 12:45 PM AEDT

Security Awareness Is Dead! Now What?

William Candrick, Director Analyst, Gartner

Is security awareness a lost cause? Over 90% of cybersecurity functions have an awareness program; yet 69% of employees admit to intentionally bypassing cybersecurity guidance and 82% of breaches involve the human element. Learn how emerging capabilities get past the hype to deliver actual human behavior change.

Tuesday, 28 March, 2023 / 12:15 PM - 12:45 PM AEDT

Body Like a Rock: How to Win in Organization Politics With Integrity

Leigh McMullen, Distinguished VP Analyst, Gartner

In this updated session you will learn to recognize and counter more than a dozen forms of resistance that CISOs commonly face along with techniques to handle more advanced political situations such as malevolent actors, as well as the essential tools of persuasion. All of this wrapped in a fun and entertaining exploration of the wisdom of one of Japan's greatest swordsmen.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Tuesday, 28 March, 2023 / 02:15 PM - 02:45 PM AEDT

How to Lead in a World in Persistent Crisis?

Mary Mesaglio, Managing Vice President, Gartner

Between geopolitical tensions, the pandemic, social justice concerns and climate urgency, it seems like we are never out of crisis mode. If this is the new normal, how should leaders lead? This session covers tactics to motivate and protect teams who are at the brink in terms of fatigue and anxiety and covers what actions you must get right no matter what.

Tuesday, 28 March, 2023 / 04:00 PM - 04:30 PM AEDT

What Cybersecurity Leaders Need to Know About the Metaverse

Marty Resnick, VP Analyst, Gartner

There is a lot of hype around the nascent and fragmented metaverse. Cybersecurity leaders need to understand what the Metaverse is and how best to assess the risks and opportunities it offers to their organizations.

Tuesday, 28 March, 2023 / 04:00 PM - 04:30 PM AEDT

Leadership Vision for Security and Risk Management, 2023

Tom Scholtz, Distinguished VP Analyst, Gartner

CISOs are key enablers of digital business and are accountable for helping the enterprise balance the associated risks and benefits. This leadership vision will help CISOs in their planning for 2023-2024 and in presentations to leadership, peers and teams.

Wednesday, 29 March, 2023 / 09:00 AM - 09:45 AM AEDT

Keynote: How to Get People to Care About Security and Risk

Mary Mesaglio, Managing Vice President, Gartner

It might not always feel this way, but being a CISO is a little like being a Hollywood celebrity. In fact, CISOs have a compelling story to tell about why people, from executives to frontline employees, should care about risk and security. This session delves into how to tell a great cyber story, including why it’s hard and why it matters right now.

Wednesday, 29 March, 2023 / 10:30 AM - 11:00 AM AEDT

Drive a Culture of Security Consciousness in Your Organization via Gartner PIPE Framework

Richard Addiscott, Sr Director Analyst, Gartner

The human element is the most prominent contributor to data breaches. Legacy approaches delivering curriculum-based, awareness-centric programs are no longer effective. CIOs and CISOs must look beyond merely raising 'security awareness' and embed a contextually-appropriate security culture in their organization. Join this session to learn how to build and deliver an effective security behavior and culture change program.

Wednesday, 29 March, 2023 / 10:30 AM - 11:00 AM AEDT

Avoiding a Hostile Board Room: How to Best Prepare for a Cybersecurity Audit

Katherine Clinton, Principal, Advisory, Gartner

Being audited can feel daunting, overwhelming and high-effort, but it doesn't have to be. With heightened focus on cybersecurity in today's risk landscape, it will be a case of not if, but when, you will be audited. In this session, you will learn what to expect when you make it onto the audit plan, and how best to prepare and partner with the Internal Audit team for a successful engagement.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, 29 March, 2023 / 10:30 AM - 11:00 AM AEDT

Adapt Now (or Get Left Behind): The Rise of Technology Democratization

Andrea Cuadros, Sr Principal, Advisory, Gartner

The benefits of the democratization of technology delivery are significant, but they don't come without a number of risks such as compliance and security vulnerabilities. As organizations democratize technology delivery, CISOs struggle to meet speed and quality goals without causing delays. In this session we will share what leading CISOs do to alleviate risk and ensure fusions teams deliver safely.

Wednesday, 29 March, 2023 / 12:00 PM - 12:30 PM AEDT

Maverick: For Securing Architected Humans, Technical CISO’s Need Not Apply

Marty Resnick, VP Analyst, Gartner

The uniqueness and the stakes, as well of attack vectors, of architected humans must have a CISO to be more than technical.

Wednesday, 29 March, 2023 / 12:00 PM - 12:30 PM AEDT

Shifting Sands: Evolving Cybersecurity Operating Models

Tom Scholtz, Distinguished VP Analyst, Gartner

CISOs are losing control as business leaders embrace digitalization, implying a shift in risk landscapes and risk appetites. Based on new primary research, this presentation will share the strategies and practices that CISOs are adopting in reaction to these seismic shifts.

Wednesday, 29 March, 2023 / 02:00 PM - 02:30 PM AEDT

Pitfalls of a Bad Strategy and How to Fix It — From a Practitioner Turned Analyst

Deepti Gopal, Director Analyst, Gartner

This session is going to cover three scenarios of bad strategic planning. The goal of the session is for you to see how things can go wrong but most importantly how can you bring it back. An action-packed session of stories that will make you want to take a closer look at what you are doing, so you don't repeat the same.

Wednesday, 29 March, 2023 / 02:00 PM - 02:30 PM AEDT

So, You Want to Improve Security Control Adoption? Forget the Tech for a Second

Richard Addiscott, Sr Director Analyst, Gartner

CISOs often use technical security controls when they need to respond to emerging threats or digital capabilities the business wants to use. However, research tells us that the majority of data breaches still involve the human element and employees are aware of their behavior. Join this session where you'll hear how to maximize the adoption, effectiveness and return on investment of your security controls, by taking a more human-centric approach when designing and implementing controls.

Wednesday, 29 March, 2023 / 03:45 PM - 04:15 PM AEDT

Employees Don't Need More Awareness, They Need Cyber Judgment!

Christopher Mixter, VP, Research, Gartner

As "citizen development" moves into the mainstream (50% of employees now acquire, adapt or create technology for work), traditional awareness programs focused on 'what not to do' fail in the face of the workforce's "need to do." High-performing cybersecurity functions are pivoting from mere awareness training to building competencies in the broader workforce so that all employees can independently make cyber-risk-informed decisions.

Wednesday, 29 March, 2023 / 03:45 PM - 04:30 PM AEDT

Roundtable: Competency Makeup of a New Age Cybersecurity Team

Deepti Gopal, Director Analyst, Gartner

A roundtable session where attendees will discuss their thought process on finding talent in the cybersecurity industry competencies they look for in new candidates today. The challenges that a cybersecurity leader faces in identifying talent has only grown over the past ten years. We will discuss some sure shot tactics to fill those gaps. Come to this session to learn and share your expertise with a community of cybersecurity leaders.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, 29 March, 2023 / 04:30 PM - 05:15 PM AEDT

Gartner Keynote: The Future of Security in Brave New Worlds: Why Security Professionals Need to Care About Trends Beyond Just Technology

Marty Resnick, VP Analyst, Gartner

It’s difficult for security leaders to make choices without understanding the evolving landscape of transformational change. This tapestry of trends story enables security leaders to contribute to enterprise strategy and prepare the organization for brave new worlds.

Tuesday, 28 March, 2023 / 09:00 AM - 10:00 AM AEDT

Gartner Opening Keynote: The Top Predictions for Cybersecurity 2023-2024

Richard Addiscott, Sr Director Analyst, Gartner

Lisa Neubauer, Director, Advisory, Gartner

Every year, Gartner produces impactful predictions across all practices. This presentation will compile the top predictions prepared by our cybersecurity experts. Security and risk management leaders should monitor these trends to be successful in the digital era, especially as most recognize that global change could potentially be one crisis away.

Tuesday, 28 March, 2023 / 02:15 PM - 02:45 PM AEDT

2023 Zero Trust Predictions

Dale Koeppen, Sr Director Analyst, Gartner

Zero trust is moving away from excessive marketing hype. Many organizations have set zero trust as a strategy for their organizations, but are looking at the reality of implementing zero trust at scale for their organization. This session highlights three key predications for zero trust and what you can do to prepare for the future.

Tuesday, 28 March, 2023 / 02:15 PM - 02:45 PM AEDT

The Future of Security Defense in Depth: Cybersecurity Mesh

Patrick Hevesi, VP Analyst, Gartner

Come learn the future of cyber warfare and how to realize your cybersecurity mesh. This session will focus on how future technologies will play into building your security defense in depth architecture to get ahead of the most advanced attacks. We will look at how AI, augmented reality and blockchain can factor into your cybersecurity mesh architecture of the future.

Tuesday, 28 March, 2023 / 02:15 PM - 02:45 PM AEDT

Securing the Coffee Shop: How to Deploy and Secure a "Bring Your Own" Environment

Eric Grenier, Director Analyst, Gartner

Increasingly we see employees asking their organizations for device choices. Combined with supply chain constraints and a hybrid work model, this has many organizations scrambling to support a "bring your own" (BYO) environment while also maintaining the same security controls that they have implemented for their corporate-owned devices. In this session, we will cover what is needed to deploy and secure a BYO environment.

Wednesday, 29 March, 2023 / 10:30 AM - 11:00 AM AEDT

What Are the Practical Projects for Zero Trust?

Dale Koeppen, Sr Director Analyst, Gartner

Zero trust remains a popular security strategy — both with clients and in marketing around products. This session will cover how to actually implement some zero trust technical initiatives as well as the possible challenges. It will cover technical approaches, pragmatic advice and give a sound basis for starting or continuing a zero trust architecture journey.

Wednesday, 29 March, 2023 / 12:00 PM - 12:45 PM AEDT

Roundtable: The Reality of Security Vendor Consolidation

Eric Grenier, Director Analyst, Gartner

Vendor consolidation has become a trend in all areas of IT. In this roundtable clients can participate in a discussion on whether or not vendor consolidation makes sense in terms of an organization's security stack. The discussion will center on the pros and cons to consolidation, as well as best practices and considerations.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, 29 March, 2023 / 02:00 PM - 02:30 PM AEDT

The Intersection of SASE and Zero Trust Equals Secure Access to Applications

Thomas Lintemuth, VP Analyst, Gartner

SASE and zero trust are common terms in the IT and security worlds. SASE works in conjunction with zero trust, such that they are not mutually exclusive but rather one builds on the other. This session will show how you can deploy SASE to support your zero-trust initiative.

Wednesday, 29 March, 2023 / 03:45 PM - 04:15 PM AEDT

Technical Insights: Microsoft 365: Office, EMS and Windows 10 Top Security Features to Implement

Patrick Hevesi, VP Analyst, Gartner

This session will discuss the evolution of Office 365 into Microsoft 365 and the security, identity and compliance features that all organizations must implement. We will discuss third-party options as well as the built-in native Microsoft features along with strengths and weaknesses of each.

Wednesday, 29 March, 2023 / 03:45 PM - 04:15 PM AEDT

Introduction to Cyber Security Operational Risk Quantification for Developing Metrics

Craig Lawson, VP Analyst, Gartner

This session will introduce clients to how using data/evidence can be used to make measurable and provable improvements to any security operations program.

Tuesday, 28 March, 2023 / 10:45 AM - 11:15 AM AEDT

Outlook for CPS Security 2023

Wam Voster, VP Analyst, Gartner

CPS are becoming more prevalent in organizations across the board, whether as a result of OT/IT convergence or the deployment of new connect assets. What security implications do they have? What best practices are emerging? What does the future portend?

Tuesday, 28 March, 2023 / 10:45 AM - 11:15 AM AEDT

Outlook for Privacy 2023 - Trends, Technologies & Regulations

Bernard Woo, VP Analyst, Gartner

Privacy has been the biggest catalyst for change in data governance over the past five years. This session will dive into the top trends, the coolest technologies and separate hype from substance. Come and get a sneak peek into the future of privacy and what you should watch out for in coming 12 months.

Tuesday, 28 March, 2023 / 10:45 AM - 11:30 AM AEDT

Ask the Expert: Ransomware Is Changing, Are You Ready?

Paul Furtado, VP Analyst, Gartner

Attendees can ask Gartner experts about the recent changes in ransomware and best practices in addressing this everchanging threat.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Tuesday, 28 March, 2023 / 12:15 PM - 12:45 PM AEDT

Top Trends in Cybersecurity 2023

Richard Addiscott, Sr Director Analyst, Gartner

“Top trends” highlight shifts in the security ecosystem that aren't widely recognized, but are likely to have potential for disruption. This session will describe the significant trends in risk management and how organizations are taking advantage of these trends. Key issues include technological improvements in the security capability landscape; trends in creating a high-performing security organization; and long-term trends that will influence security strategy.

Tuesday, 28 March, 2023 / 12:15 PM - 12:45 PM AEDT

Ransomware Is Changing — Are You Ready?

Paul Furtado, VP Analyst, Gartner

Ransomware attacks have been morphing. Techniques used by the bad actors are changing. During this presentation, we will provide insight into the new tactics being used by the bad actors not only to access your environment, but what they are doing with your data once exfiltrated. We will also provide current data on the financial impact of a ransomware attack.

Tuesday, 28 March, 2023 / 12:15 PM - 12:45 PM AEDT

Drive Cybersecurity Investments With the Gartner Cybersecurity Value Benchmark

Christopher Mixter, VP, Research, Gartner

The metrics establish a baseline for peer comparison that is very useful for guiding cybersecurity investments and board oversight. Gartner has defined 16 protection-level outcomes that create a foundation for effective collaboration with boards of directors, CIOs and CFOs. These metrics serve as value levers to manage business-led cybersecurity investments. See early insights from the first-generation benchmark and get a preview of the second generation.

Tuesday, 28 March, 2023 / 12:15 PM - 01:00 PM AEDT

Roundtable: Best Practices in Assessing Third-Party Security and Risk

Luke Ellery, VP Analyst, Gartner

Security and risk leaders struggle to effectively assess third-party (including IT vendor) security and risk, leading to unknown risks or security breaches. This roundtable provides you with the opportunity to participate in a facilitated discussion with your peers regarding the most effective assessment practices used today.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Tuesday, 28 March, 2023 / 02:15 PM - 02:45 PM AEDT

Incident Response Retainer — Waste of Money or a No-Brainer?

Wam Voster, VP Analyst, Gartner

Access to expert incident responders is critical to reducing the incident window, impact and severity of security incidents. Security and risk management leaders should understand the value, issues and types of incident response retainers to improve incident response capabilities.

Tuesday, 28 March, 2023 / 02:15 PM - 02:45 PM AEDT

How to Assess, Address and Monitor Third-Party Cybersecurity Threats While You Are Sleeping

Luke Ellery, VP Analyst, Gartner

CISOs loose enough sleep twitching in the night over their internal cybersecurity defences, let alone the third-parties beyond their control.
This session will advise CICOs how to establish effective third-party controls for their organization and then review the tools and solutions that organizations are using to assess, address and monitor third party risk to avoid delirium and reduce risk exposure.

Tuesday, 28 March, 2023 / 04:00 PM - 04:30 PM AEDT

Data Is the Industrial Pollution of Digital Era, CISOs Need to Push "Strategic Forgetting"

Leigh McMullen, Distinguished VP Analyst, Gartner

Organizations horde data, sometimes under the auspices of data monetization or customer intimacy. Is the value of the data you collect when you make a customer give you PII just to use the toaster oven they bought worth the massive increase in risks such hording behaviors cause? We need to start thinking about data as "toxic waste" — because that's not just a metaphor.

Wednesday, 29 March, 2023 / 10:30 AM - 11:00 AM AEDT

Privacy and Ethics: Prepare for Digital Society

Bernard Woo, VP Analyst, Gartner

Society is digitalizing at unprecedented speed, and the nature of our interactions has changed fundamentally. What does this mean for privacy and corporate ethics? This session helps to understand why privacy is contextual, how overzealous data harvesting may harm your organization's performance, why sometimes less is more, and the areas to challenge your colleagues on to make life generally easier.

Wednesday, 29 March, 2023 / 10:30 AM - 11:00 AM AEDT

How to Select Your Cyber-Physical Systems Protection Platform

Wam Voster, VP Analyst, Gartner

The market for security products for operational technology and other cyber-physical systems (CPS) is evolving rapidly. New vendors enter the scene, and mergers and acquisitions are abundant. How can security and risk management leaders evaluate and compare CPS protection platforms to select the product that best fits their situation?

Wednesday, 29 March, 2023 / 10:30 AM - 12:00 PM AEDT

Workshop: Ransomware Readiness Should Be Treated as a Business Decision

Paul Furtado, VP Analyst, Gartner

Choose your investment in ransomware readiness carefully. The executive-level trade-off for poor investment results in a terrible position to negotiate with the criminals, business cost to downtime will be greater, and lack of defensibility with key stakeholders like customers, shareholders and regulators.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, 29 March, 2023 / 12:00 PM - 12:30 PM AEDT

How to Implement a Cybersecurity Risk Management Program

Lisa Neubauer, Director, Advisory, Gartner

With Board of Directors recognizing cybersecurity as an increasing business risk each year, having a formal cybersecurity risk program is more important than ever before. But, it is often overlooked as a core program component.
Attend this breakout session to learn the main principles of a cybersecurity risk management framework and how you can get started.

Wednesday, 29 March, 2023 / 02:00 PM - 02:30 PM AEDT

Caught Between Two Fires — The Hidden Parallels Between CISOs and the Fire Brigade

Wam Voster, VP Analyst, Gartner

Many CISOs assume they ‘own’ the problem related to security. Even if the CISO knows better, the rest of the organization operates under this assumption. As a result, CISOs work extreme hours and experience burnout. When comparing CISOs as experts in securing digital assets with fire brigades securing physical assets, we find some hidden parallels but also a key difference. What do firefighters do better than CISOs?

Wednesday, 29 March, 2023 / 02:00 PM - 02:30 PM AEDT

A New Look at Insider Risk

Paul Furtado, VP Analyst, Gartner

People with access to your data and systems pose one of the largest risks to your organization. During this presentation we will discuss the best practices for developing a robust insider risk program and show you some pitfalls to avoid.

Wednesday, 29 March, 2023 / 02:00 PM - 03:30 PM AEDT

Workshop: Prepare for Incident Response When "Analytics" Turns "Data Breach"

Bernard Woo, VP Analyst, Gartner

Incident response is not just for CISOs. Understanding how you deal with data is one thing, but how to coordinate a response when things go wrong? It's a matter for the whole organization. How to understand the sensitivity and potential impact of your actions? Be a board member for one workshop and use a given scenario to get comfortable with what the board requests in case risk becomes reality.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, 29 March, 2023 / 03:45 PM - 04:15 PM AEDT

Selling Your Cyber Strategy

Leigh McMullen, Distinguished VP Analyst, Gartner

CISOs need to do focus on sales every day. Getting your board, stakeholders, allies in IT and even your own people with your agenda, is much easier if we employ the right tools. In this workshop, we'll take a hands on approach as we work a common case and learn the best way to position our agenda.

Tuesday, 28 March, 2023 / 10:45 AM - 11:15 AM AEDT

Outlook for Identity and Access Management, 2023

Abhyuday Data, Director Analyst, Gartner

Digital identity requirements and importance are growing as organizations migrate their infrastructure and apps to the cloud. Enterprises anticipate innovations to enable continuous, dynamic and intelligent IAM controls while bracing for emerging decentralized identity impact and potential Web3 business model disruption. This session discusses key trends and the IAM outlook in the coming years.

Tuesday, 28 March, 2023 / 02:15 PM - 03:00 PM AEDT

Ask the Expert: Access Management

Abhyuday Data, Director Analyst, Gartner

Access management (AM) tools are the key to ubiquitous application access, enabling any user to access any application, anytime, anywhere. Gartner has identified a five-step approach to create a modern, efficient AM strategy that serves the needs of all user segments. This session gives you an opportunity to ask questions about that approach and for your broader AM strategy.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, 29 March, 2023 / 12:00 PM - 12:30 PM AEDT

Insights From the Magic Quadrant and Critical Capabilities for Privileged Access Management

Abhyuday Data, Director Analyst, Gartner

Through a selection of relevant Gartner insights and complementary methodologies, we will provide insight into the latest updates in the privileged access management market.

Want to stay informed?

Get conference email updates.
Contact Information

All fields are required.

  • Step 2 of 2