Gartner Security & Risk Management Summit 2019 19 - 20 August / Sydney, Australia

Enjoy some light refreshments and coffee on Level 2. Please email GlobalConferences@gartner.com if you have any dietary requirements.

Enjoy some light refreshments and coffee on Level 4. Please email GlobalConferences@gartner.com if you have any dietary requirements.

Completing your online profile will streamline your registration experience. Don’t forget, you’ll need photo ID to pick up your badge. Badges must be worn at all times during the event

Like AI before it, quantum computing and related quantum technologies like quantum key exchange, quantum random number generation and homomorphic encryption are poised to make huge changes to the technology landscape as they mature. What are the important quantum computing technologies that will impact your business? How will long established security tools like RSA change?

Security and Risk Management Leaders should implement or improve upon these Top 10 security projects in 2019. Any security project must be supported by technology, address the changing needs of cybersecurity and reduce risk by adopting a CARTA strategic approach with all security projects.

At a minimum， cloud computing breaks into 3 primary layers: SaaS， PaaS and IaaS. This presentation will explain the 3 primary security controls for each of these layers: CASB， CSPM and CWPP respectively. In each section， we’ll explore selection criteria and examples of vendors for each solution category.

The benefits of information and cybersecurity must be translated into business terminology. This presentation describes proven methods for linking the security to business value. What are proven strategies for obtaining business support? What is a practical model for communicating the value of a security program? What techniques can be used to for justifying security projects?

Against the backdrop of an uncertain future， organizations that have the ability to change rapidly will have a leg up. Yet conventional wisdom is that change is hard， especially culture change — especially in regard to understanding and managing risk. Getting this right can be a source of long-term competitive advantage.

This orientation session is designed exclusively for CISO Circle attendees to help make Security & Risk Summit the most productive experience. Tatiana Wells, Senior Director, Gartner Events will provide many tips on how to navigate your way through the exclusive CISO Circle Program as well as the overall conference. Topics will include workshops, CISO luncheons and additional CISO-exclusive sessions, CIO networking and much more with plenty of time for Q&A.

As complexity continues to grow and risks, threats and vulnerabilities multiply with no end in sight, how can security and risk management leaders move beyond reacting? Attendees will learn how to think differently about their role in value preservation and value creation, and how finding sweet spots in a human to machine continuum can help. This is the security and risk management leaders’ new imperative.

Risk management is to security as dental hygiene is to preventing tooth decay and considered as sexy a topic. As in, it's not sexy at all, yet it is the proven effective way to manage, prevent, and reduce harm. No wonder it's been a struggle for large and small organizations and governments to even get a handle on security basics. It stands to reason that in the 20+ year history of professional cyber security product and service offerings that have spawned a multi-billion dollar security industry, the sexiest solutions have thrived, while the workhorse basics often fail to survive. With a young security industry still developing metrics around what practices and products can actually help prevent breaches, the world continues with a global dependence on technology that we lack the capacity as an industry to secure effectively now, and in the future. Join security industry veteran and pioneer Katie Moussouris, as she corrects some popular misconceptions about the efficacy of one of the sexiest, yet least effective on a grand scale, security trends that she herself helped ignite: bug bounties. We will go on a data-driven journey that spans labor markets, black markets, and bug markets. The arc of Internet history can bend toward sustainable security, if we correct our trajectory calculations soon.

Enjoy some light refreshments and barista coffee on the Exhibit Showcase while networking with peers, colleagues and exhibitors. Please email GlobalConferences@gartner.com if you have any dietary requirements.

Not sure which exhibitors to meet with or what sessions to attend? Let Gartner Conference Concierge help you create a custom agenda and schedule meetings. Just email us at conferenceconciergeapac@gartner.com and we’ll be in touch soon.

This session delves into the details of some of CrowdStrike’s most eye-opening breach investigations of the past year and highlights the need for speed in modern security operations centers. This new research on “breakout time” will help you understand how you can use the 1-10-60 Rule to uncover and respond to adversary activity, before it manifests into a full-blown breach.

Digital transformation is making organizations more interconnected, but with it, increased digital risk. To properly protect themselves against cyber threats, organizations must use threat intelligence. This presentation will showcase how the successful combination of human analysts and AI/ML will allow cyber defenders to both anticipate and defend against the ever-growing threat landscape.

Modern security operations are evolving. They heavily rely on foundational technologies such as SIEM to accomplish their mission， and also adopt various analytics approaches. They struggle with more automation — of both thinking and acting — that promises to relieve humans from the routine tasks， but sometimes adding more work to the overworked security teams. This session will address these key issues: What defines best-in-class security operations of 2018? What trends are affecting security operations? What will the future bring?

As more security vendors target your hybrid and cloud SaaS, IaaS and PaaS solutions， we are getting lost in too many acronyms. This session will help decipher the acronym soup and provide prescriptive guidance on what your organization needs to protect your cloud infrastructure and applications. We will also discuss best practices on implementations and how to evaluate and build a shortlist for your vendor selections.

Using the Senate Testimony of former Equifax CEO Richard Smith, Gartner presents a timeline of events and a current analysis of factors that put senior non-IT executives at risk following a cybersecurity event. Learn how defensibility and corporate culture are key attributes when developing a cybersecurity program that balances the needs to protect with the needs to run your business.

This session provides an overview on the state of risk management planning， decisions， challenges， and solutions. This expands on the "State of Risk Management" from previous outlooks. In 2019， this outlook will converge three parallel risk conversations — digital transformation， information risk， building and maintaining resilient organizations.

"Top" trends highlight ongoing strategic shifts in the security ecosystem that aren’t yet widely recognized， but are expected to have broad industry impact and significant potential for disruption. This presentation will describe the most significant trends in cybersecurity and how leading organizations are taking advantage of these trends: Top technological improvements in the security product landscape; trends in creating a top notch security organization; strategic trends that will influence security strategy.

Cloud security remains a top priority. This presentation summarizes the problems， recommended processes， and new product types to address three key issues: What are the unique risks associated with public cloud service providers， and how can they be controlled? What are the unique security challenges of IaaS and how can they be mitigated? What are the unique control challenges of SaaS， and how can they be addressed?

A workshop to discuss and facilitate partners on how to find the right MSSP to meet their security use cases and the key capabilities that need to exist to build a good working relationship. PLEASE NOTE: For end users only. Preregistration is required.

Join Christopher Neal, CISO of Ramsay Health Care as he discusses with Steve Hunter, Forescout why device visibility and control are the foundation of Ramsay's security framework. Learn the steps Ramsay Health Care has taken and their vision and efforts to orchestrate and automate a system-wide response using the ForeScout platform.

The burning question facing security professionals today is not whether to leverage automation, but rather how and in what form. In this session, learn how self-learning Cyber AI uniquely augments human teams and - with Autonomous Response - fights back against threats in your cloud, email, networks, and IoT.

AusSuper needed a SIEM to strengthen visibility, cyber resilience and lay CSOC foundations. AusSuper chose LogRhythm’s scalable end-to-end platform for full visibility on security events with real time analytics and alarming. Implementation quickly reduced risk and reinvigorated cybersecurity culture. LogRhythm’s support to align AusSuper’s people, process with its technology advances its SecOps.

In light of the royal commission, APRA CPS 234, and other regulatory requirements, it’s obvious that current methods of managing and controlling risk are not working and neither are the processes put in place to test those controls. This is because business processes and systems are all still very siloed and constantly changing, so it’s impossible to monitor everything, prioritize what should be dealt with first and address issues with any kind of scale, efficiency or completeness . Join us for a peer to peer discussion around key questions:
● Is the inability to find, prioritize by business impact and respond to risks quickly contributing to an uptick in breaches and regulatory fines?
● Should security risks such as vulnerabilities and security controls dynamically update an organization’s risk register?
● Can automating risk and compliance simplify processes and increase engagement for non -risk professionals?
● How can continuous monitoring help avoid or prevent a repeat of the conduct failures witnessed through the Royal Commission?
● How can companies better leverage data that they already capture across their business and IT landscape to automate how they monitor risk and compliance?

Unplanned risk events causing business disruption can impact on the reputation & long term sustainability of an organisation. Organisations need to be organisationally resilient in an ever changing & increasingly complex environment. What does it really mean to be organisationally resilient? How should vendor & cyber risks be incorporated? What are the practical steps for implementation?

Confidently embracing digital transformation requires trust. That trust is constantly tested as dynamic business environments expand the attack surface. Cybersecurity leaders must balance digital investments and business benefits with acceptable levels of risk.

Building a culture of security requires security awareness training to shift from the cognitive aspects of learning to behavioural and procedural. This session will discuss ways to reduce the risks posed by your users, how to measure the maturity of awareness and training activities and integrate them into a security program. It will also provide insight into how Symantec delivers staff training built on the guiding philosophy that every security event is a learning opportunity.

Hybrid and multi-cloud environments are the new normal. This presentation will detail best practices to master real-time visibility, remove complexity and ensure automated policy management across the enterprise with tips that ensure persistent security and lower risk.

Do you need to raise the profile of security in your organisation? Do your key stakeholders know the value the security team can bring? Many security leaders feel their reach is limited and their opportunities to speak with the Board and senior leaders are often reactive. Reaching beyond compliance to establishing true trusted relationships, this accelerated profile building session will take you through a practical steps to increase your profile and your authority within your organization through actions you can take today. Even if you feel your profile within your business is positive and broad, there are always new tips and advice to take away.

Enjoy a hot buffet lunch in the Exhibit Showcase while networking with peers, colleagues and exhibitors. Please email GlobalConferences@gartner.com if you have any dietary requirements.

Deakin University’s security operations team needed to make sense of the noise coming from their Splunk SIEM. In this session their director of cybersecurity, Damien Manuel, and Exabeam’s Ralph Pisani, will explain how Exabeam’s machine learning-powered behavioral analytics helps SOCs work smarter: prioritize alerts, improve threat hunting and reduce the time required to conduct investigations.

Stephen Boyer BitSight's Co-founder & CTO will introduce Andrew Bullen from HBFs Cyber Governance and Assurance Management team. In this session Andrew will share key learnings from their journey to establish HBFs supply chain risk management, including challenges faced and highlight the systems, tools and processes that are now employed to deliver meaningful change and a more sustainable future.

Digital Services have changed how we interact with the world around us from government to local stores and social media. Core to the success of digital services is trust and with it a robust identity strategy. We will explore good identity principals to drive successful digital services with privacy, consent management and security.

The current economics of storing and processing enterprise security data have made it expensive & nearly impossible to compete against cybercrime. But what if the scalability and economics of storing and analysing your organisation's security data were no longer an issue? Chronicle's Backstory was built on the world’s biggest data platform to bring unmatched capabilities and resources.

In the second iteration of Gartner’s Magic Quadrant for cloud access security brokers， new vendors were evaluated and several vendors changed positions. We also published a companion Critical Capabilities note. This session will discuss: What are the changes this year? What is the current state of the market? What is the best way to determine which vendors meet your requirements?

Unified endpoint management — bringing together enterprise mobile and non-mobile platform management and security — is one of the hottest topics in enterprise IT. The vendor landscape is changing quickly. We present the 2018 Magic Quadrant and Critical Capabilities in this presentation.

There are many tools and methods for assessing vendor risks. These range from shore assessment surveys to onsite audits，attestations and certifications. This session will address the methods and practices that enterprises are taking to improve what is often the most problematic and inefficient process in vendor risk management. PLEASE NOTE: For end-user only. Preregistration required.

Using a service provider to help manage SIEM operations can be an effective way for security and risk leaders to make best use of limited resources and improve the security monitoring and response program. In this session， we identify 3 elements to make sure to include in a contract with a service provider， and how to overcome the provider’s objections to them. We’ll address: Defining responsibilities in a co-managed SIEM relationship; understanding service provider concerns and push back; setting up mechanisms to monitor and adjust the relationship

Effective cybersecurity is predicated on a defensible program. This presentation introduces and discusses the characteristics of a defensible security program. What are the components of a cybersecurity program? What makes the program defensible to key stakeholders?

With an ever changing and increasing threat landscape security leaders are being challenged to uplift their organizations’ information security capability and show the Board how this is being achieved. This session will look at how security leaders can develop and structure a security program, and how they can go about demonstrating to the Board and strategic stakeholders that ongoing progress is being made:

● Establishing maturity measures and developing the program to fit within the organizational risk appetite

● Tracking and reporting on Information Security Maturity uplift

● Striking the right balance between maturity uplift and risk reduction

The rapid adoption of SaaS applications such as Microsoft’s O365, Salesforce and others is driving enterprises to rearchitect their networks, so that remote offices can achieve direct internet access with SD-WAN and other techniques. Enterprises will be purchasing more cloud-based security services and fewer appliances. Here, we will highlight best practices that enable a smooth transition to the adoption of cloud-based security services.

Peer Connect Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

Cloud service providers may not always be ‘compliant’ with a regulation， although in some cases they do need to step up to specific requirements. The more mature a cloud service provider is， the more help they can offer in demonstrating their compatibility with a regulation and in helping their customers understand how to use their offerings in a controlled and compliant way. In this roundtable， the discussion will focus on: Common questions from risk， security， and procurement leaders. How to contextualize security and privacy considerations for the cloud. How to gauge CSP’s maturity in supporting compliance obligations. What tools to consider to better manage security and privacy compliance activities in the cloud. PLEASE NOTE: For end-user only. Preregistration required.

Containers and microservices architectures require DevSecOps，a protection strategy different from traditional VMs with monolithic applications. Technical professionals tasked with securing containers must harden the CI/CD pipeline so that everything that ran through it can be considered secure. PLEASE NOTE: For end users only. Preregistration required.

A one-page cybersecurity strategy has been the goal for CISOs forever and the effort always falls short. They are too technical and don’t resonate with the business people， or are so “soft，” technical staff doesn’t know what to do with it. Join us for this engaging workshop on how to craft a simple， easy to use one page strategy to propel your program to success. PLEASE NOTE: For end-users only. Pre-registration is required.

The secure web gateway marketplace continues to be dominated by appliances; however, the rapid growth of cloud services is becoming a disruptive force in the marketplace. Many vendors have added cloud access security broker functionality through partnerships or technology acquisitions. This session will review the SWG magic quadrant and critical capabilities research and discuss the major market trends.

Attend this session to learn how to architect a workspace that dynamically manages contextual trust across the endpoints, networks, clouds, apps, and services that must operate at the highest levels of assurance. See how analytics and augmentation provide greater visibility and control, and explore design considerations for a workspace that balances security and experience for privileged users.

Phishing and social engineering are the ways most organisations get compromised. However, most organisations have very little idea which of their people receive these threats. We call these targets VAPs (Very Attacked People), and they may not be who you would expect. Learn how to identify VAPs, how to leverage data to better understand your adversaries, and how to tailor a protection plan.

Tenable has been providing cyber security to many of the world’s largest Government, Defence and Finance organisations for over two decades. As such, Tenable is a target for many bad actors, and keeping our company and our customers safe requires a rigorous and sophisticated cyber security program.
Digital Transformation is in full swing and is expanding the attack surface across cloud, IoT, Enterprise & Industrial IoT, and Operational Technology infrastructure. In 2018 alone there were over 16,000 vulnerabilities discovered, and more than half of these were categorised as high or critical importance. Throw in compliance deficiencies, contract requirements, supply chain, penetration tests, 3rd party scorecards, and security events and there are far too many issues to address without effective security program metrics and prioritisation.
This session will describe exactly how we do this, through a risk based, prioritised approach to cyber security. Bob Huber, our global CISO, will describe the tools, technology and key metrics he uses to focus on what matters most, to keep Tenable and our customers safe.

Every day there is another data breach that is tied to poorly protected privilege credentials. Misuse of privilege access makes it is easy for bad actors to gain access. In this session, we will review gaps between privileged access and users, and provide guidance on how to integrate traditional PAM technologies into IGA processes to help control and govern access.

Enterprises have shifted to a digital- and cloud-first mindset to accelerate their business. This requires a shift in security strategy, as legacy technologies can't protect organizations from the new threat vectors that come with the cloud. Join Michael Ferguson, Netskope and Charn Tangson, Prospa, to learn how Prospa designed a modern security program to solve challenges presented by the cloud.

The evolution of "computing" has happened at a frenetic and disruptive pace with each progressive step both empowering humans to be ever more creative & productive, and shrinking the boundaries between humans as we communicate both faster & in more immersive ways than ever before. During this process we have come full circle from managed, centralized compute resources to wildly distributed computing environments, to the present day juxtaposition of massively powerful and capable devices in the palms of our hands that are more reliant on centralized computing resources than ever before. This evolution becomes even more interesting and complex when viewed under a cybersecurity lens. During this talk, we'll take a journey back to the future, as it were, and examine the consequences we've faced along the way as we have chosen to prioritize innovation at the expense of safety & security, then show that the future of our "always on", massively distributed, cloud-powered, internet-connected-"everything" world has never been brighter provided we're willing to adopt, adapt and improve how we design and build end-to-end resilience into our systems and processes.

With so many recent high-profile breaches accomplished through compromising passwords on privileged accounts, Privileged Access Management is now everyone’s priority. But where do you start? And how do you know which PAM solution will work best to protect your organization without sacrificing productivity?

Join Chief Security Scientist Joseph Carson on a brief journey through the Privileged Account Management life cycle to get you quickly up to speed on:

1. Best practices for evaluating your current PAM practices and where to start
2. How to automatically discover and manage credentials across your network
3. How to demonstrate regulatory compliance with automated reporting

Enjoy some light refreshments and barista coffee on the Exhibit Showcase while networking with peers, colleagues and exhibitors. Please email GlobalConferences@gartner.com if you have any dietary requirements.

Here’s the thing: When it comes to composition and length, your password (mostly) doesn’t matter. Focusing on password rules, rather than things that can really help – like multi-factor authentication (MFA), or great threat detection – is just a distraction. Join this session where we’ll discuss the major attacks on passwords and how the password itself factors into the equation of an attacker.

IoT, OT, SDN & Multi-cloud are key tenants of a hybrid world. This expanded Digital Attack Surface has increased complexity created by too any independent security solutions. View in detail how you can achieve an integrated security approach and automate security operations reducing complexity across your network.

Effective vendor risk management programs are more reliant on technology services and solutions to help assess and monitor vendor risks. These solutions include integrated risk management (IRM)，vendor risk management (VRM)，and security rating services (SRS). This roundtable will discuss an overview of the market and recommendations for their use. What are the emerging services and solutions best suited for vendor risk management? PLEASE NOTE: For end-users only. Preregistration is required.

Enterprise firewalls， cloud access security brokers and secure web gateways all form important parts of the enterprise perimeter defense. But the common feature sets of these three approaches overlap substantially. In this session，we will address the points of overlap and help you determine when good enough is in fact enough，and when nothing less than best-of-breed functionality will do. PLEASE NOTE: For end-user only. Preregistration is required.

Following her morning keynote address, members of the CISO Circle will have the opportunity to meet with Katie Moussouris in an exclusive session and ask questions that are top of mind for them.

This presentation presents a structured approach to plan， establish and efficiently operate a modern SOC. Gartner clients with successful SOCs put the premium on people rather than process and technology. People and process overshadow technology as predictors for SOC success or failure. Do I need a SOC and can I afford it? Where can I rely on automation and where do I need to outsource or delegate? Can SOAR tools really automate my SOC?

Digital transformation continues to challenge the conventions of information risk and security management. It requires a coherent digital security program based on a clear vision and strategy. This presentation will: Share a compelling vision for security and risk management. Identify the key "digital differences" that must be integrated into the security program.

This session will discuss the advanced security features included in the M365 E5 license suite. We will also discuss licensing then dive into advanced data protection, email protection, conditional access，Azure AD premium P2 and all of the other advanced features. Then we will compare and discuss use cases where third-party solutions can be integrated and if they are required.

The current security job market has become increasingly difficult to navigate for hiring managers and candidates alike. Many roles globally sit vacant for months and the uncertainty this can cause is difficult to address and often increases the risk exposure of an organisation. Join best-selling author Claire Pales along with ##, ## and ## as they discuss the challenges faced in recruiting security professionals, the impact of the skills shortage and new pathways in security recruitment.

Peer Connect Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

Application security testing is challenged by the pace and complexity of application development. In this session, we will cover how application security testing technologies and offerings might advance in the coming years to meet the demands of digital business.

Peer Connect Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

As cloud becomes more significant， it becomes more formalized， driving more interest in written policies. The attendees in this workshop will discuss their cloud policy thoughts，hopes，and dreams — and will share practical experience in the form，content，dissemination and enforcement of cloud policy. PLEASE NOTE: For end-users only. Preregistration required.

How do you start building a cloud security architecture? Do you use business needs and context to guide the selection of logical controls? What cloud provider native and third-party vendor security are available as security components? This session presents steps to construct cloud security architecture while aligning with required best practices, frameworks and standards.

Endpoints security challenges are rising to new levels of complexity as the definition blurs across clouds， BYO， workstations， mobile， wearable， “things” and pure software. This session will address: How are endpoint security risks expanding? What are the primary attack trends that will influence the strategic requirements for endpoint security? Which technologies and practices will protect endpoints in 2025?

Almost 50% of CIOs indicate that culture is the biggest barrier to digital business success. Culture is one of five major imperatives of ContinuousNext, a strategy to converge IT with its organization. A risk-aware culture ensures that the protection of that convergence is a priority. This presentation introduces ContinousNext, risk culture fundamentals, and actions to ensure risk-aware culture.

The biggest challenge for Security and Risk leaders is how to communicate， more effectively， with a range of stakeholders. Stop using acronyms， jargon and technobabble and get more traction， align with business goals， and be viewed as a strategic leader. What are the benefits of better communication? What are the top causes of miscommunication? How can Security and Risk leaders be more effective risk communicators?

Your opportunity to engage with the Keynote presenters, ask questions that are top of your mind, and network with your peers.

Earlier this year， Gartner published updated guidance on how to better run this foundational security process. This presentation will go over this new way of doing vulnerability more effectively. Why Gartner made some significant changes to guidance on this critical process? What does the new RBVM actually look like? How to bring this to life inside your own security programs.

Network, find solutions for upcoming projects and learn about the latest technologies by attending this lively reception that facilitates a meaningful exchange of ideas – all in an environment enhanced by good food and drink. Participate in special entertainment provided by exhibitors and continue the conversation with other attendees over drinks and canapes.

It is now common practice， and in certain cases mandated by regulation， for a board of directors to require periodic reporting and event-based updates on the state of security and risk management in an enterprise. Developing and communicating an effective message that balances the need to protect with the need to run your business is critical to success. However， in many cases， Security and Risk Leaders are left frustrated and/or unable to answer elementary questions that the Board asks. This presentation will discuss: What is the role of the board and what do they care about? What are some of the most common questions that Board Members Ask? (and a talk track for these questions). How can Security and Risk Leaders flip the conversation to educate the Board on issues that they need to know about?

True diversity knows no gender, religion, nationality, age, race or economic background. When hiring, instead of focussing on diversity for diversity's sake, we must look for the best people no matter where they come from. This in turn, helps to ensure we are hiring employees with the key qualities required to achieve the desired outcomes of the role and the organisation. Join best-selling author Claire Pales for breakfast as she discusses Diversity of Thought in Cyber Security with Michael Fieldhouse (DXC and the brains behind the Dandelion Project), Mick Dunne (CISO at Australian Super) and Gartner Analyst.

Enjoy some light refreshments and barista coffee on the Exhibit Showcase while networking with peers, colleagues and exhibitors. Please email GlobalConferences@gartner.com if you have any dietary requirements.

Completing your online profile will streamline your registration experience. Don’t forget, you’ll need photo ID to pick up your badge. Badges must be worn at all times during the event

Not sure which exhibitors to meet with or what sessions to attend? Let Gartner Conference Concierge help you create a custom agenda and schedule meetings. Just email us at conferenceconciergeapac@gartner.com and we’ll be in touch soon.

Security and risk management leaders need to develop security strategies that treat data as a pervasive asset (and liability). New data privacy laws and the continued growth of data breaches are increasing business risks. Data security governance is an emerging risk-based framework that will help plan and orchestrate policies across data security products that are siloed and do not integrate.

SaaS SIEM can offer concrete benefits to organizations that lack resources to run SIEM products deployed on premises. Interest in SaaS SIEM among Gartner customers is growing，but is not matched by selection of that deployment option over traditional SIEM，or other services based alternatives，such as managed-SIEM or MSS/MDR. In this session，we explore the potential benefits of SaaS SIEM， recognize the challenges this type of delivery model may present and offer guidance of helping potential buyers determine whether SaaS SIEM is an appropriate option for them. We address: Where does SaaS SIEM fit in the landscape of security monitoring products and services? What are the benefits and the challenges? How to determine whether SaaS SIEM may be a good option for your requirements. PLEASE NOTE: For end-users only. Preregistration required.

Metrics should inform better decision making. “Business alignment” is spoken about frequently, but execution is challenging throughout the Gartner client base. Key risk indicators (KRIs) should have defensible causal relationships to business impacts and present leading indicators to decision makers. Gartner has developed a methodology to integrate risk and corporate performance that helps achieve these goals.

Mitre’s ATT&CK framework， while relatively new， is gaining traction in many security operations teams around the world. This session will be part introduction to the ATT&CK framework， pros and cons， use cases for it， that might not have been heard using Gartner CARTA framework where applicable. What is this framework about? How is it applicable in security operations and how it relates to Gartner CARTA framework? What you can do with a framework like this in your security operations program?

Security and risk management leaders have struggled to hire and retain staff with the right skills， especially since the inception of digital business. Leaders have begun to accept the shortage of skills as a reality and continue to look for ways to manage this reality. In this presentation， we will discuss the outlook for security talent in digital businesses and address the following questions: What can you do to ensure your team’s skill sets are developed for a digital world? What does the future of talent look like with technologies such as machine learning ， blockchain and IoT looming? What are some of the emerging roles that leaders should plan for as organizations transform their digital businesses?
- How can organizations stay ahead of the curve and ensure that they are able to manage the risk of participating in a digital ecosystem?

How much risk is too much? Let’s manage our risk appetite! Sounds easy， but most CISOs don’t know what their enterprise or cybersecurity risk appetite is. Join us on a trip to effective and efficient risk management. What is risk appetite and why you need to know yours? Best practices for having risk appetite discussions. What does a good cybersecurity risk appetite statement look like?

The increased use of AI in security has not gone unnoticed by attackers. In this session， we explore the attacker’s perspective on machine learning， covering adversarial as well as nefarious ML: How attackers may attack security solutions based on ML at training and at prediction stages. How ML may accelerate innovation in attacker techniques.

Security leaders are drafting guidance documents for their executives and consultants who need to travel to China — to include a set of dos and don’ts， what to watch out for (at customs’ sites， coffee bars， etc.) – in order to best protect corporate and personal information. This workshop will offer an exercise for drafting a set of such guidance. PLEASE NOTE: For end-users only. Pre-registration is required.

Managing the third-party vendor risk lifecycle is a continuous effort under global privacy laws & security frameworks. While outsourcing operations to vendors can alleviate business challenges, managing their risk is costly & complex when using spreadsheets. We’ll breakdown a 6-step approach to automate third-party vendor risk management & share advice to improve your privacy & security programs.

We live in a world where new threats emerge almost on a daily basis and where the perimeter can no longer be counted on as the primary form of defence.By leveraging identity as the foundation on which to build access it is possible to ensure that the right people are given the right access for the shortest amount of time possible.

Join Carbon Black’s Product Marketing, Matt Bennett, as he reveals the reality behind the modern threat landscape & uncovers what security teams can do today to tip these scales & make attacking your organisation exponentially more difficult for attackers.

This session focuses on an inside-out view on the evolution and business consumption of new IT models including Hybrid IT models and IoT. It also examines principles of business resilience, applied specifically to the cyber world and the range of threats posed by Advanced Persistent Threats (APTs) and attacks on critical infrastructure. Join this session to explore key principles of data protection in a hybrid IT world, using key technologies including air-gapping, immutability and orchestration to provide a defense in the inevitable event of a cyber attack.

The cloud, SaaS applications, and user mobility are powerful enablers of digital transformation, but many Government and Enterprise organizations are grappling with legacy networks and security architectures that haven't evolved in decades. Hear two accounts from IT leaders who have navigated the journey to the cloud, including their challenges, their successes and their lessons learned.

CISO job preservation in the modern era. How cyber threats, digital transformation and other technology catalysts should influence security strategy. What are the key emerging market trends and how might they be leveraged to improve cyber resiliency, governance and keep security top of mind at the board of directors level.

Organisations are embracing the advantages (positive risk) of technologies through ambitious digital initiatives but the volatile, hyper-connected nature of digital business amplifies the negative side of risk. RSA will share some tools and techniques that we have found successful working with customers to manage their digital risks.

Enjoy some light refreshments and barista coffee on the Exhibit Showcase while networking with peers, colleagues and exhibitors. Please email GlobalConferences@gartner.com if you have any dietary requirements.

The race to keep up with emerging threats has driven a proliferation of security solutions. Under-resourced teams often struggle with a growing array of products and static security tools. This session deep dives into:
- Why orchestration is essential to scaling SOC capability
- Methods for integrating tools and processes
- How to automate, work faster and strengthen your cyber resilience.

Cloud services requires a new cybersecurity and organisational approach to ensuring effective cyber resilience. Join this presentation to learn the very latest on how enterprises can fast track their digital transformation and speed cloud service adoption while maintaining cyber resilience and regulatory compliance.

Security and risk management leaders should select application security testing (AST) tools and services and embed them in the SDLC as a critical component of an application security program. In this session, we will illustrate the market and main vendors in the AST space.

To better address the needs of global CEOs and senior executives, end-user organizations are shifting focus away from governance, risk and compliance (GRC) to IRM solutions. This session will provide the study and result of Gartner's evaluation of the integrated risk management solutions market.

There is no such thing as a perfect， universally appropriate model for security organizations. Every enterprise must develop its own model， taking into consideration basic principles， practical realities and the challenges of digital transformation. This presentation will address the following key issues: What are the trends and challenges in security organization design? What are the factors that influence security organization? What are the current best practices and contemporary conceptual design models for security organization?

Peer Connect Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

Digital business is forcing changes in the focus, direction and currency for organizations. It is even changing what leaders believe is the management of risk. This presentation describes those changes, their impacts and your options in evolving current risk process — or allowing its extinction in favor of something new.

In a world of cloud, does infrastructure security matter? As organizations move more services to the cloud, the problem shifts to managing user access, and data. Attend this session to learn about emerging trends on the convergence of cloud, identity and data security, as well as best practices regarding cloud security, that you can leverage now.

This session will discuss the following issues on threat intelligence. Key points to be thinking about to get value from Threat Intelligence. Key use cases we see clients implementing successfully. Key technologies being adopted in modern security programs for intelligence lead initiatives. PLEASE NOTE: For end-users only. Preregistration is required.

Having recently completed the inaugural 3-year journey of evolving cybersecurity at one of Australia's most well-known insurance and healthcare companies, Medibank’s CISO will share his honest reflection on some of the highs and lows, triumphs and tribulations, successes and failures in this session. You will also gain insight into how DevSecOps is being introduced and deployed to help a customer-first organisation move its people, processes and technologies to a stronger position.

Peer Connect Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

This roundtable will review famous cybersecurity incidents with a focus on the root cause and lessons learned from the response. How are more advanced hackers breaching organizations? What is the root cause of the breach? Key lessons learned for incident response playbooks and public relations. PLEASE NOTE: For end-users only. Preregistration is required.

This round table will focus on the implications of enabling more connectivity and IoT into our critical infrastructure and smart grids. PLEASE NOTE: For end-users only. Preregistration required.

SIEM solutions continue to evolve to address a variety of persistent challenges — how to keep up with changing external and internal threats; increases in the volume, velocity and variety of data sources; and how to effectively implement, manage and use the solutions as expertise and resources become more constrained. New entrants have emerged from the UEBA space, and primarily emphasize a user-based approach to monitoring for threats, compared to the more traditional approach of event-based monitoring oriented around IP addresses and hostnames.
SIEM technologies are also adopting more advanced incident response capabilities through the addition (either natively, via acquisition or via integrations) of functions that add SOAR capabilities. Organizations looking to shorten the deployment cycle and transfer responsibility for managing a SIEM tool's platform are leveraging SaaS or hosted SIEM solution options.

With the digital world moving fast, Business Confidence is the key pillar that all businesses must assess and continuously assure. Join "Dynamic Cybersecurity enabling your evolving digital transformation" for this session and understand how to achieve Business Confidence though a Dynamic CyberSecurity framework.

Enterprise is realising breaches are inevitable, leading to the rise of the zero-trust discussion. Yet considering the why, what and how is less understood. Applying critical starting points in the application of Zero-Trust is core to successfully improving the security of crown jewel applications inside your data centre and cloud environments.

Join this session to hear firsthand from executives at Wesfarmers, MLC, QBE and AEMO. With rapid cyber growth across Australia, this panel will discuss inherent risk, external threats and unique challenges that are present in today’s ever changing cyber landscape. Join us to hear firsthand the priorities, investments and predictions of Australia’s security leaders.

How do you create a digital business that is secure by design? How do you avoid downtime and build an agile and predictive security ecosystem across your users, devices, applications, and infrastructure? Business resilience requires every organization to understand and manage the cyber-risks to its physical and digital infrastructure. Join Matt Gyde, CEO, NTT Security to discuss how we partner to prevent, predict, detect, and respond to cyberthreats, while supporting business innovation and managing risk.

Keeping your organisation secure and compliant requires input and collaboration across the organisation, including monitoring security incidents and vulnerabilities to mitigate the risks they pose. Join ServiceNow as they walk through customer use cases to show how you can connect your security orchestration, automation, and response (SOAR) and integrated risk management (IRM) programs by continuously monitoring for risks to enable better decision making.

Digital transformation is forcing organisations towards a new generation of application architectures, and rapidly transforming and accelerating how applications are delivered, deployed and managed.
This session will explore how organisations can address some of the security and risk implications by directly gaining visibility into not just applications but their underlying components.

Today we live at the speed and scale of cloud and businesses are demanding that we accelerate our security programs. With more and more organisations moving to the cloud, traditional IT domains and therefore the world of security as we know it will soon be gone forever. It's time to make a big leap in security.

Join this session to gain key insights into the new rules of security and our vision of modern security - how to secure effectively at the speed and scale of cloud.

Enjoy a hot buffet lunch in the Exhibit Showcase while networking with peers, colleagues and exhibitors. Please email GlobalConferences@gartner.com if you have any dietary requirements.

Most CEOs are excellent problem solvers, but too often CISO’s seek approval rather than enable their CEO’s to participate in the decision making process. This causes disengagement, and is at the root of many of the challenges CISOs and IT leaders face. CISO’s need to use different tools to get their CEO to the table and keep them engaged so that they value the outcome of the decisions we ask for.

Based on investigations of real-world attacks, Microsoft Office 365 cybersecurity experts provide a prescriptive approach to identifying and implementing the most critical security controls to protect your Office 365 tenant. You will learn threats and defences change from on-premises attacks and what Microsoft recommends for quickly protecting against the most likely and impactful risks.

With the introduction of CPS 234, all APRA-regulated entities must ensure they can detect, investigate and respond to security incidents within 72 hours. This requires machine speed detection and investigation where AI is helping humans do more with limited resources. This session will arm you with best practices to move from non-compliant reactive processes to automated actionable insights.

As we continue to see data breaches due to weak credentials, moving away from the password is finally here. Learn how FIDO2 and WebAuthn open authentication standards, in conjunction with YubiKeys, are solving the elimination of passwords at scale. Hear how organizations like Microsoft have implemented these standards for a true passwordless experience and how your organization can follow suit.

In this session learn about how the use of machine identities is growing across the enterprise and in the cloud, how common errors have costly business consequences and how adversaries are leveraging these gaps. Understand how you can move today to get Visibility, Intelligence, and Automation as part of your identity program to reduce risk and increase agility.

Privacy has come to be acknowledged as a fundamental human right, worldwide. Increasing regulatory pressure to enhance control over personal data affects how we look at our analytic activities, customer’s rights and the CX, project development and outsourcing activities. Organizations need to establish a risk-based approach to handle personal data to mature privacy protection and deliver customer trust and satisfaction.

Vendor risk management isn’t just required in highly regulated industries， it’s good practice in all industries. But today’s approaches are mired in lengthy and complex assessment surveys that span a variety of threats and risks. This session will discuss how to improve and enhance your model for managing vendor risks. Why is vendor risk management important now? What are the current best practices in a vendor risk management life cycle? How can we improve the efficiency and value of our vendor risk management programs?

This case study will look at IT and OT convergence and some of the cultural challenges in the adoption of the Cybersecurity Capability Maturity Model (C2M2) framework in the operational technology environment. Jeff will also share how to effectively use risk approaches and refocus on better customer outcomes, that could translate to better cyber security practices.

Organizations are experimenting with artificial intelligence in security. As evaluation procedures mature， the first disillusions happen. This session will review the state of AI and machine learning usage in various security and risk management areas， and give recommendations to: Navigate towards AI marketing. Define evaluation principle for solutions adding new algorithmic approaches to existing security fields. Prepare to avoid or minimize the backlash when results are not up to expectations.

Cloud native applications rely heavily on containers and serverless functions to build out event-driven, microservices based application architectures. Legacy on-premises security patterns won't work and won't scale for the needs of cloud native applications. This presentation will discuss the security patterns and best practices for securing cloud-native applications, including container security.

Left to itself，SaaS becomes an unruly pet. Data shares open to the internet，regulatory noncompliance，overspend and collaboration sprawl negatively impacts everyone. What are the problems with SaaS? What processes and policies can help manage SaaS use? What tools can help govern SaaS? PLEASE NOTE: For end-users only. Preregistration is required.

Siloed IoT/OT implementation and management distract from the real security and safety implications of the convergence of digital technologies and physical assets. To be effective, security and risk management leaders must instead holistically address the needs of cyberphysical systems. This session will discuss the opportunities and challenges related to securing cyberphysical systems.

Buyers are increasingly adding incident response services， but fewer are adding breach response services. These are distinct offerings， but often confused as being the same service. In this session for Security and Risk management leaders， we explain the differences between the services， the questions to consider when determining if you need one or both， and the provider landscape for these services.

Peer Connect Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

Technical professionals focused on security and risk management are pursuing security analytics，machine learning，and artificial intelligence in search of more effective detection of threats and improved monitoring and operations. This session explores real world examples to assess the effectiveness of AI and ML approaches in improving security posture. PLEASE NOTE: For end-users only. Preregistration required

Good information security hygiene is a must， but many organizations lose focus on getting the basics right， leading to an unjustified level of confidence in risk posture. Join us and learn: What are the key activities， capabilities and practices for organizations? What are the activities that you can delay or even skip entirely? Why doing the basics is more important than ever.

A key state government priority is to make NSW the easiest place to setup and remain in business. Hence the elimination of criminal activity in cyber space is a must to support this government objective in alignment with its digital strategy vision. Marco will provide some of the key learnings when he was developing the use case to examine the problem of domain impersonation across all NSW government agencies. Interestingly, the POC unveiled opportunities and additional challenges not envisaged during the problem definition phase. Find out how DFSI successfully engaged different stakeholders and increase awareness across organization, as well as justified the ROI of this initiative in a complex organizational setup.

Your opportunity to engage with the Keynote presenters, ask questions that are top of your mind, and network with your peers.

Peer Connect Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

IT buyers just want to fix today’s problems. But it’s time for you to think like an investor， and not get burned over the next technology shift. What are the steps Security and Risk leaders must follow to build a strategic security roadmap， using Gartner’s Hype Cycle and other predictors? How to assess time for new partnerships based on long- and short-term behavior of vendors? How do security vendors influence your business integrity?

Nation state intrusions targeting organisations of all sizes and multiple verticals. This session will dig into this topic and provide pragmatic guidance on the issue and what you do to address this in your own security program.

Enjoy some light refreshments and barista coffee on the Exhibit Showcase while networking with peers, colleagues and exhibitors. Please email GlobalConferences@gartner.com if you have any dietary requirements.

We are now living in an “always on” world that faces “always-evolving” threats. Security risks have grown due to increasing attack surfaces. More sophisticated and stronger attacks cripple services, compromise customer data, and lead to revenue loss. In this session, we will discuss the changing security landscape and what organizations need to do to protect against always-evolving threats.

The speed and sophistication with which cybercriminals are launching attacks is increasing year-over-year. Defenders should be incorporating threat intelligence that goes beyond identifying IOCs to understanding the common tactics used by cybercriminals. Gain insight into AT&T Alien Labs and how it produces the tactical threat intelligence needed in today’s threat landscape.

Many of our cyber security experiences play out like Greek tragedies. But, frankly, better tragedy than comedy. Tragedy holds lessons for us. It is a very human condition; it reminds us of the costs of inattention, the need for inspiration, and to pay close attention to people.
As CISOs and CIOs we can use the tools and reminders of tragedy to strategic effect. The keynote will consider how cyber is understood and how perceptions may be recast to place humans at the centre of cyber, touching on the missions of the ANU’s Cyber Institute.