Agenda
Our Gartner experts, who are at the top of their fields, helped attendees address their most critical challenges. These key topics kickstarted conversations around priorities and initiatives so that attendees could tackle what was most important to them.
Faced with a fragmented, interdependent world, cybersecurity leaders have less control over decisions around cyber risk than ever before. This track gives you practical guidance on managing security teams and stakeholders through the evolving threat landscape.
This track provides insights to the strategic direction of infrastructure security technology and is designed to help you ensure that security operations keep pace with the evolving threat landscape.
Spanning the cycle from developers to customers, today’s leaders face a wide, diverse array of both risks and ways to manage, mitigate and respond to them. Sessions in this track provide practical, real-world guidance on achieving a more secure software development life cycle and data management program.
Owing to new challenges and lack of agility in program management, cybersecurity leaders struggle to mature their cyber and IT risk management practices beyond conducting assessments. This track highlights the latest trends and tools to help you improve automation and models.
Gartner for Technical Professionals research explores insights into the security best practices, methodologies and tools needed to ensure operational success. Sessions provide advice on architecting, implementing and operating security controls for the hybrid enterprise.
As the role evolves, CISOs must adapt to ensure that the organization can balance risk decisions with business goals. The CISO Circle provides targeted content, workshops and networking opportunities. Join us and form valuable connections with peers and Gartner experts.
Monday, 13 February, 2023 / 11:00 AM - 11:30 AM IST
Manjunath Bhat, VP Analyst, Gartner
The number an complexity of tools and techniques that make up good application security practices can be overwhelming. There are various application security testing tools, threat modeling processes, security requirements, as well as runtime security controls that need to be considered. This session will review the tools and practices that are essential to any application security program.
Monday, 13 February, 2023 / 02:30 PM - 03:00 PM IST
Ravisha Chugh, Principal Analyst, Gartner
Data security is a top priority. This session covers current trends and emerging topics specific to data security. How organizations handle and consume data continues to rapidly evolve. Databases and cloud applications introduce rapidly evolving threats with with countermeasures following slowly. Planning to use data as the focus of security governance and security architecture roadmaps is critical for any security and risk management program.
Tuesday, 14 February, 2023 / 10:30 AM - 11:15 AM IST
Manjunath Bhat, VP Analyst, Gartner
Attackers are targeting software development systems, open-source artifacts and DevOps pipelines to compromise software supply chains. In this Ask the Expert session, we will answer questions on emerging trends such as software bill of materials, hermetic pipelines and binary authorization to mitigate risks both for internally developed applications and externally procured software.
Tuesday, 14 February, 2023 / 12:00 PM - 12:30 PM IST
Ravisha Chugh, Principal Analyst, Gartner
Data breach is now more of a reality than a threat which can expose personal and corporate intellectual property. CIOs, CISOs and general counsel are teaming together to improve readiness for this reality. This session will provide insights to actionable and proactive steps to reduce exposure by establishing knowledge of your data to align with access expectations and life cycle management.
Tuesday, 14 February, 2023 / 02:00 PM - 02:30 PM IST
Dennis Xu, Sr Director Analyst, Gartner
This session will discuss the evolution of Office 365 into Microsoft 365 and the security, identity and compliance features that all organizations must implement. We will discuss third-party options as well as the built in native Microsoft features along with strengths and weaknesses of each.
Tuesday, 14 February, 2023 / 02:00 PM - 02:45 PM IST
Ravisha Chugh, Principal Analyst, Gartner
Ask any questions you have regarding DLP - including vendors in the market, market trends, how to choose the right solution or any best practices for implementing it.
Tuesday, 14 February, 2023 / 04:30 PM - 05:00 PM IST
Manjunath Bhat, VP Analyst, Gartner
There are millions of open-source software projects in the world. Which ones are in your software? And what security, operational, and legal risks do they pose? Getting control and managing a myriad of risks requires information, process changed, and automated tools to spot and help remediate problems. In this session, we'll examine the various changes you should consider, along with the tools that can help in getting control.
Monday, 13 February, 2023 / 11:00 AM - 11:30 AM IST
Abhyuday Data, Director Analyst, Gartner
Identity-first security has emerged as a theme in many major security initiatives and policies. Supporting these initiatives as well as delivering on business requirements for smooth, simple and secure access, and authentication decisions requires disparate IAM elements to work in concert. This session will provide an update on the major themes in IAM to ensure that your IAM decisions in 2023 will support the strategy of the future.
Monday, 13 February, 2023 / 11:00 AM - 11:45 AM IST
Steve Santos, Sr Director Analyst, Gartner
This session intends to help clients who want to design security architecture to directly address business needs, addressing all stakeholder needs. The session will cover establishing a strategic architecture upon which logical requirements and specifications can be developed to facilitate security component selection.
Monday, 13 February, 2023 / 11:00 AM - 12:30 PM IST
Roberta Witty, VP Analyst, Gartner
Conducting a business impact analysis (BIA) is a critical step to determining the importance of IT systems to an organization and planning based on their importance. Join us to learn how to leverage BIAs to meet the needs of security, risk and privacy functions outside of their normal usage in business continuity management planning.
Monday, 13 February, 2023 / 02:30 PM - 02:50 PM IST
Abhyuday Data, Director Analyst, Gartner
Through a selection of relevant Gartner insights and complementary methodologies, we will provide insight into the latest updates in the privileged access management market.
Monday, 13 February, 2023 / 02:30 PM - 03:00 PM IST
Wam Voster, VP Analyst, Gartner
2021 showed that attacks are moving closer to operational or mission-critical environments where cyber-physical systems (CPS) live. Whether they are born of OT/IT convergence or from IoT, IIoT, or Smart "X" efforts, CPS are everywhere and mandate different approaches to security than IT systems.
What are the top 10 must-dos to protect them?
Monday, 13 February, 2023 / 02:30 PM - 03:15 PM IST
Steve Santos, Sr Director Analyst, Gartner
Join this ask the experts session to get answers to key questions around risk-based vulnerability management. This session will offer answers to questions such as:
- how to do RBVM with process
- how to do RBVM with tools
- Best practices for RBVM
Monday, 13 February, 2023 / 04:00 PM - 04:30 PM IST
Paul Furtado, VP Analyst, Gartner
Gartner has observed a new approach to detecting and mitigating Insider Risk. Early detection and nudge-based intervention prove more cost effective than the traditional "detect, deter, destroy" model beloved by legacy security leaders. In this presentation, we outline how the new approach is not only better for the revenue line, it is also better for organizational culture and employee effectiveness.
Monday, 13 February, 2023 / 04:00 PM - 04:30 PM IST
Angel Berrios, Sr Director Analyst, Gartner
Ransomware is a threat that requires a whole-business approach to defend against and the diversity of tools, techniques, and processes that enterprise security professionals can bring to bear to protect against ransomware can be intimidating. In this session, attendees will learn how to assess their program of ransomware defense and quickly close the gaps that attackers will use to make your organization the next name on their list of victims.
Monday, 13 February, 2023 / 04:00 PM - 04:30 PM IST
Steve Santos, Sr Director Analyst, Gartner
Those responsible for vulnerability management are undoubtedly familiar with "The Pile" — the often-massive reports produced by a vulnerability assessment tool that tells us what we have to fix. Those reports are undoubtedly useful, but often intimidating due to their sheer size. In this session, we'll learn the best practices for sorting through the pile, identifying what's important stuff and getting what matters fixed first.
Tuesday, 14 February, 2023 / 10:30 AM - 12:00 PM IST
Franz Hinner, Sr Director Analyst, Gartner
Ransomware is a unique threat, and demands a unique incident response plan. Tabletop exercises, or "role playing games for security professionals," are one of the best ways of creating those plans. In this workshop, we will work through a series of live ransomware-specific tabletop exercises, and help you be the dungeon master Ransomware Hero your organization needs!
Tuesday, 14 February, 2023 / 12:00 PM - 12:30 PM IST
Roberta Witty, VP Analyst, Gartner
This session highlights the importance of organizational resilience as a strategic imperative in the wake of the COVID-19 pandemic, the changing threat landscape and the pace of digital innovation.
Tuesday, 14 February, 2023 / 03:45 PM - 04:15 PM IST
Wam Voster, VP Analyst, Gartner
From SolarWinds to Kaseya to government bans on specific providers, supply chain security is an area of increased concerns. This session provides an overview of the technology supply chain risk management landscape, and suggested first steps for each category.
Tuesday, 14 February, 2023 / 03:45 PM - 05:15 PM IST
Rahul Balakrishnan, Director, Research, Gartner
This interactive “gamified” workshop is designed to actively involve senior leaders, board members and business stakeholders to boost their awareness of cybersecurity by flipping their perspective and making them look through the lens of the attacker’s point of view. This workshop also serves to identify potential gaps and actions required to bolster the security efforts of the enterprise.
Tuesday, 14 February, 2023 / 04:30 PM - 05:00 PM IST
Abhyuday Data, Director Analyst, Gartner
Emerging risks and top security trends are driving innovation in security and risk management. Among many new areas in security that are emerging, which ones should you focus on? This session will explore high-impact emerging technologies in security and risk management.
Monday, 13 February, 2023 / 12:30 PM - 01:15 PM IST
Paul Furtado, VP Analyst, Gartner
Join this discussion on security and risk best practices for mid-size enterprises. Midsize enterprises are defined as organizations between $50 million and $1 billion in annual revenue and fewer than 1,000 employees. This session is a good fit for you if your organization has between five and 50 people in IT and an IT budget between $5 million and $30 million.
Monday, 13 February, 2023 / 02:30 PM - 03:00 PM IST
Deepti Gopal, Director Analyst, Gartner
Consistent, practical strategic planning is a prerequisite for security and risk management leaders establishing and supporting the credibility of their security programs. This presentation:
- Introduces a generic security strategy planning process
- Shares the unique best practices associated with security strategy planning
- Provides practical advice on communicating the strategy to stakeholders.
Monday, 13 February, 2023 / 05:00 PM - 05:45 PM IST
Roberta Witty, VP Analyst, Gartner
Refocus corporate security initiatives and efforts — from a futile effort to prevent breaches and to accepting the inevitability of breaches. We will define how to learn from normal accident theory to build a culture of resilience that is capable of reducing or eliminating business impacts from security breaches. This culture is built on characteristics and disciplines, which we will define in actionable terms.
Tuesday, 14 February, 2023 / 09:00 AM - 09:45 AM IST
Fredrik Haren, The Creativity Explorer,
A session about the power of creativity, and about what we can do to develop our full creative potential. By studying and understanding how creativity is different in different part of the world we can broaden our understanding of the concept and become better at developing our own creativity for the benefit of both our professional career and our private lives.
Tuesday, 14 February, 2023 / 10:30 AM - 11:00 AM IST
Deepti Gopal, Director Analyst, Gartner
Gartner’s annual surveys collect data from thousands of CIOs on what matters most to them.
Join this session to learn:
• What’s most important to them
• How they are adapting to the fast-changing environment around them
• Implications for security and risk leaders
Tuesday, 14 February, 2023 / 10:30 AM - 11:00 AM IST
William Candrick, Director Analyst, Gartner
No one can tell you what your metrics should be … until now. Gartner has developed and vetted a prioritized list of metrics to describe the value of your cybersecurity program to satisfy the most challenging audiences including your board, CFO, COO, customers, partners and regulators. And we are working on benchmarks for each.
- What cybersecurity metrics should I measure?
- How can I use metrics to drive governance?
Tuesday, 14 February, 2023 / 12:00 PM - 12:30 PM IST
Paul Furtado, VP Analyst, Gartner
Midsize enterprise (MSE) IT leaders face significant security challenges when trying to deliver IT services with small IT teams (usually fewer than 30 people) and limited IT budgets (usually less than $20 million). Join us for a discussion of the top trends that MSE IT leaders responsible for security and risk management should prioritize to stay current and proactive in protecting the organization and managing risk effectively.
Tuesday, 14 February, 2023 / 02:00 PM - 02:30 PM IST
Christopher Mixter, VP Analyst, Gartner
Security and risk management leaders are often treated as scapegoats in cases of breach. By the same token, digital business has propelled security and risk to become a boardroom issue, business units have increased their expectations (and demand) of their leadership, and regulatory demands are often challenging. This session will shed light on the leadership traits that aide in a successful and balanced approach between the demands of the business and the effectiveness of the leader.
Tuesday, 14 February, 2023 / 03:45 PM - 04:15 PM IST
Deepti Gopal, Director Analyst, Gartner
Gender imbalance is stagnating, if not getting worse, in many IT organizations. The challenge is not just hiring more women, it’s also not losing them. Leaders can support women in IT by creating, curating and managing a pipeline program. Creating an inclusive environment also means confronting behaviors that marginalize women.
Monday, 13 February, 2023 / 11:00 AM - 11:30 AM IST
Thomas Lintemuth, VP Analyst, Gartner
Zero-trust strategies for network security have gained notable popularity in recent years. However, organizations need to avoid "silver bullet" thinking and build strategies based on their desired business outcome. This session will highlight the forces that shape network security, threats that need to be addressed, and how to think about zero trust and SASE as part of an overall network security strategy.
Monday, 13 February, 2023 / 11:00 AM - 11:30 AM IST
Charlie Winckless, Sr Director Analyst, Gartner
Cloud security remains a top priority. This presentation summarizes the problems, recommended processes and new product types to address three key issues: What are the unique risks associated with public cloud service providers, and how can they be controlled? What are the unique security challenges of IaaS and how can they be mitigated? What are the unique control challenges of SaaS and how can they be addressed?
Monday, 13 February, 2023 / 12:30 PM - 01:00 PM IST
Franz Hinner, Sr Director Analyst, Gartner
Endpoint now covers a wide variety of devices, and organisations invest heavily in trying to secure them. So why is it that malware attacks such as ransomware are still so prevalent. We discuss how securing the endpoint needs to go beyond protecting the individual endpoint, to protect the diverse range of endpoints that make up an organisation.
Monday, 13 February, 2023 / 12:30 PM - 01:00 PM IST
Eric Ahlm, Sr Director Analyst, Gartner
Security automation isn't a new concept, however, the application of automation to security operations can be a tricky path to decipher. This presentation talks about the practical side of security automation, what sort of uses can lead to big wins, and what sort of uses can lead to massive disappointment.
Monday, 13 February, 2023 / 02:30 PM - 03:00 PM IST
Richard Bartley, VP Analyst, Gartner
How do you decide on which cloud security controls to deploy? The bewildering array of cloud security patterns can make common approaches to cloud security daunting. This session presents practical steps toward designing the right set of native and vendor layered cloud security components for your organization.
Monday, 13 February, 2023 / 04:00 PM - 04:30 PM IST
Thomas Lintemuth, VP Analyst, Gartner
Enterprises are shifting to hybrid work environments to enable anywhere, anytime access to resources that are located everywhere -- in SaaS, in public cloud IaaS with some workloads in the traditional data center. A SASE strategy enables users, devices and branches zero trust access to resources, regardless of location. This session will lay out a strategic timeframe and roadmap for SASE adoption.
Monday, 13 February, 2023 / 04:00 PM - 04:45 PM IST
Dennis Xu, Sr Director Analyst, Gartner
Come join your peers for a round table discussion on cloud security. Someone might have fixed the issue that you are struggling with, or they might have a better way to automate that security check. You might be evaluating the same CNAPP tool at the moment. Come share with your peers your unique cloud security journey.
Tuesday, 14 February, 2023 / 10:30 AM - 11:00 AM IST
Angel Berrios, Sr Director Analyst, Gartner
The MDR market is beginning to get to an initial stage of maturity, but there is still a high level of flux in the types of providers and the coverage of their solutions. During this session, we will offer participants a view into the direction of the market, the alignment with modern ways of working and core questions to ask providers offering these services, about their future.
Tuesday, 14 February, 2023 / 10:30 AM - 11:00 AM IST
Eric Ahlm, Sr Director Analyst, Gartner
Moving from threat prevention to detection and response requires careful planning. Building a modern security operations center (SOC) requires balancing business risk with cost and complexity. This session discusses how to plan, build and operate a modern SOC, including how to best use a service provider, automation and technology platforms such as SIEM.
Tuesday, 14 February, 2023 / 02:00 PM - 02:30 PM IST
Richard Bartley, VP Analyst, Gartner
This session will discuss the reference architecture and dive deep into how to build the cybersecurity mesh architecture (CSMA). We will discuss the evolution of best-of-breed to the new CSMA along with pros and cons of each approach. Finally, we will discuss the vendor landscape from larger security vendors with full stacks to open source/distributed CSM solutions.
Tuesday, 14 February, 2023 / 02:00 PM - 02:30 PM IST
Charlie Winckless, Sr Director Analyst, Gartner
Check in to make sure you are current on network security offerings and how they complement each other, but stay to see how they are evolving and what new technologies will transform your current processes over the next few years.
Tuesday, 14 February, 2023 / 03:45 PM - 04:15 PM IST
Charlie Winckless, Sr Director Analyst, Gartner
Cloud security remains a challenge; we have to protect data when it is out of our control. This session will address the emerging trends in cloud security, what they bring to your organization and how to use them most effectively. Security is seen as an obstruction to cloud adoption; this will show you how to enable without losing protection.
Tuesday, 14 February, 2023 / 04:30 PM - 05:00 PM IST
Thomas Lintemuth, VP Analyst, Gartner
Zero Trust is more than a marketing term once you see through all the marketing. Organizations are building application access with Zero Trust principles. We will discuss five key items you need to know for zero trust to work for your organization.