Our Gartner experts, who are at the top of their fields, helped attendees address their most critical challenges. These key topics kickstarted conversations around priorities and initiatives so that attendees could tackle what was most important to them.
Prioritizing decisions related to unknown risks and known exposures is a constant challenge. This track discusses top security and risk management trends in 2022, leadership vision for actionable change and practical use cases for risk decision making.
New risk assessment models are designed to address two critical aspects of digital business: speed and scalability. This track offers ideas and tools for you, a risk leader, to innovate risk management practices and optimize the value of your risk management investment.
The number of security product and service solutions in the market is staggering and is complicated by the evolving range of delivery models. This track provides insights into the security markets and best practices in adopting and using technology solutions.
This track provides fresh, practical strategies to address the most significant future risks: transformation to location-independent enterprise, migrating to cloud-delivered and cloud-secured solutions, Evolution of networks in the cornerstone of IOT security, and Identity first security in a perimeter-less enterprise
The Business Enablement Spotlight Track provides insights and guidance on core security disciplines – It offers a foundation that enables organizations to rapidly embrace digital initiatives, with reduced risk and greater confidence.
The Technical Insights Spotlight Track delivers actionable, technical insights into security best practices, methodologies, and tools needed to ensure deployment success Learn how to successfully architect, implement and operate scalable security controls in and beyond the enterprise and across the cloud.
Monday, 07 March, 2022 / 11:00 AM - 11:45 AM IST
Tina Nunno, Distinguished VP Analyst, Gartner
As a security leader, are you playing defense or offense? Do you as a leader set the terms of engagement, or are they too often set by others? This session will explore how security leaders can ensure they lead from an offensive position, to deliver the best results for themselves and for their enterprises.
Monday, 07 March, 2022 / 12:00 PM - 12:30 PM IST
Jay Heiser, VP Analyst, Gartner
The challenges to security and risk management programs range from governmental/political intervention to digital business adoption to the impact of organizational culture of running a business. Security and Risk Management (SRM) leaders must develop a coherent program based on a clear vision and strategy. This presentation will address:
-What are the major trends affecting the security and risk management leader?
-What are the top challenges affecting the security and risk management leader?
-What actions and best practices should the security and risk management leader initiate?
Monday, 07 March, 2022 / 01:30 PM - 02:00 PM IST
Sam Olyaei, VP, Team Manager, Gartner
Innovation — or at least the desire to innovate — is on the rise among corporate and public sector clients alike. But while desirable, morphing from your existing culture into an innovative one is hard especially while trying to manage cyber risk in your organization. Most who try, fail. This presentation aims to provide attendees with tactical advice on how to get started, with four culture hacks.
Monday, 07 March, 2022 / 03:00 PM - 03:30 PM IST
Wam Voster, Sr Director Analyst, Gartner
Organizations need to ensure their Operational Technology (OT) has a framework of People, Process and Technology to increase or at least maintain their OT security posture. Fully aligning to standards like the IEC62443 is for many smaller organizations not feasible. Security & Risk Management Leaders can use these OT Security controls to address the risks in their OT environment.
Monday, 07 March, 2022 / 03:00 PM - 03:30 PM IST
Jeffrey Wheatman, VP, Advisory, Gartner
Everyone knows how important strategic planning is for success and yet it is an immense challenge for pretty much everyone. Join us to learn about a simple approach to telling a simple story linking security program activities to business goals and drives better decisions.
1. What makes a good strategy?
2. What kind of narratives work?
3. What does a sample strategy look like?
Monday, 07 March, 2022 / 03:00 PM - 03:45 PM IST
Brian Lowans, Sr Director Analyst, Gartner
A data risk assessment is critical to review the growing risks associated with data breaches and deployments across multi-cloud architectures. Use this session to discuss emerging best practices.
Monday, 07 March, 2022 / 03:45 PM - 04:15 PM IST
Tom Scholtz, Distinguished VP Analyst, Gartner
There are multiple approaches for communicating the business value of cybersecurity and none of them offer a single "best" way. All are relevant to different contexts. This presentation will discuss the characteristics of common approaches such as RO(S)I, price-performance analysis, outcome-driven approach, etc., and provide guidance on how to select the appropriate approach based on context.
Monday, 07 March, 2022 / 03:45 PM - 04:30 PM IST
Many midsize enterprise security teams are having trouble defining what security metrics they should be tracking. What metrics actually drive outcomes? Are your metrics targeting the correct audience? Are your outsourced security services providing you the right metrics? Join us for this MSE-specific session to help get rid of the noise and find what works best for your organization.
Tuesday, 08 March, 2022 / 10:30 AM - 10:45 AM IST
Paul Proctor, Distinguished VP Analyst, Gartner
On the 24th of February Russia invaded Ukraine through the use brute military force, but as we have long known any kinetic conflict in this day and age will come with an equally destructive cyber element. Many organizations, particularly ones in critical infrastructure sectors could very well be impacted either directly or indirectly. This session will cover the most pressing cybersecurity concerns as the situation unfolds.
Tuesday, 08 March, 2022 / 12:00 PM - 12:30 PM IST
Jeffrey Wheatman, VP, Advisory, Gartner
SRM leaders struggle with creating effective metrics. They are too technical, or not technical enough. They resonate with practitioners or business leaders but not both. They are comprised of data with no context. Metrics are important and we don’t do them very well.
(1) What makes a good metric?
(2) How can make your metrics useful?
(3) How can you build metrics that support business goals?
Tuesday, 08 March, 2022 / 12:00 PM - 12:45 PM IST
Richard Addiscott, Sr Director Analyst, Gartner
Across industry sectors, organizations are being directed to implement – and, in some cases, comply – with a range of new or strengthened government cybersecurity regulations. A key challenge for SRM leaders is being able to –sensitively and sensibly – shape and influence the discussion at senior levels and avoid being sucked into a compliance-driven security agenda. Join this interactive, invitation-only roundtable session with your peers to discuss strategies for delivering an effective cybersecurity program and at the same time meet regulatory cybersecurity obligations.
Tuesday, 08 March, 2022 / 01:30 PM - 02:00 PM IST
Wam Voster, Sr Director Analyst, Gartner
Increasingly, security incidents happen without warning and remain undetected for an extended period. When responding to such an active threat, it is vital that the time between the initial detection and the full mitigation is as short as possible. Security & Risk management Leaders must be prepared for the inevitable by having a proper security incident response process.
Tuesday, 08 March, 2022 / 03:00 PM - 03:30 PM IST
Tom Scholtz, Distinguished VP Analyst, Gartner
CISO’s have a duty to ensure that the enterprise has an effective cybersecurity security program that can prove to all stakeholders (i.e., shareholders, regulators, customers, suppliers and employees) that it is doing all that can be reasonably expected to protect the digital resources against cyber risk. This presentation analyses the characteristics of a defensible program.
Tuesday, 08 March, 2022 / 03:00 PM - 03:45 PM IST
Richard Addiscott, Sr Director Analyst, Gartner
Paul Webber, Sr Director Analyst, Gartner
Your executives only care about risk, value, and cost. Why would you speak to them about anything else? This workshop will walk through the steps of identifying business processes and outcomes, aligning supporting technology stacks, and creating outcome-driven metrics to put cybersecurity in a business context.
Tuesday, 08 March, 2022 / 03:45 PM - 04:15 PM IST
Sam Olyaei, VP, Team Manager, Gartner
Every year, Gartner produces impactful predictions across all practices. This presentation will compile the top predictions prepared by our cybersecurity experts for the year 2021-2022. Security and risk management leaders should monitor these trends to be successful in the digital era especially as most recognize that global change could potentially be one crisis away.
Tuesday, 08 March, 2022 / 03:45 PM - 04:15 PM IST
Katell Thielemann, VP Analyst, Gartner
This session presents an overview of current and emerging threats specific to cyber-physical systems (CPS) born either of OT/IT convergence or from IoT, IIoT, or Smart "X" efforts.
Key issues include:
• An overview of CPS and why they matter
• How CPS change an organization’s threat environment
• What emerging threats organizations are probably not thinking about but should
Monday, 07 March, 2022 / 12:00 PM - 12:30 PM IST
Joerg Fritsch, Sr Director Analyst, Gartner
This session covers current trends and emerging topics in the area of data security. From databases to cloud applications, threats are rapidly evolving and countermeasures slowly follow. Planning a data-centric roadmap for security governance and security architecture is a critical component of any security and risk management program.
Monday, 07 March, 2022 / 12:00 PM - 12:45 PM IST
Ravisha Chugh, Principal Analyst, Gartner
Shashank Sharma, Assoc Principal Analyst, Gartner
Data Loss Prevention has a mixed reputation given its resource-intensive technology. However, hopes are still high for DLP, as the visibility it provides can be a force in reshaping policy, processes, and data usage behavior — pushing the enterprise towards a brighter future in compliance and risk reduction. The question is often: How? How do you do it? It’s by building a DLP program. Each part of the process is an ocean. Join this session to ask your questions.
Monday, 07 March, 2022 / 01:30 PM - 02:00 PM IST
Khushbu Pratap, Sr Director Analyst, Gartner
72% Board of Directors would change organizational structure to achieve business model agility during the COVID-19 crisis and its aftermath. CIOs, CISO, IT risk leaders and digital innovation champions are witnessing unforeseen changes that have cascading impacts on managing exposures. This session walks through emerging solutions and adjustments in digital environments.
Monday, 07 March, 2022 / 01:30 PM - 02:15 PM IST
Swati Rakheja, Principal Analyst, Gartner
Abhyuday Data, Sr Principal Analyst, Gartner
Success with a PAM program is a mixed bag for most companies, finding PAM a challenging implementation. Before you even purchase a tool, fundamental tasks must be taken on to ensure success later in the process. This session gives you an opportunity to ask questions about initiating and running an effective PAM program. Attendees should come prepared to ask questions.
Monday, 07 March, 2022 / 03:00 PM - 03:30 PM IST
Erik Wahlstrom, Sr Director Analyst, Gartner
An enterprisewide strategy for managing machine identities and credentials such as keys, secrets and certificates requires the usage of multiple tools. In this session we will provide guidance on how to pick the right type of tool and establish a process that meets modern DevOps as well as security requirements.
Monday, 07 March, 2022 / 03:45 PM - 04:15 PM IST
Bart Willemsen, VP Analyst, Gartner
The future of privacy, is now. Amid an unprecedented set of innovations, driven by a global move to maturing privacy and data protection legislation, consumers' demand for active protection of privacy continues. Looking for minimum compliance leads to risk and opportunity oversight. This session deals with upcoming challenges in privacy, the global state of the landscape, and the tools for a mature, value-creating privacy program.
Tuesday, 08 March, 2022 / 12:00 PM - 12:30 PM IST
Jon Amato, Sr Director Analyst, Gartner
Ransomware attacks continue to increase globally and the criminals responsible for those attacks have become increasingly sophisticated in their methods. In this session, we will examine the life cycle of a ransomware attack and discuss the defense techniques your organization should use to protect themselves against this threat.
Tuesday, 08 March, 2022 / 12:00 PM - 12:30 PM IST
Stephanie Stoudt-Hansen, Managing Vice President, Gartner
Cloud contracting requires due diligence from pre-contract vetting to monitoring ongoing activities. We will explore creating cloud security guidelines, proactively addressing Procurement and Legal’s concerns and what you can do if you are unable to address security risks in the contract and ongoing vendor risk management
Tuesday, 08 March, 2022 / 03:00 PM - 03:45 PM IST
Joanne Spencer, Sr Director Analyst, Gartner
Luke Ellery, VP Analyst, Gartner
Security and risk leaders struggle to effectively assess third-party (including IT vendor) security and risk, leading to unknown risks or security breaches. This roundtable provides you with the opportunity to participate in a facilitated discussion with your peers regarding the most effective assessment practices used today.
Tuesday, 08 March, 2022 / 03:45 PM - 04:30 PM IST
Abhyuday Data, Sr Principal Analyst, Gartner
Swati Rakheja, Principal Analyst, Gartner
Customer Identity and Access Management (CIAM) is key to enabling your digital transformation and the foundation of your customers' digital experiences. This session gives you an opportunity to ask questions about CIAM features, vendors and best practices. Attendees should come prepared to ask questions about IAM for external identities (including customers, partners, patients and citizens).
Monday, 07 March, 2022 / 12:00 PM - 12:30 PM IST
Tricia Phillips, Managing Vice President, Gartner
Identity and access management has reached a tipping point with the distribution of workforce and application access. The decentralization of objects and assets demands a flexible and centralized response with a reliance on flexible orchestration, and policy enforcement which supports a low-friction, zero trust approach.
Monday, 07 March, 2022 / 12:00 PM - 12:30 PM IST
Jon Amato, Sr Director Analyst, Gartner
Security operations are rapidly evolving to keep up with threat landscape. Tools leveraged by security professionals include automation, advanced analytics and machine learning. This session will address key issues: (1) What threats and trends are affecting security operations? (2) What defines best-in-class security operations of 2021? (3) What is the outlook for security monitoring and operations for the years ahead?
Monday, 07 March, 2022 / 12:00 PM - 12:45 PM IST
Craig Lawson, VP Analyst, Gartner
Many vulnerability management programs fail to prioritize vulnerabilities for remediation properly, overloading the IT teams responsible for patching and testing systems. This session discusses what organizations must do to prioritize vulnerabilities identified by vulnerability assessments properly. Typical questions might include: How can I go beyond CVSS? How can I expand prioritization to incorporate asset and threat context?
Monday, 07 March, 2022 / 01:30 PM - 02:00 PM IST
Neil MacDonald, Distinguished VP Analyst, Gartner
Information security is frequently cited as a top obstacle to the adoption of cloud computing, yet improved security is cited as a top driver for adoption of cloud computing. This session will explore the current and future state of cloud security spanning infrastructure, platform and software as a service offerings, including hybrid cloud security and emerging distributed cloud and edge computing security issues.
Monday, 07 March, 2022 / 01:30 PM - 02:00 PM IST
John Watts, VP Analyst, Gartner
Last year work-from-home became the new normal. Coupled with the rapid adoption of SaaS applications such as Microsoft’s O365, Salesforce and others, organizations are no longer able to secure end users and devices with inflexible network security architectures. In this session, we will highlight the forces that shape network security today. We will also discuss SASE, the future of network security in the cloud.
Monday, 07 March, 2022 / 01:30 PM - 02:15 PM IST
Paul Webber, Sr Director Analyst, Gartner
Preventing Ransomware is no longer possible, especially with the advent of targeted and human-operated campaigns. Have limited resources? Ask our experts how it is possible to improve all three – processes, tools and training – without blowing the budget. Identify quick wins and strategic initiatives you can action in your own organizations and avoid being the next victim.
Monday, 07 March, 2022 / 03:00 PM - 03:30 PM IST
Charlie Winckless, Sr Director Analyst, Gartner
2020 was a year of change and few things have been impacted more than application security! Trends to new technology, new platforms and new tools have all been accelerated, achieving several years worth of growth in a short time. In this session we cover the current state of application security and explore some of the current, fast-moving trends.
Monday, 07 March, 2022 / 03:45 PM - 04:15 PM IST
Felix Gaehtgens, VP Analyst, Gartner
With many IT assets now outside traditional enterprise perimeters, IT leaders must rethink security. Enter the cybersecurity mesh architecture, a composable and scalable approach to extend security controls to distributed assets by decoupling policy enforcement from the assets being protected.
Monday, 07 March, 2022 / 03:45 PM - 04:15 PM IST
Mitchell Schneider, Sr Principal Analyst, Gartner
Vulnerability management is still not a standard practice for many organizations, even though it should be a foundational practice of good security hygiene. This can be a bigger issue for resource-challenged organizations. This session will help participants understand what has worked and not worked for their peers, across people, processes and technologies, when implementing a vulnerability management program.
Tuesday, 08 March, 2022 / 12:00 PM - 12:30 PM IST
Lawrence Orans, Managing Vice President, Gartner
Vendors are adopting the term SASE to encompass their cloud security offerings, but not all SASE vendors are equal. Security and risk management leaders can take steps now to adopt the SASE framework and prepare for the future. This session will:
- Clearly define the SASE framework
- Address the strategy for SASE framework adoption
- Provide practical steps to implement SASE frameworks this year
Tuesday, 08 March, 2022 / 12:00 PM - 12:45 PM IST
Craig Lawson, VP Analyst, Gartner
Share your zero trust journey with your peers in this roundtable. Learn from each other as you discuss your success stories and your setbacks on the road to a zero trust network.
Tuesday, 08 March, 2022 / 01:30 PM - 02:00 PM IST
Neil MacDonald, Distinguished VP Analyst, Gartner
Cloud-native applications are not inherently unsecure, but are being deployed insecurely, driven by developers and with a need for agility in service development and deployment. Security and risk management leaders must address container and Kubernetes security issues around vulnerabilities, visibility, compromise and compliance.
Tuesday, 08 March, 2022 / 01:30 PM - 02:00 PM IST
Peter Firstbrook, VP Analyst, Gartner
The SolarWinds supply chain attackers utilized the most advanced tool tactics and techniques to achieve their goals. Security and risk management leaders should understand how the attackers were able to evade detection to improve their defenses. This session will explore;
What was different about the SolarWinds attack
What can you do to improve your defensive posture
What is the future of supply chain attacks?
Tuesday, 08 March, 2022 / 01:30 PM - 02:00 PM IST
Patrick Hevesi, VP Analyst, Gartner
Endpoints continue to multiply and connect from anywhere. Security teams have had to scramble and protect both managed and now more unmanaged devices than ever. This session will discuss the trends of attack, new hardware and software security solutions, and how to build a strong defense on the device, in the enterprise and the cloud to protect the endpoints.
Tuesday, 08 March, 2022 / 01:30 PM - 02:15 PM IST
Manjunath Bhat, VP Analyst, Gartner
Moving from DevOps (or any development style) to a security-focused SDLC is more than just buying some tools and hoping for the best. In this session, we will share some of the most effective ways we've seen in speaking with thousands of clients to get security into a development culture without massive resistance.
Tuesday, 08 March, 2022 / 01:30 PM - 02:15 PM IST
Craig Lawson, VP Analyst, Gartner
Vendors are flooding the "airwaves" with marketing claims about SASE. Feeling overwhelmed? In this session, we'll answer your SASE questions in an interactive format.
Tuesday, 08 March, 2022 / 03:00 PM - 03:30 PM IST
Mario de Boer, Managing Vice President, Gartner
In this session, we introduce an example machine learning application. We execute real attacks on the example application to illustrate different attack techniques on general ML/AI applications. For each of the attacks, we provide advice for mitigations.
Tuesday, 08 March, 2022 / 03:00 PM - 03:30 PM IST
Patrick Hevesi, VP Analyst, Gartner
This session will discuss the evolution of Office 365 into Microsoft 365 and the security, identity and compliance features that all organizations must implement. We will discuss 3rd party options as well as the built in native Microsoft features along with strengths and weaknesses of each.
Tuesday, 08 March, 2022 / 03:00 PM - 03:30 PM IST
Thomas Lintemuth, VP Analyst, Gartner
Organizations of all types are having to allo from home, some for the first time. Find out how enterprise controls, cloud controls and the home office controls come together to secure the remote user experience.
Tuesday, 08 March, 2022 / 03:45 PM - 04:15 PM IST
Dionisio Zumerle, VP Analyst, Gartner
With cloud native applications, the lines between infrastructure and applications are increasingly blurry, while with DevOps development and operations are also increasingly overlapping. Using data from a recent Gartner survey, this session will present recommendations to arrange people, process and technologies to protect application assets without slowing down the CI/CD pipeline.
Tuesday, 08 March, 2022 / 03:45 PM - 04:15 PM IST
Patrick Hevesi, VP Analyst, Gartner
Come learn about the beauty of the cloud while applying the right "science" to securing your multiple cloud services. We will discuss the journey to the cloud and how security tools like CASB, CSPM, CWPP, SMP, SSPM, SASE and CSMA all work together to build a unified cloud security strategy work of art.