Gartner Security & Risk Management Summit 2019 26 - 27 August / Mumbai, India

Registration will take place at the Renaissance Mumbai Hotel & Convention Centre Entrance in the Registration Pavilion. Complete your online profile in order to streamline your registration experience. Don’t forget, you’ll need photo ID to pick up your badge. Badges must be worn at all times during the event.

Have you ever questioned the following? -- What Security Framework is appropriate for my enterprise? Can I just align and implement controls found in ISO27001, CIS CSC, HITRUST or NIST CSF? How do I begin to measure my progress in terms of Maturity? How do I map all of this back to my business needs? If so, you are not alone.
Security and Risk Management leaders are often faced with the continuous challenge of developing and (re)shaping their cybersecurity program strategy based on changing business needs and risk appetite. To complement this, leaders are often tasked with picking a defensible framework that aligns with an appropriate controls catalog based on repeatable and scalable processes. However, Gartner Research continues to show a cultural disconnect between foundational elements of program management and changing business needs. This presentation will define the basic elements of a security program , describes the differences between each layer, and tie them into an overall strategy planning process that will ensure a defensible security program that facilitates business needs.

In-app protection is protection provided to the application from the inside. It includes application shielding, RASP and anti-malware techniques and is well-suited to provide a zero-trust approach to applications. This session will highlight ways in which applications can be protected on the inside without requiring external components to be installed on the device.

As complexity continues to grow and risks, threats and vulnerabilities multiply with no end in sight, how can security and risk management leaders move beyond reacting? Attendees will learn how to think differently about their role in value preservation and value creation, and how finding sweet spots in a human to machine continuum can help. This is the security and risk management leaders’ new imperative.

Enjoy some light refreshments and tea & coffee at the Exhibit Showcase while networking with peers, colleagues & sponsors. Please email GlobalConferences@gartner.com if you have any dietary requirements during the event.

This exclusive session delves into the details of some of CrowdStrike’s most eye-opening breach investigations of the past year and highlights the need for speed in modern security operations centers. See new research on “breakout time” and learn how you can use the 1-10-60 Rule to benchmark your organization and see if you have what it takes to uncover and respond to adversary activity, before it manifests into a full-blown breach.

As organizations transition into a DevOps model, application security becomes a key conversation to ‘shift left’ & to build security into the system. Automation and seamless integration are key success factors that must be deliberately planned and implemented. The session discusses the relevance & benefits of injecting security into the toolchain, & security's evolving role in an effective DevSecOps model.

A typical organizations invests so much time, money, and effort into building and maintaining a security infrastructure without a system in place to prove its effectiveness. Unfortunately, that’s exactly how organizations have been forced to operate before Security Instrumentation. In this session, we will introduce a business platform that provides organizations with evidence needed to measure, manage and improve cybersecurity effectiveness. Verodin, now part of FireEye, is a Security Instrumentation Platform that proactively identifies gaps in security effectiveness due to equipment misconfiguration, changes in IT environment, evolving attacker tactics and environmental drift, helping customer validate that security controls are delivering the expected business outcomes.

Security and risk management leaders are challenged to continuously adapt their organizations to meet the needs of rapid changes in digital business. This presentation introduces the Gartner Operating Model for the Information Security Function to address this challenge. This operating model represents how it orchestrates its capabilities to deliver against its operational and strategic objectives.

Technical professionals are confronted with attacks that target web applications and APIs, and they struggle to find the appropriate mix of security controls. 1) What are the common attack patterns? 2) What technologies are useful in mitigating each type of attack? 3) What adjustments must be made for cloud-native application development?

In India, organizations engage VAPT consulting service providers, rather than buying their own tools and performing the tests internally. The range of providers also varies from pure-play vendors to professional services firm with no or little differential when it comes to the service. SRM leaders responsible for Security Operations should understand the following:
1. Different objectives of engaging a VAPT service provider
2. Selection criteria for VAPT service provider
3. VAPT market landscape
4. Best practices of a VAPT engagement

After more than 10 years of understanding the need to put cybersecurity and technology risk in a business context, organizations still struggle. The foundation of a mature security function that can offer defined levels of protection at defined cost is a business-centric service catalog. Writing business-centric value statements for risk and security bridges the knowledge gap with executives.

Security and risk management leaders need to develop security strategies that treat data as a pervasive asset (and liability). New data privacy laws and the continued growth of data breaches are increasing business risks. Data security governance is an emerging risk-based framework that will help plan and orchestrate policies across data security products that are siloed and do not integrate.

Cloud service providers may not always be ‘compliant’ with a regulation, although in some cases they do need to step up to specific requirements. The more mature a cloud service provider, the more help they can offer in demonstrating their compatibility with a regulation and in helping their customers understand how to use their offerings in a controlled and compliant way. This session addresses these common questions from risk, security, and procurement leaders. (1) How to contextualize security and privacy considerations for the cloud (2) How to gauge CSP's maturity in supporting compliance obligations (3) What tools to consider to better manage security and privacy compliance activities in the cloud.

The rapid adoption of SaaS applications such as Microsoft’s Office 365, Salesforce and others is driving enterprises to rearchitect their networks, so that remote offices can achieve direct internet access with SD-WAN and other techniques. Enterprises will be purchasing more cloud-based security services and fewer appliances. Here, we will highlight best practices that enable a smooth transition to the adoption of cloud-based security services.

Data, data everywhere and not a drop should leak. Your enterprise data wants to travel as broadly as it can — not only within the enterprise but across a panoply of cloud services and an endless proliferation of endpoints. Who needs heroic levels of DLP? How can you monitor, track and manage something seemingly impossible? What are the best product and service options available today?

Organizations are experimenting with artificial intelligence in security. As evaluation procedures mature, the first disillusions happen. This session will review the state of AI and machine learning usage in various security and risk management areas, and give CISOs recommendations to:
1. Navigate towards AI marketing
2. Define evaluation principle for solutions adding new algorithmic approaches to existing security fields
3. Prepare to avoid or minimize the backlash when results are not up to expectations

Enjoy a hot buffet lunch in Fratelli Fresh at the Tower Lobby while networking with peers, colleagues and sponsors. Please email GlobalConferences@gartner.com if you have any dietary requirements.

Vendor risk management isn’t just required in highly regulated industries, it's good practice in all industries. But today’s approaches are mired in lengthy and complex assessment surveys that span across a variety of threats and risks. This session will discuss how to improve and enhance your model for managing vendor risks. 1) Why is vendor risk management important now? 2) What are the current best practices in a vendor risk management life cycle? 3) How can we improve the efficiency and value of our vendor risk management programs?

IAM encompasses workforce and customer identities and access, to manage risk, reduce fraud and other losses, and enable desired business outcomes. Digitalization forces IAM leaders to focus on time to value, employee engagement and customer satisfaction.
Key Issues:
What does a successful IAM program look like?
How can IAM quickly deliver real business value and support cyber defense?
How will IAM technology investments evolve?

Most CEOs are excellent problem solvers, but too often CISO’s seek approval rather than enable their CEO’s to participate in the decision-making process. This causes disengagement, and is at the root of many of the challenges CISOs and IT leaders face. CISO’s need to use different tools to get their CEO to the table and keep them engaged so that they value the outcome of the decisions we ask for.

Identifying the core features to call out to a potential managed security service provider (MSSP) when scoping the need for an outsourced service is critical for a successful engagement. This session will provide practical examples of how to establish effective requirements and use cases before engaging providers:
● What service performance metrics are valuable to receive from an MSSP?
● How can you define service customization requirements to ensure additional service charges are managed?
● How can you align internal processes with the providers’ outputs?

Application security continues to be a significant challenge for many organizations. This session covers the current outlook for application vulnerabilities and application security programs, as well as the newest developments in application security practices and technologies.

Security and risk management leaders must develop strong incident response (IR) capabilities where personally identifiable information (PII) is compromised. This workshop will use a scenario that highlights the impact of cross-border data flows and privacy management to help validate IR capabilities.

Successful Gartner clients often mention a "use-case first" approach to their SIEM deployment, across both internal, co-managed or fully outsourced models. But what is a use case, and how can Security and Risk Management leaders adopt a "use- case first" approach? In this session, we will take an actionable and pragmatic approach to developing security use cases for your SIEM.

Tenable has been in business for two decades and engages with US Government, Defence & Fortune 500 organisations. As such, Tenable is a target for many bad actors & keeping our company & customers safe requires a rigorous & sophisticated cyber security program. Add to this, the attack surface is constantly exploding. Join Bob, as he describes how he keeps Tenable & its customers safe through a risk based, prioritised approach to cyber security !

As organizations continue to grapple with staggering amounts of data, emerging global data protection laws make it mandatory for companies to protect sensitive data. It has thus become important to understand the difference between privacy and security, and what constitutes a privacy incident. This presentation will cover the evolution of Zoho Corp's incident management framework in the light of new privacy regulations.

Meet Chris Roberts, CSS-Attivo Networks, hacker & cyber security specialist, in conversation with Srikant Vissamsetti of Attivo Networks on the tactics and techniques used to attack and defend an enterprise in the digital age. This session will equip you to devise a strategy to promptly detect and respond to threats that have bypassed other security controls and infiltrated the network.

Chris has been deeply involved with security R&D, consulting, and advisory services in his quest to protect and defend businesses and individuals against cyber attack. He is considered to be one of the world’s foremost experts on counter threat intelligence and vulnerability research within the Information Security industry. Chris has also been involved in information security assessments and engagements for the better part of 20 years, and has a wealth of experience with regulations such as GLBA, HIPAA, HITECH, FISMA, and NERC/FERC. He has also worked with government, state and federal authorities on standards such as CMS, ISO, and NIST.

Machines will soon make ethical decisions!
In a survey across 200 countries to answer just one question, MIT’s Dept. of Computers, Robotics & Philosophy assembled over 40 million data points, to solve the dilemma of when a driverless car is facing an unavoidable crash, but must decide who should live & who should die. Humans are teaching machines to do the unthinkable decide our fate. With many millions of additional variables for road safety, engineers are achieving the impossible a zero tolerance for false-positives when human life lies in the balance. Machines must also make critical security decisions, affecting real world events, with just as many variables; surely therefore, we can teach machines to PREVENT cyber breaches with no false-positives.Using big data, algorithms can now identify hacker code, based on their work ethic through sequencing the DNA of their Malware.In the same way a driverless car will never leave my garage if false-positives were not eliminated, traffic flow within my network will grind to a halt if false-positives thrive; hence the propensity to set our cyber defenses in “detect-only.

”Today’s cyber risks far outweigh this old-school approach & engineering standards no longer prohibit us from taking a prevention-first approach to security.
Since malware developers typically recycle old code to avoid spending thousands of hours writing entirely new code, traces of their previous malware are hidden within & machines can be taught to recognize, simulate & block this code.Come & be inspired to prevent cyber-crime, relying on the advancements A.I. has made in identifying unknown threats through sequencing the DNA of Malware.

Cybersecurity is one of the most misunderstood words in our profession today. Just what does it mean, and why should you care is the topic of this “Ask the Analyst” session. The audience can have the opportunity to ask the analyst questions that clarifies the definition of cybersecurity, its taxonomy and critical areas of coverage for them, and establish a common language with vendors and providers.

In this session, the Magic Quadrant for Endpoint Protection Platforms will be discussed at length.

Most organizations have an incident response plan to cover malware outbreaks, or very specific data loss scenarios. There are three additional scenarios that every incident response plan should include, and this session will cover what you should add to your incident response plan to better cover incidents of compromised credentials, insider threats and ransomware.

Cloud providers’ focus on offering security features is changing competitive dynamics in the security market. This presentation examines the motivations and strategies of Tier-1 cloud providers in security and analyzes how they affect customer purchasing decisions in security. This presentation will help address the following key issues:
- Are cloud providers emerging as key security vendors for clients?
- Are security vendors threatened by cloud providers' moves in security?
- What scenarios are likely to play out in the next 12-18 months?

This session will highlight the latest trends in network-based advanced threat detection, including new techniques for anomaly detection. We will address challenges such as the growing percentage of encrypted traffic and its impact on threat detection. Attendees will learn about the key vendors in the market.

Meetups are networking sessions that allow you to connect with a small group of peers, without Gartner facilitation, in the spirit of solving business problems together. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

Meetups are networking sessions that allow you to connect with a small group of peers, without Gartner facilitation, in the spirit of solving business problems together. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

Meetups are networking sessions that allow you to connect with a small group of peers, without Gartner facilitation, in the spirit of solving business problems together. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

Enjoy some light refreshments and tea & coffee at the Exhibit Showcase while networking with peers, colleagues & sponsors. Please email GlobalConferences@gartner.com if you have any dietary requirements during the event.

By 2020, 40% of medium-to-large enterprises will have deployed privileged access management (PAM) tools to address infrastructure as a service (IaaS) privileged security concerns.
There's a good reason for this expected jump in adoption. Privileged access management is one of the most critical security controls, particularly in today’s increasingly complex IT environment. Security and risk management leaders must use PAM tools in a long-term strategy for comprehensive risk mitigation.
This session will focus on the Magic Quadrant for Identity Governance and Administration the first in the market.

This session would provide an insight into how the NextGen On-Premise Security Solutions could be easily extended to cloud workloads using Fortinet.
It also involves a demo showcasing the seamless integration of different Fortinet solutions, along with underlying cloud platform to effectively secure the workloads in the dynamic cloud environment.

Sunil Sharma, Managing Director - Sales, Sophos India & SAARC

We’ll demonstrate how Sophos Cloud Optix CSPM solution is empowering DevOps and security teams at the forefront of your cloud journey with AI and automation. This allows organizations IT team to gain control of cloud environments and to be the hero in digital transformation initiatives while helping enhance their collaboration with operations and compliance teams.

The journey to cloud for today’s enterprise business is reaching next level of maturity but the debate is heating up around ensuring uniform level of detection, response, & management of threats across BOTH enterprise environment & cloud. There have been several cases of major breaches triggered from the Cloud. This solution gap can be met with a more proactive & responsive cyber SOC that can cater to hybrid as well as multi-cloud environment. Join us for a live solution update and experience sharing by Tata Communications.

Description Required

The frenetic pace of "computing" evolution has both advanced human productivity and reduced our boundaries as we communicate faster than ever before. We've come full circle from centralized compute resources to the present day juxtaposition of powerful personal devices that are more reliant on centralized computing than ever before. During this talk, we'll examine the consequences of prioritizing innovation at the expense of security.

Gone are the days where employees needed to be physically present in the office in order to be productive. Today, we have mobile, cloud connectivity and more, making it possible to access corporate resources anywhere and any time. This can increase an organisation’s risk if not managed correctly. Join us as we discuss best practices to enable businesses to balance the productivity benefits offered by such technologies while mitigating the potential risks.

A one-page cybersecurity strategy has been the goal for CISOs forever and the effort always falls short. They are too technical and don't resonate with the business people, or are so 'soft,' technical staff doesn't know what to do with it.
Join us for this engaging session on how to craft a simple, easy to use one page strategy to propel your program to success

This session will cover the different types of insider threat scenarios, and how you should incorporate these scenarios in your incident response plan and processes. We will define insider threat personas, how to begin building scenarios for these personas, and discuss some best practices for success.

Meetups are networking sessions that allow you to connect with a small group of peers, without Gartner facilitation, in the spirit of solving business problems together. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

This session will discuss the advanced security features included in the M365 E5 license suite. We will also discuss licensing then dive into advanced data protection， email protection， conditional access， Azure AD premium P2 and all of the other advanced features. Then we will compare and discuss use cases where third-party solutions can be integrated and if they are required.

Meetups are networking sessions that allow you to connect with a small group of peers, without Gartner facilitation, in the spirit of solving business problems together. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

Android is ubiquitous in India, with over 99% penetration among mobile users. It is inevitable that organizations in India will need to find ways to officially support Android. This session will illustrate how security and risk management leaders should counter security concerns linked to Android platform fragmentation.

As traditional perimeters drop, the endpoint is becoming the last line of defense against breaches. This session will explore the changing nature of the endpoint and endpoint workloads as well as defensive strategies. This session will explore:
The changing nature of the workload on endpoints from Win32 to cloud applications and the changing form factors from mobile to VDI.
Attacker tradecraft from targeted nation-state tools to mass-propagated automated attack kits.
The changing endpoint defensive strategies from detection and response to proactive hardening.

Meetups are networking sessions that allow you to connect with a small group of peers, without Gartner facilitation, in the spirit of solving business problems together. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

This session will review famous cybersecurity incidents with a focus on the root cause and lessons learned from the response.
Key issues explored include:
How are more advanced hackers breaching organizations?
What is the root cause of the breach?
Key lessons learned for incident response playbooks and public relations.

Registration will take place at the Renaissance Mumbai Hotel & Convention Centre Entrance in the Registration Pavilion. Complete your online profile in order to streamline your registration experience. Don’t forget, you’ll need photo ID to pick up your badge. Badges must be worn at all times during the event.

In his Keynote, Devdatt uses stories, symbols and rituals drawn from Hindu, Jain and Buddhist mythology and present a radical and nuanced approach to improve collaboration and influence stakeholders within your organization.

Enjoy some light refreshments and tea & coffee at the Exhibit Showcase while networking with peers, colleagues & sponsors. Please email GlobalConferences@gartner.com if you have any dietary requirements during the event.

In today’s enterprise environments, we are conditioned to expect continuous network availability due to the advancements in cloud technologies. Creating a successful business resiliency strategy requires expertise and tools that are designed for Hybrid cloud and multi-cloud environments. In a world where the risks are evolving by the day, including the growing threat of cyberattacks, companies must move from a traditional/manual recovery approach to an automated and software-defined resiliency approach. Learn how you can build and manage your IT resilience in a hybrid,multi-cloud and multi-vendor environment, and move from traditional disaster recovery to a more advanced business resiliency and learn about Resiliency Orchestration to automate and orchestrate the recovery of platforms and data.

This session will cover transforming face of modern day Infrastructure Design, its problems & how Fortinet's unique approach solve these problems using Fortinet Security Fabric. Session will follow with a small demonstration with Security Fabric in Action.

It is now common practice, and in certain cases mandated by regulation, for a board of directors to require periodic reporting and event-based updates on the state of security and risk management in an enterprise. Developing and communicating an effective message that balances the need to protect with the need to run your business is critical to success. However, in many cases, Security and Risk Leaders are left frustrated and/or unable to answer elementary questions that the Board asks. This presentation will discuss: 1) What is the role of the board and what do they care about?
2) What are some of the most common questions that Board Members Ask? (and a talk track for these questions)
3) How can Security and Risk Leaders flip the conversation to educate the Board on issues that they need to know about?

Earlier this year we published updated guidance on how to better run this foundational security process. This presentation will go over this new way of doing vulnerability more effectively:
- Why we made some significant changes to our guidance on this critical process
- What does the new RBVM actually look like
- How to bring this to life inside your own security programs

Almost all companies with an Internet presence today, do the right thing by hosting their website behind a WAF. Some have on-prem WAF setups while others take the cloud service provider route. The technology has been around for quite a while and has improved immensely over time. But the way the service is deployed and packaged of late could prove to be a game changer.

APIs are used to enable partners to interact directly with your digital business platform, as well as being the building-blocks of mobile, web and VPA applications. However, APIs, by their nature, enable access to data and application functionality which otherwise would be locked away. Therefore, they must be secured. In this session, we examine the current state of API security.

With ubiquitous access to cloud software applications it is essential to find a mechanism to restrict access to key identified people so as to safeguard critical company and customer data. This case study will talk about the adoption of a CASB and MDM solution to address the risks presented by SAAS applications, the key challenges faced in identifying the solution, gathering acceptance among management and employees, technical implementation and finally change management to ensure successful adoption.

As privacy regulations evolve, SRM leaders with a focus on privacy are finding it harder to work with information, and almost impossible to combine multiple data sets, especially when working collaboratively with third parties. We will address your questions, and look at the techniques as well as relevant technologies that will allow you to develop a repeatable process to work with personal data. This session is meant to answer your questions when it comes to handling the risk of mining large data sets of personal information for the purpose of analytics, fraud prevention or undirected discovery.

Organizational resilience must evolve with the changing needs of the modern digital world. Gartner offers a three- to five-year outlook and guidelines for security and risk management leaders to advance this discipline and achieve business outcomes. This presentation will discuss how to rollout an organizational resilience program that matches your organizational driving type.

With more than 200 million tickets a year, Bookmyshow has to keep their site and app responsive while defending against threats that target customer data, threats that could impact brand reputation and revenue. In this session, you will hear from Pranav Kapoor, who leads SRE at Bookmyshow, as he discusses how they are able to secure their web properties and protect against always-evolving threats.

As OT comes centerstage in cybersecurity, Vulnerability Management becomes even more relevant. The assets in an OT environment are diverse and range from modern to legacy and it really takes an integrated approach to provide a holistic, safe and robust industrial VM solution. "Industrial vulnerability re-imagined".

Security and risk management leaders should select AST tools and services and embed them in the SDLC as a critical component of an application security program. In this session, we will illustrate the market and main vendors in the application security testing space.

The world has seen an increase in security incidents. The use of commercial operating systems in industrial control systems means that OT is now susceptible to the same attacks as in the IT world. What should security and risk management leaders do to develop a coherent strategy to protect not just the organization’s information but also the OT? This presentation will address topics like processes, architecture and controls.

For years, network security has been built and deployed to erect a strong and impenetrable perimeter under the assumption preventing anything malicious from getting in means everything is implicitly safe on the inside. That is now a bad assumption and your customers know it. Come learn how to evolve your products for success through detection.

The deception market is in full swing with a healthy field of competitors. But what is the real value of deception technology to buyers, and what approach to providing using deception will win over buyers in the long run? This presentation discusses the current trends and approaches in the deception market, and looks forward to how the market might evolve.

A cyberattack is often said to be an IT/DR issue. This session will discuss why this is not the case and argue that it is a ‘business issue’ and that the business managers should develop manual workarounds and communications strategies to ensure that critical activities are maintained at a satisfactory level. In turn this will allow the IT/DR team to continue application recovery.

Enjoy a hot buffet lunch in Fratelli Fresh at the Tower Lobby while networking with peers, colleagues and sponsors. Please email GlobalConferences@gartner.com if you have any dietary requirements.

Cyber adversaries are faster, more capable, and more numerous than they have ever been in the past. In order to keep pace with the adversary’s evolution and to continue to protect the enterprise and the endpoint, this brief will discuss how organizations can leverage integrated threat intelligence to empower predictive and preemptive cybersecurity operations.

As part of this session, FireEye will explore the humdrum maturity path taken by most organisations embarking on a security operations journey. We will introduce key areas of optimisation and how organisations can take advantage of their own existing processes to execute on them. The session will also discuss some real world use-cases leveraging FireEye technology to build effective security operations that perform like a well-oiled machine.

SIEM solutions continue to evolve to address a variety of persistent challenges — how to keep up with changing external and internal threats; increases in the volume, velocity and variety of data sources; and how to effectively implement, manage and use the solutions as expertise and resources become more constrained. New entrants have emerged from the UEBA space, and primarily emphasize a user-based approach for monitoring threats, compared to the more traditional approach of event-based monitoring oriented around IP addresses and host names. SIEM technologies are also adopting more advanced incident response capabilities through the addition (either natively, via acquisition or integrations) of functions that add SOAR capabilities. Organizations looking to shorten the deployment cycle and transfer responsibility for managing a SIEM tool's platform are leveraging SaaS or hosted SIEM solution options.

Organizations must balance growing investment opportunities against growing financial risks for data. Let's review 3 steps (1) investigate how Infonomics can be used to assess these financial risks caused by security, compliance or accidental events (2) use the risk assessment to categorize and prioritise each dataset for action and (3) develop financial investment strategies to manage the different data risk categories and apply appropriate investment, management or security actions

Cyber security teams of large enterprises are grappling with a dual problem of severe skills shortage on one hand and an increasing pressure on the other hand, to detect and respond to a wide range of security incidents before they adversely harm business operations. A next generation cyber defence centre needs a technology driven approach to bring down the Mean Time To Detect (MTTD) and Mean time To Respond (MTTR) metric. This case study will talk about a mechanism for augmenting the threat management capabilities of a traditional SIEM-Centric SOC by building an big data analytics platform for achieving the said objective. The session will also cover the key considerations and challenges involved in architecting such a security analytics layer, crucial insights gained during the implementation phase and finally the pre-requisites and operational processes that are required to ensure that the project continues to deliver its envisioned outcomes.

Traditional consumer authentication and identity proofing tools are ineffective at detecting and preventing fraud and create unacceptable friction for legitimate consumers. In this session, we will explore the use of bot detection, passive behavioral biometrics and consumer behavioral analytics to increase detection of fraud while improving the customer experience.

One of the most important ways an MSSP can deliver value to an enterprise is by more effectively assessing the security events in its environment and providing accurate, timely and actionable notification of risky activity as well as support for subsequent investigation and response. At this session, you’ll have the opportunity to ask questions about what MSSPs promise, what they can deliver, and how your organization can get the best value out of an MSS relationship.

This workshop session will cover diving into an incident response scenario that requires for planning, response and recovery from a phishing attack. The initial phishing attack will be due to an accidental data disclosure that then enables the adversary to commit fraud, tarnish your brand, and includes elements of account takeover and business email compromise.

The threat landscape is a moving target. Attack campaigns might hit multiple organizations, but each enterprise should analyze its own threat landscape. Security and risk management leaders should gain baseline knowledge on:
1. Future trends more than statistics about the past
2. Potential threats more than attack patterns
3. Response options more than defense technologies

Modern security operations are evolving. They heavily rely on foundational technologies such as SIEM to accomplish their mission, and also adopt various analytics approaches. They struggle with more automation — of both thinking and acting — that promises to relieve humans from the routine tasks, but sometimes adding more work to the overworked security teams. This session will address these key issues: (1) What defines best-in-class security operations of 2018? (2) What trends are affecting security operations? (3) What will the future bring?

Meetups are networking sessions that allow you to connect with a small group of peers, without Gartner facilitation, in the spirit of solving business problems together. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

As more security vendors target your hybrid and cloud SaaS, IaaS and PaaS solutions, we are getting lost in too many acronyms. This session will help decipher the acronym soup and provide prescriptive guidance on what your organization needs to protect your cloud infrastructure and applications. We will also discuss best practices on implementations and how to evaluate and build shortlist for your vendor selections.

Meetups are networking sessions that allow you to connect with a small group of peers, without Gartner facilitation, in the spirit of solving business problems together. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

Meetups are networking sessions that allow you to connect with a small group of peers, without Gartner facilitation, in the spirit of solving business problems together. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

How much risk is too much? Let’s manage our risk appetite! Sounds easy, but most CISOs don’t know what their enterprise or cybersecurity risk appetite is. Join us on a trip to effective and efficient risk management. What is risk appetite and why you need to know yours? Best practices for having risk appetite discussions. What does a good cybersecurity risk appetite statement look like?

Is your organization in need of a Privileged Access Management (PAM) solution? If so, this session will serve as a good primer on the technology.
Key issues covered include:
* Introduction to privileged access management
* The PAM maturity model
* An overview of PAM tools
*Best Practices to use PAM tools

The GDPR has come to be the epicenter of a privacy renaissance. Security and risk management leaders responsible for privacy management will have the opportunity to follow through the repercussions within Europe but also what effects the regulation has had on the global privacy landscape. Attendees will walk away with a practical, strategic future-view of the regulatory requirements and ethical expectations when handling personal data at a global scale.

This presentation presents a structured approach to plan, establish and efficiently operate a modern SOC. Gartner clients with successful SOCs put the premium on people rather than process and technology. People and process overshadow technology as predictors for SOC success or failure.
- Do I need an SOC and can I afford it?
- Where can I rely on automation and where do I need to outsource or delegate?
- Can SOAR tools really automate my SOC?

Fraud has historically been seen as a separate problem from information security and IT security. Yet for some time, its been clear that serious and organised fraud rings are using the same tricks as seen in advanced hacking attempts. Security and Risk management leaders attending this will benefit from learning how to align their fraud, risk and technical security resources and how improved intelligence can assist in this complex task.

Enjoy some light refreshments and tea & coffee at the Exhibit Showcase while networking with peers, colleagues & sponsors. Please email GlobalConferences@gartner.com if you have any dietary requirements during the event.

Many organizations have separated the management of data analytics, IT, security and even privacy. Clients need to focus on (1) How can a data security governance framework provide business focus (2) What are the practical steps to develop the framework and (3) How can the framework architect a successful data security strategy