While we build the 2023 agenda, explore previous year's conference topics built upon our latest research that addressed the challenges most critical to security and risk management leaders. These key topics kickstarted conversations around priorities and initiatives so that attendees could tackle what was most important to them.
2022 topic highlights
Cybersecurity
Digital business means factoring the latest threats, risks and solutions into every initiative. Achieve regulatory compliance and defend assets.
Organizational resilience
Adapt your organizational resilience strategy to address the changing business landscape and digital innovation
Risk management
Raise awareness in IT risk management to influence executives as they accelerate digital business and build on risk management strategies.
Security operations
Create optimized processes and functions, along with related governance structures and activities
Privacy management
Understand privacy regulation needs, data compliance and constraints.
Cloud security
Move forward with cloud security architecture, cloud risk management, cloud application and container security.
Threat and vulnerability management
Support higher levels of uptime, better resilience to malicious attacks and clear alignment with enterprise risk.
Leadership
Gain the tools to improve communications to senior executives and at board level.
View By:
Monday, 07 March, 2022 / 12:00 PM - 12:30 PM IST
Outlook for Security Monitoring and Operations
Jon Amato, Sr Director Analyst, Gartner
Security operations are rapidly evolving to keep up with threat landscape. Tools leveraged by security professionals include automation, advanced analytics and machine learning. This session will address key issues: (1) What threats and trends are affecting security operations? (2) What defines best-in-class security operations of 2021? (3) What is the outlook for security monitoring and operations for the years ahead?
Tuesday, 08 March, 2022 / 12:00 PM - 12:30 PM IST
Technical Insights: Preparing for the Inevitable: Building Your Ransomware Defense Structure
Jon Amato, Sr Director Analyst, Gartner
Ransomware attacks continue to increase globally and the criminals responsible for those attacks have become increasingly sophisticated in their methods. In this session, we will examine the life cycle of a ransomware attack and discuss the defense techniques your organization should use to protect themselves against this threat.
Tuesday, 08 March, 2022 / 03:00 PM - 03:30 PM IST
Technical Insights: Practical Attacks on Machine Learning
Mario de Boer, Managing Vice President, Gartner
In this session, we introduce an example machine learning application. We execute real attacks on the example application to illustrate different attack techniques on general ML/AI applications. For each of the attacks, we provide advice for mitigations.
Tuesday, 08 March, 2022 / 03:45 PM - 04:15 PM IST
Facing New Threats — Cyber-Physical Systems
Katell Thielemann, VP Analyst, Gartner
This session presents an overview of current and emerging threats specific to cyber-physical systems (CPS) born either of OT/IT convergence or from IoT, IIoT, or Smart "X" efforts.
Key issues include:
• An overview of CPS and why they matter
• How CPS change an organization’s threat environment
• What emerging threats organizations are probably not thinking about but should
Monday, 07 March, 2022 / 12:45 PM - 01:30 PM IST
Roundtable: SASE-Ushering in the era of borderless security for anytime, anywhere secure access, moderated by Cloudflare
Fernando Serto, FIELD CTO, APJC, Cloudflare
The enterprise network environment is becoming increasingly complex, as users access data and applications across multiple platforms- clouds, data centers, endpoint devices and more. In the new set up, the identity of each user and application needs to be monitored and assessed before granting access to corporate information. Also, the movement of enterprise traffic across branch, data center and cloud has called for urgent and immediate focus on strengthening the security architecture around the same.
Close to 80% of the Indian enterprises believe they are quite vulnerable to serious reportable security breaches in their cloud architecture. Cloud and network security are considered to be the top 2 areas posing serious threats.
The Secure Access Service Edge (SASE) addresses these challenges by consolidating network and security and delivering them through a unified cloud-native platform which is based on zero trust tenets. This helps teams to secure data at every point- the edge, the core, the datacenter and the cloud. This convergence provides complete visibility across multiple work environments, control over data and users, better network performance and increased agility, among others, thereby simplifying the cloud migration process.
Join your peers at this interactive discussion to discuss challenges and opportunities in more detail !
Monday, 07 March, 2022 / 01:10 PM - 01:25 PM IST
Product Demo by F5: F5 Web App and API Protection (WAAP)
The challenge of working with multiple cloud providers is how to connect & secure multi-cloud app deployments without unnecessary cost & complexity, while enforcing consistent policy & end-to-end visibility
In this demo, discover how to:
- Ensure consistent security enforcement across your data centers, clouds, & edge
- Get instant protection against common vulnerabilities
- Add on advanced API Security, Bot Defense, & DDoS protection easily
Monday, 07 March, 2022 / 02:15 PM - 02:35 PM IST
F5: Rethinking Application Security
Nikhil Singh, Technology Evangelist, F5 Networks
In today’s application-centric world, app security is business continuity. As deployment models & application architectures have evolved to include multi-cloud, API proliferation, auto-scaling, and edge cloud, application security technology has been challenged like never before.
In this session, learn how organizations can build a multi-cloud security architecture that's required to address today’s sophisticated application threat landscape.
Monday, 07 March, 2022 / 03:00 PM - 03:30 PM IST
Outlook for Application Security
Charlie Winckless, Sr Director Analyst, Gartner
2020 was a year of change and few things have been impacted more than application security! Trends to new technology, new platforms and new tools have all been accelerated, achieving several years worth of growth in a short time. In this session we cover the current state of application security and explore some of the current, fast-moving trends.
Tuesday, 08 March, 2022 / 12:45 PM - 01:05 PM IST
Cloudflare: The Network for Digital Transformation
The Network for Digital Transformation
Tuesday, 08 March, 2022 / 01:30 PM - 02:15 PM IST
Roundtable: How to build a strong DevSecOps culture
Manjunath Bhat, VP Analyst, Gartner
Moving from DevOps (or any development style) to a security-focused SDLC is more than just buying some tools and hoping for the best. In this session, we will share some of the most effective ways we've seen in speaking with thousands of clients to get security into a development culture without massive resistance.
Tuesday, 08 March, 2022 / 03:00 PM - 03:30 PM IST
Technical Insights: Practical Attacks on Machine Learning
Mario de Boer, Managing Vice President, Gartner
In this session, we introduce an example machine learning application. We execute real attacks on the example application to illustrate different attack techniques on general ML/AI applications. For each of the attacks, we provide advice for mitigations.
Tuesday, 08 March, 2022 / 03:00 PM - 03:30 PM IST
Technical Insights: Microsoft 365: Office, EMS and Windows 10 - Top Security Features to Implement
Patrick Hevesi, VP Analyst, Gartner
This session will discuss the evolution of Office 365 into Microsoft 365 and the security, identity and compliance features that all organizations must implement. We will discuss 3rd party options as well as the built in native Microsoft features along with strengths and weaknesses of each.
Tuesday, 08 March, 2022 / 03:45 PM - 04:15 PM IST
Enabling Cloud-Native DevSecOps
Dionisio Zumerle, VP Analyst, Gartner
With cloud native applications, the lines between infrastructure and applications are increasingly blurry, while with DevOps development and operations are also increasingly overlapping. Using data from a recent Gartner survey, this session will present recommendations to arrange people, process and technologies to protect application assets without slowing down the CI/CD pipeline.
Tuesday, 08 March, 2022 / 03:00 PM - 03:30 PM IST
Technical Insights: Practical Attacks on Machine Learning
Mario de Boer, Managing Vice President, Gartner
In this session, we introduce an example machine learning application. We execute real attacks on the example application to illustrate different attack techniques on general ML/AI applications. For each of the attacks, we provide advice for mitigations.
Monday, 07 March, 2022 / 12:45 PM - 01:05 PM IST
VMware: Realize Zero Trust Security Model using VMware Security
Gaurav Agarwal, Senior Director, VMware
Modern Enterprises continue to innovate and deliver cloud-native application across multi-cloud environment. Enterprises must also secure a highly distributed workforce, leveraging a variety of devices to access your apps and data, without hindering productivity. Attend this session to know more about VMware Security Strategy to mitigate security risk by reducing attack surface, ensure compliance and simplify security operations and architecture.
Monday, 07 March, 2022 / 12:45 PM - 01:30 PM IST
Roundtable: SASE-Ushering in the era of borderless security for anytime, anywhere secure access, moderated by Cloudflare
Fernando Serto, FIELD CTO, APJC, Cloudflare
The enterprise network environment is becoming increasingly complex, as users access data and applications across multiple platforms- clouds, data centers, endpoint devices and more. In the new set up, the identity of each user and application needs to be monitored and assessed before granting access to corporate information. Also, the movement of enterprise traffic across branch, data center and cloud has called for urgent and immediate focus on strengthening the security architecture around the same.
Close to 80% of the Indian enterprises believe they are quite vulnerable to serious reportable security breaches in their cloud architecture. Cloud and network security are considered to be the top 2 areas posing serious threats.
The Secure Access Service Edge (SASE) addresses these challenges by consolidating network and security and delivering them through a unified cloud-native platform which is based on zero trust tenets. This helps teams to secure data at every point- the edge, the core, the datacenter and the cloud. This convergence provides complete visibility across multiple work environments, control over data and users, better network performance and increased agility, among others, thereby simplifying the cloud migration process.
Join your peers at this interactive discussion to discuss challenges and opportunities in more detail !
Monday, 07 March, 2022 / 01:10 PM - 01:25 PM IST
Product Demo by F5: F5 Web App and API Protection (WAAP)
The challenge of working with multiple cloud providers is how to connect & secure multi-cloud app deployments without unnecessary cost & complexity, while enforcing consistent policy & end-to-end visibility
In this demo, discover how to:
- Ensure consistent security enforcement across your data centers, clouds, & edge
- Get instant protection against common vulnerabilities
- Add on advanced API Security, Bot Defense, & DDoS protection easily
Monday, 07 March, 2022 / 01:10 PM - 01:25 PM IST
Product Demo by Tripwire: Protect Your Cloud Accounts With Tripwire Configuration Manager
Anirudh Chand, Director, Solutions Engineering - APJ, Tripwire
AUTOMATED ENFORCEMENT- Minimize human error through automated configuration policy enforcement.
MULTI-CLOUD SUPPORT - Simplify operations by monitoring AWS and Azure, and GCP cloud configurations through a single console.
MONITOR SAAS CONFIGURATIONS - Ensure your Salesforce and Zoom accounts are securely configured.
5-MINUTE SETUP - Use your existing configuration to establish a baseline and immediately begin monitoring for unauthorized change.
Monday, 07 March, 2022 / 01:30 PM - 02:00 PM IST
Outlook for Cloud Security
Neil MacDonald, Distinguished VP Analyst, Gartner
Information security is frequently cited as a top obstacle to the adoption of cloud computing, yet improved security is cited as a top driver for adoption of cloud computing. This session will explore the current and future state of cloud security spanning infrastructure, platform and software as a service offerings, including hybrid cloud security and emerging distributed cloud and edge computing security issues.
Monday, 07 March, 2022 / 01:30 PM - 02:00 PM IST
The State of Network Security in the Work-From-Anywhere Era
John Watts, VP Analyst, Gartner
Last year work-from-home became the new normal. Coupled with the rapid adoption of SaaS applications such as Microsoft’s O365, Salesforce and others, organizations are no longer able to secure end users and devices with inflexible network security architectures. In this session, we will highlight the forces that shape network security today. We will also discuss SASE, the future of network security in the cloud.
Monday, 07 March, 2022 / 02:15 PM - 02:35 PM IST
F5: Rethinking Application Security
Nikhil Singh, Technology Evangelist, F5 Networks
In today’s application-centric world, app security is business continuity. As deployment models & application architectures have evolved to include multi-cloud, API proliferation, auto-scaling, and edge cloud, application security technology has been challenged like never before.
In this session, learn how organizations can build a multi-cloud security architecture that's required to address today’s sophisticated application threat landscape.
Monday, 07 March, 2022 / 02:15 PM - 02:35 PM IST
Cisco: Maximize your Cybersecurity Investments using a Security Platform
Security platforms enable a higher level of automation, which accelerates the detection and remediation of threats and reduces human error. Join this session to learn how, integrating multiple point solutions leveraging Cisco SecureX can help reduce integration costs and at the same time provide simplicity, visibility, and efficiency.
Monday, 07 March, 2022 / 02:15 PM - 03:00 PM IST
Roundtable: Rethink Security with Zero Trust Principles to strengthen your Ransomware Defenses, moderated by VMware
Vinay Bhat, DIRECTOR - NETWORK AND SECURITY, VMWARE, VMware
Modern apps across multi-cloud and distributed workforce are two tenets of digital transformation across industries. These drivers have rapidly added security vulnerabilities and swelled attack surface for user, device, network & workload. Multistage Ransomware attacks involving penetration, persistence, data thefts and extortion have added unwelcome tension.
Join this roundtable to learn and understand the best practices to realise Zero Trust.
Tuesday, 08 March, 2022 / 12:00 PM - 12:30 PM IST
How to Achieve Practical SASE Implementations This Year
Lawrence Orans, Managing Vice President, Gartner
Vendors are adopting the term SASE to encompass their cloud security offerings, but not all SASE vendors are equal. Security and risk management leaders can take steps now to adopt the SASE framework and prepare for the future. This session will:
- Clearly define the SASE framework
- Address the strategy for SASE framework adoption
- Provide practical steps to implement SASE frameworks this year
Tuesday, 08 March, 2022 / 12:00 PM - 12:30 PM IST
Taming the Legal Beast - What Every CISO Should Know About Vendor Risks and Agile Cloud Contracting
Stephanie Stoudt-Hansen, Managing Vice President, Gartner
Cloud contracting requires due diligence from pre-contract vetting to monitoring ongoing activities. We will explore creating cloud security guidelines, proactively addressing Procurement and Legal’s concerns and what you can do if you are unable to address security risks in the contract and ongoing vendor risk management
Tuesday, 08 March, 2022 / 12:45 PM - 01:05 PM IST
Cloudflare: The Network for Digital Transformation
The Network for Digital Transformation
Tuesday, 08 March, 2022 / 12:45 PM - 01:05 PM IST
Microsoft: : Futureproofing Organizations – From Startups to Conglomerates
Irina Ghose, Executive Director - Cloud Solutions, Microsoft
Cybersecurity is becoming an increasing need not just for larger organizations but event for startups. Hybrid work and a rapid growing digital estate has further accelerated the need for cybersecurity. Join us for this fireside chat between Samir Aksekar, Chief Information Security Officer at Tata Digital and Irina Ghose, Executive Director – Cloud Solutions at Microsoft India, to know about what has been top of mind and focus areas in cybersecurity for Samir Aksekar at Tata Digital, and how Samir has leverage technology to address cybersecurity requirements at Tata Digital.
Tuesday, 08 March, 2022 / 12:45 PM - 01:30 PM IST
Roundtable: SASE Hype Vs Reality, moderated by Cisco
Gaurav Mathur, VICE PRESIDENT, Motherson
Jayachandran Vishak Raman, Director, Security Sales, Cisco India & SAARC
SASE implementation require solutions for the consolidation, ease of deployment, and management that you need to scale your business, and provide effective security for the users to work from anywhere without a degradation in speed, performance or user experience. In this session, cybersecurity experts provide their inputs about implementing SASE that works best for the business, and support integration with the existing security investments.
Tuesday, 08 March, 2022 / 01:30 PM - 02:00 PM IST
Best Practices for Securing Cloud-Native Applications Built on Containers and Kubernetes
Neil MacDonald, Distinguished VP Analyst, Gartner
Cloud-native applications are not inherently unsecure, but are being deployed insecurely, driven by developers and with a need for agility in service development and deployment. Security and risk management leaders must address container and Kubernetes security issues around vulnerabilities, visibility, compromise and compliance.
Tuesday, 08 March, 2022 / 02:15 PM - 02:35 PM IST
Netskope: Nine High-Impact SASE Use Cases
Krishna Narayanaswamy, Chief Technology Officer, Netskope
The Secure Access Service Edge (SASE) is a logical evolution for security programs as organisations digitally transform. Some organisations struggle to embrace key tenants of a SASE architecture. In this session, Krishna Narayanaswamy, Co-founder and Chief Technology Officer at Netskope, brings SASE down to earth with nine quick use cases that any organisation can use to understand SASE, and truly protect their users and data in the cloud.
Tuesday, 08 March, 2022 / 02:15 PM - 03:00 PM IST
Roundtable: A Practitioners Guide to Extended Detection and Response (XDR), moderated by Trellix
Join us at this Virtual Round Table, where we will discuss the need for a multi-vector detection, remediation, and response framework in the SOC. We will also examine the evolution of Extended Detection & Response (XDR) and the growing importance of XDR in the SOC, focusing on:
• Enhancing SOC efficiency and productivity
• Leveraging proactive and actionable intelligence, and getting ahead of the adversary
• Gaining unified visibility and control across multiple attack vectors
• Reducing costs and resources while increasing SOC capacity
Tuesday, 08 March, 2022 / 03:45 PM - 04:15 PM IST
Enabling Cloud-Native DevSecOps
Dionisio Zumerle, VP Analyst, Gartner
With cloud native applications, the lines between infrastructure and applications are increasingly blurry, while with DevOps development and operations are also increasingly overlapping. Using data from a recent Gartner survey, this session will present recommendations to arrange people, process and technologies to protect application assets without slowing down the CI/CD pipeline.
Tuesday, 08 March, 2022 / 03:45 PM - 04:15 PM IST
Technical Insights: Cloud Security 201: The Art and Science of Cloud Security
Patrick Hevesi, VP Analyst, Gartner
Come learn about the beauty of the cloud while applying the right "science" to securing your multiple cloud services. We will discuss the journey to the cloud and how security tools like CASB, CSPM, CWPP, SMP, SSPM, SASE and CSMA all work together to build a unified cloud security strategy work of art.
Monday, 07 March, 2022 / 03:45 PM - 04:30 PM IST
Roundtable: Metrics that Matter for Midsize Enterprise Security
Many midsize enterprise security teams are having trouble defining what security metrics they should be tracking. What metrics actually drive outcomes? Are your metrics targeting the correct audience? Are your outsourced security services providing you the right metrics? Join us for this MSE-specific session to help get rid of the noise and find what works best for your organization.
Tuesday, 08 March, 2022 / 12:00 PM - 12:30 PM IST
Five Steps to the Best Security Metrics Ever
Jeffrey Wheatman, VP, Advisory, Gartner
SRM leaders struggle with creating effective metrics. They are too technical, or not technical enough. They resonate with practitioners or business leaders but not both. They are comprised of data with no context. Metrics are important and we don’t do them very well.
(1) What makes a good metric?
(2) How can make your metrics useful?
(3) How can you build metrics that support business goals?
Tuesday, 08 March, 2022 / 03:00 PM - 03:45 PM IST
Workshop: Building Risk, Value, and Cost Charts for Cybersecurity
Richard Addiscott, Sr Director Analyst, Gartner
Paul Webber, Sr Director Analyst, Gartner
Your executives only care about risk, value, and cost. Why would you speak to them about anything else? This workshop will walk through the steps of identifying business processes and outcomes, aligning supporting technology stacks, and creating outcome-driven metrics to put cybersecurity in a business context.
Tuesday, 08 March, 2022 / 10:30 AM - 10:45 AM IST
How to Manage Cybersecurity in Times of Conflict
Paul Proctor, Distinguished VP Analyst, Gartner
On the 24th of February Russia invaded Ukraine through the use brute military force, but as we have long known any kinetic conflict in this day and age will come with an equally destructive cyber element. Many organizations, particularly ones in critical infrastructure sectors could very well be impacted either directly or indirectly. This session will cover the most pressing cybersecurity concerns as the situation unfolds.
Tuesday, 08 March, 2022 / 01:30 PM - 02:00 PM IST
When Disaster Strikes, Don't Be Caught Unprepared But Have Your Incident Response Ready
Wam Voster, Sr Director Analyst, Gartner
Increasingly, security incidents happen without warning and remain undetected for an extended period. When responding to such an active threat, it is vital that the time between the initial detection and the full mitigation is as short as possible. Security & Risk management Leaders must be prepared for the inevitable by having a proper security incident response process.
Monday, 07 March, 2022 / 01:30 PM - 02:15 PM IST
Roundtable: Ransomware Defense on a Tight Budget, Minimize Attack Surface, Maximize Resilience
Paul Webber, Sr Director Analyst, Gartner
Preventing Ransomware is no longer possible, especially with the advent of targeted and human-operated campaigns. Have limited resources? Ask our experts how it is possible to improve all three – processes, tools and training – without blowing the budget. Identify quick wins and strategic initiatives you can action in your own organizations and avoid being the next victim.
Tuesday, 08 March, 2022 / 03:00 PM - 03:30 PM IST
Technical Insights: Microsoft 365: Office, EMS and Windows 10 - Top Security Features to Implement
Patrick Hevesi, VP Analyst, Gartner
This session will discuss the evolution of Office 365 into Microsoft 365 and the security, identity and compliance features that all organizations must implement. We will discuss 3rd party options as well as the built in native Microsoft features along with strengths and weaknesses of each.
Tuesday, 08 March, 2022 / 03:45 PM - 04:15 PM IST
The Top Cybersecurity Predictions for 2022 and Beyond
Sam Olyaei, VP, Team Manager, Gartner
Every year, Gartner produces impactful predictions across all practices. This presentation will compile the top predictions prepared by our cybersecurity experts for the year 2021-2022. Security and risk management leaders should monitor these trends to be successful in the digital era especially as most recognize that global change could potentially be one crisis away.
Monday, 07 March, 2022 / 12:00 PM - 12:30 PM IST
Outlook for Data Security
Joerg Fritsch, Sr Director Analyst, Gartner
This session covers current trends and emerging topics in the area of data security. From databases to cloud applications, threats are rapidly evolving and countermeasures slowly follow. Planning a data-centric roadmap for security governance and security architecture is a critical component of any security and risk management program.
Monday, 07 March, 2022 / 12:00 PM - 12:45 PM IST
Ask the Expert: Building Out a DLP Program
Ravisha Chugh, Principal Analyst, Gartner
Shashank Sharma, Assoc Principal Analyst, Gartner
Data Loss Prevention has a mixed reputation given its resource-intensive technology. However, hopes are still high for DLP, as the visibility it provides can be a force in reshaping policy, processes, and data usage behavior — pushing the enterprise towards a brighter future in compliance and risk reduction. The question is often: How? How do you do it? It’s by building a DLP program. Each part of the process is an ocean. Join this session to ask your questions.
Monday, 07 March, 2022 / 12:45 PM - 01:30 PM IST
Roundtable: An open discussion on the Trust challenges we all face, moderated by OneTrust
Rob Roe, Managing Director APJ, OneTrust
The good and bad news is that we are all in this together. Nearly all organisations are facing the same issues of knowing what data they are collecting, where they are storing it, what are they using it for and is it secure. During this round table we will discuss the common challenges organisation are facing and provide best practice tips that our more than 12,000 customers are using to meet the new normal Trust requirements.
Monday, 07 March, 2022 / 02:40 PM - 02:55 PM IST
Product Demo by OneTrust: Integrated Modern Governance Platform Demonstration
Rob Roe, Managing Director APJ, OneTrust
OneTrust is pleased to provide a demonstration of our Modern Integrated Governance Platform. The demonstration shows the use cases from first line friendly user experience in capturing system, process, vendor information to the automatic flagging of risks and signoff requirements. Other topics covered are consent management, incident & breach management, internal audits and data subject access requests.
Monday, 07 March, 2022 / 03:00 PM - 03:45 PM IST
Ask the Expert: Use a Data Risk Assessment to Focus Actions on the Growing Data Security
Brian Lowans, Sr Director Analyst, Gartner
A data risk assessment is critical to review the growing risks associated with data breaches and deployments across multi-cloud architectures. Use this session to discuss emerging best practices.
Tuesday, 08 March, 2022 / 02:15 PM - 02:35 PM IST
OneTrust: A Trusted Organisation needs a Modern Integrated Governance Platform
Rob Roe, Managing Director APJ, OneTrust
The use and abuse of personal data has meant increased Regulations, GDPR, PDPB, etc, Apple’s transparency requirements, Deprecation of 3rd party cookies and more. Rapid digitisation, driven by Covid, means that separate, silo governance systems cannot keep up with the ability to honour our trustworthiness commitment. OneTrust will present on the challenges, the pitfalls, and how to implement an integrated modern governance platform.
Tuesday, 08 March, 2022 / 02:15 PM - 02:35 PM IST
Netskope: Nine High-Impact SASE Use Cases
Krishna Narayanaswamy, Chief Technology Officer, Netskope
The Secure Access Service Edge (SASE) is a logical evolution for security programs as organisations digitally transform. Some organisations struggle to embrace key tenants of a SASE architecture. In this session, Krishna Narayanaswamy, Co-founder and Chief Technology Officer at Netskope, brings SASE down to earth with nine quick use cases that any organisation can use to understand SASE, and truly protect their users and data in the cloud.
Tuesday, 08 March, 2022 / 02:15 PM - 03:00 PM IST
Roundtable: A Practitioners Guide to Extended Detection and Response (XDR), moderated by Trellix
Join us at this Virtual Round Table, where we will discuss the need for a multi-vector detection, remediation, and response framework in the SOC. We will also examine the evolution of Extended Detection & Response (XDR) and the growing importance of XDR in the SOC, focusing on:
• Enhancing SOC efficiency and productivity
• Leveraging proactive and actionable intelligence, and getting ahead of the adversary
• Gaining unified visibility and control across multiple attack vectors
• Reducing costs and resources while increasing SOC capacity
Monday, 07 March, 2022 / 12:00 PM - 12:30 PM IST
Outlook for Identity and Access Management
Tricia Phillips, Managing Vice President, Gartner
Identity and access management has reached a tipping point with the distribution of workforce and application access. The decentralization of objects and assets demands a flexible and centralized response with a reliance on flexible orchestration, and policy enforcement which supports a low-friction, zero trust approach.
Monday, 07 March, 2022 / 01:30 PM - 02:15 PM IST
Ask the Expert: How to Manage a Successful PAM Program
Swati Rakheja, Principal Analyst, Gartner
Abhyuday Data, Sr Principal Analyst, Gartner
Success with a PAM program is a mixed bag for most companies, finding PAM a challenging implementation. Before you even purchase a tool, fundamental tasks must be taken on to ensure success later in the process. This session gives you an opportunity to ask questions about initiating and running an effective PAM program. Attendees should come prepared to ask questions.
Monday, 07 March, 2022 / 03:00 PM - 03:30 PM IST
Managing Machine Identities, Secrets, Keys and Certificates
Erik Wahlstrom, Sr Director Analyst, Gartner
An enterprisewide strategy for managing machine identities and credentials such as keys, secrets and certificates requires the usage of multiple tools. In this session we will provide guidance on how to pick the right type of tool and establish a process that meets modern DevOps as well as security requirements.
Tuesday, 08 March, 2022 / 01:30 PM - 02:00 PM IST
Top Lessons Learned From the SolarWinds Attack
Peter Firstbrook, VP Analyst, Gartner
The SolarWinds supply chain attackers utilized the most advanced tool tactics and techniques to achieve their goals. Security and risk management leaders should understand how the attackers were able to evade detection to improve their defenses. This session will explore;
What was different about the SolarWinds attack
What can you do to improve your defensive posture
What is the future of supply chain attacks?
Tuesday, 08 March, 2022 / 01:30 PM - 02:00 PM IST
Outlook for Endpoint and Mobile Security
Patrick Hevesi, VP Analyst, Gartner
Endpoints continue to multiply and connect from anywhere. Security teams have had to scramble and protect both managed and now more unmanaged devices than ever. This session will discuss the trends of attack, new hardware and software security solutions, and how to build a strong defense on the device, in the enterprise and the cloud to protect the endpoints.
Tuesday, 08 March, 2022 / 03:00 PM - 03:30 PM IST
Technical Insights: Working From Home: Security From Home to the Enterprise
Thomas Lintemuth, VP Analyst, Gartner
Organizations of all types are having to allo from home, some for the first time. Find out how enterprise controls, cloud controls and the home office controls come together to secure the remote user experience.
Monday, 07 March, 2022 / 01:30 PM - 02:00 PM IST
Outlook for Cyber and IT Risk
Khushbu Pratap, Sr Director Analyst, Gartner
72% Board of Directors would change organizational structure to achieve business model agility during the COVID-19 crisis and its aftermath. CIOs, CISO, IT risk leaders and digital innovation champions are witnessing unforeseen changes that have cascading impacts on managing exposures. This session walks through emerging solutions and adjustments in digital environments.
Tuesday, 08 March, 2022 / 03:00 PM - 03:45 PM IST
Roundtable: Best Practices in Assessing Third-Party Security and Risk
Joanne Spencer, Sr Director Analyst, Gartner
Luke Ellery, VP Analyst, Gartner
Security and risk leaders struggle to effectively assess third-party (including IT vendor) security and risk, leading to unknown risks or security breaches. This roundtable provides you with the opportunity to participate in a facilitated discussion with your peers regarding the most effective assessment practices used today.
Monday, 07 March, 2022 / 12:00 PM - 12:30 PM IST
Outlook for Security Monitoring and Operations
Jon Amato, Sr Director Analyst, Gartner
Security operations are rapidly evolving to keep up with threat landscape. Tools leveraged by security professionals include automation, advanced analytics and machine learning. This session will address key issues: (1) What threats and trends are affecting security operations? (2) What defines best-in-class security operations of 2021? (3) What is the outlook for security monitoring and operations for the years ahead?
Monday, 07 March, 2022 / 01:30 PM - 02:00 PM IST
The State of Network Security in the Work-From-Anywhere Era
John Watts, VP Analyst, Gartner
Last year work-from-home became the new normal. Coupled with the rapid adoption of SaaS applications such as Microsoft’s O365, Salesforce and others, organizations are no longer able to secure end users and devices with inflexible network security architectures. In this session, we will highlight the forces that shape network security today. We will also discuss SASE, the future of network security in the cloud.
Tuesday, 08 March, 2022 / 12:00 PM - 12:45 PM IST
Roundtable: Zero Trust Networking
Craig Lawson, VP Analyst, Gartner
Share your zero trust journey with your peers in this roundtable. Learn from each other as you discuss your success stories and your setbacks on the road to a zero trust network.
Tuesday, 08 March, 2022 / 01:30 PM - 02:15 PM IST
Ask the Expert: SASE - What is it and How can it Benefit Me?
Craig Lawson, VP Analyst, Gartner
Vendors are flooding the "airwaves" with marketing claims about SASE. Feeling overwhelmed? In this session, we'll answer your SASE questions in an interactive format.
Tuesday, 08 March, 2022 / 03:00 PM - 03:30 PM IST
Technical Insights: Working From Home: Security From Home to the Enterprise
Thomas Lintemuth, VP Analyst, Gartner
Organizations of all types are having to allo from home, some for the first time. Find out how enterprise controls, cloud controls and the home office controls come together to secure the remote user experience.
Monday, 07 March, 2022 / 11:00 AM - 11:45 AM IST
Opening Keynote: Leadership Repositioning for Security Leaders
Tina Nunno, Distinguished VP Analyst, Gartner
As a security leader, are you playing defense or offense? Do you as a leader set the terms of engagement, or are they too often set by others? This session will explore how security leaders can ensure they lead from an offensive position, to deliver the best results for themselves and for their enterprises.
Monday, 07 March, 2022 / 12:00 PM - 12:30 PM IST
Leadership Vision for Security and Risk Management 2022
Jay Heiser, VP Analyst, Gartner
The challenges to security and risk management programs range from governmental/political intervention to digital business adoption to the impact of organizational culture of running a business. Security and Risk Management (SRM) leaders must develop a coherent program based on a clear vision and strategy. This presentation will address:
-What are the major trends affecting the security and risk management leader?
-What are the top challenges affecting the security and risk management leader?
-What actions and best practices should the security and risk management leader initiate?
Monday, 07 March, 2022 / 01:30 PM - 02:00 PM IST
Four Ways to Hack Your Cybersecurity Culture
Sam Olyaei, VP, Team Manager, Gartner
Innovation — or at least the desire to innovate — is on the rise among corporate and public sector clients alike. But while desirable, morphing from your existing culture into an innovative one is hard especially while trying to manage cyber risk in your organization. Most who try, fail. This presentation aims to provide attendees with tactical advice on how to get started, with four culture hacks.
Monday, 07 March, 2022 / 03:00 PM - 03:30 PM IST
Tutorial: How to Create a Business-Aligned Cybersecurity Strategy
Jeffrey Wheatman, VP, Advisory, Gartner
Everyone knows how important strategic planning is for success and yet it is an immense challenge for pretty much everyone. Join us to learn about a simple approach to telling a simple story linking security program activities to business goals and drives better decisions.
1. What makes a good strategy?
2. What kind of narratives work?
3. What does a sample strategy look like?
Monday, 07 March, 2022 / 03:45 PM - 04:15 PM IST
Best Practices in Communicating the Business Value of Cybersecurity
Tom Scholtz, Distinguished VP Analyst, Gartner
There are multiple approaches for communicating the business value of cybersecurity and none of them offer a single "best" way. All are relevant to different contexts. This presentation will discuss the characteristics of common approaches such as RO(S)I, price-performance analysis, outcome-driven approach, etc., and provide guidance on how to select the appropriate approach based on context.
Monday, 07 March, 2022 / 03:45 PM - 04:15 PM IST
Technical Insights: Introduction to the Cybersecurity Mesh Architecture
Felix Gaehtgens, VP Analyst, Gartner
With many IT assets now outside traditional enterprise perimeters, IT leaders must rethink security. Enter the cybersecurity mesh architecture, a composable and scalable approach to extend security controls to distributed assets by decoupling policy enforcement from the assets being protected.
Monday, 07 March, 2022 / 03:45 PM - 05:30 PM IST
Research Discussion for CISOs: The Roadmap to CISO Effectiveness
Dorota Pietruszewska, Director, Advisory, Gartner
Arthur Sivanathan, Director, Advisory, Gartner
In the last few years, CISOs have been thrust into the ranks of the c-suite as cybersecurity rises in priority for organizations. CISOs struggle to understand what success now looks like and what they need to do to attain it. As a consequence, 60% admit they rarely disconnect from work; 22% are available to their company 24/7. To what end? It's time for CISOs to take a step back and start making hard choices about how to pursue their value proposition.
Tuesday, 08 March, 2022 / 12:00 PM - 12:45 PM IST
Roundtable: Drowning Out the Noise - Avoiding Compliance-Driven Security Agendas
Richard Addiscott, Sr Director Analyst, Gartner
Across industry sectors, organizations are being directed to implement – and, in some cases, comply – with a range of new or strengthened government cybersecurity regulations. A key challenge for SRM leaders is being able to –sensitively and sensibly – shape and influence the discussion at senior levels and avoid being sucked into a compliance-driven security agenda. Join this interactive, invitation-only roundtable session with your peers to discuss strategies for delivering an effective cybersecurity program and at the same time meet regulatory cybersecurity obligations.
Tuesday, 08 March, 2022 / 03:00 PM - 03:30 PM IST
The Characteristics of a Defensible, Risk-Based Cybersecurity Program
Tom Scholtz, Distinguished VP Analyst, Gartner
CISO’s have a duty to ensure that the enterprise has an effective cybersecurity security program that can prove to all stakeholders (i.e., shareholders, regulators, customers, suppliers and employees) that it is doing all that can be reasonably expected to protect the digital resources against cyber risk. This presentation analyses the characteristics of a defensible program.
Tuesday, 08 March, 2022 / 03:00 PM - 03:45 PM IST
Workshop: Building Risk, Value, and Cost Charts for Cybersecurity
Richard Addiscott, Sr Director Analyst, Gartner
Paul Webber, Sr Director Analyst, Gartner
Your executives only care about risk, value, and cost. Why would you speak to them about anything else? This workshop will walk through the steps of identifying business processes and outcomes, aligning supporting technology stacks, and creating outcome-driven metrics to put cybersecurity in a business context.
Monday, 07 March, 2022 / 12:00 PM - 12:45 PM IST
Ask the Expert: Improving Vulnerability Management With Effective Vulnerability Prioritization
Craig Lawson, VP Analyst, Gartner
Many vulnerability management programs fail to prioritize vulnerabilities for remediation properly, overloading the IT teams responsible for patching and testing systems. This session discusses what organizations must do to prioritize vulnerabilities identified by vulnerability assessments properly. Typical questions might include: How can I go beyond CVSS? How can I expand prioritization to incorporate asset and threat context?
Monday, 07 March, 2022 / 03:45 PM - 04:15 PM IST
Vulnerability Management — What Is Working and What Is Not
Mitchell Schneider, Sr Principal Analyst, Gartner
Vulnerability management is still not a standard practice for many organizations, even though it should be a foundational practice of good security hygiene. This can be a bigger issue for resource-challenged organizations. This session will help participants understand what has worked and not worked for their peers, across people, processes and technologies, when implementing a vulnerability management program.