Constant change in the threat landscape and compliance requirements present daily challenges that can feel overwhelming. Scaling security when facing a fast-paced IT innovation landscape involves choices, often at the expense of building trust and resilience. Three key questions drive strong decision making: What's important, what's dangerous and what's real? This session presents scenarios to demonstrate that ruthless prioritization in the answers helps us cut through the noise and enables action that changes our outlook from overwhelmed to empowered.
CISOs are called on to fill the twin roles of operational expert and strategic planner. Many CISOs struggle when developing a strategy because they have not been exposed to this process. A few pragmatic steps can help ensure that your strategy is useful. This session will address the following: • What are the elements that you must consider? • What pragmatic steps can you take during its development to ensure success? • What safeguards do you need to support successful execution?
Business requirements drive organizations to connect their IT and OT. This alignment between IT and OT requires organizations to rethink their approach to securing the traditionally separate IT and OT worlds. This session will cover best practices on getting security governance right in an aligned IT/OT world, tips on how to deploy common teams and the role of the digital risk officer.
Workshop to discuss the anti-money laundering market focusing on: Security and risk management leaders' understanding the need for efficiency but how to gain effectiveness in detecting suspicious activity without high operational overhead is still eluding the market, developing a new breed of AML experts/operators that are driven by a social mission and ideas for an AML black ops (best practices of the elite AML programs and teams).
Vendors and third parties can create significant risks to business operations and performance. This session will provide an overview of the methods to efficiently reduce residual vendor risks. What are the current best practices for assessing, monitoring, remediating or mitigating vendor risks? What emerging practices are improving the value of vendor risk management programs?
Employee monitoring is one of those topics that most IT leaders don’t like to talk about. Blandishments like “We trust our people,” “We have a culture of openness,” are common. Yet, as Mark Twain said “The difference between a man and a dog is that if you feed a dog and take care of it, it will not bite you”. We examine how employee monitoring contributes not only to prevention and detection of internal malfeasance, but can also be used to safeguard employees and ensure safe working.
If you are still struggling with getting beyond passwords, better times are coming. The conjunction of increasing online use cases and competition for embedded biometrics in next-generation hardware is propelling opportunities for advanced authentication techniques. This presentation will chart a course for clever, subtle and transparent identity management.
Banks are experiencing a variety of attacks, but struggle to understand the modus operandi and correctly classify them to implement effective strategies to manage them. This presentation provides security and risk management leaders with a framework to deconstruct complex crimes and devise strategies to mitigate risk.
As long as business is doing well business leaders are applauded and rewarded, but the moment something bad happens the CISO is blamed for not properly protecting business information. How can security and risk management leaders ensure roles and responsibilities are clear? What can be done to ensure ownership of risk is well-defined. How much risk should the CISO actually own?
It is now common practice for a board of directors to require periodic reporting and event-based updates on the state of IT risk and information security. Risk and security leaders must provide board-relevant and business-aligned content. This presentation discusses what you need to present. Key Issues: • What is the role of the board and what do they care about? • What content do you need to cover? • How should you present this content?
IGA deployment initiatives are a potential minefield for many organizations that risk costly delays, difficult integration and lower overall value. Gartner has identified common anti-patterns for IGA adoption that range from the planning phase to the actual deployment and integration. Learn how to identify and avoid these common mistakes and plan for a successful IGA deployment by focusing on value and using Gartner's IGA deployment model.
Organizations are allocating funds for blockchain without defining use cases, putting security and risk management leaders in a bind. You need to support the adoption of blockchain, but manage the risks that result from relatively unproven tools. Come learn: ● How to trust distributed identity. ● How to trust unknown cryptographic service providers on blockchain and distributed ledgers. ● Recognize the can't-happen-don't-care state is more important than we think.
Business requirements drive organizations to connect their IT and OT. This alignment between IT and OT requires organizations to rethink their approach to securing the traditionally separate IT and OT worlds. This interactive session will cover best practices on getting security governance right in an aligned IT/OT world, tips on how to deploy common teams and the role of the digital risk officer.
Gartner research shows that success in the digital business revolution requires material culture changes inside and outside of IT. Organizations are limiting themselves through fear of technology, while the line between technology and business outcomes is disappearing. Non-IT executives treat security like a cost center and do not understand how to accept technology risks. A risk-aware culture must be developed and mature. Come hear about this groundbreaking research that links digital business success to culture and risk.
Good information security hygiene is a must, but many organizations lose focus on getting the basics right, leading to an unjustified level of confidence in risk posture. Join us and learn: • What are the key activities, capabilities and practices for organizations? • What are the activities that you can delay or even skip entirely? • Why doing the basics is more important than ever.
Is your organization in need of a privileged access management (PAM) solution? If so, this session will serve as a good primer on the technology. Key issues covered include: • Introduction to privileged access management. • The PAM maturity model. • An overview of PAM tools and when and how to use them.
Windows 10 is getting unprecedented rapid implementation in the enterprise. This session will: •Look at the most significant security improvements in Windows 10. •Compare and contrast optional Windows 10 security features to third-party solutions. •Provide implementation guidance to ensure that the security improvements are getting deployed. •Look a the future of Windows security in the enterprise.
Threat hunting (TH) is very hot, but very few organizations actually do it. Attend this session to learn the basics of practical hunting and how to start your TH effort. Key issues covered in this session: • What is TH? • How do you incorporate TH into your SOC processes? • How do you develop a basic TH capability? • Where do you get ideas on what to hunt for? • How do you measure TH successes?
When building a security operation center, or trying to improve the visibility over threats, an abundance of new technologies overwhelms security leaders with too many options. This session will highlight the benefits and compare the use cases for the most useful security analytics tools. Technologies covered in this session include SIEM, network traffic analysis, user behavior analytics, endpoint detection and response, intrusion detection, full packet capture and SOAR.
Organizations are regularly adopting agile development methodologies and DevOps initiatives. Application security process and technology best practices are abundant, but not all of them fit in the world of rapid application development and delivery. This session will highlight some of the areas of opportunity for security automation as well as pitfalls that may inhibit application releases.
Security orchestration, automation and response (SOAR) tools have been growing in popularity as organizations try to introduce automation in their security operations practices. This session defines this emerging technology and presents emerging deployment and operations practices. Questions covered: • What is SOAR • Do I need it? Who does? • How are organizations using SOAR tools? • What are the best practices in deployment and use of SOAR tools?
With private cloud, public cloud and SaaS becoming pervasive across enterprises, the relevance of third-party security controls is in question. Infrastructure and application owners ask whether third-party firewalls are necessary to secure business data in these new environments. A single brand of firewall is the best approach to regulating access to — and security within — hybrid networks.
Over the past 18 months, EPP solutions and EDR solutions have been converging however not all capabilities are available from the offerings. - What can you expect to see from this convergence in the short term and longer term? - What are the missing pieces that you need to be aware of? - How should you plan your future initiatives in light of this convergence
We can't prevent all threats, but it doesn't mean people working on security monitoring and operations can't start detecting and responding. But how do you do it without breaking the bank? How should you start with detection and response? This workshop will go through a structured approach to find out: (1) What are the basic processes and tools to get right? (2) How do you succeed with a small team? (3) How do you use third parties gracefully and effectively?
Mobile attacks continue to surface. Do you have all the right mobile security solutions in place? Come learn how to build a defense in-depth strategy for your ever growing mobile workforce. We will also discuss how UEM, MTD and mobile OS/HW security solutions continue to improve.
Protecting modern web applications requires an appropriate mix of technologies for client-side and server-side components. Microservice design patterns, web API adoption, mobilization and cloud integration increase the complexity further. This session will cover the various protective technologies that are available to organizations and provide recommendations on how to leverage them effectively.
Analytics today spreads to more security technologies, affecting not just threat detection and monitoring, but other operational areas. We are approaching an era where most security tools are security analytics tools that utilize machine learning for many functions. Modern security operations also heavily rely on foundational technologies such as SIEM to accomplish their mission. They struggle with more automation — of both thinking and acting — that promises to relieve humans from the routine tasks, but sometimes adding more work to overworked security teams. This session will address these key issues: (1) What is the role of analytics in security today? (2) What defines best-in-class security operations of 2018? (3) Will AI save us from all the threats?
Application security continues to be a significant challenge for many organizations. This session covers the current state of application vulnerabilities and application security programs, as well as the newest developments in application security practices and technologies.
The EPP MQ is one of the most popular documents on Gartner.com, and clients want to understand what the relative placement really means. This session will take you through the analysis process, the assessment criteria and of course the products themselves. Attendees will get updated information and guidance on how best to use this document when evaluating vendors.
As the external threat landscape becomes more hostile, compliance and regulatory requirements become more common and information security resources become increasingly scarce, organizations will be forced to rely more on service providers to deliver threat detection and incident response capabilities. This session will address issues such as what should you look to outsource and what opportunities are available on the market?
Midsize enterprises are defined as organizations between $50 million and $1 billion in annual revenue and fewer than 1,000 employees. This roundtable discussion focuses on what's enough network security for midsize enterprises. Preregistration is required. Seats are limited.
Massive use of SaaS and mobile technologies and a growing share of encrypted traffic revive the rumors of the death of the perimeter and network security altogether. Building a strong business case to prioritize network security investments is more difficult, due to increasing competition for budget from cloud and endpoint security solutions. This session will review the latest trends in network-based advanced threat defense, including the latest techniques used for anomaly detection, and a high-level framework to decide if TLS decryption is right for your organization.
Midsize enterprises are defined as organizations between $50 million and $1 billion in annual revenue and fewer than 1,000 employees. This roundtable discussion focuses on practical data security options for the midmarket. Preregistration is required. Seats are limited. This session is a good fit for you if your organization has between five and 50 people in IT and an IT budget between $5 million and $30 million. We prequalify attendees for midsize enterprise sessions based on annual revenue between $50 million and $1 billion.
Security and risk management leaders should select AST tools and services and embed them in the SDLC as a critical component of an application security program. In this session, we will illustrate the market and main vendors in the application security testing space.
Security information and event management (SIEM) technologies have been around for almost two decades, and have evolved and adapted as use cases and the external landscape have changed over time. SIEM tools are far from dead, but change is happening. This session will cover how SIEM technologies are evolving and what the future of SIEM solutions will look like.
Security operations are a critical component of an effective cybersecurity organization. Organizations pursuing a more mature security practice may decide to centralize all or part of those activities into a security operations center (SOC). This session will discuss the following: • A structured approach to create requirements for, plan, establish and efficiently operate a modern SOC. • Key differences between a modern SOC and a traditional model. • What tools are key to the success of a SOC • What SOC functions can successfully be outsourced
Security and risk management leaders must develop strong incident response (IR) capabilities where personally identifiable information (PII) is compromised. This workshop will use a scenario that highlights the impact of cross-border data flows and privacy management to help validate IR capabilities.
Security and risk management leaders need to develop security strategies that treat data as a pervasive asset (and liability). New data privacy laws and the continued growth of data breaches are increasing business risks. Data security governance is an emerging risk-based framework that will help plan and orchestrate policies across data security products that are siloed and do not integrate.
Now that we are in the "cloud era," network security professionals need to adapt. Enterprises are rearchitecting their networks and will be purchasing more cloud-based security services and fewer network security appliances. In this session, we will highlight best practices that enable a smooth transition to the adoption of cloud-based security services.
This session will review the latest Gartner Magic Quadrant for Managed Security Services (MSS). Attendees will learn about the current market, provider landscape, and adjacent services for this well-established network security services market.
Identifying the core features to call out to a potential MSSP when scoping the need for an outsourced service is critical for a successful engagement. This session will provide practical examples of how to establish effective requirements and use cases before engaging providers. • What are the key service performance metrics to insist on from an MSSP? • How can you define service customization requirements to ensure additional services charges are managed? • How can you align internal processes with the providers' outputs?
Cloud access security brokers (CASB) are now being deployed by organizations large and small. This session will dig into the features, the leading use cases we see clients successfully using and the requirements needed to make your CASB deployment a successful one.
This session will discuss how to use the enterprise network firewalls Magic Quadrant to highlight strengths and weaknesses of competitive solutions, as well as dive into which firewall vendors an organization should consider.
Endpoint and mobility use cases continuously transform business processes and challenge established security best practices. Integrity comes down to personal discretion. We provide IT leaders with a path to introduce agility and tolerance into critical infrastructure. Concerns include technology trends, emerging exploits and the sheer enormity of data protection in an interconnected workplace.
Emails get spoofed. Sometimes it's a prank but increasingly it's the vector for fraudulent criminal gangs. Impact can be loss of confidential data, actual financial losses through fraud or blackmail and extortion. Email has remained the dominant B2B communication channel for years and is likely to be so for the foreseeable future. Let's look at how we can fix it — not just for ourselves but for our customers, supply partners and employees.
When it comes to the threat landscape, it can be challenging to understand how you should act to protect your business. Gartner presents a methodology to help organisations understand what really matters when looking at the latest threats. This session will cover the importance of understanding risk, patch and vulnerability management as well as applying some key issues of the 2018 threat landscape to a core methodology.
The world has seen an increase in security incidents. The use of commercial operating systems in industrial control systems means that OT is now susceptible to the same attacks as in the IT world. What should security and risk management leaders do to develop a coherent strategy to protect not just the organization’s information but also the OT? This presentation will address topics like processes, architecture and controls.
From the likes of WannaCry, Petya and others, cyberattacks are more frequently and more significantly disrupting business operations. This workshop presents crisis communication and coordination best practices so that attendees will gain valuable experience in ensuring a strong crisis communications position.
This presentation tells the current story of cloud security, providing an overview of the unique risks of the various forms of public cloud computing, so that the security professional can help the rest of their organization fully understand and address cloud risks. The unique security challenges of IaaS and SaaS are discussed and viewers are provided with a summary of current- and near-term products and practices that can be used to monitor and control the use of public cloud computing.
Enterprises have had a wake-up call over the last few years as their data assets have been increasingly plundered, with increasing financial liabilities. Users need access to data to do their jobs, but not all data. Data-centric audit and protection tools must be applied to detect potential malicious activity before it results in a breach.
Risk management continues to be an area of growing maturity and investment for most organizations, as the risk landscape becomes increasingly complex and interconnected. As a result, new technology solutions are emerging to increase the collaborative nature of risk management to support data-driven decision making, both within and external to an organization. This session explores how integrated risk management (IRM) will help improve risk management practices.
PAM tools are not difficult to install, but it can be a challenge ensuring that all gaps are being covered. In this roundtable, we will share experience on how organizations have overcome political, technical and cultural pitfalls to use these tools in a way that enables the organization.
Increasing regulatory and security threats are pushing a lot of security and risk management leaders to start a data classification initiative or revisit a previously unsuccessful one. This session provides a practical approach to implement data classification: 1) What policies and standards do you need? 2) How do you implement data classification successfully? 3) What role do tools play?
Fraud prevention leaders have mastered the art of detecting and preventing fraudulent account activity and payment events in many verticals and use cases, but as customers change the way they interact with each other and their expectations of their service providers, banks, retailers, healthcare teams and governments, the old ways have failed to evolve. Please note: Preregistration required. Reserved for end user organizations.
After ample preparation time in anticipation of the GDPR, Gartner has observed a few misconceptions on privacy as well as a number of key functions for a mature privacy management program. We will address the lessons learned and the necessary capabilities to protect privacy, including the role of security, program ownership, and what the market is and should be doing.