Agenda
Sunday, 17 May, 2020 / 05:30 PM - 08:00 PM CEST
Due to ongoing concerns about the current outbreak of the coronavirus (COVID-19), Gartner has canceled the Gartner Security & Risk Management Summit. We apologize for any inconvenience this may cause and we look forward to seeing you at an upcoming conference.
If you need additional assistance, please contact GlobalConferences@gartner.com.
Sunday, 17 May, 2020 / 06:00 PM - 07:00 PM CEST
Monday, 18 May, 2020 / 07:30 AM - 07:30 PM CEST
Monday, 18 May, 2020 / 08:00 AM - 08:45 AM CEST
Patrick Hevesi, VP Analyst, Gartner
Come see how secure the latest versions of your mobile OSes and devices are against the current mobile attacks. This session will show which operating systems and devices you need to be using along with third-party solutions to protect your organization. We will demonstrate attacks and also discuss the right EMM/UEM, MTD and other mobile security solutions your should be using today.
Monday, 18 May, 2020 / 08:00 AM - 08:45 AM CEST
Jeremy D'Hoinne, VP Analyst, Gartner
This session will give an overview of how network detection and response can play a role in improving an advanced threat detection program:
- What did we learn about evaluating and deploying the technology from hundreds of client inquiries?
- What are the trends in the NDR vendor landscape?
- How to decide if it is worth the purchase?
Monday, 18 May, 2020 / 08:00 AM - 08:45 AM CEST
Dionisio Zumerle, VP Analyst, Gartner
This orientation session is designed to help attendees make Security and Risk Summit the most productive experience. It will provide you with tips on how to navigate your way through the CISO Circle Program and overall conference and give you a chance to meet your fellow CISOs. Topics will include a review of the agenda, interactive sessions, networking and much more with plenty of time for Q&A.
Monday, 18 May, 2020 / 09:00 AM - 10:00 AM CEST
Tom Scholtz, Distinguished VP Analyst, Gartner
Mario de Boer, Managing Vice President, Gartner
Economics is called “the dismal science” because scarce resources mean not every need can be met. As a security and risk leader with unlimited challenges and limited resources, you face difficult decisions about what to prioritize. Economic models and principles can help. In this keynote, we’ll look at how looking at security and risk dilemmas through the lens of economics can help you make better decisions. We will also discuss trends in security spending, and introduce new models for cost optimization, financial-based risk assessment and articulating the value of security.
Monday, 18 May, 2020 / 10:15 AM - 11:00 AM CEST
Katell Thielemann, VP Analyst, Gartner
Digital transformation has made security and risk top-of-mind issues for CEOs, CIOs and the board. As Security and Risk Leaders, you need to understand their perspective, concerns and expectations. Each year, Gartner asks a broad sampling of top CIOs, CEOs and board members to identify what’s most important to them for the year ahead. This year, for the first time, we’re bringing together more than 1,600 data points from these carefully crafted surveys to present top themes and their implications for security and risk leaders. Using key takeaways from the surveys, this session will outline how aligning security decisions with business goals can have the greatest impact, and approaches to help you develop a roadmap for the next 12 to 36 months. You’ll hear insights that will help you communicate with business leaders, understand their perspective and anticipate their needs.The best way to know what business leaders think about and expect from security is to ask. We did. Come find out what they had to say.
Monday, 18 May, 2020 / 10:15 AM - 11:00 AM CEST
Jay Heiser, VP Analyst, Gartner
Cloud security remains a top priority. This presentation summarizes the problems, recommended processes, and new product types to address three key issues.
* What are the unique risks associated with public cloud service providers, and how can they be controlled?
* What are the unique security challenges of IaaS and how can they be mitigated?
* What are the unique control challenges of SaaS, and how can they be addressed?
Monday, 18 May, 2020 / 10:15 AM - 11:00 AM CEST
Jeremy D'Hoinne, VP Analyst, Gartner
The cloud era is forcing network security professionals to adapt on several fronts. Enterprises are spending more on cloud-based security services, as a replacement for physical appliances in private data centers. Also, as enterprises move workloads to IaaS clouds, they are turning to micro-segmentation to secure key assets. This session will deliver key insights into these important trends.
Monday, 18 May, 2020 / 11:00 AM - 11:30 AM CEST
Monday, 18 May, 2020 / 12:15 PM - 01:00 PM CEST
Dr. Julia Shaw, Psychological Scientist,
In this talk Dr Julia Shaw explores the darker side of technology. She discusses the ways in which criminology and psychology help us understand cybercrime, how business structures hide our humanity, and how misinformation can turn into false memories. She forces us to think about the fine line between attackers and defenders and explores if AI can be evil. In this lively and thought-provoking talk, Dr Shaw encourages us to think deeper about morality, and how we can adapt our leadership and use technology to help overcome some of humanity’s greatest threats
Monday, 18 May, 2020 / 01:00 PM - 02:00 PM CEST
Monday, 18 May, 2020 / 01:00 PM - 02:15 PM CEST
Monday, 18 May, 2020 / 02:15 PM - 03:00 PM CEST
Jie Zhang, VP Analyst, Gartner
Solutions and services to support vendor risk and security efforts continue to emerge. These solutions include integrated risk management (IRM) and security rating services (SRS). This session will discuss the market and recommendations for their use along with the emerging services and solutions best suited for vendor risk management.
Monday, 18 May, 2020 / 02:15 PM - 03:00 PM CEST
Wam Voster, VP Analyst, Gartner
This session walks through the state of risk management practices across technology and information exposures that influence organizational resilience. The current and future role of risk management leadership will be laid out in this session.
Monday, 18 May, 2020 / 02:15 PM - 03:00 PM CEST
Neil MacDonald, Distinguished VP Analyst, Gartner
Security considerations and best practices for securing containers and Kubernetes Docker containers are not inherently unsecure, but are being deployed unsecurely, driven by developers and a need for agility in service development and deployment. Security and risk management leaders must address container and Kubernetes security issues around vulnerabilities, visibility, compromise and compliance. This session will provide specific best practices for secure container and Kubernetes deployments.
Monday, 18 May, 2020 / 02:15 PM - 03:00 PM CEST
Tom Scholtz, Distinguished VP Analyst, Gartner
There is no such thing as a perfect, universally appropriate model for security organizations. Every enterprise must develop its own model, taking into consideration basic principles, practical realities and the challenges of digital transformation. This presentation will address the following key issues:
- What are the trends and challenges in security organization design?
- What are the factors that influence security organization?
- What are the current best practices and contemporary conceptual design models for security organization?
Monday, 18 May, 2020 / 02:15 PM - 03:45 PM CEST
Roberta Witty, VP Analyst, Gartner
Presenting to the Board about a highly technical topic can be daunting. You must put the event into business impact context. This presentation will be a mock session of how to blend the technical with the business so that senior executives understand that a cyberattack is an "all of enterprise" disruption.
Monday, 18 May, 2020 / 02:15 PM - 03:45 PM CEST
Nader Henein, VP Analyst, Gartner
Given our borderless digital society, controlling the country in which information resides seems counterintuitive; however, it’s a requirement of most emerging data protection laws. Come to the session where we will probe the reason behind data residency requirements and learn how to support business expansion inside geographic guardrails without breaking centralized store and compute models.
Monday, 18 May, 2020 / 03:45 PM - 04:15 PM CEST
Monday, 18 May, 2020 / 04:15 PM - 05:00 PM CEST
Mario de Boer, Managing Vice President, Gartner
In 2020, machine learning is used by security vendors more than by attackers. This will change. Join this technical session to explore the limits of ML in security solutions and how ML will accelerate innovation in attacker methods.
Monday, 18 May, 2020 / 04:15 PM - 05:00 PM CEST
Ramon Krikken, Managing Vice President, Gartner
This session covers current trends and emerging topics in the area of data security. From databases to files, threats are rapidly evolving and countermeasures slowly follow. Planning a data-centric roadmap for security governance and security architecture is a critical component of any security and risk management program.
Monday, 18 May, 2020 / 04:15 PM - 05:00 PM CEST
Toby Bussa, VP Analyst, Gartner
This session will discuss what can be outsourced, what has worked well when outsourced to security services providers and the lessons learned where outsourcing hasn't been successful.
Monday, 18 May, 2020 / 04:15 PM - 05:45 PM CEST
Katell Thielemann, VP Analyst, Gartner
Decisions and disruptions is a tabletop/role-playing game about security. Players are challenged with managing the security of a small utility company: They are given a budget that they can spend among a range of different defensive options. Decisions have to be made, taking into account a number of potential threats, known vulnerabilities of the infrastructure, past and ongoing cyberattacks and budget limitations.
Monday, 18 May, 2020 / 05:15 PM - 06:00 PM CEST
Jie Zhang, VP Analyst, Gartner
Digital transformation relies heavily on new technology adoptions. While organizations innovate and create values through digital business, a set of new risks are emerging. These emerging risks require security and risk leaders' special attention. This session equips you with a model to assess the emerging risks.
Monday, 18 May, 2020 / 05:15 PM - 06:00 PM CEST
Patrick Hevesi, VP Analyst, Gartner
This session discusses the advanced security features included in the Microsoft 365 E5 license suite. It will also review licensing and discuss:
• Advanced data protection, email protection, conditional access, Azure AD premium P2 and other advanced features.
• Use cases where third-party solutions can be integrated and if they are required.
Monday, 18 May, 2020 / 05:15 PM - 06:00 PM CEST
John Watts, VP Analyst, Gartner
The threat landscape is a moving target. Attack campaigns might hit multiple organizations, but each enterprise should analyze its own threat landscape. Security and risk management leaders should gain baseline knowledge on:
1. Optimizing Prediction and Prevention
2. Knowing When Detection is Required
3. Preparing to Respond When Things go Wrong
Monday, 18 May, 2020 / 05:15 PM - 06:15 PM CEST
Anna Belak, Director Analyst, Gartner
Success in security operations relies heavily on foundational technologies like SIEM, which continue to evolve to meet the demands of modern IT. Emerging technologies like SOAR, deception, and machine-learning-based detection and response tools can also be a great asset in your SecOps toolkit. How do you choose the right tools and build the appropriate processes around them to ensure long-term success?
Monday, 18 May, 2020 / 06:00 PM - 08:00 PM CEST
Tuesday, 19 May, 2020 / 07:30 AM - 04:30 PM CEST
Tuesday, 19 May, 2020 / 08:00 AM - 08:45 AM CEST
Toby Bussa, VP Analyst, Gartner
Security monitoring and operations are rapidly evolving to keep up with a very dynamic threat landscape. Automation, advanced analytics and machine learning are some of the tools leveraged by security professionals to keep up with threats. This session will address these key issues:
(1) What trends are affecting security operations?
(2) What defines best-in-class security operations of 2020?
(3) What is the outlook for security monitoring and operations for the years ahead?
Tuesday, 19 May, 2020 / 08:00 AM - 08:45 AM CEST
Nader Henein, VP Analyst, Gartner
Privacy UX is composed of the aspects of a privacy program that are exposed to the public. Come to this Ask the Expert session to join a discussion about balancing just the right level of transparency with your users to earn their trust, drive depth and turn privacy from a challenge to a market advantage.
Tuesday, 19 May, 2020 / 08:00 AM - 08:45 AM CEST
Ramon Krikken, Managing Vice President, Gartner
CASB is to SaaS as the firewall is to the data center. Come learn how to best take advantage of CASBs as your business continues to migrate more services to the cloud. We will discuss the different use cases and best practices on how to deploy CASB, as well as the continuing evolution of security architecture through CASB and related technologies such as zero-trust network access (ZTNA).
Tuesday, 19 May, 2020 / 08:00 AM - 08:45 AM CEST
Roberta Witty, VP Analyst, Gartner
The challenges to security and risk management programs range from governmental/political intervention to digital business adoption to the impact of organizational culture of running a business. Security and risk management (SRM) leaders must develop a coherent program based on a clear vision and strategy. This presentation will address:
What constitutes an effective vision and strategy for SRM leaders?
What are the elements of a SRM program?
What are the drivers shaping SRM strategy in 2020-2021?
Tuesday, 19 May, 2020 / 08:00 AM - 09:30 AM CEST
Jie Zhang, VP Analyst, Gartner
This workshop walks through requirements planning, decision making and stakeholder communication, and also discusses overlap with cybersecurity tools, compliance solutions, security operations, analysis and reporting tools as well as risk management capabilities available with cloud service providers.
Tuesday, 19 May, 2020 / 08:00 AM - 09:30 AM CEST
Tom Scholtz, Distinguished VP Analyst, Gartner
Effective governance should be a cornerstone of security programs and ineffective governance is the most common cause of failure. Security and risk leaders need to implement governance capabilities that support accountability, authority, risk management and assurance. This presentation will share strategies for establishing effective, adaptive security governance to enable digital transformation.
Tuesday, 19 May, 2020 / 09:30 AM - 10:00 AM CEST
Tuesday, 19 May, 2020 / 09:45 AM - 10:45 AM CEST
Dionisio Zumerle, VP Analyst, Gartner
Analysis shows that over 90% of ransomware attacks are preventable, and yet, ransomware attacks are increasing, posing a notable threat to business data and productivity. Global economic losses from “WannaCry” alone are estimated to be between 1.5 to 4 billion Euros.
In this roundtable, attendees will discuss best practices with their peers, share successes and perhaps some failures in combating ransomware, and what to do about them.
Tuesday, 19 May, 2020 / 10:00 AM - 10:45 AM CEST
Neil MacDonald, Distinguished VP Analyst, Gartner
Most enterprises will have data centers for years to come and most have adopted a multi-cloud strategy by design. This presentation will outline strategies for the consistent management and security of a hybrid multi-cloud environment composed of physical machines, virtual machines, containers and serverless workloads.
Tuesday, 19 May, 2020 / 10:00 AM - 10:45 AM CEST
Anna Belak, Director Analyst, Gartner
Vulnerability management has a history that goes back more than a quarter of a century. Scanning, patching and mitigating are not new activities. However, IT has changed a lot in the past decades, but has your vulnerability management? This presentation learns from how the best organization perform vulnerability management around modern IT processes and tools.
Tuesday, 19 May, 2020 / 10:00 AM - 10:45 AM CEST
Roberto Baratta Martinez, Executive Vice-President Loss Prevention, Continuity & Security, ABANCA
You were aware, prepared, trained and ready. Or at least you thought so... This session describes how ABANCA responded to an advanced attack, and how they have since developed a new incident response capacity as a result. The case study shows how things are never as you imagine and plan for, and how strong response skills, organizational culture and leadership are key in a cyber-crisis. The session will describe:
• How to deploy a corporate-wide response capacity... that (should) work
• Why your knowledge and training may not be sufficient
• How decisive leadership is crucial when facing an attack.
Tuesday, 19 May, 2020 / 11:00 AM - 12:30 PM CEST
John Watts, VP Analyst, Gartner
Security and risk management leaders must develop strong incident response (IR) capabilities where personally identifiable information (PII) is compromised. This workshop will use a scenario that highlights the impact of cross-border data flows and privacy management to help validate IR capabilities.
Tuesday, 19 May, 2020 / 11:45 AM - 12:30 PM CEST
Mario de Boer, Managing Vice President, Gartner
Email gateways are the most deployed control against phishing. However, prevention is far from perfect. In this session you can ask all your questions on phishing prevention, detection and response. Typical questions include:
- How can we best change user behavior?
- What are the best practices for security operations when dealing with phishing?
- Which emerging solutions can support with phishing detection and response?
Tuesday, 19 May, 2020 / 11:45 AM - 12:30 PM CEST
Patrick Hevesi, VP Analyst, Gartner
As your cyber security strategy and architecture becomes more complex, the game of our security defense has changed. We used to play tic tac toe when defending our organizations, but now it is more like a game of tetris. Each of the products that organizations are buying need to integrate and fit precisely into line to ensure that our defenses against more and more advanced attacks are ready. This session will talk about the age old question about best of breed point products vs. the bigger security vendors that are trying to build a integrated single solution and the pros and cons of both.
Tuesday, 19 May, 2020 / 11:45 AM - 12:30 PM CEST
Jay Heiser, VP Analyst, Gartner
Is your cloud solutions provider facilitating or resisting government surveillance? How can you know? You can't avoid the cloud by building a digital wall around your organization. Can any technology or law save you from the cloud? Will local providers come to your rescue? This provocative session will cut through the myths, so that your organization can stop wasting time solving problems that can't be fixed.
Tuesday, 19 May, 2020 / 12:30 PM - 01:45 PM CEST
Tuesday, 19 May, 2020 / 12:30 PM - 02:00 PM CEST
Wam Voster, VP Analyst, Gartner
Most CEOs are excellent problem solvers, but too often CISO’s seek approval rather than enable their CEO’s to participate in the decision-making process. This causes disengagement and is at the root of many of the challenges CISOs and IT leaders face. CISO’s need to use different tools to get their CEO to the table and keep them engaged so that they value the outcome of the decisions we ask for.
Tuesday, 19 May, 2020 / 01:45 PM - 02:30 PM CEST
Jeremy D'Hoinne, VP Analyst, Gartner
Breach and attack simulation tools are maturing and provide an interesting alternative to automated penetration testing tools when automating security posture assessments.
This session will give an opportunity to attendees to ask question about the emerging attack simulation and the rejuvenating automated penetration testing markets , and tips on how to evaluate the vendors and best benefit from the technology.
Tuesday, 19 May, 2020 / 01:45 PM - 02:30 PM CEST
Dionisio Zumerle, VP Analyst, Gartner
Endpoints security challenges are rising to new levels of complexity as the definition blurs across clouds, BYO, workstations, mobile, wearable, “things” and pure software.
This session will address
1. The evolution of device security to a single Unified Endpoint Security (UES) solution
2. The evolution of network security from on-premise to cloud based since devices are frequently accessing cloud based services.
3. The evolution of modern data protection for devices including VDI, encryption, and DRM
Tuesday, 19 May, 2020 / 01:45 PM - 02:30 PM CEST
Nader Henein, VP Analyst, Gartner
Privacy regulations across the globe have developed more over the past two years than they have in the preceding century. This has placed substantial pressure on organisations regarding how they store and handle personal information pertaining to their employees and their customers. This session focuses on the top three mistakes, top three capabilities and top three hacks learned through out two years in the trenches of the GDPR, the CCPA, the LGPD and many more.
Tuesday, 19 May, 2020 / 01:45 PM - 02:30 PM CEST
Toby Bussa, VP Analyst, Gartner
This session will take a look at what security and risk management look like in 10 years. What will be the same? What will change? What will you need to start thinking about now to be prepared in the future?
Tuesday, 19 May, 2020 / 01:45 PM - 03:15 PM CEST
Ramon Krikken, Managing Vice President, Gartner
As more security vendors target your hybrid and cloud SaaS, IaaS and PaaS solutions, we are getting lost in too many acronyms. This workshop will help decipher the acronym soup and build a cloud security strategy including what your organization needs to protect your cloud infrastructure and applications. We will also discuss best practices on implementations and how to evaluate and build a shortlist for your vendor selections.
Tuesday, 19 May, 2020 / 02:45 PM - 03:15 PM CEST
Wam Voster, VP Analyst, Gartner
The information security profession is growing at a rate of 37% through 2022. Organizations need to ensure that they recruit, develop and retain the right talent to keep up with this demand. This presentation explores how organizations will need to extend diversity, flex recruitment strategies and create the right organizational culture to recruit, grow and retain the best talent.
Tuesday, 19 May, 2020 / 02:45 PM - 03:15 PM CEST
Jie Zhang, VP Analyst, Gartner
Risk quantification is perceived to bring more visibility and confidence in cybersecurity decision making — but does it? This session will deep dive into use cases articulating reasonable and unreasonable application of quantification approaches from the viewpoint of different security and risk management stakeholders.
Tuesday, 19 May, 2020 / 02:45 PM - 03:15 PM CEST
Neil MacDonald, Distinguished VP Analyst, Gartner
Changes in the threat landscape and ineffectiveness of current security architectures has driven an explosion of interest in zero trust security architectures. This presentation will build on the concepts of zero-trust networking and extend to operating systems, applications (including development), users and data. Topics will include the new NIST draft standard for zero trust as well as technologies and vendors providing solutions.
Tuesday, 19 May, 2020 / 02:45 PM - 03:30 PM CEST
Jay Heiser, VP Analyst, Gartner
SaaS is a self-service model that is mostly out of IT's control, which has lead to endless exposures of sensitive data, audit frustrations, and cost overrun. Who is in charge of SaaS governance, and what policies, processes and products can they use to help their organizations use SaaS more responsibly. This session will be an opportunity for attendees to share their experiences with what works, and what doesn't.
Tuesday, 19 May, 2020 / 03:15 PM - 03:45 PM CEST
Tuesday, 19 May, 2020 / 03:45 PM - 04:30 PM CEST
Charles Hazlewood, International Conductor and Musical Revolutionary,
"Internationally renowned conductor Charles Hazlewood has won hearts and minds around the world with his ground-breaking musical projects. Moving audiences to laughter and occasionally tears, his presentations on leadership, trust, and authenticity have inspired organisations around the world.
Charles draws from analogies between the workings of an office with that of an orchestra. Both music and business depend on individuals working as part of a whole, in pursuit of a common goal. Trust is the key ingredient, the gel which binds each and every human relationship. Without trust, nothing is possible. Through his experiences of forming an opera company out of township South Africa, to creating the world’s first large-scale virtuoso orchestra of musicians with disabilities, Charles demonstrates the power of trust and authenticity in creating world-changing new paradigms "