2019 topic highlights

Leadership
Receive guidance on how to effectively communicate with senior executives and the board level.

Privacy
Determine privacy regulation needs, data compliance and relevant constraints.

Emerging security trends
Prepare for the Internet of Things (IoT), artificial intelligence (AI) and machine learning (ML).

Risk management
Accelerate digital business and build on risk management  strategies by influencing executives through increased awareness in IT risk management.

Skills and talent
Challenge your understanding of how to address the ongoing IT security and risk management talent shortage.

Cloud security
Advance cloud security architecture, cloud risk management, cloud application and container security.

View By:

A look back at 2019's agenda

Monday, 28 October, 2019 11:00 AM|Monday, 28 October, 2019 11:30 AM

CISO Circle: Quantum Is the New AI

Mark Horvath, Sr Director Analyst, Gartner

Like AI before it, quantum computing and related quantum technologies like quantum key exchange, quantum random number generation and homomorphic encryption are poised to make huge changes to the technology landscape as they mature.
- What are the important quantum computing technologies that will impact your business?
- How will long-established security tools like RSA change?

Please Note: based on availability and eligibility you may sign-up for this session via Conference Navigator after you register for this conference.

Monday, 28 October, 2019 12:45 PM|Monday, 28 October, 2019 01:15 PM

Vectra: AI in Security Operations: What We’ve Learned So Far

Matt Walmsley, Head of EMEA Marketing, Vectra

Time and talent are key factors in preventing a data breach. Join Vectra, the leader in AI powered Network Detection & Response (NDR) as we share learning and insights gained from helping hundreds of enterprise security teams use AI to:
● Detect hidden threats in cloud and enterprise networks
● Perform conclusive incident investigations
● Respond at previously unattainable speed and efficacy

Monday, 28 October, 2019 02:45 PM|Monday, 28 October, 2019 03:30 PM

Ask the Expert: Handling Privacy Risk in Analytics and Machine Learning

As privacy regulations evolve, SRM leaders with a focus on privacy are finding it harder to work with information, and almost impossible to combine multiple data sets, especially when working collaboratively with third parties. We will address your questions, and look at the techniques as well as relevant technologies that will allow you to develop a repeatable process to work with personal data. This session is meant to answer your questions when it comes to handling the risk of mining large data sets of personal information for the purpose of analytics, fraud prevention or undirected discovery.

Please Note: based on availability and eligibility you may sign-up for this session via Conference Navigator after you register for this conference.

Tuesday, 29 October, 2019 10:30 AM|Tuesday, 29 October, 2019 11:00 AM

The Role of Artificial Intelligence in Security and Risk Management

Mark Horvath, Sr Director Analyst, Gartner

Organizations are experimenting with artificial intelligence in security. As evaluation procedures mature, the first disillusions happen. This session will review the state of AI and machine learning usage in various security and risk management areas, and give CISOs recommendations to:
1. Navigate towards AI marketing
2. Define evaluation principle for solutions adding new algorithmic approaches to existing security fields
3. Prepare to avoid or minimize the backlash when results are not up to expectations

Tuesday, 29 October, 2019 11:30 AM|Tuesday, 29 October, 2019 12:00 PM

Darktrace: Embracing AI Defense for Smart Cities

Eleanor Weaver, Commercial Director, Darktrace

Proposing a new approach to cyber defence which uses dynamic AI systems that counter the activity of malicious threats.

Tuesday, 29 October, 2019 02:15 PM|Tuesday, 29 October, 2019 02:45 PM

Cylance: The Future of Security — How AI Will Liberate Us

John McClurg, VP Office of Security & Trust, Mr.

Just over 20 years ago I helped build the FBI’s InfraGard Program. Although we aspired to be proactively preventative, proactive prevention eluded us. Now we are seeing the dawn of a new day where AI’s machine learning now offer pre-execution, in the realm of 99%. The FBI has now called me back into service to help redesign the next generation of InfraGard leveraging this emerging force.

Monday, 28 October, 2019 11:45 AM|Monday, 28 October, 2019 12:15 PM

Spire Solutions: Security Scorecard - Insights into Recent Breaches & Cyber Risk Governance Leveraging Security Ratings

Matthew McKenna, Vice President, EMEA, SecurityScorecard

This session will take a case study approach to demonstrate how security ratings can be leveraged to gain insight the cyber risk governance of organisations. Are organisations working in a structured manner to address cyber risk or are they purely reaction driven? We will look at organisations that have been breached in the last 12 months and explore what insights we can gather from trending across multiple security domains, including network security, DNS health, patching cadence, application security and endpoint security. We will explore how security ratings can help us take proactive measures to help mitigate risk to ourselves or our vendor landscape and collectively apply better and more disciplined governance.

Monday, 28 October, 2019 01:45 PM|Monday, 28 October, 2019 02:30 PM

Outlook for Risk: Technology, Information and Resilience 2019

Roberta Witty, VP Analyst, Gartner

This session provides an overview on the state of risk management planning, decisions, challenges, and solutions. This expands on the “State of Risk Management” from previous summits. In 2019, this outlook will converge three parallel risk conversations — digital transformation, information risk, and building and maintaining resilient organizations.

Tuesday, 29 October, 2019 10:30 AM|Tuesday, 29 October, 2019 12:00 PM

Workshop: Creating Cloud Policy

As cloud becomes more significant, it becomes more formalized, driving more interest in written policies. The attendees in this workshop will discuss their cloud policy thoughts, hopes, and dreams--and will share practical experience in the form, content, dissemination and enforcement of cloud policy.

Please Note: based on availability and eligibility you may sign-up for this session via Conference Navigator after you register for this conference.

Tuesday, 29 October, 2019 04:00 PM|Tuesday, 29 October, 2019 04:30 PM

Keeping Clouds Compliant: Top Five CSP Characteristics for Your Cloud Requisition Playbook

Cloud service providers may not always be ‘compliant’ with a regulation, although in some cases they do need to step up to specific requirements. The more mature a cloud service provider, the more help they can offer in demonstrating their compatibility with a regulation and in helping their customers understand how to use their offerings in a controlled and compliant way. This session addresses these common questions from risk, security, and procurement leaders. (1) How to contextualize security and privacy considerations for the cloud (2) How to gauge CSP's maturity in supporting compliance obligations (3) What tools to consider to better manage security and privacy compliance activities in the cloud.

Monday, 28 October, 2019 01:45 PM|Monday, 28 October, 2019 02:30 PM

Outlook for Risk: Technology, Information and Resilience 2019

Roberta Witty, VP Analyst, Gartner

This session provides an overview on the state of risk management planning, decisions, challenges, and solutions. This expands on the “State of Risk Management” from previous summits. In 2019, this outlook will converge three parallel risk conversations — digital transformation, information risk, and building and maintaining resilient organizations.

Monday, 28 October, 2019 08:15 AM|Monday, 28 October, 2019 08:45 AM

Top 10 Security Projects for 2019

Brian Reed, Sr Director Analyst, Gartner

Security and risk management leaders should implement or improve upon these top 10 security projects in 2019. Any security project must be supported by technology, address the changing needs of cybersecurity and reduce risk by adopting a CARTA strategic approach with all security projects.

Monday, 28 October, 2019 11:00 AM|Monday, 28 October, 2019 11:30 AM

Cloud Security 201: CASB, CSPM, CWPP — What Does It All Mean?

Steve Riley, Sr Director Analyst, Gartner

As more security vendors target your hybrid and cloud SaaS, IaaS and PaaS solutions, we are getting lost in too many acronyms. This session will help decipher the acronym soup and provide prescriptive guidance on what your organization needs to protect your cloud infrastructure and applications. We will also discuss best practices on implementations and how to evaluate and build shortlist for your vendor selections.

Monday, 28 October, 2019 11:45 AM|Monday, 28 October, 2019 12:15 PM

Microsoft: Shifting Sands - Shoring up Cyber-defense in a Rapidly Changing Threat Landscape

Diana Kelley, Cybersecurity Field CTO, Microsoft

The security threat landscape is constantly evolving, and Microsoft has deep data insights from the 6.5 trillion security signals that we analyze every day to over a decade tracking and analyzing software vulnerabilities, exploits, malware, and attacker group methods and tactics. In this session we'll discuss the top insights and provide recommendations for controls and security strategies.

Monday, 28 October, 2019 12:45 PM|Monday, 28 October, 2019 01:15 PM

Vectra: AI in Security Operations: What We’ve Learned So Far

Matt Walmsley, Head of EMEA Marketing, Vectra

Time and talent are key factors in preventing a data breach. Join Vectra, the leader in AI powered Network Detection & Response (NDR) as we share learning and insights gained from helping hundreds of enterprise security teams use AI to:
● Detect hidden threats in cloud and enterprise networks
● Perform conclusive incident investigations
● Respond at previously unattainable speed and efficacy

Monday, 28 October, 2019 01:00 PM|Monday, 28 October, 2019 01:20 PM

Microsoft: Hunting The Bad Guys With Microsoft Threat Protection

Hesham Saad, Security & Threat Protection Lead, Microsoft

In this session, see how Microsoft 365 Security integrated solutions, using Cloud Intelligence from global data, provides protection, with its identity and access management, information protection, threat protection, and security management tools and expertise.

Monday, 28 October, 2019 03:30 PM|Monday, 28 October, 2019 04:00 PM

McAfee: The less known risks of running the enterprise at Cloud speed

Sekhar Sarukkai, VP/Fellow, McAfee LLC

The cloud represents an unprecedented opportunity to accelerate the business but cloud adoption comes with a new breed of cloud-native risks to the enterprise. Companies need to understand what the risks are, embrace the cloud shared responsibility model by establishing new tools and procedures to protect their data and applications in the cloud.


Tuesday, 29 October, 2019 10:30 AM|Tuesday, 29 October, 2019 12:00 PM

Workshop: Creating Cloud Policy

As cloud becomes more significant, it becomes more formalized, driving more interest in written policies. The attendees in this workshop will discuss their cloud policy thoughts, hopes, and dreams--and will share practical experience in the form, content, dissemination and enforcement of cloud policy.

Please Note: based on availability and eligibility you may sign-up for this session via Conference Navigator after you register for this conference.

Tuesday, 29 October, 2019 11:30 AM|Tuesday, 29 October, 2019 12:00 PM

Darktrace: Embracing AI Defense for Smart Cities

Eleanor Weaver, Commercial Director, Darktrace

Proposing a new approach to cyber defence which uses dynamic AI systems that counter the activity of malicious threats.

Tuesday, 29 October, 2019 11:30 AM|Tuesday, 29 October, 2019 12:00 PM

Netskope: A Unified Security Approach to Detect Cloud-Native Threats

Paolo Passeri, Solutions Architect, Netskope

Moving data and applications to the cloud is a key part of digital transformation, however this trend has led to a new concept of perimeter: corporate data is no longer on-premise and can be accessed by employees connecting from anywhere with personal or corporate devices. This session will show how it is possible to both future-proof and secure an organization using a unified security approach.

Tuesday, 29 October, 2019 12:30 PM|Tuesday, 29 October, 2019 01:00 PM

TrendMicro: The Art of Cybersecurity in the Cloud

Bilal Baig, Technical Director MENA, Trend Micro

Join this session to learn about the security practices designed for businesses, making their journey to the cloud or cloud-born enterprises. Seamless security from hybrid to CI/CD pipeline adding a stroke of genius to your next masterpiece.

Tuesday, 29 October, 2019 01:15 PM|Tuesday, 29 October, 2019 02:00 PM

Outlook for Cloud Security 2019

Steve Riley, Sr Director Analyst, Gartner

Cloud security remains a top priority. This presentation summarizes the problems, recommended processes, and new product types to address three key issues:
What are the unique risks associated with public cloud service providers, and how can they be controlled?
What are the unique security challenges of IaaS and how can they be mitigated?
What are the unique control challenges of SaaS, and how can they be addressed?

Tuesday, 29 October, 2019 04:00 PM|Tuesday, 29 October, 2019 04:30 PM

Keeping Clouds Compliant: Top Five CSP Characteristics for Your Cloud Requisition Playbook

Cloud service providers may not always be ‘compliant’ with a regulation, although in some cases they do need to step up to specific requirements. The more mature a cloud service provider, the more help they can offer in demonstrating their compatibility with a regulation and in helping their customers understand how to use their offerings in a controlled and compliant way. This session addresses these common questions from risk, security, and procurement leaders. (1) How to contextualize security and privacy considerations for the cloud (2) How to gauge CSP's maturity in supporting compliance obligations (3) What tools to consider to better manage security and privacy compliance activities in the cloud.

Tuesday, 29 October, 2019 04:00 PM|Tuesday, 29 October, 2019 04:45 PM

The State of Network Security in the Cloud Era

Lawrence Orans, VP Analyst, Gartner

The rapid adoption of SaaS applications such as Microsoft’s O365, Salesforce and others is driving enterprises to rearchitect their networks, so that remote offices can achieve direct internet access with SD-WAN and other techniques. Enterprises will be purchasing more cloud-based security services and fewer appliances. Here, we will highlight best practices that enable a smooth transition to the adoption of cloud-based security services.

Monday, 28 October, 2019 08:15 AM|Monday, 28 October, 2019 08:45 AM

Top 10 Security Projects for 2019

Brian Reed, Sr Director Analyst, Gartner

Security and risk management leaders should implement or improve upon these top 10 security projects in 2019. Any security project must be supported by technology, address the changing needs of cybersecurity and reduce risk by adopting a CARTA strategic approach with all security projects.

Monday, 28 October, 2019 08:15 AM|Monday, 28 October, 2019 08:45 AM

Top 10 Security Projects for 2019

Brian Reed, Sr Director Analyst, Gartner

Security and risk management leaders should implement or improve upon these top 10 security projects in 2019. Any security project must be supported by technology, address the changing needs of cybersecurity and reduce risk by adopting a CARTA strategic approach with all security projects.

Monday, 28 October, 2019 02:45 PM|Monday, 28 October, 2019 03:15 PM

What to Know When Buying Incident Response and Data Breach Response Services

Brian Reed, Sr Director Analyst, Gartner

Buyers are increasingly adding incident response services but fewer are adding data-breach response services. These are distinct offerings but often confused as being the same service. In this session for S&RM leaders we explain the differences between the services, the questions to consider when determining if you need one or both and the provider landscape for these services.

Tuesday, 29 October, 2019 04:00 PM|Tuesday, 29 October, 2019 05:30 PM

Workshop: Improve Your Incident Response to an International Data Breach

Security and risk management leaders must develop strong incident response (IR) capabilities where personally identifiable information (PII) is compromised. This workshop will use a scenario that highlights the impact of cross-border data flows and privacy management to help validate IR capabilities.

Please Note: based on availability and eligibility you may sign-up for this session via Conference Navigator after you register for this conference.

Monday, 28 October, 2019 08:15 AM|Monday, 28 October, 2019 08:45 AM

Top 10 Security Projects for 2019

Brian Reed, Sr Director Analyst, Gartner

Security and risk management leaders should implement or improve upon these top 10 security projects in 2019. Any security project must be supported by technology, address the changing needs of cybersecurity and reduce risk by adopting a CARTA strategic approach with all security projects.

Monday, 28 October, 2019 09:15 AM|Monday, 28 October, 2019 10:15 AM

Gartner Opening Keynote: From Managing Risk and Security to Enabling Value Creation

David Mahdi, Sr Director Analyst, Gartner

Katell Thielemann, VP Analyst, Gartner

Steve Riley, Sr Director Analyst, Gartner

As complexity continues to grow and risks, threats and vulnerabilities multiply with no end in sight, how can security and risk management leaders move beyond reacting? Attendees will learn how to think differently about their role in value preservation and value creation, and how finding sweet spots in a human to machine continuum can help. This is the security and risk management leaders’ new imperative.

Monday, 28 October, 2019 11:00 AM|Monday, 28 October, 2019 12:00 PM

Roundtable: The Role of Network Traffic Analysis in Today's Threat Environment

This session will highlight the latest trends in network-based advanced threat detection, including new techniques for anomaly detection. We will address challenges such as the growing percentage of encrypted traffic and its impact on threat detection. Attendees will learn about the key vendors in the market.

Please Note: based on availability and eligibility you may sign-up for this session via Conference Navigator after you register for this conference.

Monday, 28 October, 2019 11:45 AM|Monday, 28 October, 2019 12:15 PM

Kaspersky: How Are Emerging Technologies Changing The Cyber Security Landscape

Ramy AlDamati, Lead Solutions Architect, Kaspersky META

Cybersecurity is the core challenge when it comes to risk management — People, Process and Technology. Technology offers very stimulating and useful tools to survive in the cyber ecosystem. Nothing is entirely unhackable, but there are some emerging technologies that can help enterprises navigate the increasingly malicious cyber threat landscape.

Monday, 28 October, 2019 11:45 AM|Monday, 28 October, 2019 12:15 PM

Spire Solutions: Security Scorecard - Insights into Recent Breaches & Cyber Risk Governance Leveraging Security Ratings

Matthew McKenna, Vice President, EMEA, SecurityScorecard

This session will take a case study approach to demonstrate how security ratings can be leveraged to gain insight the cyber risk governance of organisations. Are organisations working in a structured manner to address cyber risk or are they purely reaction driven? We will look at organisations that have been breached in the last 12 months and explore what insights we can gather from trending across multiple security domains, including network security, DNS health, patching cadence, application security and endpoint security. We will explore how security ratings can help us take proactive measures to help mitigate risk to ourselves or our vendor landscape and collectively apply better and more disciplined governance.

Monday, 28 October, 2019 12:45 PM|Monday, 28 October, 2019 01:15 PM

Vectra: AI in Security Operations: What We’ve Learned So Far

Matt Walmsley, Head of EMEA Marketing, Vectra

Time and talent are key factors in preventing a data breach. Join Vectra, the leader in AI powered Network Detection & Response (NDR) as we share learning and insights gained from helping hundreds of enterprise security teams use AI to:
● Detect hidden threats in cloud and enterprise networks
● Perform conclusive incident investigations
● Respond at previously unattainable speed and efficacy

Monday, 28 October, 2019 03:30 PM|Monday, 28 October, 2019 04:00 PM

SAI Global: Connecting The Dots Between Business Continuity Management, Cyber Risk And Vendor Risk Management

Business Continuity management has often been viewed in isolation from digital risk management. But a cyber incident can have devastating impact on the continuity of business. Join this presentation, as we delve into; how you can connect the dots between Business Continuity Management, Cyber Risk and Vendor Risk Management, and why it is so critical in an everchanging business climate.

Tuesday, 29 October, 2019 11:30 AM|Tuesday, 29 October, 2019 12:00 PM

Darktrace: Embracing AI Defense for Smart Cities

Eleanor Weaver, Commercial Director, Darktrace

Proposing a new approach to cyber defence which uses dynamic AI systems that counter the activity of malicious threats.

Tuesday, 29 October, 2019 11:30 AM|Tuesday, 29 October, 2019 12:00 PM

Crowdstrike: No NotPetya, No BadRabbit, no WannaCry…So what is Happening in Cyber at the Moment?

Zeki Turedi, Technology Strategist, EMEA, CrowdStrike UK Ltd

The alarming trends CrowdStrike has observed in the course of conducting in-depth digital forensics, IR and remediation with real-world strategic insight into the current threat landscape & the evolving best practices proving most successful against criminal, hacktivist & nation-state adversaries. The session will offer insights into the latest threat intel discovered in 2019 & predictions for 2020 and how you can use this to shape your security strategy

Tuesday, 29 October, 2019 12:10 PM|Tuesday, 29 October, 2019 12:30 PM

Spire Solutions: Rapid7 - Under The Hoodie: Lessons From a Year of Penetration Testing

Discover the lessons of a year of Penetration testing for our customers:

● The report’s most significant findings, including the most commonly exploited vulnerabilities and misconfigurations
● The most effective methods used to compromise targets, and get access to sensitive data
● Suggestions on how to use the data of this report to effectively detect and prevent breaches on your own network

Tuesday, 29 October, 2019 12:40 PM|Tuesday, 29 October, 2019 01:00 PM

Secureworks: A Review of the Latest Threat Landscape — Applying Threat Intelligence in your Org

Don Smith, Director CIC, Dell SecureWorks

Secureworks Counter Threat Unit™ (CTU) analyses threat data worldwide & monitors the cyber threat landscape to provide a global view of emerging threats, zero-day vulnerabilities & the evolving tactics, techniques & procedures of advanced threat actors.

In this presentation we describe the threat landscape, highlight tactics threat actors are adopting & analyse specific emerging threats.

Tuesday, 29 October, 2019 01:15 PM|Tuesday, 29 October, 2019 02:00 PM

Top Security and Risk Management Trends for 2019 and Beyond

Sam Olyaei, Director Analyst, Gartner

Brian Reed, Sr Director Analyst, Gartner

"Top" trends highlight ongoing strategic shifts in the security ecosystem that aren't yet widely recognized, but are expected to have broad industry impact and significant potential for disruption.
This presentation will describe the most significant trends in cybersecurity and how leading organizations are taking advantage of these trends.
Key issues explored will include:
Top technological improvements in the security product landscape
Trends in creating a top notch security organization
Strategic trends that will influence security strategy

Tuesday, 29 October, 2019 02:15 PM|Tuesday, 29 October, 2019 02:45 PM

VMware: Virtualisation; the Goldilocks Zone for Cybersecurity

David Coplestone, ., VMware

Scott McKinnon, Security Architect, VMware

With an increasingly sophisticated threat landscape, VMware believes that the virtualization layer provides a unique domain for orchestrating and applying security measures that is “right”. Join us to learn about how prevention techniques, a focus on the applications & data and leveraging the software layer itself can support better cyber security.

Tuesday, 29 October, 2019 02:15 PM|Tuesday, 29 October, 2019 02:45 PM

Stormshield: OT Cyber Security Blind Sides

Nebras ALQURASHI, Cybersecurity Consultant, Stormshield - AIRBUS

Major risks of OT networks are not phishing emails or vulnerable websites, they are triggered by different factors, like Human mistakes, wrong assumptions or even misconfigured security control, a discussion to shed the light on what matters most to OT networks and how to avoid being victim of a cyber attack.

Tuesday, 29 October, 2019 02:15 PM|Tuesday, 29 October, 2019 02:45 PM

Cylance: The Future of Security — How AI Will Liberate Us

John McClurg, VP Office of Security & Trust, Mr.

Just over 20 years ago I helped build the FBI’s InfraGard Program. Although we aspired to be proactively preventative, proactive prevention eluded us. Now we are seeing the dawn of a new day where AI’s machine learning now offer pre-execution, in the realm of 99%. The FBI has now called me back into service to help redesign the next generation of InfraGard leveraging this emerging force.

Tuesday, 29 October, 2019 03:35 PM|Tuesday, 29 October, 2019 03:55 PM

Kaspersky: The Devil is in the Details ⁠—Threat Evolution and the Digital Doppelgangers

Maher Yamout, Senior Security Researcher, Kaspersky

Technology is being integrated into our daily lives at an unprecedented pace. Defending yourself against evolving cyber-threats seems impossible. Each day brings a new challenge: data leaks are commonplace, privacy breaches continue to unfold, etc. In this fast paced session we’ll cover what makes up a threat, how cyber threats are evolving, and how hackers are able to compromise our systems.

Monday, 28 October, 2019 08:15 AM|Monday, 28 October, 2019 08:45 AM

Top 10 Security Projects for 2019

Brian Reed, Sr Director Analyst, Gartner

Security and risk management leaders should implement or improve upon these top 10 security projects in 2019. Any security project must be supported by technology, address the changing needs of cybersecurity and reduce risk by adopting a CARTA strategic approach with all security projects.

Monday, 28 October, 2019 11:45 AM|Monday, 28 October, 2019 12:15 PM

Microsoft: Shifting Sands - Shoring up Cyber-defense in a Rapidly Changing Threat Landscape

Diana Kelley, Cybersecurity Field CTO, Microsoft

The security threat landscape is constantly evolving, and Microsoft has deep data insights from the 6.5 trillion security signals that we analyze every day to over a decade tracking and analyzing software vulnerabilities, exploits, malware, and attacker group methods and tactics. In this session we'll discuss the top insights and provide recommendations for controls and security strategies.

Monday, 28 October, 2019 01:00 PM|Monday, 28 October, 2019 01:20 PM

Microsoft: Hunting The Bad Guys With Microsoft Threat Protection

Hesham Saad, Security & Threat Protection Lead, Microsoft

In this session, see how Microsoft 365 Security integrated solutions, using Cloud Intelligence from global data, provides protection, with its identity and access management, information protection, threat protection, and security management tools and expertise.

Monday, 28 October, 2019 02:45 PM|Monday, 28 October, 2019 03:15 PM

What to Know When Buying Incident Response and Data Breach Response Services

Brian Reed, Sr Director Analyst, Gartner

Buyers are increasingly adding incident response services but fewer are adding data-breach response services. These are distinct offerings but often confused as being the same service. In this session for S&RM leaders we explain the differences between the services, the questions to consider when determining if you need one or both and the provider landscape for these services.

Tuesday, 29 October, 2019 11:30 AM|Tuesday, 29 October, 2019 12:00 PM

Netskope: A Unified Security Approach to Detect Cloud-Native Threats

Paolo Passeri, Solutions Architect, Netskope

Moving data and applications to the cloud is a key part of digital transformation, however this trend has led to a new concept of perimeter: corporate data is no longer on-premise and can be accessed by employees connecting from anywhere with personal or corporate devices. This session will show how it is possible to both future-proof and secure an organization using a unified security approach.

Tuesday, 29 October, 2019 01:15 PM|Tuesday, 29 October, 2019 02:00 PM

Outlook for Application Security 2019

Mark Horvath, Sr Director Analyst, Gartner

Application security continues to be a significant challenge for many organizations. This session covers the current outlook for application vulnerabilities and application security programs, as well as the newest developments in application security practices and technologies.

Tuesday, 29 October, 2019 04:00 PM|Tuesday, 29 October, 2019 04:45 PM

The State of Privacy 2019-2020

Nader Henein, VP Analyst, Gartner

Privacy has come to be acknowledged as a fundamental human right, worldwide. Increasingly, regulatory pressure to enhance control over personal data affects how we look at our analytic activities, customer's rights and the CX, project development and outsourcing activities. Organizations need to establish a risk-based approach to handle personal data to mature privacy protection and deliver customer trust and satisfaction.

Tuesday, 29 October, 2019 04:00 PM|Tuesday, 29 October, 2019 04:45 PM

Outlook for Data Security 2019

David Mahdi, Sr Director Analyst, Gartner

Security and risk management leaders need to develop security strategies that treat data as a pervasive asset (and liability). New data privacy laws and the continued growth of data breaches are increasing business risks. Data security governance is an emerging risk-based framework that will help plan and orchestrate policies across data security products that are siloed and do not integrate.

Tuesday, 29 October, 2019 04:00 PM|Tuesday, 29 October, 2019 05:30 PM

Workshop: Improve Your Incident Response to an International Data Breach

Security and risk management leaders must develop strong incident response (IR) capabilities where personally identifiable information (PII) is compromised. This workshop will use a scenario that highlights the impact of cross-border data flows and privacy management to help validate IR capabilities.

Please Note: based on availability and eligibility you may sign-up for this session via Conference Navigator after you register for this conference.

Monday, 28 October, 2019 08:15 AM|Monday, 28 October, 2019 08:45 AM

Top 10 Security Projects for 2019

Brian Reed, Sr Director Analyst, Gartner

Security and risk management leaders should implement or improve upon these top 10 security projects in 2019. Any security project must be supported by technology, address the changing needs of cybersecurity and reduce risk by adopting a CARTA strategic approach with all security projects.

Monday, 28 October, 2019 01:45 PM|Monday, 28 October, 2019 02:30 PM

The Five-Step Approach on How to Choose IAM Solutions

Felix Gaehtgens, VP Analyst, Gartner

Buying IAM solutions requires detailed analysis of vendors, solutions and alternatives. Learn to use this five-step approach to structure the evaluation process, derive your shortlist, choose a solution and negotiate the best price.

Tuesday, 29 October, 2019 10:00 AM|Tuesday, 29 October, 2019 10:20 AM

Magic Quadrant for Privileged Access Management

Felix Gaehtgens, VP Analyst, Gartner

By 2020, 40% of medium-to-large enterprises will have deployed privileged access management (PAM) tools to address infrastructure as a service (IaaS) privileged security concerns.
There's a good reason for this expected jump in adoption. Privileged access management is one of the most critical security controls, particularly in today’s increasingly complex IT environment. Security and risk management leaders must use PAM tools in a long-term strategy for comprehensive risk mitigation.
This session will focus on the Magic Quadrant for Identity Governance and Administration the first in the market.

Tuesday, 29 October, 2019 03:00 PM|Tuesday, 29 October, 2019 03:30 PM

Manage Privileged Access to Reduce Security Risks and Increase Agility

Felix Gaehtgens, VP Analyst, Gartner

Is your organization in need of a Privileged Access Management (PAM) solution? If so, this session will serve as a good primer on the technology.
Key issues covered include:
* Introduction to privileged access management
* An overview of PAM tools

Monday, 28 October, 2019 10:25 AM|Monday, 28 October, 2019 10:45 AM

McAfee: Integrated Threat Defense Stopping Advanced targeted Threats from Device to Cloud

Robert Lourenco, Sales Engineer Expert MET - CISSP, CCSP, McAfee

Fileless attacks. Ransomware. Memory-based attacks. Staying ahead of cybercriminals requires more advanced detection & robust threat intelligence sharing. McAfee is changing the way enterprises protect against potential attacks, remediate complex security issues, and combat attacks with an intelligent end-to-end security platform providing adaptable, continuous protection from Devices to Cloud.

Monday, 28 October, 2019 01:45 PM|Monday, 28 October, 2019 02:30 PM

Outlook for Risk: Technology, Information and Resilience 2019

Roberta Witty, VP Analyst, Gartner

This session provides an overview on the state of risk management planning, decisions, challenges, and solutions. This expands on the “State of Risk Management” from previous summits. In 2019, this outlook will converge three parallel risk conversations — digital transformation, information risk, and building and maintaining resilient organizations.

Monday, 28 October, 2019 02:45 PM|Monday, 28 October, 2019 03:15 PM

Building Successful Business Metrics for Technology Risk

Jeffrey Wheatman, VP Analyst, Gartner

Metrics should inform better decision making. “Business alignment” is spoken about frequently, but execution is challenging throughout the Gartner client base. Key risk indicators (KRIs) should have defensible causal relationships to business impacts and present leading indicators to decision makers. Gartner has developed a methodology to integrate risk and corporate performance that helps achieve these goals.

Monday, 28 October, 2019 03:30 PM|Monday, 28 October, 2019 04:00 PM

SAI Global: Connecting The Dots Between Business Continuity Management, Cyber Risk And Vendor Risk Management

Business Continuity management has often been viewed in isolation from digital risk management. But a cyber incident can have devastating impact on the continuity of business. Join this presentation, as we delve into; how you can connect the dots between Business Continuity Management, Cyber Risk and Vendor Risk Management, and why it is so critical in an everchanging business climate.

Monday, 28 October, 2019 03:30 PM|Monday, 28 October, 2019 04:15 PM

RSA: Thinking Integrated: Raising all boats with the tide

Steve Schlarman, Director/Digital Risk Management Strategist, RSA

Gartner stresses the need for an cohesive approach to security and risk management through their concepts of CARTA and Integrated Risk Management. Those approaches hinge on the ability of an organization to be more fluid and agile. This session will break down security, operational, third party and regulatory risk highlighting how common elements can be utilized to create an integrated approach.

Please Note: based on availability and eligibility you may sign-up for this session via Conference Navigator after you register for this conference.

Tuesday, 29 October, 2019 09:50 AM|Tuesday, 29 October, 2019 10:20 AM

RSA: The New Why of Cybersecurity

Rohit Ghai, President, RSA

Digital investment accelerates business velocity, transforms constituent experiences and spawns new opportunities. But this formidable force for human progress also magnifies risk; it accelerates change and complexity, inviting new threats and devastating impacts. Security leaders are left reframing a new answer to an old question: Why? Managing digital risk is the new why for cybersecurity.

Tuesday, 29 October, 2019 01:15 PM|Tuesday, 29 October, 2019 02:00 PM

Top Security and Risk Management Trends for 2019 and Beyond

Sam Olyaei, Director Analyst, Gartner

Brian Reed, Sr Director Analyst, Gartner

"Top" trends highlight ongoing strategic shifts in the security ecosystem that aren't yet widely recognized, but are expected to have broad industry impact and significant potential for disruption.
This presentation will describe the most significant trends in cybersecurity and how leading organizations are taking advantage of these trends.
Key issues explored will include:
Top technological improvements in the security product landscape
Trends in creating a top notch security organization
Strategic trends that will influence security strategy

Tuesday, 29 October, 2019 03:00 PM|Tuesday, 29 October, 2019 03:30 PM

Third-Party Risk Management Is Now a Must-Have Discipline

Roberta Witty, VP Analyst, Gartner

Third party risk management isn’t just required in highly regulated industries, its good practice in all industries. But today’s approaches are mired in lengthy and complex assessment surveys that span a variety of threats and risks. This session will discuss how to improve and enhance your model for managing third party risks. 1) Why is third party risk management important now? 2) What are the current best practices in a third party risk management life cycle? 3) How can we improve the efficiency and value of our third party risk management programs?

Monday, 28 October, 2019 08:15 AM|Monday, 28 October, 2019 08:45 AM

Top 10 Security Projects for 2019

Brian Reed, Sr Director Analyst, Gartner

Security and risk management leaders should implement or improve upon these top 10 security projects in 2019. Any security project must be supported by technology, address the changing needs of cybersecurity and reduce risk by adopting a CARTA strategic approach with all security projects.

Monday, 28 October, 2019 08:15 AM|Monday, 28 October, 2019 08:45 AM

Tutorial: Introducing the Gartner Information Security Function Operating Model

Wam Voster, Sr Director Analyst, Gartner

Security & Risk Management Leaders are challenged to continuously adapt their organizations to meet the needs of rapid changes in digital business. This presentation introduces the Gartner Operating Model for the Information Security Function to address this challenge. This operating model represents how it orchestrates its capabilities to deliver against its operational and strategic objectives.

Monday, 28 October, 2019 09:15 AM|Monday, 28 October, 2019 10:15 AM

Gartner Opening Keynote: From Managing Risk and Security to Enabling Value Creation

David Mahdi, Sr Director Analyst, Gartner

Katell Thielemann, VP Analyst, Gartner

Steve Riley, Sr Director Analyst, Gartner

As complexity continues to grow and risks, threats and vulnerabilities multiply with no end in sight, how can security and risk management leaders move beyond reacting? Attendees will learn how to think differently about their role in value preservation and value creation, and how finding sweet spots in a human to machine continuum can help. This is the security and risk management leaders’ new imperative.

Monday, 28 October, 2019 11:00 AM|Monday, 28 October, 2019 11:30 AM

CISO Circle: Quantum Is the New AI

Mark Horvath, Sr Director Analyst, Gartner

Like AI before it, quantum computing and related quantum technologies like quantum key exchange, quantum random number generation and homomorphic encryption are poised to make huge changes to the technology landscape as they mature.
- What are the important quantum computing technologies that will impact your business?
- How will long-established security tools like RSA change?

Please Note: based on availability and eligibility you may sign-up for this session via Conference Navigator after you register for this conference.

Monday, 28 October, 2019 12:30 PM|Monday, 28 October, 2019 01:30 PM

Roundtable: The Key Challenges You Face When Securing OT

Initially security incidents only occurred in IT but the world has seen attacks in OT as well. Organizations need to implement security in OT to protect this domain from these attacks. This will ensure not only an uninterrupted operation, but also that no harm to people and the environment occurs. What are organizations doing to address this? Is the maturity of OT security at par with IT security?

Please Note: based on availability and eligibility you may sign-up for this session via Conference Navigator after you register for this conference.

Monday, 28 October, 2019 01:45 PM|Monday, 28 October, 2019 02:15 PM

CISO circle: Five Questions on Security and Risk That You Must Be Prepared to Answer at Your Board Meetings!

It is now common practice, and in certain cases mandated by regulation, for a board of directors to require periodic reporting and event-based updates on the state of security and risk management in an enterprise. Developing and communicating an effective message that balances the need to protect with the need to run your business is critical to success. However, in many cases, Security and Risk Leaders are left frustrated and/or unable to answer elementary questions that the Board asks. This presentation will discuss: 1) What is the role of the board and what do they care about?
2) What are some of the most common questions that Board Members Ask? (and a talk track for these questions)
3) How can Security and Risk Leaders flip the conversation to educate the Board on issues that they need to know about?

Please Note: based on availability and eligibility you may sign-up for this session via Conference Navigator after you register for this conference.

Tuesday, 29 October, 2019 09:00 AM|Tuesday, 29 October, 2019 09:45 AM

Gartner Keynote: Mastering the Art of the Political Discussion

Jeffrey Wheatman, VP Analyst, Gartner

Security and risk management leaders often find themselves in political discussions,which can be high stakes,and challenging to successfully navigate. This session helps you know when you are in a political conversation,and provides practical techniques for managing the potential conflict and reaching a successful outcome.

Tuesday, 29 October, 2019 10:30 AM|Tuesday, 29 October, 2019 12:00 PM

Workshop: CISO Circle Leadership Exchange — Creating a One-Page Cybersecurity Strategy That Actually Works

A one-page cybersecurity strategy has been the goal for CISOs forever and the effort always falls short. They are too technical and don’t resonate with the business people, or are so “soft,” technical staff doesn’t know what to do with it.
Join us for this engaging workshop on how to craft a simple, easy to use one-page strategy to propel your program to success

Please Note: based on availability and eligibility you may sign-up for this session via Conference Navigator after you register for this conference.

Tuesday, 29 October, 2019 01:00 PM|Tuesday, 29 October, 2019 02:00 PM

Roundtable: Overcoming Cybersecurity Staffing and Skill Shortages in the GCC

Enterprises in the GCC are struggling to attract and retain cybersecurity talent. Join us for this peer-driven discussion on how to manage with a small team. How have you successfully overcome these constraints? When is a managed service the answer? What makes the most sense to keep in-house?

Please Note: based on availability and eligibility you may sign-up for this session via Conference Navigator after you register for this conference.

Tuesday, 29 October, 2019 05:00 PM|Tuesday, 29 October, 2019 05:30 PM

Learning From the State of the Threat Landscape in the GCC

Jon Amato, Sr Director Analyst, Gartner

Nader Henein, VP Analyst, Gartner

The threat landscape is a moving target. Attack campaigns might hit multiple organizations, but each enterprise should analyze its own threat landscape. Security and risk management leaders should gain baseline knowledge on:
1. Future trends more than statistics about the past
2. Potential threats more than attack patterns
3. Response options more than defense technologies

Tuesday, 29 October, 2019 05:00 PM|Tuesday, 29 October, 2019 05:30 PM

Security Organization Dynamics, 2019

Wam Voster, Sr Director Analyst, Gartner

There is no such thing as a perfect, universally appropriate model for security organizations. Every enterprise must develop its own model, taking into consideration basic principles, practical realities and the challenges of digital transformation. This presentation will address the following key issues:
- What are the trends and challenges in security organization design?
- What are the factors that influence security organization?
- What are the current best practices and contemporary conceptual design models for security organization?

Monday, 28 October, 2019 01:45 PM|Monday, 28 October, 2019 02:30 PM

Ask the Expert: Lessons from GDPR and other Privacy regulations for the GCC

Regional and country-specific privacy mandates continue to increase. Mapping commonalities and managing risks for differences are crucial for security and risk leaders. In this session attendees will get insights from Gartner expert Nader Henein on what are some of the lessons that can be drawn from experiences that organizations have had in preparing and dealing with GDPR and other major privacy requirements.

Please Note: based on availability and eligibility you may sign-up for this session via Conference Navigator after you register for this conference.

Monday, 28 October, 2019 02:45 PM|Monday, 28 October, 2019 03:30 PM

Ask the Expert: Handling Privacy Risk in Analytics and Machine Learning

As privacy regulations evolve, SRM leaders with a focus on privacy are finding it harder to work with information, and almost impossible to combine multiple data sets, especially when working collaboratively with third parties. We will address your questions, and look at the techniques as well as relevant technologies that will allow you to develop a repeatable process to work with personal data. This session is meant to answer your questions when it comes to handling the risk of mining large data sets of personal information for the purpose of analytics, fraud prevention or undirected discovery.

Please Note: based on availability and eligibility you may sign-up for this session via Conference Navigator after you register for this conference.

Monday, 28 October, 2019 03:30 PM|Monday, 28 October, 2019 04:15 PM

RSA: Thinking Integrated: Raising all boats with the tide

Steve Schlarman, Director/Digital Risk Management Strategist, RSA

Gartner stresses the need for an cohesive approach to security and risk management through their concepts of CARTA and Integrated Risk Management. Those approaches hinge on the ability of an organization to be more fluid and agile. This session will break down security, operational, third party and regulatory risk highlighting how common elements can be utilized to create an integrated approach.

Please Note: based on availability and eligibility you may sign-up for this session via Conference Navigator after you register for this conference.

Tuesday, 29 October, 2019 04:00 PM|Tuesday, 29 October, 2019 04:45 PM

The State of Privacy 2019-2020

Nader Henein, VP Analyst, Gartner

Privacy has come to be acknowledged as a fundamental human right, worldwide. Increasingly, regulatory pressure to enhance control over personal data affects how we look at our analytic activities, customer's rights and the CX, project development and outsourcing activities. Organizations need to establish a risk-based approach to handle personal data to mature privacy protection and deliver customer trust and satisfaction.

Monday, 28 October, 2019 08:15 AM|Monday, 28 October, 2019 08:45 AM

Top 10 Security Projects for 2019

Brian Reed, Sr Director Analyst, Gartner

Security and risk management leaders should implement or improve upon these top 10 security projects in 2019. Any security project must be supported by technology, address the changing needs of cybersecurity and reduce risk by adopting a CARTA strategic approach with all security projects.

Monday, 28 October, 2019 10:25 AM|Monday, 28 October, 2019 10:45 AM

McAfee: Integrated Threat Defense Stopping Advanced targeted Threats from Device to Cloud

Robert Lourenco, Sales Engineer Expert MET - CISSP, CCSP, McAfee

Fileless attacks. Ransomware. Memory-based attacks. Staying ahead of cybercriminals requires more advanced detection & robust threat intelligence sharing. McAfee is changing the way enterprises protect against potential attacks, remediate complex security issues, and combat attacks with an intelligent end-to-end security platform providing adaptable, continuous protection from Devices to Cloud.

Monday, 28 October, 2019 11:45 AM|Monday, 28 October, 2019 12:15 PM

Spire Solutions: Security Scorecard - Insights into Recent Breaches & Cyber Risk Governance Leveraging Security Ratings

Matthew McKenna, Vice President, EMEA, SecurityScorecard

This session will take a case study approach to demonstrate how security ratings can be leveraged to gain insight the cyber risk governance of organisations. Are organisations working in a structured manner to address cyber risk or are they purely reaction driven? We will look at organisations that have been breached in the last 12 months and explore what insights we can gather from trending across multiple security domains, including network security, DNS health, patching cadence, application security and endpoint security. We will explore how security ratings can help us take proactive measures to help mitigate risk to ourselves or our vendor landscape and collectively apply better and more disciplined governance.

Monday, 28 October, 2019 12:30 PM|Monday, 28 October, 2019 01:30 PM

Roundtable: The Key Challenges You Face When Securing OT

Initially security incidents only occurred in IT but the world has seen attacks in OT as well. Organizations need to implement security in OT to protect this domain from these attacks. This will ensure not only an uninterrupted operation, but also that no harm to people and the environment occurs. What are organizations doing to address this? Is the maturity of OT security at par with IT security?

Please Note: based on availability and eligibility you may sign-up for this session via Conference Navigator after you register for this conference.

Monday, 28 October, 2019 01:45 PM|Monday, 28 October, 2019 02:30 PM

Outlook for Risk: Technology, Information and Resilience 2019

Roberta Witty, VP Analyst, Gartner

This session provides an overview on the state of risk management planning, decisions, challenges, and solutions. This expands on the “State of Risk Management” from previous summits. In 2019, this outlook will converge three parallel risk conversations — digital transformation, information risk, and building and maintaining resilient organizations.

Monday, 28 October, 2019 02:45 PM|Monday, 28 October, 2019 03:15 PM

Building Successful Business Metrics for Technology Risk

Jeffrey Wheatman, VP Analyst, Gartner

Metrics should inform better decision making. “Business alignment” is spoken about frequently, but execution is challenging throughout the Gartner client base. Key risk indicators (KRIs) should have defensible causal relationships to business impacts and present leading indicators to decision makers. Gartner has developed a methodology to integrate risk and corporate performance that helps achieve these goals.

Monday, 28 October, 2019 02:45 PM|Monday, 28 October, 2019 03:30 PM

Ask the Expert: Handling Privacy Risk in Analytics and Machine Learning

As privacy regulations evolve, SRM leaders with a focus on privacy are finding it harder to work with information, and almost impossible to combine multiple data sets, especially when working collaboratively with third parties. We will address your questions, and look at the techniques as well as relevant technologies that will allow you to develop a repeatable process to work with personal data. This session is meant to answer your questions when it comes to handling the risk of mining large data sets of personal information for the purpose of analytics, fraud prevention or undirected discovery.

Please Note: based on availability and eligibility you may sign-up for this session via Conference Navigator after you register for this conference.

Monday, 28 October, 2019 03:30 PM|Monday, 28 October, 2019 04:15 PM

RSA: Thinking Integrated: Raising all boats with the tide

Steve Schlarman, Director/Digital Risk Management Strategist, RSA

Gartner stresses the need for an cohesive approach to security and risk management through their concepts of CARTA and Integrated Risk Management. Those approaches hinge on the ability of an organization to be more fluid and agile. This session will break down security, operational, third party and regulatory risk highlighting how common elements can be utilized to create an integrated approach.

Please Note: based on availability and eligibility you may sign-up for this session via Conference Navigator after you register for this conference.

Tuesday, 29 October, 2019 09:50 AM|Tuesday, 29 October, 2019 10:20 AM

RSA: The New Why of Cybersecurity

Rohit Ghai, President, RSA

Digital investment accelerates business velocity, transforms constituent experiences and spawns new opportunities. But this formidable force for human progress also magnifies risk; it accelerates change and complexity, inviting new threats and devastating impacts. Security leaders are left reframing a new answer to an old question: Why? Managing digital risk is the new why for cybersecurity.

Tuesday, 29 October, 2019 10:30 AM|Tuesday, 29 October, 2019 11:00 AM

The Role of Artificial Intelligence in Security and Risk Management

Mark Horvath, Sr Director Analyst, Gartner

Organizations are experimenting with artificial intelligence in security. As evaluation procedures mature, the first disillusions happen. This session will review the state of AI and machine learning usage in various security and risk management areas, and give CISOs recommendations to:
1. Navigate towards AI marketing
2. Define evaluation principle for solutions adding new algorithmic approaches to existing security fields
3. Prepare to avoid or minimize the backlash when results are not up to expectations

Tuesday, 29 October, 2019 01:15 PM|Tuesday, 29 October, 2019 02:00 PM

Top Security and Risk Management Trends for 2019 and Beyond

Sam Olyaei, Director Analyst, Gartner

Brian Reed, Sr Director Analyst, Gartner

"Top" trends highlight ongoing strategic shifts in the security ecosystem that aren't yet widely recognized, but are expected to have broad industry impact and significant potential for disruption.
This presentation will describe the most significant trends in cybersecurity and how leading organizations are taking advantage of these trends.
Key issues explored will include:
Top technological improvements in the security product landscape
Trends in creating a top notch security organization
Strategic trends that will influence security strategy

Tuesday, 29 October, 2019 03:00 PM|Tuesday, 29 October, 2019 03:30 PM

Third-Party Risk Management Is Now a Must-Have Discipline

Roberta Witty, VP Analyst, Gartner

Third party risk management isn’t just required in highly regulated industries, its good practice in all industries. But today’s approaches are mired in lengthy and complex assessment surveys that span a variety of threats and risks. This session will discuss how to improve and enhance your model for managing third party risks. 1) Why is third party risk management important now? 2) What are the current best practices in a third party risk management life cycle? 3) How can we improve the efficiency and value of our third party risk management programs?

Tuesday, 29 October, 2019 05:00 PM|Tuesday, 29 October, 2019 05:30 PM

Focus More on the Realities of Cyber-Physical Systems Security Than on the Concepts of IoT

Katell Thielemann, VP Analyst, Gartner

Siloed IoT/OT implementation and management distract from the real security and safety implications of the convergence of digital technologies and physical assets. To be effective, security and risk management leaders must instead holistically address the needs of cyber-physical systems. This session will discuss the opportunities and challenges related to securing cyber-physical systems.

Monday, 28 October, 2019 08:15 AM|Monday, 28 October, 2019 08:45 AM

Top 10 Security Projects for 2019

Brian Reed, Sr Director Analyst, Gartner

Security and risk management leaders should implement or improve upon these top 10 security projects in 2019. Any security project must be supported by technology, address the changing needs of cybersecurity and reduce risk by adopting a CARTA strategic approach with all security projects.

Monday, 28 October, 2019 08:15 AM|Monday, 28 October, 2019 08:45 AM

Tutorial: Introducing the Gartner Information Security Function Operating Model

Wam Voster, Sr Director Analyst, Gartner

Security & Risk Management Leaders are challenged to continuously adapt their organizations to meet the needs of rapid changes in digital business. This presentation introduces the Gartner Operating Model for the Information Security Function to address this challenge. This operating model represents how it orchestrates its capabilities to deliver against its operational and strategic objectives.

Monday, 28 October, 2019 09:15 AM|Monday, 28 October, 2019 10:15 AM

Gartner Opening Keynote: From Managing Risk and Security to Enabling Value Creation

David Mahdi, Sr Director Analyst, Gartner

Katell Thielemann, VP Analyst, Gartner

Steve Riley, Sr Director Analyst, Gartner

As complexity continues to grow and risks, threats and vulnerabilities multiply with no end in sight, how can security and risk management leaders move beyond reacting? Attendees will learn how to think differently about their role in value preservation and value creation, and how finding sweet spots in a human to machine continuum can help. This is the security and risk management leaders’ new imperative.

Monday, 28 October, 2019 11:00 AM|Monday, 28 October, 2019 11:30 AM

CISO Circle: Quantum Is the New AI

Mark Horvath, Sr Director Analyst, Gartner

Like AI before it, quantum computing and related quantum technologies like quantum key exchange, quantum random number generation and homomorphic encryption are poised to make huge changes to the technology landscape as they mature.
- What are the important quantum computing technologies that will impact your business?
- How will long-established security tools like RSA change?

Please Note: based on availability and eligibility you may sign-up for this session via Conference Navigator after you register for this conference.

Monday, 28 October, 2019 11:00 AM|Monday, 28 October, 2019 11:30 AM

To the Point: IT/OT Considerations for the GCC

Wam Voster, Sr Director Analyst, Gartner

The increased use of commercial operating systems in industrial control systems means that OT is now susceptible to the same attacks as in the IT world. What should security and risk management leaders in the GCC region do to develop a coherent strategy to protect not just the organization’s information but also the OT. This round table will key challenges and solutions to securing the OT in the Oil and Gas sector in the GCC region.

Monday, 28 October, 2019 12:30 PM|Monday, 28 October, 2019 01:30 PM

Roundtable: The Key Challenges You Face When Securing OT

Initially security incidents only occurred in IT but the world has seen attacks in OT as well. Organizations need to implement security in OT to protect this domain from these attacks. This will ensure not only an uninterrupted operation, but also that no harm to people and the environment occurs. What are organizations doing to address this? Is the maturity of OT security at par with IT security?

Please Note: based on availability and eligibility you may sign-up for this session via Conference Navigator after you register for this conference.

Monday, 28 October, 2019 01:45 PM|Monday, 28 October, 2019 02:15 PM

CISO circle: Five Questions on Security and Risk That You Must Be Prepared to Answer at Your Board Meetings!

It is now common practice, and in certain cases mandated by regulation, for a board of directors to require periodic reporting and event-based updates on the state of security and risk management in an enterprise. Developing and communicating an effective message that balances the need to protect with the need to run your business is critical to success. However, in many cases, Security and Risk Leaders are left frustrated and/or unable to answer elementary questions that the Board asks. This presentation will discuss: 1) What is the role of the board and what do they care about?
2) What are some of the most common questions that Board Members Ask? (and a talk track for these questions)
3) How can Security and Risk Leaders flip the conversation to educate the Board on issues that they need to know about?

Please Note: based on availability and eligibility you may sign-up for this session via Conference Navigator after you register for this conference.

Tuesday, 29 October, 2019 09:00 AM|Tuesday, 29 October, 2019 09:45 AM

Gartner Keynote: Mastering the Art of the Political Discussion

Jeffrey Wheatman, VP Analyst, Gartner

Security and risk management leaders often find themselves in political discussions,which can be high stakes,and challenging to successfully navigate. This session helps you know when you are in a political conversation,and provides practical techniques for managing the potential conflict and reaching a successful outcome.

Tuesday, 29 October, 2019 09:50 AM|Tuesday, 29 October, 2019 10:20 AM

RSA: The New Why of Cybersecurity

Rohit Ghai, President, RSA

Digital investment accelerates business velocity, transforms constituent experiences and spawns new opportunities. But this formidable force for human progress also magnifies risk; it accelerates change and complexity, inviting new threats and devastating impacts. Security leaders are left reframing a new answer to an old question: Why? Managing digital risk is the new why for cybersecurity.

Tuesday, 29 October, 2019 10:30 AM|Tuesday, 29 October, 2019 12:00 PM

Workshop: CISO Circle Leadership Exchange — Creating a One-Page Cybersecurity Strategy That Actually Works

A one-page cybersecurity strategy has been the goal for CISOs forever and the effort always falls short. They are too technical and don’t resonate with the business people, or are so “soft,” technical staff doesn’t know what to do with it.
Join us for this engaging workshop on how to craft a simple, easy to use one-page strategy to propel your program to success

Please Note: based on availability and eligibility you may sign-up for this session via Conference Navigator after you register for this conference.

Tuesday, 29 October, 2019 01:15 PM|Tuesday, 29 October, 2019 02:00 PM

Top Security and Risk Management Trends for 2019 and Beyond

Sam Olyaei, Director Analyst, Gartner

Brian Reed, Sr Director Analyst, Gartner

"Top" trends highlight ongoing strategic shifts in the security ecosystem that aren't yet widely recognized, but are expected to have broad industry impact and significant potential for disruption.
This presentation will describe the most significant trends in cybersecurity and how leading organizations are taking advantage of these trends.
Key issues explored will include:
Top technological improvements in the security product landscape
Trends in creating a top notch security organization
Strategic trends that will influence security strategy

Tuesday, 29 October, 2019 01:15 PM|Tuesday, 29 October, 2019 02:00 PM

Outlook for Application Security 2019

Mark Horvath, Sr Director Analyst, Gartner

Application security continues to be a significant challenge for many organizations. This session covers the current outlook for application vulnerabilities and application security programs, as well as the newest developments in application security practices and technologies.

Tuesday, 29 October, 2019 02:15 PM|Tuesday, 29 October, 2019 02:45 PM

VMware: Virtualisation; the Goldilocks Zone for Cybersecurity

David Coplestone, ., VMware

Scott McKinnon, Security Architect, VMware

With an increasingly sophisticated threat landscape, VMware believes that the virtualization layer provides a unique domain for orchestrating and applying security measures that is “right”. Join us to learn about how prevention techniques, a focus on the applications & data and leveraging the software layer itself can support better cyber security.

Tuesday, 29 October, 2019 05:00 PM|Tuesday, 29 October, 2019 05:30 PM

Learning From the State of the Threat Landscape in the GCC

Jon Amato, Sr Director Analyst, Gartner

Nader Henein, VP Analyst, Gartner

The threat landscape is a moving target. Attack campaigns might hit multiple organizations, but each enterprise should analyze its own threat landscape. Security and risk management leaders should gain baseline knowledge on:
1. Future trends more than statistics about the past
2. Potential threats more than attack patterns
3. Response options more than defense technologies

Tuesday, 29 October, 2019 05:00 PM|Tuesday, 29 October, 2019 05:30 PM

Security Organization Dynamics, 2019

Wam Voster, Sr Director Analyst, Gartner

There is no such thing as a perfect, universally appropriate model for security organizations. Every enterprise must develop its own model, taking into consideration basic principles, practical realities and the challenges of digital transformation. This presentation will address the following key issues:
- What are the trends and challenges in security organization design?
- What are the factors that influence security organization?
- What are the current best practices and contemporary conceptual design models for security organization?

Monday, 28 October, 2019 08:15 AM|Monday, 28 October, 2019 08:45 AM

Top 10 Security Projects for 2019

Brian Reed, Sr Director Analyst, Gartner

Security and risk management leaders should implement or improve upon these top 10 security projects in 2019. Any security project must be supported by technology, address the changing needs of cybersecurity and reduce risk by adopting a CARTA strategic approach with all security projects.

Monday, 28 October, 2019 08:15 AM|Monday, 28 October, 2019 08:45 AM

Tutorial: Gartner's Strategic Vision for Vulnerability Management

Rajpreet Kaur, Sr Principal Analyst, Gartner

Earlier this year we published updated guidance on how to better run this foundational security process. This presentation will go over this new way of doing vulnerability more effectively.
- Why we made some significant changes to our guidance on this critical process?
- What does the new RBVM actually look like?
- How to bring this to life inside your own security programs?

Monday, 28 October, 2019 01:45 PM|Monday, 28 October, 2019 02:30 PM

Outlook of Security Operations

Rajpreet Kaur, Sr Principal Analyst, Gartner

Modern security operations are evolving. They heavily rely on foundational technologies such as SIEM to accomplish their mission, and also adopt various analytics approaches. They struggle with more automation — of both thinking and acting — that promises to relieve humans from the routine tasks, but sometimes adding more work to the overworked security teams. This session will address these key issues: (1) What defines best-in-class security operations of 2019? (2) What trends are affecting security operations? (3) What will the future bring?

Tuesday, 29 October, 2019 12:10 PM|Tuesday, 29 October, 2019 12:30 PM

Spire Solutions: Rapid7 - Under The Hoodie: Lessons From a Year of Penetration Testing

Discover the lessons of a year of Penetration testing for our customers:

● The report’s most significant findings, including the most commonly exploited vulnerabilities and misconfigurations
● The most effective methods used to compromise targets, and get access to sensitive data
● Suggestions on how to use the data of this report to effectively detect and prevent breaches on your own network

Tuesday, 29 October, 2019 01:15 PM|Tuesday, 29 October, 2019 02:00 PM

Outlook for Application Security 2019

Mark Horvath, Sr Director Analyst, Gartner

Application security continues to be a significant challenge for many organizations. This session covers the current outlook for application vulnerabilities and application security programs, as well as the newest developments in application security practices and technologies.

Want to stay informed?

Get conference email updates.
Contact Information

All fields are required.

  • Step 2 of 2