From leadership strategy to real-world tactical insights, the sessions at Gartner Security & Risk Management Summit 2018 addresses the most critical priorities of CISOs and security & risk management professionals in the Middle East.

Agenda / By Track

Monday, 22 October, 2018 08:30 AM|Monday, 22 October, 2018 09:00 AM
Tutorial: Digital Business KPIs and Risk: Identifying and Then Measuring Value
John A. Wheeler, Sr Director, Advisory, Gartner

CIOs and their teams need to be able to articulate the value of digital business in the form of concrete metrics. This session will provide a framework for identifying value areas (e.g., revenue, cost reduction, margin improvement) and then continue with a way of establishing metrics to help executives track the progress and manage the risk of the digital business journey.


Monday, 22 October, 2018 09:15 AM|Monday, 22 October, 2018 10:15 AM
Gartner Opening Keynote: Scaling Trust and Resilience — Cut the Noise and Enable Action
Rajpreet Kaur, Principal Analyst, Gartner
Sam Olyaei, Sr Principal Analyst, Gartner
Steve Riley, Sr Director Analyst, Gartner

Constant change in the threat landscape and compliance requirements present daily challenges that can feel overwhelming. Scaling security when facing a fast-paced IT innovation landscape involves choices, often at the expense of building trust and resilience. Three key questions drive strong decision making: What's important, what's dangerous, and what's real? This session presents scenarios to demonstrate that ruthless prioritization in the answers helps us cut through the noise and enables action that changes our outlook from overwhelmed to empowered.


Monday, 22 October, 2018 11:00 AM|Monday, 22 October, 2018 11:30 AM
Blockchain, Is This Stuff Secure? How CISOs Can Evaluate the Security Risks of Blockchain
David Mahdi, Sr Director Analyst, Gartner

Blockchain has become a much-hyped technology with a lot of potential. Yet, with cyber threats and data breaches, is this technology secure? As Blockchain starts to impact the world, CISOs must understand the security and privacy implications. This session aims to provide a CISO with a framework that will help them identify and manage risks related to Blockchain.


Monday, 22 October, 2018 12:15 PM|Monday, 22 October, 2018 01:30 PM
CISO Circle Lunch: Lessons Learned in the Equifax Breach and Other Incidents
John A. Wheeler, Sr Director, Advisory, Gartner

Come join us for a discussion of four recent high-profile breaches. How did they happen? What was the company response? What worked and what didn't? What should we have learned from the breach?

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, 22 October, 2018 03:00 PM|Monday, 22 October, 2018 03:30 PM
How to Develop Cloud Security Skills
Steve Riley, Sr Director Analyst, Gartner

Cloud is not just a synonym for the internet but a whole new way to energize your career. Tired of racking and stacking and patching? Bored with consoles and control panels? Then attend this session. Cloud security upends traditional notions of protecting systems and data. Aspects of cloud security require dabbling in adjacent IT disciplines. Come learn how to develop cloud security skills for yourself and for your organization.


Monday, 22 October, 2018 04:45 PM|Monday, 22 October, 2018 05:45 PM
Roundtable: How Blockchain and eIDs Will Affect Governments
David Mahdi, Sr Director Analyst, Gartner

Digital identities for both humans and devices are growing at an exponential rate. What implications does this have on governments and their IAM programs, and how will this impact both government-employee and government-citizen dynamics? How will emerging technologies such as blockchain impact government digital identity? This roundtable kicks off with some common trends in IAM, and focuses on what matters most to governments. Preregistration is required. Seats are limited.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, 22 October, 2018 05:00 PM|Monday, 22 October, 2018 05:45 PM
CISO Circle : Five Questions on AI That CISOs Should Answer
Sam Olyaei, Sr Principal Analyst, Gartner

No one can escape the wave of artificial intelligence marketing. The promise of increased security and better automation is appealing to CISOs, but sets the wrong expectations. Being too optimistic about artificial intelligence's impact could hurt the security organization. This session will highlight how artificial intelligence might impact security and risk management, what to expect and how to adapt to the changes.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, 22 October, 2018 05:00 PM|Monday, 22 October, 2018 05:45 PM
State of the Threat Landscape in the GCC, 2018
Gorka Sadowski, Sr Director Analyst, Gartner
Rajpreet Kaur, Principal Analyst, Gartner

When it comes to the threat landscape, it can be challenging to predict what's on the horizon. Gartner presents the best predictions on how the threat will change in attacking your enterprise. This session will cover the following areas — the importance of patching, ransomware evolution and state-sponsored attacks.


Tuesday, 23 October, 2018 10:30 AM|Tuesday, 23 October, 2018 11:15 AM
GDPR the Day After: 3 Myths and 6 Key Capabilities Discussed
Nader Henein, Sr Director Analyst, Gartner

After ample preparation time in anticipation of the GDPR, Gartner has observed a few misconceptions on privacy as well as a number of key functions for a mature privacy management program. We will address the lessons learned and the necessary capabilities to protect privacy, including the role of security, program ownership, and what the market is, and should be doing.


Tuesday, 23 October, 2018 01:15 PM|Tuesday, 23 October, 2018 02:00 PM
How to Hunt for Security Threats
Jon Amato, Sr Director Analyst, Gartner
Sam Olyaei, Sr Principal Analyst, Gartner

Threat hunting (TH) is very hot, but very few organizations actually do it. Attend this session to learn the basics of practical hunting and how to start your TH effort. Key issues covered in this session: • What is TH? • How do you incorporate TH into your SOC processes? • How do you develop a basic TH capability? • Where do you get ideas on what to hunt for? • How do you measure TH successes?


Tuesday, 23 October, 2018 04:00 PM|Tuesday, 23 October, 2018 04:45 PM
How to Approach Security in an Aligned IT/OT World
Wam Voster, Sr Director Analyst, Gartner

Business requirements drive organizations to connect their IT and OT. This alignment between IT and OT requires organizations to rethink their approach to securing the traditionally separate IT and OT worlds. This session will cover best practices on getting security governance right in an aligned IT/OT world, tips on how to deploy common teams and the role of the digital risk officer.


Tuesday, 23 October, 2018 04:00 PM|Tuesday, 23 October, 2018 05:00 PM
Roundtable: Security Talent and Career Development
David Mahdi, Sr Director Analyst, Gartner

Many enterprises are struggling to attract and retain cybersecurity talent. Join us for this peer-driven discussion on how to manage with a small team. How have you successfully overcome these constraints? How to groom talent for the future? When is a managed service the answer? What makes the most sense to keep in-house? PLEASE NOTE: Preregistration is required. Limited to end-user organizations.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, 23 October, 2018 05:00 PM|Tuesday, 23 October, 2018 05:30 PM
The 5 Security Roles You Must Plan for in the Digital Era
Sam Olyaei, Sr Principal Analyst, Gartner

As organizations digitize, new security competencies and roles will be required to manage the balance between the need to run the business and the need to protect the business. This presentation will highlight five critical roles that security and risk leaders have to plan for to manage the risks arising from digital business initiatives undertaken by their organization.


Tuesday, 23 October, 2018 05:00 PM|Tuesday, 23 October, 2018 05:30 PM
State of Endpoint and Mobile Security, 2018
Jon Amato, Sr Director Analyst, Gartner

Endpoint and mobility use cases continuously transform business processes and challenge established security best practices. Integrity comes down to personal discretion. We provide IT leaders with a path to introduce agility and tolerance into critical infrastructure. Concerns include technology trends, emerging exploits and the sheer enormity of data protection in an interconnected workplace.


Monday, 22 October, 2018 08:30 AM|Monday, 22 October, 2018 09:00 AM
Which Detection Methodology Makes Sense?
Gorka Sadowski, Sr Director Analyst, Gartner

This session will break down the difference between techniques and technologies used to build a detection capability. It will also offer guidance on how to align them with your internal processes, while highlighting the most important things to get right. Attend this session and learn: 1) How to look at your overall requirements and align methodologies to certain types of use cases. 2) How to identify the key elements of your environment. Do you have the data? Where should you focus? 3) Should you use an MSSP? What are the reasons that your business should take its newfound requirements and pass them to an MSSP? How do you understand what is most cost-effective?


Monday, 22 October, 2018 11:00 AM|Monday, 22 October, 2018 11:30 AM
Network Segmentation in the Modern Data Center
Rajpreet Kaur, Principal Analyst, Gartner

Security and risk leaders are grappling with how to secure intellectual property and other digital assets in a rapidly shifting data center. Considering that most networks are still flat, a move to private or public cloud provides opportunity to logically wall off critical assets. This talk examines segmentation decision factors and enumerates best (and worst) segmentation practices.


Monday, 22 October, 2018 03:00 PM|Monday, 22 October, 2018 03:30 PM
Beat the Odds — Plan for Success With Identity Governance and Administration
Felix Gaehtgens, Sr Director Analyst, Gartner

IGA deployment initiatives are a potential minefield for many organizations that risk costly delays, difficult integration and lower overall value. Gartner has identified common anti-patterns for IGA adoption that range from the planning phase to the actual deployment and integration. Learn how to identify and avoid these common mistakes and plan for a successful IGA deployment by focusing on value, and using Gartner's IGA deployment model.


Monday, 22 October, 2018 03:00 PM|Monday, 22 October, 2018 03:45 PM
Ask the Analyst: Tips for Selecting the Right Security Analytics Tools for Your SOC
Gorka Sadowski, Sr Director Analyst, Gartner

When building a security operation center, or trying to improve the visibility over threats, an abundance of new technologies overwhelm security leaders with too many options. In this session, attendees can check on the use cases for the most useful security analytics tools. Technologies covered in this session include: SIEM, network traffic analysis, user behavior analytics, endpoint detection and response, intrusion detection, full packet capture and SOAR.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, 23 October, 2018 01:00 PM|Tuesday, 23 October, 2018 02:00 PM
Roundtable: Inside Employee Monitoring — Use Cases and Benefits
Jonathan Care, Sr Director Analyst, Gartner
Felix Gaehtgens, Sr Director Analyst, Gartner
Nader Henein, Sr Director Analyst, Gartner

In this roundtable, we will explore the various use cases for employee monitoring and how organisations can benefit from them. We will also discuss how to avoid the common concerns and pitfalls and ensure that employee monitoring services are fit for purpose, appropriate, and deliver value to the enterprise. We will also examine how employee monitoring can be a key facet of an enterprise following Gartner's CARTA model.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, 23 October, 2018 04:00 PM|Tuesday, 23 October, 2018 04:45 PM
Getting a Successful EDR Deployment in Your Organization
Ian McShane, Research Director, Gartner
Eric Ouellet, VP, Analyst, Gartner

Endpoint detection and response solutions are now mainstream, however, most organizations are struggling to formulate approaches to deploying these solutions in their environments. This session will discuss the key deployment strategies employed by organizations with successful deployments and also discuss some of the deployment issues uncovered along the way. • What are the critical existing EDR capabilities? • What are the issues challenging deployments? • What are the key deployment strategies leveraged by successful deployments?


Tuesday, 23 October, 2018 04:00 PM|Tuesday, 23 October, 2018 04:45 PM
Endpoint Security: The Convergence of EPP and EDR
Eric Ouellet, VP, Analyst, Gartner
Prateek Bhajanka, Principal Analyst, Gartner

Over the past 18 months, EPP and EDR solutions have been converging. However, not all capabilities are available from the offerings. • What can you expect to see from this convergence in the short term and longer term? • What are the missing pieces that you need to be aware of? • How should you plan your future initiatives in light of this convergence


Tuesday, 23 October, 2018 04:00 PM|Tuesday, 23 October, 2018 05:30 PM
Workshop: Starting a Security Monitoring, Detection and Response Initiative
Mark Nicolett, Managing Vice President, Gartner

We can't prevent all threats, but it doesn't mean people working on security monitoring and operations can't start detecting and responding. But how do you do it without breaking the bank? How should you start with detection and response? This workshop will go through a structured approach to find out: 1) What are the basic processes and tools to get right? 2) How do you succeed with a small team? 3) How do you use third parties gracefully and effectively?

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, 22 October, 2018 11:00 AM|Monday, 22 October, 2018 12:30 PM
Workshop: Crisis Communications After a Security Incident
David Gregory, Sr Director Analyst, Gartner

From the likes of WannaCry, Petya and others, cyberattacks are more frequently and more significantly disrupting business operations. This workshop presents crisis communication and coordination best practices so that attendees will gain valuable experience in ensuring a strong crisis communications position.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, 22 October, 2018 05:00 PM|Monday, 22 October, 2018 05:45 PM
State of Risk Management 2018
John A. Wheeler, Sr Director, Advisory, Gartner

Risk management continues to be an area of growing maturity and investment for most organizations, as the risk landscape becomes increasingly complex and interconnected. As a result, new technology solutions are emerging to increase the collaborative nature of risk management to support data-driven decision making, both within and external to an organization. This session explores how integrated risk management (IRM) will help improve risk management practices.


Monday, 22 October, 2018 05:00 PM|Monday, 22 October, 2018 05:45 PM
Ask the Analyst: Why You Must Consider Data Privacy When Building Your IoT Initiative
Nader Henein, Sr Director Analyst, Gartner

IoT devices generate a huge amount of data, which may include sensitive personal data. As regulations and awareness of privacy increase, security leaders require a consistent approach with data security and privacy. What are the concerns with IoT security? What are the legal implications of regional privacy laws such as GDPR? What approaches should be considered when embarking on IoT initiatives?

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, 22 October, 2018 05:00 PM|Monday, 22 October, 2018 05:45 PM
State of Organizational Resilience 2018-2019
David Gregory, Sr Director Analyst, Gartner

This presentation will discuss the current and future state of organizational resilience across multiple management disciplines including business continuity management, information security and more. Using the five layers of culture, people, process and infrastructure, we will address the role of the chief risk/strategy officer and present a framework for developing a business/organizational resilience program in the organization.


Tuesday, 23 October, 2018 10:00 AM|Tuesday, 23 October, 2018 10:20 AM
Magic Quadrants of Key Network Security Technologies (Firewall, Web Application Firewall, Intrusion Prevention System)
Rajpreet Kaur, Principal Analyst, Gartner

This session discusses the Magic Quadrant of key Network Security technologies: Firewall, Web Application Firewall and Intrusion Prevention System. Enterprises who are in process of refreshing these network security devices or are procuring for a new network set up should attend the session to know about the key vendors in this space.


Tuesday, 23 October, 2018 10:15 AM|Tuesday, 23 October, 2018 11:15 AM
Roundtable: How Can Midsize Enterprises Leverage Microsoft's Security and IAM Capabilities?
Steve Riley, Sr Director Analyst, Gartner

In line with the trend of Office 365 adoption, a large number of midsize enterprises are considering Microsoft's native security and IAM offerings such as Exchange Online Protection, Advanced Threat Protection, Azure Active Directory, Azure Information Protection and Microsoft Intune. Which of these are you using successfully? What challenges have you encountered? Where have you found the need to supplement or supplant these capabilities with a non-Microsoft product? Join us for a peer-driven discussion to address these and any other questions you may have. Preregistration is required. Seats are limited. Preregistration is required. Seats are limited.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, 23 October, 2018 10:30 AM|Tuesday, 23 October, 2018 11:15 AM
Manage Privileged Access to Reduce Security Risks and Increase Agility
Felix Gaehtgens, Sr Director Analyst, Gartner

Is your organization in need of a privileged access management (PAM) solution? If so, this session will serve as a good primer on the technology. Key issues covered include: • Introduction to privileged access management. • The PAM maturity model. • An overview of PAM tools and when and how to use them.


Tuesday, 23 October, 2018 01:15 PM|Tuesday, 23 October, 2018 02:00 PM
If You Thought Securing Your IT Was Difficult, Try Securing Your OT
Wam Voster, Sr Director Analyst, Gartner

The world has seen an increase in security incidents. The use of commercial operating systems in industrial control systems means that OT is now susceptible to the same attacks as in the IT world. What should security and risk management leaders do to develop a coherent strategy to protect not just the organization’s information but also the OT? This presentation will address topics like processes, architecture, and controls.


Tuesday, 23 October, 2018 01:15 PM|Tuesday, 23 October, 2018 02:00 PM
State of Data Security 2018
David Mahdi, Sr Director Analyst, Gartner

Security and risk management leaders need to develop security strategies that treat data as a pervasive asset (and liability). New data privacy laws and the continued growth of data breaches are increasing business risks. Data security governance is an emerging risk-based framework that will help plan and orchestrate policies across data security products that are siloed and do not integrate.


Tuesday, 23 October, 2018 02:15 PM|Tuesday, 23 October, 2018 03:45 PM
Workshop: The Importance of Carrying Out a Business Impact Analysis (BIA)
David Gregory, Sr Director Analyst, Gartner

This workshop will look at the importance of carrying out a “cross-functional” BIA so that organizational recovery time objectives can be agreed. It will explore methodologies used in the development of a BIA and introduce a typical toolkit for the completion and analysis of critical activities. This will also include the analysis of dependencies to critical activities and associated risks.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Start planning your agenda now.