Explore the latest security threats, risks and solutions

 

The 2019 agenda features five comprehensive programs to cover your security and risk management key priorities and challenges. At the Conference you’ll learn how to take a strategic approach to risk, improve business and data resilience, build digital trust and implement a new generation of continuously adaptive security strategies.

Agenda / By Day

Sunday, June 16, 2019 01:30 PM|Sunday, June 16, 2019 02:00 PM
First Time Attendee Conference Tour

Navigate the conference venue, learn about the Exhibit showcase, and network with fellow first-time attendees. Meet us at the Conference Concierge desk in the Potomac Foyer next to Information


Sunday, June 16, 2019 01:30 PM|Sunday, June 16, 2019 07:00 PM
Concierge Hours

Not sure which exhibitors to meet with or what sessions to attend? Let Gartner Event Concierge help you create a custom agenda and schedule meetings. Just email us at Jaimee.Zimmerer@gartner.com pre-event or once you arrive, and we’ll be in touch soon.


Sunday, June 16, 2019 01:30 PM|Sunday, June 16, 2019 07:00 PM
Registration


Sunday, June 16, 2019 02:00 PM|Sunday, June 16, 2019 02:30 PM
First Time Attendee Conference Tour

Navigate the conference venue, learn about the Exhibit showcase, and network with fellow first-time attendees. Meet us at the Conference Concierge desk in the Potomac Foyer next to Information


Sunday, June 16, 2019 02:30 PM|Sunday, June 16, 2019 05:30 PM
CISO Research Discussion: Transforming Security Governance for Speed & Agility
Christopher Mixter, VP, Advisory, Gartner

As IT and business technologists expand their use of Agile and DevOps, effective CISOs are redesigning their governance practices to position Information Security as an accelerator of agility and speed-to-market. In this 3-hour interactive session, we’ll see how the CISOs at JP Morgan, Cisco, and ADP make speed and agility design principles of information security governance, via a combination of self-service, embedding security expertise in development tools, and, creating a “pull” from developers to add information security to their competency set. Attendees will have the opportunity to discuss shared challenges and best practices. This session will be repeated on Thursday, June 20, at 9:45 a.m.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Sunday, June 16, 2019 03:00 PM|Sunday, June 16, 2019 03:30 PM
Welcome and Orientation Session
Tatiana Wells, Sr Director, Conferences, Gartner

This orientation session is designed to help attendees make Security & Risk Summit the most productive experience. Tatiana Wells, Senior Director, Gartner Events will provide many tips on how to navigate your way through the overall conference. Topics will include a review of the agenda, interactive sessions, networking and much more with plenty of time for Q&A.


Sunday, June 16, 2019 03:45 PM|Sunday, June 16, 2019 04:30 PM
How to Select an MSSP
Pete Shoard, Sr Director Analyst, Gartner

Identifying the core features to call out to a potential managed security service provider (MSSP) when scoping the need for an outsourced service is critical for a successful engagement. This session will provide practical examples of how to establish effective requirements and use cases before engaging providers:

● What service performance metrics are valuable to recieve from an MSSP?

● How can you define service customization requirements to ensure additional service charges are managed?

● How can you align internal processes with the providers’ outputs?


Sunday, June 16, 2019 03:45 PM|Sunday, June 16, 2019 04:30 PM
Tutorial: The Endpoint Is the New Perimeter: How to Build an Effective Endpoint Protection Strategy
Peter Firstbrook, VP Analyst, Gartner

As traditional perimeters drop, the endpoint is becoming the last line of defense against breaches. This session will explore the changing nature of the endpoint and endpoint workloads as well as defensive strategies. This session will explore:
The changing nature of the workload on endpoints from Win32 to cloud applications and the changing form factors from mobile to VDI.
Attacker tradecraft from targeted nation-state tools to mass-propagated automated attack kits.
The changing endpoint defensive strategies from detection and response to proactive hardening.


Sunday, June 16, 2019 03:45 PM|Sunday, June 16, 2019 04:30 PM
Tutorial: Security Program Management 101 - Pick a Framework, already
Jeffrey Wheatman, VP Analyst, Gartner
Sam Olyaei, Director Analyst, Gartner

Have you ever questioned the following? -- What Security Framework is appropriate for my enterprise? Can I just align and implement controls found in ISO27001, CIS CSC, HITRUST or NIST CSF? How do I begin to measure my progress in terms of Maturity? How do I map all of this back to my business needs? If so, you are not alone.

Security and Risk Management leaders are often faced with the continuous challenge of developing and (re)shaping their cybersecurity program strategy based on changing business needs and risk appetite. To complement this, leaders are often tasked with picking a defensible framework that aligns with an appropriate controls catalog based on repeatable and scalable processes. However, Gartner Research continues to show a cultural disconnect between foundational elements of program management and changing business needs. This presentation will define the basic elements of a security program , describes the differences between each layer, and tie them into an overall strategy planning process that will ensure a defensible security program that facilitates business needs.


Sunday, June 16, 2019 03:45 PM|Sunday, June 16, 2019 04:30 PM
Tutorial: When the Going Gets Tough the Business Blames the CISO
Wam Voster, Sr Director Analyst, Gartner

As long as business is doing well business leaders are applauded and rewarded, but the moment something bad happens the CISO is blamed for not properly protecting business information. How can security and risk management leaders ensure roles and responsibilities are clear? What can be done to ensure ownership of risk is well-defined? How much risk should the CISO actually own?


Sunday, June 16, 2019 04:45 PM|Sunday, June 16, 2019 05:30 PM
Tutorial: What Is the MITRE ATT&CK Framework and How Can I Benefit From It?
Craig Lawson, VP Analyst, Gartner
Gorka Sadowski, Sr Director Analyst, Gartner

MITRE ATT&CK framework is getting good traction in the industry, both from the vendor community as well as client organization standpoints. It is a powerful and convenient way to map attackers’ tactics, techniques and procedures (TTPs) to real-world observation of attack patterns in the wild. Further, the ATT&CK framework follows a general “killchain” approach that makes it suitable for many use cases.


Sunday, June 16, 2019 04:45 PM|Sunday, June 16, 2019 05:30 PM
Tutorial: Selecting the Right Penetration Test and Approach
Toby Bussa, VP Analyst, Gartner

The penetration testing market is undergoing a transformation. S&RM leaders responsible for threat and vulnerability management need to understand the options available to them and how to select the best option.
Questions to be addressed in this session include
- What types of tests are available in the market?
- Should I hire a single firm or use crowd sourcing?
- What new approaches and technologies are poised to disrupt the pen testing market


Sunday, June 16, 2019 04:45 PM|Sunday, June 16, 2019 05:30 PM
Tutorial: Leveraging Cognitive Styles to Improve Team Leadership and Stakeholder Communication
Christie Struckman, VP Analyst, Gartner

The focus on people can’t just be within process thinking — it must work for leadership too. Leaders lead people, as much as initiatives. One key way to improve your leadership is to leverage personal behavioral or personality distinctions — most specifically, cognitive styles in your communication and persuasion leadership activities. This tutorial will provide a model for doing this that leverage industry tools (specifically the DISC model) and provide a role-playing exercise to cement your understanding.


Sunday, June 16, 2019 04:45 PM|Sunday, June 16, 2019 05:30 PM
Tutorial: Follow These Four Principles to Effectively Manage Open-Source Security Risks
Ayal Tirosh, Sr Principal Analyst, Gartner

As much at 90% of the code in many new app dev projects come from third-party components
- Most of these are open source
- And most are undermanaged

This session discuses the security risks associated with partially/untrusted software assets and how to minimize risks.


Monday, June 17, 2019 06:30 AM|Monday, June 17, 2019 07:15 PM
Concierge Hours

Not sure which exhibitors to meet with or what sessions to attend? Let Gartner Event Concierge help you create a custom agenda and schedule meetings. Just email us at Jaimee.Zimmerer@gartner.com pre-event or once you arrive, and we’ll be in touch soon.


Monday, June 17, 2019 06:30 AM|Monday, June 17, 2019 07:15 PM
Registration


Monday, June 17, 2019 07:00 AM|Monday, June 17, 2019 07:15 PM
Enterprise IT Leaders Members Lounge

Join your Enterprise IT Leader peers in an exclusive lounge area, providing space to network with Peers and Leadership Partners, refresh and get some work done between sessions.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 07:30 AM|Monday, June 17, 2019 08:30 AM
CISO Circle Breakfast: Welcome & Orientation
Tatiana Wells, Sr Director, Conferences, Gartner

This orientation session is designed exclusively for CISO Circle attendees to help make Security & Risk Summit the most productive experience. Tatiana Wells, Senior Director, Gartner Events will provide many tips on how to navigate your way through the exclusive CISO Circle Program as well as the overall conference. Topics will include workshops, CISO luncheons and additional CISO-exclusive sessions, CIO networking and much more with plenty of time for Q&A.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 07:30 AM|Monday, June 17, 2019 08:45 AM
Attendee Breakfast


Monday, June 17, 2019 09:00 AM|Monday, June 17, 2019 10:00 AM
Gartner Opening Keynote: From Managing Risk and Security to Enabling Value Creation
Beth Schumaecker, Director, Advisory, Gartner
David Mahdi, Sr Director Analyst, Gartner
Katell Thielemann, VP Analyst, Gartner

As complexity continues to grow and risks, threats and vulnerabilities multiply with no end in sight, how can security and risk management leaders move beyond reacting? Attendees will learn how to think differently about their role in value preservation and value creation, and how finding sweet spots in a human to machine continuum can help. This is the security and risk management leaders’ new imperative.


Monday, June 17, 2019 10:00 AM|Monday, June 17, 2019 10:30 AM
Networking Break


Monday, June 17, 2019 10:00 AM|Monday, June 17, 2019 10:30 AM
Gartner Zone: Microsegmentation Today – Deployment and Use Cases
Thomas Lintemuth, Sr Director Analyst, Gartner

Microsegmentation continues to gather interest from vendors and customers alike. Learn how you can get started in Microsegmentation without needing to do a complete overhaul of your network. We will discuss how to get started with key use cases actionable today.


Monday, June 17, 2019 10:30 AM|Monday, June 17, 2019 11:15 AM
Top 10 Security Projects for 2019
Brian Reed, Sr Director Analyst, Gartner

Security and Risk Management Leaders should implement or improve upon these Top 10 security projects in 2019. Any security project must be supported by technology, address the changing needs of cybersecurity and reduce risk by adopting a CARTA strategic approach with all security projects.


Monday, June 17, 2019 10:30 AM|Monday, June 17, 2019 11:15 AM
Seizing Emerging Opportunities in Risk-Based Vulnerability Management
Dale Gardner, Sr Director Analyst, Gartner

For decades, organizations have tried to keep pace with a never-ending stream of vulnerabilities — with limited success. New approaches, driven by the actual risk posed by a given flaw, promise the ability to finally get ahead of the torrent. In this presentation, we’ll examine the rapidly emerging market for threat and vulnerability management solutions, and how trends like DevOps will impact the market.


Monday, June 17, 2019 10:30 AM|Monday, June 17, 2019 11:15 AM
Rethink Risk Assessments for the Digital Future
Khushbu Pratap, Sr Principal Analyst, Gartner

Traditional risk assessment approaches related to IT and security risk assessments are not scalable, diverse (device/entity/user/code/robots/identity), and are sensitive to the unique challenges of digital projects. Digital businesses are birthed in a new time and terrain — the C-suite and the Board are not sure of what to expect from the first and second lines of defense in terms of risk assessment outcomes. This session introduces reset mechanisms for risk leaders through the lens of four questions:
(1) How to catch-up with digital optimization and transformation?
(2) What are second line priorities in a constantly changing digital ecosystem?
(3) How to transpose adaptive and continuous?
(4) Will conversational AI and helper bots further the cause of risk management in the near future?


Monday, June 17, 2019 10:30 AM|Monday, June 17, 2019 11:15 AM
Manage Cybersecurity With Business-Facing Services and Descriptions
Paul Proctor, Distinguished VP Analyst, Gartner

After more than 10 years of understanding the need to put cybersecurity and technology risk in a business context, organizations still struggle. The foundation of a mature security function that can offer defined levels of protection at defined cost is a business-centric service catalog. Writing business-centric value statements for risk and security bridges the knowledge gap with executives.


Monday, June 17, 2019 10:30 AM|Monday, June 17, 2019 11:15 AM
Make the Business Case for Organizational Resilience by Applying Risk-Adjusted Leading Performance Indicators
Roberta Witty, VP Analyst, Gartner

Educating business managers on the value of organizational resilience is a challenge for many organizations. Often, this challenge arises because business managers don't understand or appreciate the value of availability and resilience risk information or their relationship to it, leading to no change in the level of resilience for the organization. This session will introduce how to craft risk-adjusted LPIs that will measure the organization's level of resilience.


Monday, June 17, 2019 10:30 AM|Monday, June 17, 2019 11:15 AM
CISO Circle: How New Business Models Could Impact the Way Organizations Behave Toward Security Issues
Monica Zlotogorski, Sr Director Analyst, Gartner

Security-as-insurance as an offering has begun, particularly for SMBs. This creates new opportunities to monetize offerings for security providers, but it could also enable a mechanism for organizations to behave differently. If security is treated as insurance, then how does it have the potential to affect behavior among employers and employees? It’s a new scenario that companies are not visualizing from the perspective of what it means to change a business model and how it could potentially shift organizational behavior, as a result. How could security-as-insurance help shape organizational culture and behavior towards security, so that security risks and threats are taken more compellingly/seriously? This will be the focus of this presentation. “Model shift to change culture and behavior scenario.”

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 10:30 AM|Monday, June 17, 2019 11:15 AM
Security Patterns and Best Practices for Securing Cloud-Native Applications
Neil MacDonald, Distinguished VP Analyst, Gartner

Cloud native applications rely heavily on containers and serverless functions to build out event-driven, microservices based application architectures. Legacy on-premises security patterns won't work and won't scale for the needs of cloud native applications. This presentation will discuss the security patterns and best practices for securing cloud-native applications, including container security..


Monday, June 17, 2019 10:30 AM|Monday, June 17, 2019 11:15 AM
Office 365 Security 201: Advanced Security Features and Third-Party Options for Protecting Your O365 Tenant
Patrick Hevesi, Sr Director Analyst, Gartner

This session will discuss the advanced security features included in the M365 E5 license suite. We will also discuss licensing then dive into advanced data protection, email protection, conditional access, Azure AD premium P2 and all of the other advanced features. Then we will compare and discuss use cases where third-party solutions can be integrated and if they are required.


Monday, June 17, 2019 10:30 AM|Monday, June 17, 2019 11:15 AM
The Leadership Vision for Security and Risk Management, 2019
Tom Scholtz, Distinguished VP Analyst, Gartner

Digital transformation continues to challenge the conventions of information risk and security management. It requires a coherent digital security program based on a clear vision and strategy. This presentation will:
- share a compelling vision for security and risk management.
- identify the key 'digital differences' that must be integrated into the security program.


Monday, June 17, 2019 11:30 AM|Monday, June 17, 2019 12:00 PM
F-Secure: Silent Killers – The Cyber Attacks You Won’t See in the News

Despite the enormity of the cyberattacks that make the headlines – Equifax, Maersk, Sony Pictures, for example – the majority of compromised companies rarely become part of the public vernacular, giving the false impression that it’s only a small handful of companies with obvious assets of value that are breached. Join us as we explore the hidden economic impact of unreported cyberattacks.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 11:30 AM|Monday, June 17, 2019 12:00 PM
Darktrace: What’s Missing from Cloud Security? How Can Cyber AI Help?

Cloud security, whether native or third party, is not where it needs to be. But that’s rapidly changing. This session is for CISOs who rely on the cloud for digital transformation initiatives and delivery of mainstream services. It will explore what’s often missing — contextual understanding, continual streaming, container visibility, cross-cloud security — and how Cyber AI is making a difference.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 11:30 AM|Monday, June 17, 2019 12:00 PM
CyberArk: A Risk Based Approach for Enabling Digital Transformation

Confidently embracing digital transformation requires trust. That trust is constantly tested as dynamic business environments expand the attack surface. Cybersecurity leaders must balance digital investments and business benefits with acceptable levels of risk. Gain a sneak peek at CISO research on balancing risk mitigation and transformation.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 11:30 AM|Monday, June 17, 2019 12:00 PM
Sila: Cyber Risk: Prioritizing and Driving Strategic Cybersecurity Decisions

Utilizing cybersecurity risk management practices and quantitative analysis will assist in defining your security roadmap, providing evidence to back your decisions and the ability to communicate in terms that everyone can relate to. Walk through real-world scenarios facing security professionals and examples of how risk management can be leveraged to your advantage.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 11:30 AM|Monday, June 17, 2019 12:00 PM
Cisco: Building Zero Trust Security Solutions
Wendy Nather, Head of Advisory CISOs, Duo Security, Now Part of Cisco

Call it “zero trust” or “an initial step on the road to CARTA” – we know the classic design patterns of security have to change. In this session, we’ll talk about different ways to build on the fundamentals of “zero trust,” working together with partners in stages to create better and more usable security.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 11:30 AM|Monday, June 17, 2019 12:00 PM
IBM: Trends in Threat Management: Left and Right of “Boom”

While the majority of organizations are actively improving capabilities for detecting cyber attacks, recent studies show that 75% of companies don’t have sufficient plans or processes in place for properly responding to events. Join our roundtable session to understand best practices for delivering more effective detection and orchestrated response to such events.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 11:30 AM|Monday, June 17, 2019 12:15 PM
Netskope: Additional Session Details Coming Soon

Netskope: Additional Session Details Coming Soon


Monday, June 17, 2019 11:30 AM|Monday, June 17, 2019 12:15 PM
iboss: Next-Gen Cloud Security Architectures for the Cloud-First Future

As businesses rely more on cloud apps, they must refocus security from defending perimeters to following users regardless of location. This session will discuss the advantages of cloud security solutions based on a Cloud 2.0 architecture built on containers and micro services and how they can more seamlessly transition security from appliances


Monday, June 17, 2019 11:30 AM|Monday, June 17, 2019 12:15 PM
OneTrust: Vendor Risk Management: Overcoming Today’s Most Common Security & Privacy Challenges

Managing the third-party vendor risk lifecycle is a continuous effort under global privacy laws and security regulations. While outsourcing operations to vendors can alleviate business challenges, managing their associated risk is costly and complex when using manual tools like spreadsheets. We’ll breakdown a six-step approach to automate third-party vendor risk management and share practical advice to improve your privacy and security programs.


Monday, June 17, 2019 11:30 AM|Monday, June 17, 2019 12:15 PM
Symantec: Artificially Secure: Critical AI/ML Thinking Security Leaders Must Understand Now
Andrew Gardner, Sr Technical Director, Symantec

How is artificial intelligence (AI) and machine learning (ML) important to Security? What is our AI/ML Manifest Destiny? What are the real, disruptive risks and opportunities that this heralds, but which so few senior leaders understand? How must decision makers at all levels change their thinking to avoid catastrophe in this new technology playground?


Monday, June 17, 2019 11:30 AM|Monday, June 17, 2019 12:15 PM
Microsoft: Advances in Cloud-Scale Machine Learning for Cyber-Defense
Adam Hall, Director, Security, Microsoft

Picking an attacker's signals out of trillions of log events from petabytes scale storage is a daunting task, but Microsoft has been using security data science at cloud scale to successfully disrupt attackers. This session will present the latest frameworks, techniques and the unconventional machine-learning algorithms that Microsoft uses to protect its infrastructure and customers


Monday, June 17, 2019 11:30 AM|Monday, June 17, 2019 12:15 PM
Secureworks: Becoming A Security Rock Star: Using Data Science & Machine Learning to Win
Nash Borges, Senior Director Engineering Technologist, Secureworks
Jon Ramsey, Chief Technology Officer, SecureWorks

The combination of big data and machine learning is making it possible for defenders with limited resources and expertise to detect and respond to unknown threats faster than ever before. In an industry forever locked in an adversarial battle with increasingly sophisticated actors, Nash Borges PhD, Sr Director of Engineering and Data Science at Secureworks explains how the power of machine learning combined with human intelligence have become fundamental to defending the digital economy.


Monday, June 17, 2019 11:30 AM|Monday, June 17, 2019 12:15 PM
NTT: Securing a Connected World - NTT CISO Panel
Eric Carsrud, CISO, NTT America, Inc.
Darren O'Loughlin, Group Chief Security Officer, Dimension Data
John Petrie, CEO Americas, NTT Security
Steve Williams, Global CISO, NTT DATA Corporation

NTT is one of the world’s largest technology services providers. NTT’s group CISOs will deliver lessons learned to peers on securing a large-scale digital transformation through rapid organic and acquisition-led growth, building a cloud and mobility enabled enterprise. The participating CISOs will speak to their security strategy, biggest challenges, and having a voice at the Board level.


Monday, June 17, 2019 11:30 AM|Monday, June 17, 2019 12:15 PM
Bitdefender: Carbanak + Cobalt Strike: Anatomy of An APT & Beating It with EDR & Network Analytics
Gavin Hill, VP Datacenter and Network Security, Bitdefender
Cristina Vatamanu, Senior Team Lead, Cyber Threat Intellige, Bitdefender

The notorious criminal group Carbanak continues to breach organizations around the world, despite the arrest of its leader. In this session, we exclusively break down a complete timeline of an attack where the group used spear phishing and Cobalt Strike to infiltrate and breach a bank. We will also show how to detect these attacks early on and automate response through a confluence of network traffic analytics, endpoint analytics and hardening.


Monday, June 17, 2019 11:30 AM|Monday, June 17, 2019 12:15 PM
ServiceNow, Inc: How continuous monitoring can improve your SOAR and IRM programs
Janene Casella, Director, Product Marketing , ServiceNow

Keeping your organization secure and compliant requires input and collaboration across the organization, including monitoring security incidents and vulnerabilities to mitigate the risks they pose. Learn how you can connect your security orchestration, automation, and response (SOAR) and integrated risk management (IRM) programs by continuously monitoring for risks to enable better decision making


Monday, June 17, 2019 11:30 AM|Monday, June 17, 2019 12:15 PM
Forcepoint: Human-centric Security for the Era of Digital Transformation
Ravi Srinivasan, Vice President, Solutions and Platform Marketing, Forcepoint
Meerah Rajavel, CIO, Forcepoint

This panel session will explore how organizations are maturing their enterprise security programs to protect users and data in a highly distributed digital world. The panelists will focus on the emerging priorities to reduce risk and secure environments that you don’t own or fully manage. We will cover effective strategies for risk-adaptive protection across network, cloud, data and workforce.


Monday, June 17, 2019 12:15 PM|Monday, June 17, 2019 01:00 PM
Zscaler: Securing your IT Transformation to the Cloud
Jay Chaudhry, CEO & Chairman, Zscaler, Inc.

The cloud and mobility are powerful enablers of digital transformation, but many IT organizations are grappling with legacy architectures and processes that haven't evolved in over 30 years. When apps lived in the data center, it made sense to invest in building a 'hub-and-spoke' network and to protect that network by employing a 'castle-and-moat' security model. But the new world of SaaS, cloud and mobility requires organizations to evolve their network and security architectures.


Monday, June 17, 2019 12:15 PM|Monday, June 17, 2019 01:15 PM
CISO Circle Lunch: Devote Time to Build a Career — Not Just a Job
Christie Struckman, VP Analyst, Gartner

IT leaders and IT professionals devote a lot of time to their job and not enough to taking a long-term view of their career. The complexity in managing our work and personal life impedes our ability to find time to devote to ourselves and identifying and working towards what we want out of a career. One that successfully meets your work/life balance needs. In this session, learn practical approaches to building a satisfying and rich career by addressing two key questions:
1) How to use the past to inform your definition of career success
2) How to plan for the career you want

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 12:15 PM|Monday, June 17, 2019 01:15 PM
Attendee Lunch


Monday, June 17, 2019 12:15 PM|Monday, June 17, 2019 03:00 PM
Exhibit Showcase

Visit the Exhibit Showcase to evaluate industry offerings that can move your business forward. Engage with your peers in our Networking Hub. Stick around for the afternoon dessert reception and attend a theater session to see technology in action.

Please note: Exhibitor meetings are available outside of the promoted Exhibit Showcase hours; please coordinate directly with the Exhibitor or request support from our Conference Concierge Team.


Monday, June 17, 2019 12:40 PM|Monday, June 17, 2019 01:05 PM
IntSights: A CISO’s Guide to Shutting Down Attacks Using the Dark Web + Live Dark Web Tour
Nick Hayes, VP of Strategy, IntSights

Nick Hayes, former analyst and current Vice President of Strategy at IntSights, will take you on a tour of the dark web and explain how CISOs can successfully implement a dark web monitoring strategy that stop hackers at the early stages of the cyber kill chain.


Monday, June 17, 2019 12:40 PM|Monday, June 17, 2019 01:05 PM
CenturyLink: Global Internet Visibility and Big Data for Proactive Threat Detection and Defense
Peter Brecl, Sr Product Manager, CenturyLink

Faced with an increasingly complex threat landscape, the ability for digital businesses to see and act against threats is paramount. But how do we bridge the gap between awareness and defense? This session will cover how to leverage the global internet for big data analysis, provide examples of actionable intelligence and discuss how to use intelligence to proactively defend against cyber threats.


Monday, June 17, 2019 12:40 PM|Monday, June 17, 2019 01:05 PM
Morphisec, Inc.: Leveraging New Technologies and OS Security Tools for a Resilient, Streamlined Defense
Netta Schmeidler, VP Product, Morphisec

As advanced threats evolve and data center transformation forces teams to consolidate security, faster, easier and more deterministic threat prevention becomes essential. We present a strategic protection model that leverages innovative technologies and built-in Win10 security to create a powerful, cost-effective defense against advanced threats and unknown attacks. To illustrate, we look at recent evasive attacks that were able to bypass traditional enterprise defenses.


Monday, June 17, 2019 01:15 PM|Monday, June 17, 2019 01:40 PM
Armor Cloud Security: Achieving Continuous Security & Compliance in Public Cloud
Ryan Smith, Director of Product Marketing, Armor Defense Inc.

This session will explore how companies can achieve continuous security and compliance for their cloud workloads. We will explore how Infrastructure as Code and Cloud Security Posture Management tools can achieve continuous security, compliance monitoring, and threat intelligence in the context of multi and hybrid cloud environments. One policy, any cloud, continuous security achieved.


Monday, June 17, 2019 01:15 PM|Monday, June 17, 2019 01:40 PM
Cisco: Threat Research - Fighting the Good Fight

Exploitable vulnerabilities exist. It’s a fact of life in the modern work environment. Attackers are achieving greater ROI with every attack. The counterpunch is threat intelligence. Cisco will discuss the future of threat, the evolving threat landscape and the inescapable need for automated threat intelligence as part of your security architecture.


Monday, June 17, 2019 01:15 PM|Monday, June 17, 2019 01:40 PM
Check Point Software Technologies: Cyber Security Best Practices for the Veteran CISO
Itai Greenberg, Head of Cloud Security - WW Sales & BU, Check Point Software Technologies, Ltd.

Cyber robots are working 24x7 while smart hackers try new zero-day cyber techniques. Should you invest more in SOC and incident response or in a prevention approach? What are the key attack vectors you need to worry about the most? Come listen and learn how to develop best practices and stay ahead of the game protecting your business by building effective cyber security methodology.


Monday, June 17, 2019 01:15 PM|Monday, June 17, 2019 01:40 PM
Galvanize: CISOs in the Boardroom: Presenting Cyber Risk Storyboards with Confidence
Vivek Shivananda, CEO, Rsam

With cyber awareness on the rise, CISOs finally have a seat at the table. But are you ready to present the state of your organization with confidence to the Board? This session shows how to overcome the challenges in transforming your tactical story to a higher-level story via online storyboards that confidently articulate risk with a focus on business value.


Monday, June 17, 2019 01:30 PM|Monday, June 17, 2019 02:00 PM
Gartner Zone: Are You Maximizing Your Security Operations (SecOps) Capabilities?
Luke Simonetti, Expert Partner, Practice, Gartner

A look at how the development of SOCs, in terms of both technology and operating models, has stagnated and new paradigms are emerging as automation and machine learning are creating a new paradigm from within which the CSOC Analysts and CIRT teams must apply a new focus. Learn from our consultants on emerging trends in hybrid SOC operating models, how the L0 to L4 is supported today leveraging outsourcing and how new cloud-based challengers are leveraging AI and ML to do more with less people than traditional SOC with 20 people


Monday, June 17, 2019 01:50 PM|Monday, June 17, 2019 02:15 PM
Nominet: DNS - The Surprise Key to Secure and Rapid Innovation
Cath Goulding, CISO, Nominet

DNS is always on in every organization but until now it has proved difficult to extract the vital information hidden in those packets. Often overlooked in the security stack, new analysis techniques now allow us to find previously hidden signs of malicious behavior. Learn how this goldmine enables organizations to innovate in safety, taking best advantage of emerging technologies.


Monday, June 17, 2019 01:50 PM|Monday, June 17, 2019 02:15 PM
Lookout: Why National Student Clearinghouse and U.S. House Deployed Mobile Threat Defense
Aaron Cockerill, Chief Strategy Officer, Lookout

Learn from John Ramsey, former CISO, U.S. House of Representatives, now CISO, National Student Clearinghouse, & Lookout Chief Strategy Officer, Aaron Cockerill as they detail a range of current mobile threats that drove the need to seek a mobile security solution: Why Lookout, the leader in securing the post-perimeter world & how to deploy Lookout Mobile Enterprise Security in large organizations.


Monday, June 17, 2019 01:50 PM|Monday, June 17, 2019 02:15 PM
OpenText: Additional Session Details Coming Soon

OpenText: Additional Session Details Coming Soon


Monday, June 17, 2019 01:50 PM|Monday, June 17, 2019 02:15 PM
ForgeRock: Additional Session Details Coming Soon

ForgeRock: Additional Session Details Coming Soon


Monday, June 17, 2019 02:15 PM|Monday, June 17, 2019 03:00 PM
Zero Trust Networking as an Initial Step on the Roadmap to CARTA
Neil MacDonald, Distinguished VP Analyst, Gartner

There is growing interest in and vendor marketing of a "zero trust" approach to networking. Zero trust starts with an initial security posture of default deny. However, for business to happen, ultimately trust must be established and continuously assessed - a strategic approach embodied in Gartner's Continuous Adaptive Risk and Trust Assessment (CARTA). This presentation will explain the concept of zero trust networking, map it to Gartner's CARTA strategic approach and provide specific examples and recommendations for zero trust networking and other information security projects in 2019.


Monday, June 17, 2019 02:15 PM|Monday, June 17, 2019 03:00 PM
Outlook for Cloud Security 2019
Jay Heiser, VP Analyst, Gartner

Cloud security remains a top priority. This presentation summarizes the problems, recommended processes, and new product types to address three key issues:
What are the unique risks associated with public cloud service providers, and how can they be controlled?
What are the unique security challenges of IaaS and how can they be mitigated?
What are the unique control challenges of SaaS, and how can they be addressed?


Monday, June 17, 2019 02:15 PM|Monday, June 17, 2019 03:00 PM
Are 'Mature' Security Markets Dead?
Sid Deshpande, Sr Director Analyst, Gartner

'Key security market segments like SWG, SEG, SIEM, EPP have been around for a long time and the credible vendors in these markets are well established players. On one hand, the case can be made that these markets are 'dead' and no new vendors are likely to emerge. On the other hand, these areas are very critical to any organizations' security program and require significant R&D investment from incumbent vendors to keep pace with attacker methods. This presentation helps address the following key issues:
- What is the state of key 'mature' security markets in security?
- How vendors differentiate in these markets?
- How buyers approach vendor selection and technology strategy in these markets?


Monday, June 17, 2019 02:15 PM|Monday, June 17, 2019 03:00 PM
Meetup: Cybersecurity - Increasing Awareness and Communicating from Employee to Board Level

This Meetup will discuss practical methods for increasing end user awareness of cyber threats in your organization. What's worked for you? What tools are you using? What are the most effective ways to increase awareness at the associate level and to communicate at the board level? Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your selected Meetup

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 02:15 PM|Monday, June 17, 2019 03:00 PM
Outlook of Security Operations
Anton Chuvakin, Distinguished VP Analyst, Gartner

Modern security operations are evolving. They heavily rely on foundational technologies such as SIEM to accomplish their mission, and also adopt various analytics approaches. They struggle with more automation — of both thinking and acting — that promises to relieve humans from the routine tasks, but sometimes adding more work to the overworked security teams. This session will address these key issues: (1) What defines best-in-class security operations of 2018? (2) What trends are affecting security operations? (3) What will the future bring?


Monday, June 17, 2019 02:15 PM|Monday, June 17, 2019 03:00 PM
Case Study: Building Awareness & Changing Behavior: Carrot vs the Stick
Chrysanthe Cupone, IT Risk Management & Services, American Express


Monday, June 17, 2019 02:15 PM|Monday, June 17, 2019 03:00 PM
Meetup: Security Best Practices in Manufacturing

Take part in an interactive session with fellow manufacturing security professionals on the latest challenges and best approaches to overcome them. Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your selected Meetup

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 02:15 PM|Monday, June 17, 2019 03:00 PM
Creating a Culture That Is Ready for Risk
Leigh McMullen, Distinguished VP Analyst, Gartner

Against the backdrop of an uncertain future organizations that have the ability to change rapidly will have a leg up. Yet conventional wisdom is that change is hard, especially culture change — especially in regard to understanding and managing risk. Getting this right can be a source of long-term competitive advantage.


Monday, June 17, 2019 02:15 PM|Monday, June 17, 2019 03:00 PM
Top Security and Risk Management Trends for 2019 and Beyond
Peter Firstbrook, VP Analyst, Gartner

"Top" trends highlight ongoing strategic shifts in the security ecosystem that aren't yet widely recognized, but are expected to have broad industry impact and significant potential for disruption.
This presentation will describe the most significant trends in cybersecurity and how leading organizations are taking advantage of these trends.
Key issues explored will include:
Top technological improvements in the security product landscape
Trends in creating a top notch security organization
Strategic trends that will influence security strategy


Monday, June 17, 2019 02:15 PM|Monday, June 17, 2019 03:00 PM
Teach Your Applications the Art of Self-Defense
Dionisio Zumerle, Sr Director Analyst, Gartner

Applications are changing, yet most organizations still protect their applications with traditional defenses. Serverless, mobile and single page JavaScript applications are only a few examples. New attacks arise, such as the ones operated by the Magecart group. This session will illustrate how security leaders can avoid that this trend from becomes a security failure.
How are applications changing with digital business?
What application security strategies can accommodate this change?
Which tools and techniques can protect against new threats?


Monday, June 17, 2019 02:15 PM|Monday, June 17, 2019 03:00 PM
The Future of Data Security: 2019 and Beyond

End user organizations still lack visibility and control of data as it is created, stored, transported, manipulated and accessed. Changing regulations are also impacting how they protect their information and why they even have the data. This session will focus on the needs of the end users and how vendors can help their customers be successful in their plight toward compliance and better information protection.


Monday, June 17, 2019 02:15 PM|Monday, June 17, 2019 03:00 PM
Does ISO 22301 Certification Provide Organizational Resilience?
David Gregory, Sr Director Analyst, Gartner

This session will cover why certification to the business continuity standard ISO 22301 does not mean that the organization is resilient. It will discuss the advantages of certifying as well as the pitfalls and how to avoid them.


Monday, June 17, 2019 02:15 PM|Monday, June 17, 2019 03:00 PM
Meetup: Let Data Classification Save You from Risk and Compliance Headaches

What are the best ways in which your organization can make essential data easy to find and retrieve? Join your peers in this interactive discussion on data classification best practices. Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your selected Meetup

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 02:15 PM|Monday, June 17, 2019 03:15 PM
Roundtable: Security Vendors That Midsize Enterprises Love
Jeremy D'Hoinne, VP Analyst, Gartner
Neil Wynne, Principal Analyst, Gartner
Paul Furtado, Sr Director Analyst, Gartner

Join this peer-driven discussion on security vendors that midsize enterprises love. This session is a good fit for you if your organization has between five and 50 people in IT and an IT budget between $5 million and $30 million. We prequalify attendees for midsize enterprise sessions based on annual revenue between $50 million and $1 billion. Preregistration is required. Seats are limited.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 02:15 PM|Monday, June 17, 2019 03:15 PM
Roundtable — The Key Challenges You Face When Securing OT
Wam Voster, Sr Director Analyst, Gartner

Initially security incidents only occurred in IT but the world has seen attacks in OT as well. Organizations need to implement security in OT to protect this domain from these attacks. This will ensure not only an uninterrupted operation, but also that no harm to people and the environment occurs. What are organizations doing to address this? Is the maturity of OT security at par with IT security?

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 02:15 PM|Monday, June 17, 2019 03:15 PM
Roundtable: What Does "Response" Mean in Security Monitoring Services?
Kelly Kavanagh, Director Analyst, Gartner

Service providers and end users may have very different definitions of what "response" means in the context of triage, investigation and action related to security alerts. In this roundtable, we'll explore the various types of "response" on offer from service providers, and discuss how and when those might fit into an organization's security monitoring operations.
We'll discuss:
What do vendors mean by "response"?
What is the difference between "response" and "Response"?
What makes sense for your organization?

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 02:15 PM|Monday, June 17, 2019 03:15 PM
Roundtable: Privacy Regulations Are Redefining the Role of Chief Compliance Officers
Elizabeth Kim, Principal Analyst, Gartner
Jie Zhang, Sr Director Analyst, Gartner

This roundtable is an opportunity to learn from your peers on how they have expanded the scope of their chief compliance officers (CCO) role to incorporate privacy regulations.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 02:15 PM|Monday, June 17, 2019 03:45 PM
Workshop: Improve Your Incident Response to an International Data Breach
Bart Willemsen, VP Analyst, Gartner

Security and risk management leaders must develop strong incident response (IR) capabilities where personally identifiable information (PII) is compromised. This workshop will use a scenario that highlights the impact of cross-border data flows and privacy management to help validate IR capabilities.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 02:15 PM|Monday, June 17, 2019 03:45 PM
Workshop: IT Resilience
Mark Jaggers, Sr Director Analyst, Gartner

A dive into evaluating your IT resilience capabilities through various mental models, preconditions for success of resilience projects, cultural changes necessary for resilience, and success measures of a resilience effort.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 02:15 PM|Monday, June 17, 2019 03:45 PM
CISO Circle Leadership Exchange: Reporting Cybersecurity and IT Risk to the Board
Paul Proctor, Distinguished VP Analyst, Gartner

Cybersecurity and IT risk are board imperatives. Developing an effective message that balances the need to protect along with the need to run your business is critical to success. Many of the successful concepts are not obvious, and some of what is obvious, is actually not advised. This session describes what to do and what not to do. It presents a slide deck to start and guidance to modify the deck for your specific needs.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 02:30 PM|Monday, June 17, 2019 02:50 PM
Magic Quadrant and Critical Capabilities for Unified Endpoint Management Suites for High Security Mobility
Rob Smith, Sr Director Analyst, Gartner

As mobile computing and client computing merged to form end-user computing, so have the tools. Unified Endpoint Management (UEM) includes functionality to manage mobiles, tablets, PCs, Macs, and smart IoT devices which end-user computing manages. This presentation reviews the first UEM Magic Quadrant. As a companion to the UEM Magic Quadrant, the Critical Capabilities for High Security Mobility looks at the impact of how requirements differ in highly regulated and secure enviornments.


Monday, June 17, 2019 02:30 PM|Monday, June 17, 2019 02:50 PM
Critical Capabilities for IT Risk Management Solutions
Khushbu Pratap, Sr Principal Analyst, Gartner

This session will detail the three use cases for IT risk management solutions:
(1) Basic risk and control assessments,
(2) Advanced risk management
(3) Cybersecurity risk management.
Attendees will learn about end user priorities and corresponding differentiation vendors bring to this market.


Monday, June 17, 2019 02:30 PM|Monday, June 17, 2019 02:50 PM
Magic Quadrant for Application Security Testing
Ayal Tirosh, Sr Principal Analyst, Gartner

Security and risk management leaders should select AST tools and services and embed them in the SDLC as a critical component of an application security program. In this session, we will illustrate the market and main vendors in the application security testing space.


Monday, June 17, 2019 02:30 PM|Monday, June 17, 2019 02:50 PM
Market Guide for Vulnerability Assessment
Prateek Bhajanka, Principal Analyst, Gartner

Vulnerability assessment and management is a foundational component of any information security program, because it is key to understanding technical risks and how they intersect with the digital business. SRM leaders responsible for security operations should understand the following:
1. The need for a VA tool in an organization.
2. What is not VA?
3. State of the VA market.
4. Selection criteria for a VA tool.


Monday, June 17, 2019 02:30 PM|Monday, June 17, 2019 03:00 PM
Gartner Q&A – From Managing Risk and Security to Enabling Value Creation
Katell Thielemann, VP Analyst, Gartner
Beth Schumaecker, Director, Advisory, Gartner
David Mahdi, Sr Director Analyst, Gartner

Join our three opening keynote analysts as they share additional thoughts on the new security and risk management leaders’ imperative. Bring your questions to this post keynote interactive session and learn from those posed by your peers.


Monday, June 17, 2019 03:15 PM|Monday, June 17, 2019 03:45 PM
Secureworks: What 1000+ IR Engagements Teach You About Life on the Front Lines

Secureworks analyzed more than 1,000 incident response engagements last year, and what they learned will sharpen your appreciation for the tipping point between containment and chaos in the heat of battle. See attack data from 2018, including third-party and merger-related incidents; learn the top three mistakes organizations make in both proactive and emergency response; and explore best practices for preparation, containment, eradication, remediation and recovery.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 03:15 PM|Monday, June 17, 2019 03:45 PM
Masergy: DON’T PANIC! Cloud Security is Easier than You Think

Cloud adoption in the mid-sized enterprise is happening fast, and IT leaders are often caught flat-footed when trying to understand and manage IaaS and SaaS risks. Don’t panic! In this session, security experts will demonstrate how to effectively manage risks with managed CASB and CWP, while enabling your cloud-driven IT strategies.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 03:15 PM|Monday, June 17, 2019 03:45 PM
IBM: Trends in Threat Management: Left and Right of “Boom”

While the majority of organizations are actively improving capabilities for detecting cyber attacks, recent studies show that 75% of companies don’t have sufficient plans or processes in place for properly responding to events. Join our roundtable session to understand best practices for delivering more effective detection and orchestrated response to such events.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 03:15 PM|Monday, June 17, 2019 03:45 PM
Symantec: Can Complete Endpoint Defense Raise Security Posture While Lowering Operational Cost
Bill Snyder, IT Security Manager, Matthews International
Sri Sundaralingam, Head of Product Marketing for Enterprise, Symantec Corporation

What is complete endpoint defense? How do managed services enhance my security posture while lowering my operational expense? How do I stay ahead of nation-states and organized crime? Join us for a customer-led presentation of real-world experiences of deploying a successful threat protection program.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 03:15 PM|Monday, June 17, 2019 03:45 PM
BAE Systems Applied Intelligence: Intelligence Driven Security Operations

Your security operations are only as good as your ability to plan and prepare for the threats your organization faces. We'll discuss the best way to strategically incorporate threat intelligence into your organization's business and incident response program planning. Discuss how to prepare for the worst to form the most robust, comprehensive response to threats facing your organization.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 03:15 PM|Monday, June 17, 2019 03:45 PM
NTT: Securing Intelligent Operations Technology

Manufacturers, process industries, and utilities depend on large-scale integrated OT applications and infrastructure. Much of this technology was not designed with cybersecurity in mind, and is increasingly a target from threat actors. Bruce Snell will present real-world case studies on today’s highest priority threats, and best practices for predicting, preventing, and responding to OT attacks.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 03:15 PM|Monday, June 17, 2019 04:00 PM
Splunk: How we matured our Security Operations Using SIEM and SOAR

Find out how a leading higher education institution transformed and matured their security operations using machine data platform, SIEM, Analytics and SOAR. Hear from Director, Information Security on how the insights from all security-relevant data, enabled the small team to turn insights into actions and magnify the efficiency, effectiveness and scale of security operations.


Monday, June 17, 2019 03:15 PM|Monday, June 17, 2019 04:00 PM
IBM: Journey to the Cloud with Continuous Security

In the era of Cloud 3.0, companies are re-imagining business processes from and for the cloud. With these new opportunities comes a new cybersecurity reality for IT leaders in a hybrid, multicloud world. Attend this session to learn how to adopt a continuous security model to protect data and workloads, manage threats and compliance, and secure identity and networks.


Monday, June 17, 2019 03:15 PM|Monday, June 17, 2019 04:00 PM
Tanium Inc.: Walk Before You Run: Nailing the basics of IT Hygiene

In a world where headlines are dominated by phrases like “AI”, “machine learning,” and “NextGen,” it is easy to get distracted by shiny new IT solutions. While these solutions may be helpful, security really requires that you nail the basics of IT hygiene - always know what’s on your network and be able to rapidly address risk. Learn how these leaders are delivering unparalleled security and innovation by taking a continuous approach to IT hygiene.


Monday, June 17, 2019 03:15 PM|Monday, June 17, 2019 04:00 PM
Carbon Black: Changing the Economics of Cybercrime
Paul Morville, SVP of Product Management, Carbon Black

As we innovate in the cyber realm, so do criminals. We are in the age of the cybercrime economy—a business with almost 2 million employees and worth over $1.5 trillion annually.

Join Paul Morville, SVP of Product Management at Carbon Black, for a presentation in which you will learn:
-The economics of cybercrime
-The psychology of a cybercriminal
-How to protect yourself from today’s attacks


Monday, June 17, 2019 03:15 PM|Monday, June 17, 2019 04:00 PM
CyberArk: Quantifying Cyber Risk to Prioritize Controls

How can cybersecurity leaders use cyber risk quantification to drive data-based decisions and return on cybersecurity investments? Learn from real-world cyber attack analysis that provides new insight into how privileged access management can reduce more per dollar spent than other controls. Gain guidance for maturing cybersecurity programs using emerging approaches to quantifying cyber risk.


Monday, June 17, 2019 03:15 PM|Monday, June 17, 2019 04:00 PM
Mimecast: Less is More: Simplifying Your Security Strategy

More integrations. Fewer people to hire. Security leaders are in a constant struggle to do more with fewer resources. Is the company’s security strategy the root of the problem? Is it overly aspirational or complex? Does it truly address the most important risks? Come learn how to simplify your strategy & accomplish more with what you likely already have.


Monday, June 17, 2019 03:15 PM|Monday, June 17, 2019 04:00 PM
Synack: How CISOs Are Crowdsourcing & Automating to Achieve Security at Scale
Jay Kaplan, CEO, Synack
Scott Plichta, Chief Information Security Officer, Corporation Service Company

This CISO panel is adopting crowdsourced penetration testing and automation technology to pragmatically combat security's scale problem. They will discuss and debate:
-What security innovations have the most vs least impact
-How to efficiently implement crowdsourced technology - without additional noise from bug bounty
-How to harness crowdsourced penetration testing insights to improve ROI


Monday, June 17, 2019 03:15 PM|Monday, June 17, 2019 04:00 PM
Cisco: The Tectonic Shift in Security
Jeff Reed, SVP, Cisco
Gee Rittenhouse, SVP/GM, Cisco

Securing today's modern work environment is increasingly complicated. As technology shifted to lean into the digital business transformation, a new architecture built for a multicloud environment was required. Cisco will discuss the multi-domain architecture needed to securely connect every user, on every device, on every network, to every application.


Monday, June 17, 2019 03:15 PM|Monday, June 17, 2019 04:00 PM
AT&T Cybersecurity: Bringing Together People, Process & Technology in Cybersecurity
Roger Thornton, VP – Products and Technology, AT&T Cybersecurity

The evolution of cybercrime coupled with digitalization makes cybersecurity a business level problem. Dispersed networks, an explosion of data, disparate technologies and complex security operations present cybercriminals with gaps or “seams” in organizations’ security postures. Fighting this requires a collaborative approach that seamlessly orchestrates people, process and technology.


Monday, June 17, 2019 03:15 PM|Monday, June 17, 2019 04:00 PM
Google Cloud: Security Responsibility in a Hybrid and Multicloud World

The concept of shared responsibility between provider and customer is core to managing security and risk as organizations move to the cloud. With the rise of hybrid and multi-cloud deployments, how do responsibilities change? Google Cloud will share our insights into how you can evolve your risk models and how cloud providers can help maintain and improve your security posture in a hybrid world.


Monday, June 17, 2019 03:15 PM|Monday, June 17, 2019 04:00 PM
CrowdStrike: The Race Against the Adversary: How to Win in the Era of the 18-Minute Breach
Dan Larson, VP of Product Marketing, CrowdStrike

This session offers details of some of CrowdStrike’s most eye-opening breach investigations from the past year and highlights the need for speed in modern security operations centers. See new research on “breakout time” and how to use the 1-10-60 Rule to benchmark your organization. Learn if you have what it takes to uncover and respond to adversary activity, before it becomes a full-blown breach.


Monday, June 17, 2019 04:00 PM|Monday, June 17, 2019 04:15 PM
Gartner Zone: Technology 101 — Understanding the Magic Quadrant & Hype Cycle
Sydney Liguori, Business Development Manager, Gartner

Need an objective opinion on which technology to adopt? Not sure which service market is right for you? Join this session for a deep dive into two key Gartner methodologies that will help you answer those questions: Magic Quadrants and Hype Cycles. We’ll also share the latest update to the Gartner Magic Quadrant methodology — a new, interactive experience.


Monday, June 17, 2019 04:15 PM|Monday, June 17, 2019 05:00 PM
Meetup: Securing State and Local Governments

Discuss successes and failures in encouraging innovation and creativity in state and local government. What has worked? What has not? What are the best techniques to try? Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your selected Meetup

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 04:15 PM|Monday, June 17, 2019 05:00 PM
Cloud Security 201: CASB, CSPM, CWPP — What Does It All Mean?
Patrick Hevesi, Sr Director Analyst, Gartner
Steve Riley, Sr Director Analyst, Gartner

As more security vendors target your hybrid and cloud SaaS, IaaS and PaaS solutions, we are getting lost in too many acronyms. This session will help decipher the acronym soup and provide prescriptive guidance on what your organization needs to protect your cloud infrastructure and applications. We will also discuss best practices on implementations and how to evaluate and build shortlist for your vendor selections.


Monday, June 17, 2019 04:15 PM|Monday, June 17, 2019 05:00 PM
Outlook for Security Talent 2019
Sam Olyaei, Director Analyst, Gartner

Security and risk management leaders have struggled to hire and retain staff with the right skills, especially since the inception of digital business. Leaders have begun to accept the shortage of skills as a reality and continue to look for ways to manage this reality. In this presentation, we discuss the outlook for security talent in digital businesses and address the following questions: What can you do to ensure your team's skill sets are developed for a digital world? What does the future of talent look like with technologies such as Machine Learning , blockchain, IoT looming? What are some of the emerging roles that leaders should plan for as organizations transform their digital businesses? How can organizations stay ahead of the curve and ensure that they are able to manage the risk of participating in a digital ecosystem?


Monday, June 17, 2019 04:15 PM|Monday, June 17, 2019 05:00 PM
Is SaaS SIEM Ready for Prime Time?
Kelly Kavanagh, Director Analyst, Gartner

SaaS SIEM can offer concrete benefits to organizations that lack resources to run SIEM products deployed on premises. Interest in SaaS SIEM among Gartner customers is growing, but is not matched by selection of that deployment option over traditional SIEM, or other services based alternatives, such as managed-SIEM or MSS/MDR. In this session we explore the potential benefits of SaaS SIEM, recognize the challenges this type of delivery model may present and offer guidance of helping potential buyers determine whether SaaS SIEM is an appropriate option for them. We address:

Where does SaaS SIEM fit in the landscape of security monitoring products and services?
What are the benefits, and the challenges?
How to determine whether SaaS SIEM may be a good option for your requirements.


Monday, June 17, 2019 04:15 PM|Monday, June 17, 2019 05:00 PM
Outlook for Risk: Technology, Information and Resilience 2019
Khushbu Pratap, Sr Principal Analyst, Gartner

This session provides an overview on the state of risk management planning, decisions, challenges, and solutions. This expands on the "State of Risk Management" from previous summits. In 2019, this outlook will converge three parallel risk conversations — digital transformation, information risk, and building and maintaining resilient organizations.


Monday, June 17, 2019 04:15 PM|Monday, June 17, 2019 05:00 PM
Mitigating Phishes That Your Email Gateway Misses
Mario de Boer, VP Analyst, Gartner

Email gateways are the most deployed control against phishing. However, prevention is far from perfect. In this session we discuss the human role in both phishing detection as well as phishing response.

● How can we best change user behavior?

● What are the best practices for security operations when dealing with phishing?

● Which emerging solutions can support with phishing detection and response?


Monday, June 17, 2019 04:15 PM|Monday, June 17, 2019 05:00 PM
Meetup: Successful Endpoint Security Strategies

As more employees use their consumer mobile devices for work, what are the best practices for protecting the corporate network? Join other security professionals in sharing successful strategies. Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your selected Meetup

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 04:15 PM|Monday, June 17, 2019 05:00 PM
Digitopia 2035 — Why the Future Has a Bad Rep, and How the “Pragmatic Futurist” Will Save the Day
Frank Buytendijk, Distinguished VP Analyst, Gartner

We have always had a fascination with the future. From the Oracle of Delphi, to predictive analytics, and today’s weather forecast. But particularly in times of risk, pressure and uncertainty, it is easy to forget about the future. That’s far away. But thinking about the future gives you the perspective that you need in order to add value. Today, every professional should be a bit of a futurist, to take the lead in a volatile, uncertain, complex and ambiguous world. Learn from Gartner's global "Digitopia" studies, with the zeitgeist from over 25 countries.


Monday, June 17, 2019 04:15 PM|Monday, June 17, 2019 05:00 PM
Ask the Expert: Getting Ready for the California Consumer Privacy Act — Prepare, Maintain and Evolve
Nader Henein, Sr Director Analyst, Gartner

SRM leaders with a focus on privacy will be given an open forum where they can ask their questions and and receive guidance as they seek to understand and prepare for the CCPA. The intent is to answer your questions, provide step by step actionable advice, with plenty of real world examples, references to existing documentation and supporting solutions.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 04:15 PM|Monday, June 17, 2019 05:00 PM
Meetup: Elevating Security Operations Center (SOC) / SIEM Efforts

Share best practices and ideas on security operation center (SOC) and security information and event management (SIEM) initiatives. Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your selected Meetup

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 04:15 PM|Monday, June 17, 2019 05:00 PM
Outlook for Midsize Enterprise Security and Risk Management 2019
Neil Wynne, Principal Analyst, Gartner
Paul Furtado, Sr Director Analyst, Gartner

The threat level and risk to midsize enterprises continue to rise with the volume and frequency of attacks, while the resources available to defend against them remain flat. Join us for a discussion about how you can identify the most appropriate technologies and prioritize the actions you can take to protect your organization and manage risk effectively.

This session is a good fit for you if your organization has between five and 50 people in IT and an IT budget between $5 million and $30 million. We prequalify attendees for midsize enterprise sessions based on annual revenue between $50 million and $1 billion.


Monday, June 17, 2019 04:15 PM|Monday, June 17, 2019 05:00 PM
Outlook for Endpoint and Mobile Security 2019
John Girard, Distinguished VP Analyst, Gartner

Endpoints security challenges are rising to new levels of complexity as the definition blurs across clouds, BYO, workstations, mobile, wearable, “things” and pure software. This session will address
1) How are endpoint security risks expanding?
2) What are the primary attack trends that will influence the strategic requirements for endpoint security?
3) Which technologies and practices will protect endpoints in 2025?


Monday, June 17, 2019 04:15 PM|Monday, June 17, 2019 05:00 PM
Ask the Expert: Define Cybersecurity for Your Organization — And Why You Should Care to Do So
Earl Perkins, Managing Vice President, Gartner

Cybersecurity is one of the most misunderstood words in our profession today. Just what does it mean, and why should you care is the topic of this “Ask the Analyst” session. The audience can have the opportunity to ask the analyst questions that clarify the definition of cybersecurity, its taxonomy and critical areas of coverage for them, and establish a common language with vendors and providers.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 04:15 PM|Monday, June 17, 2019 05:00 PM
Summit Series: Outlook for the Security Markets 2019
Dale Gardner, Sr Director Analyst, Gartner

Security markets continue to exhibit vibrant growth and activity, with ample opportunities for gains. But fundamental trends promise to disrupt markets, upending long-standing strategies. In this presentation we’ll answer questions such as which security market segments offer the greatest opportunities? What changes lie ahead? And, how can vendors respond to ensure continued competitiveness?


Monday, June 17, 2019 04:15 PM|Monday, June 17, 2019 05:05 PM
Roundtable: Federal and DoD Security Topics
Randy McCausland, VP, Team Manager, Gartner

Join Federal and DoD Security Leaders as they discuss topics of specific interest to DoD and Federal Security teams. The discussion will center on:
- Aligning to DFARS requirements
- Moving from compliance to risk in the Federal/DoD space
- Threat intelligence feeds
- the Authority to operate, and
- Other topics of interest

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 04:15 PM|Monday, June 17, 2019 05:15 PM
Roundtable: Securing Robotic Process Automation
Dionisio Zumerle, Sr Director Analyst, Gartner

Robotic process automation deployments are becoming more and more commonplace in enterprises. Often these are initiatives led by line of business, and IT and security are involved late in the process. RPA is used to handle sensitive data and privileged operations, such as handling payments in the financial department. In this roundtable participants are going to discuss best practices and success stories so far in setting up secure RPA processes, as well as the main security failures to avoid.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 04:15 PM|Monday, June 17, 2019 05:15 PM
Roundtable: Integrating Security in DevSecOps Toolchain
Mark Horvath, Sr Director Analyst, Gartner

Gartner breaks down development into a series of activities (planning, coding, testing, CI/CD, etc.) and has mapped tools and processes into each for improving security outcomes.
Use the Gartner DevSecOps framework to answer questions like:
How do I improve my security outcomes in DevOps?
What cultural changes are effective at driving secure development?
Which tools should my team use?

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 04:15 PM|Monday, June 17, 2019 05:15 PM
Roundtable: Are They Secure? Assessing Clouds, Partners and Suppliers
Jay Heiser, VP Analyst, Gartner

The digital business must trust a growing set of external entities, including cloud services, professional services, suppliers and other intimately connected organizations.

● Will they infect you with malware?

● Will they safely protect your information?

● How do other organizations scale themselves to assess the security risk represented by hundreds, or thousands, of external parties?

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 04:15 PM|Monday, June 17, 2019 05:45 PM
Workshop: How to Get Started Creating Security Use Cases for Your SIEM
Gorka Sadowski, Sr Director Analyst, Gartner

Successful Gartner clients often mention a "use case first" approach to their SIEM deployment, across both internal, co-managed or fully outsourced models. But what is a use case, and how can Security and Risk Management leaders adopt a "use case first" approach? In this session we will take an actionable and pragmatic approach to developing security use cases for your SIEM.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 04:15 PM|Monday, June 17, 2019 05:45 PM
Workshop: Experiences From Implementing Mobile Identity for the Digital Workplace
Rob Smith, Sr Director Analyst, Gartner

This workshop discusses real-world experiences on solving the challenges associated with identifying users and devices in a mobile landscape. It also discusses the convergence of mobility management and Identity management technologies and the implications this poses to the Digital Workplace.
Key Issues:

● Do I need to implement mobile identity?

● If so, how?

● What are the best practices in deploying it?

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 05:15 PM|Monday, June 17, 2019 05:45 PM
Value (for) Your Customer: How Privacy Relates to Consent and Analytics
Bart Willemsen, VP Analyst, Gartner

Do GDPR, LGPD, CCPA etc really mean you can’t touch any data for analytics anymore, unless you have explicit consent? Of course, not. But whether for marketing, service personalization or plain performance analytics, all have a potential privacy impact? Protecting privacy while retaining information value, means organizations must rearchitect their analytics process design.


Monday, June 17, 2019 05:15 PM|Monday, June 17, 2019 05:45 PM
The Role of Network Traffic Analysis in Today's Threat Environment
Jeremy D'Hoinne, VP Analyst, Gartner
Lawrence Orans, VP Analyst, Gartner

This session will highlight the latest trends in network-based advanced threat detection, including new techniques for anomaly detection. We will address challenges such as the growing percentage of encrypted traffic and its impact on threat detection. Attendees will learn about the key vendors in the market.


Monday, June 17, 2019 05:15 PM|Monday, June 17, 2019 05:45 PM
Introducing the Gartner Information Security Function Operating Model
Wam Voster, Sr Director Analyst, Gartner

Security & Risk Management Leaders are challenged to continuously adapt their organizations to meet the needs of rapid changes in digital business. This presentation introduces the Gartner Operating Model for the Information Security Function to address this challenge. This operating model represents how it orchestrates its capabilities to deliver against its operational and strategic objectives.


Monday, June 17, 2019 05:15 PM|Monday, June 17, 2019 05:45 PM
Understanding the Critical Security Controls for Cloud Computing
Neil MacDonald, Distinguished VP Analyst, Gartner

At a minimum, cloud computing breaks into 3 primary layers: SaaS, PaaS and IaaS. This presentation will explain the 3 primary security controls for each of these layers: CASB, CSPM and CWPP respectively. In each section, we'll explore selection criteria and example vendors for each solution category.


Monday, June 17, 2019 05:15 PM|Monday, June 17, 2019 05:45 PM
CISO Circle Townhall
Beth Schumaecker, Director, Advisory, Gartner
David Mahdi, Sr Director Analyst, Gartner
Katell Thielemann, VP Analyst, Gartner

Your opportunity to engage with the Keynote presenters, ask questions that are top of your mind, and network with your peers.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 17, 2019 05:15 PM|Monday, June 17, 2019 05:45 PM
How to Adapt Application Security Practices for DevOps
Michael Isbitski, Sr Director Analyst, Gartner

Organizations have embraced agile development methodologies and DevOps practices, and technical professionals must find ways to integrate application security into this world. 1) What are the ways to modernize secure design practices like threat modeling? 2) How can we perform continuous security testing as part of CI/CD? 3) How do you effectively leverage security controls external to code?


Monday, June 17, 2019 05:15 PM|Monday, June 17, 2019 05:45 PM
Cloud Providers — The New Competitors in the Security Market
Sid Deshpande, Sr Director Analyst, Gartner

Cloud providers’ focus on offering security features is changing competitive dynamics in the security market. This presentation examines the motivations and strategies of Tier-1 cloud providers in security and analyzes how they affect customer purchasing decisions in security. This presentation will help address the following key issues:
- Are cloud providers emerging as key security vendors for clients?
- Are security vendors threatened by cloud providers' moves in security?
- What scenarios are likely to play out in the next 12-18 months?


Monday, June 17, 2019 05:15 PM|Monday, June 17, 2019 05:45 PM
A Successful Data Security Strategy Needs a Financial Risk Assessment
Brian Lowans, Sr Director Analyst, Gartner

Organizations must balance growing investment opportunities against growing financial risks for data. Let's review 3 steps (1) investigate how Infonomics can be used to assess these financial risks caused by security, compliance or accidental events (2) use the risk assessment to categorize and prioritise each dataset for action and (3) develop financial investment strategies to manage the different data risk categories and apply appropriate investment, management or security actions


Monday, June 17, 2019 05:15 PM|Monday, June 17, 2019 05:45 PM
Articulating the Business Value of Information Security
Tom Scholtz, Distinguished VP Analyst, Gartner

The benefits of information/cybersecurity must be translated into business terminology. This presentation describes proven methods for linking the security to business value.
Key issues:
- What are proven strategies for obtaining business support?
- What is a practical model for communicating the value of a security program?
- What techniques can be used to for justifying security projects?


Monday, June 17, 2019 05:15 PM|Monday, June 17, 2019 05:45 PM
Women in IT: How to Leverage All Forms of Diversity in Your Organization to Drive Business Results
Roberta Witty, VP Analyst, Gartner

The business case for diversity and inclusion is well established: Superior financial results, higher rates of innovation, and greater levels of employee engagement. Yet many companies and functions within those companies struggle to recruit and retain nontraditional employees. This session will present the results from Gartner's Diversity and Inclusion survey that tested the following hypotheses: – Gender diversity leads to higher IT and Tech team performance.
– Gender diversity leads to higher organization performance.
– Inclusion leads to higher IT and Tech team performance.
– Inclusion leads to higher organization performance.


Monday, June 17, 2019 05:45 PM|Monday, June 17, 2019 07:30 PM
Exhibit Showcase Networking Reception

Join us in the Exhibit Showcase for a special circus-themed reception where you can engage with your peers, Gartner Analysts, and exhibitors while enjoying delicious desserts and beverages, fun games, raffle drawings, and lively entertainment. Evaluate industry offerings that can move your business forward and attend a theater session to see technology in action.


Monday, June 17, 2019 05:55 PM|Monday, June 17, 2019 06:20 PM
Gigamon: Additional Session Details Coming Soon

Gigamon: Additional Session Details Coming Soon


Monday, June 17, 2019 05:55 PM|Monday, June 17, 2019 06:20 PM
TruOps: Additional Session Details Coming Soon

TruOps: Additional Session Details Coming Soon


Monday, June 17, 2019 06:30 PM|Monday, June 17, 2019 06:55 PM
Avanan: How Hackers Bypass Office 365 Security: An Attack Guide for the Uninitiated
Michael Landewe, Cofounder, Avanan

Rapid SaaS adoption has changed the phishing landscape. The Office 365 inbox, and user credentials are the #1 target for hackers. Sharing insights from research, Michael will demonstrate the techniques attackers use to bypass Microsoft’s defenses, fool filters, and launch attacks in OneDrive, SharePoint, and Office 365.


Monday, June 17, 2019 06:30 PM|Monday, June 17, 2019 06:55 PM
Infosec: Fake News Security Awareness in a Politically Correct World


Sit back and listen to a tale of hackers, neck tattoos, death threats and security culture. We’ll take an entertaining and informative look at a disruptive campaign that cut phish click rates in half and increased phish reporting by 250%. This case study proves you can create an attention-getting campaign without getting the wrong kind of attention from HR or Corp Comms.


Monday, June 17, 2019 06:30 PM|Monday, June 17, 2019 06:55 PM
IBM: Additional Session Details Coming Soon

IBM: Additional Session Details Coming Soon


Monday, June 17, 2019 06:30 PM|Monday, June 17, 2019 06:55 PM
Aruba: What’s On Your Network?
Jon Green, Chief Technologist, Security, HPE / Aruba

“Who, or what, is on your network? What are they doing? And how do you know? Network visibility is a hard problem to solve, and with many networks now inundated with IoT devices, the problem is becoming worse. You need comprehensive network access control solutions but before that you need to first solve the visibility problem. In this session, we’ll explore new approaches to an old problem.”


Tuesday, June 18, 2019 07:00 AM|Tuesday, June 18, 2019 06:30 PM
Registration


Tuesday, June 18, 2019 07:00 AM|Tuesday, June 18, 2019 06:30 PM
Concierge Hours

Not sure which exhibitors to meet with or what sessions to attend? Let Gartner Event Concierge help you create a custom agenda and schedule meetings. Just email us at Jaimee.Zimmerer@gartner.com pre-event or once you arrive, and we’ll be in touch soon.


Tuesday, June 18, 2019 07:00 AM|Tuesday, June 18, 2019 06:30 PM
Enterprise IT Leaders Members Lounge

Join your Enterprise IT Leader peers in an exclusive lounge area, providing space to network with Peers and Leadership Partners, refresh and get some work done between sessions.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 07:30 AM|Tuesday, June 18, 2019 08:15 AM
AC Global Risk: Additional Session Details Coming Soon

AC Global Risk: Additional Session Details Coming Soon


Tuesday, June 18, 2019 07:30 AM|Tuesday, June 18, 2019 08:30 AM
First Time Attendee Networking Breakfast

Please join us at Tuesday’s breakfast to connect with fellow first time attendees and expand your professional network. We will have several designated tables for First Time attendees to ensure you have the opportunity to meet with peers and discuss current challenges and best practices relational to Security & Risk Management.


Tuesday, June 18, 2019 07:30 AM|Tuesday, June 18, 2019 08:30 AM
Women in Security & Risk Management Breakfast: Books We Love from Inspiration to Grit
Roberta Witty, VP Analyst, Gartner

Join us for a presentation about art and inspiration by the Gartner security and risk management female analysts. Each of us will talk about “that” book that inspired us, made us laugh, made us rethink parts of our lives and more. We will be giving away copies of the books we talk about as well.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 07:30 AM|Tuesday, June 18, 2019 08:30 AM
Attendee Breakfast


Tuesday, June 18, 2019 07:30 AM|Tuesday, June 18, 2019 08:30 AM
Midsize Enterprise Kickoff and Networking Breakfast
Neil Wynne, Principal Analyst, Gartner
Paul Furtado, Sr Director Analyst, Gartner
Patrick Long, Assoc Principal Analyst, Gartner

Join us for this exclusive breakfast to kickoff the midsize enterprise attendee experience at the Security & Risk Management Summit. This is an excellent opportunity to learn about the specific midsize enterprise sessions planned for the event as well as connect with peers. To start the conversation, attendees will be presented with some of the key findings from recent midsize enterprise surveys and research. This session is a good fit for you if your organization has between 5 and 50 people in IT and an IT budget between $5 million an d $30 million. We prequalify attendees for midsize enterprise sessions based on annual revenue between $50 million and $1 billion.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 07:30 AM|Tuesday, June 18, 2019 08:30 AM
CISO Circle Breakfast: The Role of Artificial Intelligence in Security and Risk Management
Jeremy D'Hoinne, VP Analyst, Gartner
Mark Horvath, Sr Director Analyst, Gartner

Organizations are experimenting with artificial intelligence in security. As evaluation procedures mature, the first disillusions happen. This session will review the state of AI and machine learning usage in various security and risk management areas, and give CISOs recommendations to:
1. Navigate towards AI marketing
2. Define evaluation principle for solutions adding new algorithmic approaches to existing security fields
3. Prepare to avoid or minimize the backlash when results are not up to expectations

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 08:30 AM|Tuesday, June 18, 2019 09:15 AM
Ask the Expert: Creating a Data Security Governance Strategy
Brian Lowans, Sr Director Analyst, Gartner

Many organisations have separated the management of data analytics, IT, security and even privacy. Clients need to focus on (1) how can a data security governance framework provide business focus (2) what are the practical steps to develop the framework and (3) how can the framework architect a successful data security strategy

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 08:30 AM|Tuesday, June 18, 2019 09:15 AM
Guest Keynote: A Conversation with Michael Chertoff
Michael Chertoff, Former Secretary of the U.S. Department of Homeland Security,
Leigh McMullen, Distinguished VP Analyst, Gartner


Tuesday, June 18, 2019 08:30 AM|Tuesday, June 18, 2019 09:30 AM
Roundtable: Securing DevOps Through Developer Security Coaches
Mark Horvath, Sr Director Analyst, Gartner

Developers in Agile and DevOps are told to "own their code," which includes security. However, most developers have had minimal training or interest in it. How can developers make progress? How can development leads and CIOs change the culture around security? How can developer avoid long, ineffective classes on secure coding?
Find out how to use coaches to overcome these and other problems.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 08:30 AM|Tuesday, June 18, 2019 09:30 AM
Roundtable: Dealing With Privacy in Third-Party Service Provider Selection
Bart Willemsen, VP Analyst, Gartner

Hardly any business processes 100% of personal data itself anymore. Every outsourcing activity increases potential privacy risk. How to select and control service providers that process personal data on your behalf? In this roundtable, participants can mirror approaches and are encouraged to share their lessons learned, and their best practices for procuring services, selecting the right collaboration partners, and controlling that collaboration while it lasts

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 08:30 AM|Tuesday, June 18, 2019 09:30 AM
Roundtable: Lessons Learned in the Amazon Breach and Other Incidents
Peter Firstbrook, VP Analyst, Gartner

This session will review famous cybersecurity incidents with a focus on the root cause and lessons learned from the response.
Key issues explored include:
How are more advanced hackers breaching organizations?
What is the root cause of the breach?
Key lessons learned for incident response playbooks and public relations.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 08:30 AM|Tuesday, June 18, 2019 09:30 AM
Roundtable: Business Workarounds for Cyberattacks
David Gregory, Sr Director Analyst, Gartner
Belinda Wilson, Sr Director Consulting, Gartner

A cyberattack is often said to be an IT/DR issue. This session will discuss why this is not the case and argue that it is a ‘business issue’ and that the business managers should develop manual workarounds and communications strategies to ensure that critical activities are maintained at a satisfactory level. In turn this will allow the IT/DR team to continue application recovery.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 09:15 AM|Tuesday, June 18, 2019 09:45 AM
Gartner Zone: Do You Know What Your Digital Footprint Looks Like to an Attacker? Want to Learn How to Predict Their Actions to Effectively Repel Them?

Understand how attackers perform hostile reconnaissance to gain intel on your key personal, systems, applications, data and networks long before they launch an attack. Know what they know in order to predict, prevent, respond and recover from an APT or other attack. By gaining an intelligence led understanding an attacker’s perspective your digital footprint and simulate the most likely attack scenarios, you will be able turn the conversation from spend reduction to risk mitigation.


Tuesday, June 18, 2019 09:15 AM|Tuesday, June 18, 2019 09:45 AM
Networking Break


Tuesday, June 18, 2019 09:15 AM|Tuesday, June 18, 2019 03:15 PM
Exhibit Showcase

Visit the Exhibit Showcase to evaluate industry offerings that can move your business forward. Engage with your peers in our Networking Hub. Stick around for the afternoon dessert reception and attend a theater session to see technology in action.

Please note: Exhibitor meetings are available outside of the promoted Exhibit Showcase hours; please coordinate directly with the Exhibitor or request support from our Conference Concierge Team.


Tuesday, June 18, 2019 09:30 AM|Tuesday, June 18, 2019 10:00 AM
Gartner Q&A - Top Ten Security Projects for 2019
Neil MacDonald, Distinguished VP Analyst, Gartner

Interested in hearing more from Neil about these top ten security projects?
Bring your questions to this post presentation interactive session and learn from those posed by your peers.


Tuesday, June 18, 2019 09:45 AM|Tuesday, June 18, 2019 10:30 AM
Is It Bring Your AI to Work Day in the Security Operations Center?
Eric Ahlm, Sr Director Analyst, Gartner

Machine learning, artificial intelligence and other data science techniques make big claims of disruptive capabilities for security buyers. Dividing the real from the hype is no simple task. This presentation discusses some of the current and real uses for such approaches in the security operations center (SOC) with a focus on the jobs well suited for the new artificial interns. Use cases, examples and the justification to do so will be discussed.


Tuesday, June 18, 2019 09:45 AM|Tuesday, June 18, 2019 10:30 AM
Security Organization Dynamics, 2019
Tom Scholtz, Distinguished VP Analyst, Gartner

There is no such thing as a perfect, universally appropriate model for security organizations. Every enterprise must develop its own model, taking into consideration basic principles, practical realities and the challenges of digital transformation. This presentation will address the following key issues:
- What are the trends and challenges in security organization design?
- What are the factors that influence security organization?
- What are the current best practices and contemporary conceptual design models for security organization?


Tuesday, June 18, 2019 09:45 AM|Tuesday, June 18, 2019 10:30 AM
Meetup: Cybersecurity - Increasing Awareness and Communicating from Employee to Board Level

This Meetup will discuss practical methods for increasing end user awareness of cyber threats in your organization. What's worked for you? What tools are you using? What are the most effective ways to increase awareness at the associate level and to communicate at the board level? Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your selected Meetup

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 09:45 AM|Tuesday, June 18, 2019 10:30 AM
Are We on the Verge of Autonomous Threat Defense? Why and Why Not?
Lawrence Pingree, VP Analyst, Gartner

This talk track will examine where we are on the pendulum for fully autonomous defense, articulate the landscape of capabilities that exist and how the market is evolving towards autonomous defense.


Tuesday, June 18, 2019 09:45 AM|Tuesday, June 18, 2019 10:30 AM
CISO Circle Meet, Greet & Q&A with Michael Chertoff
Michael Chertoff, Former Secretary of the U.S. Department of Homeland Security,

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 09:45 AM|Tuesday, June 18, 2019 10:30 AM
Using the MITRE ATT&CK Framework on the Way to CARTA
Craig Lawson, VP Analyst, Gartner
Gorka Sadowski, Sr Director Analyst, Gartner

MITRE's ATT&CK framework, while relatively new, is gaining traction in many security operations teams around the world.
This session will be part introduction to the ATT&CK framework for folks, pros and cons, use cases for it, that might not have heard about this but also will attempt to tie this into our own CARTA framework where applicable as well.
Three main points covered:
- What is this framework about?
- How is it applicable in security operations and how it relates to our own CARTA framework?
- What you can do with a framework like this in your security operations program?


Tuesday, June 18, 2019 09:45 AM|Tuesday, June 18, 2019 10:30 AM
Meetup: Let Data Classification Save You from Risk and Compliance Headaches

What are the best ways in which your organization can make essential data easy to find and retrieve? Join your peers in this interactive discussion on data classification best practices. Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your selected Meetup

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 09:45 AM|Tuesday, June 18, 2019 10:30 AM
Ask the Expert: Data Encryption Is Required for Data Protection and Privacy Compliance — Myths and Reality
Brian Lowans, Sr Director Analyst, Gartner

Data encryption is frequently cited as a requirement to meet various data protection and privacy regulations (1) lets review what the regulations might require, (2) what does encryption or tokenization actually provide for data security (3) do you need to apply any other data security controls

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 09:45 AM|Tuesday, June 18, 2019 10:30 AM
The 1990s Are Calling: They Want Their Perimeter Back
David Mahdi, Sr Director Analyst, Gartner
Patrick Hevesi, Sr Director Analyst, Gartner
Steve Riley, Sr Director Analyst, Gartner

What is the single most crucial security control? Have the cloud and mobility destroyed civilized security as we know it? Everybody has ideas. But who has the answers? Three Gartner analysts, who have probably too many opinions, will attempt to upstage each other on stage. And you get to watch!


Tuesday, June 18, 2019 09:45 AM|Tuesday, June 18, 2019 10:30 AM
Ask the Expert: What's My Managed Security Services Provider Actually Doing?
Toby Bussa, VP Analyst, Gartner
Paul Furtado, Sr Director Analyst, Gartner

One of the most important ways an MSSP can deliver value to a midsize enterprise is by more effectively assessing the security events in its environment and providing accurate, timely and actionable notification of risky activity as well as support for subsequent investigation and response. At this session, you’ll have the opportunity to ask questions about what MSSPs promise, what they can deliver, and how your organization can get the best value out of an MSS relationship.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 09:45 AM|Tuesday, June 18, 2019 10:30 AM
Crossfire: Which Works Better — Quantitative or Qualitative Risk Assessment
Beth Schumaecker, Director, Advisory, Gartner
Jeffrey Wheatman, VP Analyst, Gartner
Khushbu Pratap, Sr Principal Analyst, Gartner
Sam Olyaei, Director Analyst, Gartner

CISOs are continually asked for quantitive valuations for cybersecurity risk. When they come to the table with numbers, which are based on models, estimates and guesses, to nobodies' surprise, business leaders don't believe it.
Come share your thoughts with a panel of analysts and join a real-time debate on this simple question — Which works better — qualitative or qualitative risk assessment.


Tuesday, June 18, 2019 09:45 AM|Tuesday, June 18, 2019 10:30 AM
Learning From the State of the Threat Landscape
Jeremy D'Hoinne, VP Analyst, Gartner

The threat landscape is a moving target. Attack campaigns might hit multiple organizations, but each enterprise should analyze its own threat landscape. Security and risk management leaders should gain baseline knowledge on:
1. Future trends more than statistics about the past
2. Potential threats more than attack patterns
3. Response options more than defense technologies


Tuesday, June 18, 2019 09:45 AM|Tuesday, June 18, 2019 10:30 AM
The State of Network Security in the Cloud Era
Lawrence Orans, VP Analyst, Gartner

The rapid adoption of SaaS applications such as Microsoft’s O365, Salesforce and others is driving enterprises to rearchitect their networks, so that remote offices can achieve direct internet access with SD-WAN and other techniques. Enterprises will be purchasing more cloud-based security services and fewer appliances. Here, we will highlight best practices that enable a smooth transition to the adoption of cloud-based security services.


Tuesday, June 18, 2019 09:45 AM|Tuesday, June 18, 2019 10:30 AM
Please Surrender Your Password — Identity Survival Plans for International Travelers
John Girard, Distinguished VP Analyst, Gartner

The presentation will explore experiences that have worked and/or failed to protect employee and their business data when traveling internationally. Topics will include loss, theft, surrender of login and password credentials, export controls, encryption and masking, VPNs and other secured communications, and variations in workplace rights and expectations. Attendees will receive copies of Gartner’s international travel advice and examples of travel rules and policies from real companies.


Tuesday, June 18, 2019 09:45 AM|Tuesday, June 18, 2019 10:30 AM
Meetup: Data Access Governance Strategies

How do you start and maintain a data access governance program? Join like-minded security professionals as they share their data access governance best practices and ideas. Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your selected Meetup

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 09:45 AM|Tuesday, June 18, 2019 10:35 AM
Digital Security and Risk: Leveraging the Convergence of Physical and Cybersecurity
Randy McCausland, VP, Team Manager, Gartner

This session explores the convergence of the physical and digital worlds, the impact on the CISO and the strategies and tools security executives can use to leverage both perspectives to provide a more comprehensive and systemic approach to enterprise security.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 09:45 AM|Tuesday, June 18, 2019 10:45 AM
Roundtable: Do We Need to Worry About Continuity of Operations for AI and Blockchain?
Roberta Witty, VP Analyst, Gartner
Belinda Wilson, Sr Director Consulting, Gartner

Continuity of operations needs to be evaluated for every part of the business process. But do AI and blockchain have special considerations, or less, due to the nature of the technology. This roundtable will provide participants to discuss amongst their peers the issues that exist for recovery, continuity and resilience for these underlying technologies being integrated in almost every new offering.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 09:45 AM|Tuesday, June 18, 2019 10:45 AM
Roundtable: Cyber-physical Systems Security — Focus on Smart Grids
Katell Thielemann, VP Analyst, Gartner

Discuss challenges, lessons learned, opportunities and latest trends with your peers in a facilitated roundtable discussion.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 09:45 AM|Tuesday, June 18, 2019 11:15 AM
Workshop: Creating Cloud Policy
Jay Heiser, VP Analyst, Gartner

As cloud becomes more significant, it becomes more formalized, driving more interest in written policies. The attendees in this workshop will discuss their cloud policy thoughts, hopes, and dreams--and will share practical experience in the form, content, dissemination and enforcement of cloud policy.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 09:45 AM|Tuesday, June 18, 2019 11:15 AM
Workshop: Address International Traveling Risks — Dos and Don'ts in China
Jie Zhang, Sr Director Analyst, Gartner

Security leaders are drafting guidance documents for their executives and consultants who need to travel to China — to include a set of dos and don’ts, what to watch out for (at customs' sites, coffee bars, etc.) – in order to best protect corporate and personal information. This workshop will offer an exercise for drafting a set of such guidance.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 10:00 AM|Tuesday, June 18, 2019 10:20 AM
Magic Quadrant for Security Information and Event Management
Mitchell Schneider, Principal Analyst, Gartner

SIEM solutions continue to evolve to address a variety of persistent challenges — how to keep up with changing external and internal threats; increases in the volume, velocity and variety of data sources; and how to effectively implement, manage and use the solutions as expertise and resources become more constrained. New entrants have emerged from the UEBA space, and primarily emphasize a user-based approach to monitoring for threats, compared to the more traditional approach of event-based monitoring oriented around IP addresses and hostnames. SIEM technologies are also adopting more advanced incident response capabilities through the addition (either natively, via acquisition or integrations) of functions that add SOAR capabilities. Organizations looking to shorten the deployment cycle and transfer responsibility for managing a SIEM tool's platform are leveraging SaaS or hosted SIEM solution options.


Tuesday, June 18, 2019 10:00 AM|Tuesday, June 18, 2019 10:20 AM
Magic Quadrant for Security Awareness Computer-Based Training
Joanna Huisman, Sr Director Analyst, Gartner

People influence security more than technology or policy, and cybercriminals know how to exploit human behaviors. Security and risk management leaders must invest in tools that increase awareness and influence behavior that supports security business objectives through computer-based training. This session will review the market leaders, trends and future of the security awareness space.


Tuesday, June 18, 2019 10:45 AM|Tuesday, June 18, 2019 11:15 AM
Symantec: Can Complete Endpoint Defense Raise Security Posture While Lowering Operational Cost
Bill Snyder, IT Security Manager, Matthews International
Sri Sundaralingam, Head of Product Marketing for Enterprise, Symantec Corporation

What is complete endpoint defense? How do managed services enhance my security posture while lowering my operational expense? How do I stay ahead of nation-states and organized crime? Join us for a customer-led presentation of real-world experiences of deploying a successful threat protection program.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 10:45 AM|Tuesday, June 18, 2019 11:15 AM
Synack: Human vs AI in Security Testing: What The Data Says
Jay Kaplan, CEO, Synack

Gartner estimates that >50% of enterprises will employ crowdsourcing & automation within 3 years - but will human crowds or machine technology deliver better ROI in pen testing and vuln management? Join this session to learn what the data say:
-How results differ between human- & machine-led testing
-When machines and human crowds perform best
-How to measure progress using augmented intelligence

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 10:45 AM|Tuesday, June 18, 2019 11:15 AM
NTT: Securing the Intelligent City
Warren Small , Senior Vice President Security Transformation and Practice Director, Dimension Data

City governments and local enterprises are pushing ahead with advanced technologies to gain a competitive edge and better protect residents and visitors. Intelligent City security has a broad scope, including securing metro areas, sports venues, and transportation hubs. In this session, Warren Small will speak to how NTT has worked with major cities to execute securely on their vision.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 10:45 AM|Tuesday, June 18, 2019 11:15 AM
IBM: Trends in Threat Management: Left and Right of “Boom”

While the majority of organizations are actively improving capabilities for detecting cyber attacks, recent studies show that 75% of companies don’t have sufficient plans or processes in place for properly responding to events. Join our roundtable session to understand best practices for delivering more effective detection and orchestrated response to such events.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 10:45 AM|Tuesday, June 18, 2019 11:15 AM
CrowdStrike: From Reactive to Predictive: Using Threat Intelligence to Enhance Endpoint Security
Jason Rivera, Director - Global Threat Intelligence Ad, CrowdStrike
Dan Larson, VP of Product Marketing, CrowdStrike

Cyber adversaries are faster, more capable, and more numerous than they have ever been in the past. In order to keep pace with the adversary’s evolution and to continue to protect the enterprise and the endpoint, this brief will discuss how organizations can leverage integrated threat intelligence to empower predictive and preemptive cybersecurity operations.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 10:45 AM|Tuesday, June 18, 2019 11:15 AM
Cisco: Future of the Firewall
Bret Hartman, VP & CTO, Security Business Group, Cisco Systems
Houda Soubra, Mgr Software Development, Cisco Systems

The digital transformation underway in many organizations poses an increasing challenge to security operations. Secure your hybrid environments of edge, end point and cloud with a single orchestrator solution to: Streamline policy design and enforcement; automate administrative tasks; improve accuracy; and reduce deployment time.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 10:45 AM|Tuesday, June 18, 2019 11:30 AM
Comodo Cybersecurity: Data Breach War Stories - Presented by Vinny Troia

The session includes a live demo of the newest techniques Iranian hackers used to steal data and detailed case studies on these crimes. Troia will demonstrate how stolen data is used to hack into other organizations and why you could be at risk. He will also discuss what IT & Security teams can do differently to protect their businesses.


Tuesday, June 18, 2019 10:45 AM|Tuesday, June 18, 2019 11:30 AM
McAfee: The New Rules for Cloud Security
Rajiv Gupta, SVP Cloud Business Unit, McAfee
Alissa Abdullah, Vice President, Chief Information Security Officer, Xerox Corporation

Cloud security has evolved as quickly as the cloud itself, with 90% of sensitive data now in sanctioned apps like O365, salesforce and AWS. But what about DLP at the endpoint, and traffic control at the proxy? These are leading to a platform approach that improves visibility and control. Join us to learn how early adopters are leading the charge with new rules for cloud security.


Tuesday, June 18, 2019 10:45 AM|Tuesday, June 18, 2019 11:30 AM
KnowBe4: The Art and Science of Secure Behavior

Security awareness is key to a comprehensive security strategy. But just because someone is aware doesn't mean they care. So how can you design programs that work with, rather than against, human nature? Perry Carpenter will dive into ideas on how to leverage social dynamics to drive behavior and unveil exciting new behavior models. This session will equip you to become a behavioral alchemist.


Tuesday, June 18, 2019 10:45 AM|Tuesday, June 18, 2019 11:30 AM
Siemplify: Security Orchestration, Automation and Response - Tales from the Trenches
Amos Stern, CEO, Siemplify
Ariel Litvin, CISO, First Quality Enterprises

With increased adoption of Security Orchestration, Automation, and Response (SOAR), organizations are starting to separate hype from reality and better understand how to truly leverage SOAR as a force multiplier for security operations. Join Siemplify, First Quality Enterprise and Crowe for a practical session on how to make SOAR work for you.


Tuesday, June 18, 2019 10:45 AM|Tuesday, June 18, 2019 11:30 AM
Fasoo: The Fast Track: Insider’s Guide to Unstructured Data Security and Privacy

Join Deborah Kish, Fasoo customers and industry leaders in this session to understand how to streamline and simplify your unstructured data security and privacy initiatives. Accelerate your project and avoid pitfalls of traditional DLP approaches to take control of sensitive data. Learn how a unified, file-centric approach can fast track your project.


Tuesday, June 18, 2019 10:45 AM|Tuesday, June 18, 2019 11:30 AM
One Identity: Additional Session Details Coming Soon

One Identity: Additional Session Details Coming Soon


Tuesday, June 18, 2019 10:45 AM|Tuesday, June 18, 2019 11:30 AM
Beyondtrust: Additional Session Details Coming Soon

Beyondtrust: Additional Session Details Coming Soon


Tuesday, June 18, 2019 10:45 AM|Tuesday, June 18, 2019 11:30 AM
Darktrace: World-Leading Cyber AI: What’s Real and What’s Next?

Cyber AI has expanded beyond anomaly-based threat detection and is augmenting security teams in investigating threats and autonomously responding to attacks. AI analysts are deployed in production environments and machines stop attacks once every 3 seconds across multi-cloud, IoT, email, SaaS, and ICS. What’s next? Get a peek into the R&D labs where AI is being strengthened against new AI attacks.


Tuesday, June 18, 2019 10:45 AM|Tuesday, June 18, 2019 11:30 AM
ThreatConnect: Measuring the Value of Threat Intelligence with Real, Accessible Metrics

Many organizations have operationalized threat intelligence (TI) as part of a well-rounded security program, but struggle to show the ROI. This session will focus on developing measures of effectiveness, independent of the tools or vendors your organization employs. We’ll talk about the metrics that are most useful when explaining the value of TI to members of your team, peers, or leadership.


Tuesday, June 18, 2019 10:45 AM|Tuesday, June 18, 2019 11:30 AM
Zscaler: Why ZTNA is Critical To Securing Cloud Transformation
Manoj Apte, Chief Strategy Officer, Zscaler

As private apps move to multi-cloud environments and users connect from outside the traditional perimeter, security is forced to evolve. It must be seamless to users, support any environment and of course reduce risk. Zero trust network access (ZTNA) technologies seamlessly connect apps to only the users authorized to view them using internet-based cloud services, not traditional VPNs and DMZs. In this session you’ll be introduced to security built for the cloud-first world.


Tuesday, June 18, 2019 10:45 AM|Tuesday, June 18, 2019 11:30 AM
SecurityScorecard: Additional Session Details Coming Soon

SecurityScorecard: Additional Session Details Coming Soon


Tuesday, June 18, 2019 11:30 AM|Tuesday, June 18, 2019 11:45 AM
Gartner Zone: Making Connections - The Power of Peer Connect
Sydney Pickering, New Client Engagement Specialist, Gartner

How are you sustainably developing your network? Join this session to learn about Gartner’s Peer Connect network and how it can bring sustainability to your peer networking development. In this session, we will discuss how you can find relevant peers based on your challenges or initiatives. We will also talk about the power and ability to crowdsource the solutions to your challenges through Peer Connect.


Tuesday, June 18, 2019 11:45 AM|Tuesday, June 18, 2019 12:05 PM
Magic Quadrant for Managed Security Service Providers
Kelly Kavanagh, Director Analyst, Gartner

This session will review the latest Gartner Magic Quadrant for Managed Security Services (MSS). Attendees will learn about the provider landscape, current market requirements, and emerging services for this well-established security monitoring and management services market.


Tuesday, June 18, 2019 11:45 AM|Tuesday, June 18, 2019 12:15 PM
Learn to Be a Better Risk Communicator: A Play in Four Acts
Jeffrey Wheatman, VP Analyst, Gartner

The biggest challenge for SRM leaders is how to, more effectively, communicate with a range of stakeholders. Stop using acronyms, jargon and technobabble and get more traction, align with business goals and be viewed as a strategic leader.
1 - Benefits of better communication?
2 - What are the top causes of miscommunication?
3 - How can SRM leaders be more effective risk communicators?


Tuesday, June 18, 2019 11:45 AM|Tuesday, June 18, 2019 12:15 PM
Extinction or Evolution? The Risk Management Process in the Digital Era
Earl Perkins, Managing Vice President, Gartner

Digital business is forcing changes in the focus, direction and currency for organizations. It is even changing what leaders believe is the management of risk. This presentation describes those changes, their impacts and your options in evolving current risk process— or allowing its extinction in favor of something new.


Tuesday, June 18, 2019 11:45 AM|Tuesday, June 18, 2019 12:15 PM
Cloud Security Fundamentals for Midsize Enterprises
Steve Riley, Sr Director Analyst, Gartner

Cloud computing represents a fundamental shift in the way IT projects are planned, built, delivered, maintained -- and secured. Many existing practices and habits do not easily map to as-a-service models. How does cloud security differ from on-premises security? What are the most important new concepts and capabilities to understand and develop? How can we not fall into debate traps over whether the cloud is secure?


Tuesday, June 18, 2019 11:45 AM|Tuesday, June 18, 2019 12:15 PM
Outlook for Risk Management Technology 2019
John A. Wheeler, Sr Director Analyst, Gartner

Risk management continues to be an area of growing maturity and investment for most organizations, as the risk landscape becomes increasingly complex and interconnected. As a result, new technology solutions are emerging to increase the collaborative nature of risk management and support data-driven decision making. This session explores how integrated risk management (IRM) will help improve risk management practices in 2019 and beyond.


Tuesday, June 18, 2019 11:45 AM|Tuesday, June 18, 2019 12:15 PM
SaaS Is Like a Puppy Dog: Are Your Lines of Business Ready for the Responsibility of a Pet?
Jay Heiser, VP Analyst, Gartner

Left to itself, SaaS becomes an unruly pet. Data shares open to the Internet, regulatory noncompliance, overspend and collaboration sprawl negatively impacts everyone. What are the problems with SaaS? What processes and policies can help manage SaaS use? What tools can help govern SaaS?


Tuesday, June 18, 2019 11:45 AM|Tuesday, June 18, 2019 12:15 PM
CISO Action Plan: Chart Your Long-Term Security Investments Now
John Girard, Distinguished VP Analyst, Gartner

IT buyers just want to fix today's problems. But it’s time for you to think like an investor, and not get burned over the next technology shift.

● What are the steps CISOs must follow to build a strategic security roadmap, using Gartner's Hype Cycle and other predictors?

● How to assess time for new partnerships based on long- and short-term behavior of vendors?

● How do security vendors influence your business integrity?


Tuesday, June 18, 2019 11:45 AM|Tuesday, June 18, 2019 12:15 PM
Container Security — From Image Analysis to Network Segmentation
Anna Belak, Sr Principal Analyst, Gartner

Containers and microservices architectures require DevSecOps, a protection strategy different from traditional VMs with monolithic applications. Technical professionals tasked with securing containers must harden the CI/CD pipeline so that everything that ran through it can be considered secure.


Tuesday, June 18, 2019 11:45 AM|Tuesday, June 18, 2019 12:15 PM
Building Incident Response Scenarios for Insider Threats
Jonathan Care, Sr Director Analyst, Gartner
Brian Reed, Sr Director Analyst, Gartner

This session will cover the different types of insider threat scenarios, and how you should incorporate these scenarios in your incident response plan and processes. We will define insider threat personas, how to begin building scenarios for these personas, and discuss some best practices for success.


Tuesday, June 18, 2019 12:15 PM|Tuesday, June 18, 2019 01:00 PM
IBM: Ready for CCPA? Strategies to Help You Begin to Prepare for CCPA Compliance Now

CCPA is coming, and it will apply to a state that represents the world’s 5th largest economy! With big fines being levied for non-compliance with GDPR, organizations should gear up for CCPA now. In this session hear real-world client insights and lessons learned from GDPR, and strategies to help you prepare for CCPA compliance – understand data, assess risk and prioritize remediation.


Tuesday, June 18, 2019 12:15 PM|Tuesday, June 18, 2019 01:15 PM
CISO Circle Lunch: The Risk of Not Taking Culture Seriously
Ginger Hardage, Former Senior Vice President of Culture and Communications, Southwest Airlines

Every company has a culture. For some, it's a culture of innovation - new, never been done before ideas. For others, it's fun (birthday cakes and costumes are often involved). For some, it’s toxicity and gossip. There are cultures that celebrate loyalty, hard work, or profit above all else. There are cultures that are both intentional and accidental. There are cultures that draw people in and ones that drive people away. There are cultures that detract from the mission of the organization, cultures that must be overcome or compensated for, cultures that derail or dead end. Surely, you can resonate with at least one of those descriptions.

But then, there are cultures that are unstoppable. Unstoppable Cultures put people first, are consistent in nurturing their culture through systems, and are relentless in storytelling. In this signature talk from Ginger, she will walk you through these critical characteristics of unstoppable cultures. You will undoubtedly leave with both practical and inspiring ideas on how to begin the journey of building the culture you always dreamed of for your organization.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 12:15 PM|Tuesday, June 18, 2019 01:15 PM
Before The Breach: A Midsize Enterprise Case Study and Networking Lunch
John Regula, SVP/CIO, Woods Services

Join your midsize enterprise peers for a special "lunch and learn" session that will include a case study presentation by guest speaker John Regula, CIO of Woods Services. John will share how building prior relationships with executives and users can enable you to effectively mitigate an attack against your midsize enterprise.
This session is a good fit for you if your organization has between 5 and 50 people in IT and an IT budget between $5 million an d $30 million. We prequalify attendees for midsize enterprise sessions based on annual revenue between $50 million and $1 billion.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 12:15 PM|Tuesday, June 18, 2019 01:15 PM
Attendee Lunch


Tuesday, June 18, 2019 12:40 PM|Tuesday, June 18, 2019 01:05 PM
RSA: Managing Risk in a Digital World
Ben Smith, Field CTO (East), RSA

Digital transformation is not only changing how companies think about business. It is changing how we think about risk. We need to *act* on risk, not worry about it. We need to start and end with the basics. Join RSA as we review several key areas of digital risk management to target as you are challenged to be a key contributor in your company's digital journey.


Tuesday, June 18, 2019 12:40 PM|Tuesday, June 18, 2019 01:05 PM
TITUS: Addressing Modern Data Privacy and Security Challenges – A Customer Journey

In this session TITUS’ Mark Cassetta, Senior Vice President of Strategy will sit down with Ally Bank’s Gary Moore, Director, Cyber Security Operations & Data Security to discuss the steps Ally took to address how they properly identify and secure their most sensitive data along with best practices attendees can leverage within their own organizations.


Tuesday, June 18, 2019 12:40 PM|Tuesday, June 18, 2019 01:05 PM
Merlin Cyber: Realtime Scoring of Cyber Hygiene - The Critical Step to Improvement
Seth Spergel, Vice President, Emerging Technology, Merlin Cyber

Securing IT infrastructure is a complex task as more organizations embrace the cloud and deal with security tool fragmentation. With experts saying 93% of all breaches could be stopped by basic cyber hygiene, organizations need a consistent method of managing their hygiene and driving an improvement program. This session will provide guidance on 3 key areas to focus on for strong cyber hygiene.


Tuesday, June 18, 2019 12:40 PM|Tuesday, June 18, 2019 01:05 PM
Onapsis Inc.: Additional Session Details Coming Soon

Onapsis Inc.: Additional Session Details Coming Soon


Tuesday, June 18, 2019 01:15 PM|Tuesday, June 18, 2019 01:40 PM
Kenna Security: Surviving (and Thriving) Following a Large Scale Security Incident

Join Brent Houk, former VP at Anthem, and Jonathan Cran, Head of Research at Kenna Security as they discuss challenges of managing through a cybersecurity incident. They will dive into best practices that enable security practitioners to better prepare, manage and successfully navigate an incident. Attendees will benefit from lessons learned and walk away armed to handle a breach with confidence.


Tuesday, June 18, 2019 01:15 PM|Tuesday, June 18, 2019 01:40 PM
Demisto: Gotta Catch ‘em All: Pokemon Evolves their SOC with SOAR
Neelima Rustagi, Sr Director, Product Management, Demisto (a Palo Alto Networks company)

In today’s dynamic security landscape, it’s tough to coordinate across cloud and on-premise infrastructures and multiple security tools during incident response. As Gartner participants, you have all heard about the promise of SOAR. So, join us to find out how the Pokemon Company International leverages SOAR to automate, and bridge the cloud-to-on-prem divide, for faster and more unified response.


Tuesday, June 18, 2019 01:15 PM|Tuesday, June 18, 2019 01:40 PM
NetSPI: Best Practices for Updating Your Vulnerability Management Program

When you fix a vulnerability, you retire your risk. Get vulnerability management workflows right, and you reap the security rewards year after year. In this session, you will get an update on the latest best practices and technology for building a vulnerability management program that tackles your vulnerability backlog and demonstrates results.


Tuesday, June 18, 2019 01:15 PM|Tuesday, June 18, 2019 01:40 PM
Terranova Security: Five steps to implementing a cyber security awareness ambassador program

The responsibilities of today’s security awareness leaders are growing in complexity. They are expected to reduce human risk with very limited resources. Good news - they don’t have to do it alone! Discover the benefits of a cyber security ambassador program to instill a security culture and change behavior. Learn how to leverage internal cyber heroes to reinforce your security awareness program.


Tuesday, June 18, 2019 01:30 PM|Tuesday, June 18, 2019 02:00 PM
Gartner Zone: My Bot Is Smarter Than Your Captcha — Implementing Effective Bot Mitigation for Web Applications and APIs
Frank Catucci, Sr Director Analyst, Gartner

Bots are a menace to web applications and APIs. Some bots are obviously bad, others are well-intentioned, yet may have a detrimental effect. This spotlight session covers various types of bots, techniques for identifying them, controls to deal with bad behavior, and the technologies that implement them. Captchas alone are no longer the answer. Also covered is the overlap of bot mitigation with denial-of-service attack preventions.


Tuesday, June 18, 2019 01:50 PM|Tuesday, June 18, 2019 02:15 PM
Imperva: How to Mitigate Risk and Enable Business Growth

The volume of users, applications, and data is growing exponentially, driving your business growth. But that same growth also increases your attack surface and opens you up to new levels of risk. In this session, we’ll explore how a layered security approach protects against data breaches and the inevitable cyberattack while also helping you drive revenue for your organization.


Tuesday, June 18, 2019 01:50 PM|Tuesday, June 18, 2019 02:15 PM
MCPc: Are You Thinking About Cyber Security The Wrong Way?

Odds are, your data won’t be compromised by the FBI’s most wanted, but by a hacker with modest technical skills.

Vulnerable cyber-attack surfaces - smartphones, tablets, laptops, desktops, IoT devices are quite easy to hack. Learn how to think differently about endpoint security, develop a new security perimeter, and discover the elements of good cyber hygiene to increase your cyber resilience.


Tuesday, June 18, 2019 01:50 PM|Tuesday, June 18, 2019 02:15 PM
Venafi: Rise of the Machines: Protecting These New Identities

There are two actors on a network, people & machines. People rely on user names & passwords to identify themselves and gain access to machines. Machines use digital keys & certificates for authentication. But we’re not protecting these growing machine identities. We spend billions each year on user name & password security, but almost none on protecting keys & certificates. Learn about the steps you can take to get these risks under control.


Tuesday, June 18, 2019 01:50 PM|Tuesday, June 18, 2019 02:15 PM
Corelight: What can you see when you’re blindfolded? Network Security Monitoring vs. Encryption
Richard Bejtlich, Principal Security Strategist, Corelight

Security teams want to understand their networks. Many fear that encryption will interfere with that goal. This presentation will examine how network security monitoring can adapt to serve security teams. Examples of logs from Corelight sensors and open source Zeek software will highlight JA3, HASSH, and more to characterize encrypted conversations. Learn how to make the network work for you!


Tuesday, June 18, 2019 02:00 PM|Tuesday, June 18, 2019 02:30 PM
Gartner Zone: Optimize Your Security Policy by Tapping Your Peers in Gartner’s CISO Coalition
Matt Chinn, Principal, Research, Gartner

Nearly all organizations have security policies and programs in place, but few have learned new policy practices directly from their peers. Come learn how to leverage peer best practices to improve security policy design and processes that were created by the CISO Coalition Security Policies peer workgroup.


Tuesday, June 18, 2019 02:30 PM|Tuesday, June 18, 2019 02:50 PM
Magic Quadrant and Critical Capabilities for Cloud Access Security Brokers
Steve Riley, Sr Director Analyst, Gartner

In the second iteration of Gartner's Magic Quadrant for cloud access security brokers, new vendors were evaluated and several vendors changed positions. We also published a companion Critical Capabilities note. The authors of the research will discuss:
What are the changes this year?
What is the current state of the market?
What is the best way to determine which vendors meet your requirements?


Tuesday, June 18, 2019 02:30 PM|Tuesday, June 18, 2019 03:15 PM
Outlook for Application Security 2019
Ayal Tirosh, Sr Principal Analyst, Gartner

Application security continues to be a significant challenge for many organizations. This session covers the current outlook for application vulnerabilities and application security programs, as well as the newest developments in application security practices and technologies.


Tuesday, June 18, 2019 02:30 PM|Tuesday, June 18, 2019 03:15 PM
Debate: Changing Societal Perception of Cybersecurity
Paul Proctor, Distinguished VP Analyst, Gartner

Society treats security like a black box and security people like wizards. They expect you to cast some spells, protect the organization, and if there is an incident, the primary question is “who made a mistake?” To address this, we can double down on teaching people the complexities and technology of security or we can change the conversation.


Tuesday, June 18, 2019 02:30 PM|Tuesday, June 18, 2019 03:15 PM
Outlook for Privacy 2019
Bart Willemsen, VP Analyst, Gartner

Privacy has come to be acknowledged as a fundamental human right, worldwide. Increasingly, regulatory pressure to enhance control over personal data affects how we look at our analytic activities, customer's rights and the CX, project development and outsourcing activities. Organizations need to establish a risk-based approach to handle personal data to mature privacy protection and deliver customer trust and satisfaction.


Tuesday, June 18, 2019 02:30 PM|Tuesday, June 18, 2019 03:15 PM
Meetup: Best-in-Class Security Strategies in Education

Join education security professionals to share best practices and ideas on safeguarding the people, systems, and data in education environments. Please be prepared to share and interact with your peers to take away some lessons learned and enhance your network of higher education executives. Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your selected Meetup

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 02:30 PM|Tuesday, June 18, 2019 03:15 PM
How Pricing and Packaging Need to Change to Match the Managed Security Landscape
Lawrence Pingree, VP Analyst, Gartner

Providers must evolve their pricing and packaging in order to align to the primary way their products are being delivered - managed security services. This talk will cover the core ways the providers must evolve their licensing, pricing and integrations to promote their solutions to the managed service providers in the market.


Tuesday, June 18, 2019 02:30 PM|Tuesday, June 18, 2019 03:15 PM
Threat Intelligence: The Thing That Has the Thing to Do the Thing
Craig Lawson, VP Analyst, Gartner

This will be an update to previously presented work going about 2 to 3 years now on threat intelligence.
Key points covered in the session:
- Key points to be thinking about to get value from Threat Intelligence
- Key use cases we see clients implementing successfully
- Key technologies being adopted in modern security programs for intelligence lead initiatives


Tuesday, June 18, 2019 02:30 PM|Tuesday, June 18, 2019 03:15 PM
SaaS Cloud Contingency Planning: Imperative or Idiocy in Today’s Environment?
Mark Jaggers, Sr Director Analyst, Gartner

While the idea of cloud contingency planning as a means of risk management has been around for over a decade, it's not been adopted or become an imperative for organizations. However, with the increasingly complex ecosystem and IT environment, this idea has started to resurface in terms of business strategy conversations and regulatory evaluations for resilience. In this session, we will cover what it really means, if it's possible, and where organizations should consider starting this practice.


Tuesday, June 18, 2019 02:30 PM|Tuesday, June 18, 2019 03:15 PM
Keeping Clouds Compliant: Top Five CSP Characteristics for Your Cloud Requisition Playbook
Khushbu Pratap, Sr Principal Analyst, Gartner

Cloud service providers may not always be ‘compliant’ with a regulation, although in some cases they do need to step up to specific requirements. The more mature a cloud service provider, the more help they can offer in demonstrating their compatibility with a regulation and in helping their customers understand how to use their offerings in a controlled and compliant way. This session addresses these common questions from risk, security, and procurement leaders. (1) How to contextualize security and privacy considerations for the cloud (2) How to gauge CSP's maturity in supporting compliance obligations (3) What tools to consider to better manage security and privacy compliance activities in the cloud.


Tuesday, June 18, 2019 02:30 PM|Tuesday, June 18, 2019 03:15 PM
Meetup: DevSecOps Best Practices

Join like-minded security professionals as they share their DevSecOps best practices and ideas. Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your selected Meetup

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 02:30 PM|Tuesday, June 18, 2019 03:15 PM
Navigating the Technology Landscape of Web Application Protection
Michael Isbitski, Sr Director Analyst, Gartner

Technical professionals are confronted with attacks that target web applications and APIs, and they struggle to find the appropriate mix of security controls. 1) What are the common attack patterns? 2) What technologies are useful in mitigating each type of attack? 3) What adjustments must be made for cloud-native application development?


Tuesday, June 18, 2019 02:30 PM|Tuesday, June 18, 2019 03:15 PM
Meetup: IT Risk for Supply Chain

What are the current shared risks and best practices for supply chain security professionals? Join other supply chain security professionals in sharing both challenges and success strategies. Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your selected Meetup

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 02:30 PM|Tuesday, June 18, 2019 03:20 PM
True Cyber Partnerships Through Customer-Centric Security
Randy McCausland, VP, Team Manager, Gartner

What does partnership mean to you? What does it mean to your cyber program? True partnerships are hard to find … especially when most organizations see the security team as the shop of Dr. No! It is possible to have a customer-centric approach to security that will allow for the creation of a true partnership. This session will focus on a case study from the University of Kansas Medical Center (KUMC) and how they have taken a customer-first approach to not only building out their cyberprogram, but how this approach has also allowed their cyber team to become a trusted partner.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 02:30 PM|Tuesday, June 18, 2019 04:00 PM
Workshop: Women in IT: Leadership Without Formal Authority
Joanna Huisman, Sr Director Analyst, Gartner
Monica Zlotogorski, Sr Director Analyst, Gartner
Roberta Witty, VP Analyst, Gartner

Sustainable disruption brings relentless pressure to change and adapt, while keeping the spirit of a startup mindset. This session will address how emerging tech CEOs can enable organizational mechanisms by empowering disruptive thinkers and leaders without formal authority. This session will include an interactive project where attendees are asked to work together to create an object as a team and discover their own leadership style.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 02:30 PM|Tuesday, June 18, 2019 04:00 PM
Workshop: Incident Response Scenario for Phishing Attacks
Neil Wynne, Principal Analyst, Gartner
Brian Reed, Sr Director Analyst, Gartner

This workshop session will cover diving into an incident response scenario that requires for planning, response and recovery from a phishing attack. The initial phishing attack will be due to an accidental data disclosure that then enables the adversary to commit fraud, tarnish your brand, and includes elements of account takeover and business email compromise.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 02:30 PM|Tuesday, June 18, 2019 04:00 PM
CISO Circle Leadership Exchange: Creating a One-Page Cybersecurity Strategy That Actually Works
Jeffrey Wheatman, VP Analyst, Gartner

A one-page cybersecurity strategy has been the goal for CISOs forever and the effort always falls short. They are too technical and don't resonate with the business people, or are so 'soft,' technical staff doesn't know what to do with it.
Join us for this engaging workshop on how to craft a simple, easy to use one page strategy to propel your program to success

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 03:30 PM|Tuesday, June 18, 2019 04:00 PM
Micro Focus: UEBA: Effective Anomaly Detection and ML for Cyberattack Detection and Prevention
Stephan Jou, CTO, Interset Software Inc.

There is plenty of buzz around the power of machine learning and analytics to detect threats, but what techniques and tools are succeeding in the real world? Stephan Jou, CTO at Interset, a Micro Focus company, will explore the math and motivation behind effective anomaly detection and machine learning, followed by case studies showing detection of APTs, data theft, red team attacks, and more.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 03:30 PM|Tuesday, June 18, 2019 04:00 PM
Cisco: Reimagining Security in the Cloud
Meghan Diaz, Head of Product Marketing and Insights, Cisco

As applications and data move to the cloud, organizations need to ensure security stacks are extended. As branch offices move towards direct internet access and SD-WAN, security must extend to the cloud edge. Learn how 1) to recognize gaps of traditional security, 2) to easily protect users, and 3) peers address security for cloud edge transformation.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 03:30 PM|Tuesday, June 18, 2019 04:00 PM
IBM: Trends in Threat Management: Left and Right of “Boom”

While the majority of organizations are actively improving capabilities for detecting cyber attacks, recent studies show that 75% of companies don’t have sufficient plans or processes in place for properly responding to events. Join our roundtable session to understand best practices for delivering more effective detection and orchestrated response to such events.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 03:30 PM|Tuesday, June 18, 2019 04:00 PM
Symantec: Top 3 Lessons – Integrated Cyber Defense: Customer Case Study
Varun Kohli, Head of Strategic Marketing, PMO & Global Demand, Symantec
Colin Slowik, Executive Director, HCSC

Over 15 million members, 20K employees, 60 office locations used to warrant a complex security infrastructure with many security controls. Hear how leveraging Symantec’s ICD platform approach transformed HCSC, the largest customer-owned health insurer in the US, allowing them to consolidate data protection across endpoints, drive down cost and complexity and improve their overall security posture.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 03:30 PM|Tuesday, June 18, 2019 04:00 PM
Secureworks: Are You Doing Enough? How a Security Maturity Evaluation Can Tell You

Since launch in 2018, the Secureworks Maturity Evaluation has been used by hundreds of security leaders to measure and frame their security posture and needs. This presentation will feature several case studies on how organizations have used the framework and complimentary service to:

● Measure the inherent security risks to the business

● Quantify the organization’s ability to address those risks

● Compare capabilities to peers and best-in-class organizations

● Clearly and convincingly communicate performance and needs to senior management

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 03:30 PM|Tuesday, June 18, 2019 04:15 PM
Varonis Systems: Attackers Prey on Uncertainty: How to Fail at Threat Detection
Mark Trinidad, Senior Technical Evangelist, Varonis

It takes visibility and context to detect and respond to sophisticated threats. Attackers usually target data, where enterprises have the least visibility and most uncertainty. In this session, we’ll explore new threats from inside and out, demonstrate how easy it is to bypass traditional controls, and present a methodology to better protect data, improve threat detection, and reduce uncertainty.


Tuesday, June 18, 2019 03:30 PM|Tuesday, June 18, 2019 04:15 PM
Verizon: Story-time for Grown-Ups:Data-driven Storytelling and Security Stakeholder Engagement

With the right data -- like the 2019 Verizon Data Breach Investigations Report -- security leaders can tell meaningful stories that help organizations make tough decisions about resource allocation and risk tolerance. Learn how storytelling can influence executives, customers, regulators and business partners -- while raising your profile as a trusted advisor.


Tuesday, June 18, 2019 03:30 PM|Tuesday, June 18, 2019 04:15 PM
Okta: Zero Trusts Given

Move to mobile-first and cloud-first has made perimeter-centric view of security obsolete; instead, we need to securely enable access for the various users (employees, partners, contractors, etc.) regardless of their location, device or network.


Tuesday, June 18, 2019 03:30 PM|Tuesday, June 18, 2019 04:15 PM
Rapid7: Industry Cyber Exposure – Who's In Control?

This session will examine the public-facing cyber-exposure of Fortune 500 companies through the lens of the CIS Controls. The industry-level view will detail the attack surface, insecure services and configurations, malware infection rates, and internet supply-chain risks seen in these verticals. In turn, we will provide guidance organizations can take to limit the impact of these exposures.


Tuesday, June 18, 2019 03:30 PM|Tuesday, June 18, 2019 04:15 PM
Balbix: AI-Powered Cybersecurity Posture Transformation

88% of breaches are caused by poor cyber-hygiene. Unfortunately, analyzing and improving cybersecurity posture is no longer a human-scale problem. In this session, we will share industry experiences with AI-based systems that analyze the enterprise attack surface to provide a 100x more accurate view of breach risk. These systems can also help transform security posture and decrease risk by 95%.


Tuesday, June 18, 2019 03:30 PM|Tuesday, June 18, 2019 04:15 PM
ValueMentor, an Ampcus Company: Do’s and Don’ts for Secure Cloud Migration ‒ Client Examples

Few organizations execute their cloud migration projects and new support models without experiencing security roadblocks and glitches. We will discuss three cloud migration client projects (i.e., New Cloud Deployment, All-in-Cloud Legacy, Hybrid), share best practices/lessons learned, and introduce a Cloud Security Process Model and Cloud Security/Data Protection Checklist to enable a more secure and efficient cloud migration experience.


Tuesday, June 18, 2019 03:30 PM|Tuesday, June 18, 2019 04:15 PM
VMware: Using the Cloud to Secure vs. Securing the Cloud
Tom Corn, Senior Vice President, Security Products, VMware

We’ve harnessed the properties of cloud to revolutionize how we build and deploy applications. How can we harness these same properties to transform the way we firewall and protect applications, from endpoint to datacenter? Come learn how the cloud enables us to flip the model from chasing threats, to enforcing good. As the old saying goes, an ounce of prevention is worth a pound of cure.


Tuesday, June 18, 2019 03:30 PM|Tuesday, June 18, 2019 04:15 PM
Fortinet: Security-Driven Networking Protecting the Edge

A hybrid world creates an expanded Digital Attack Surface with increased complexity created by too many independent security solutions. To counter these challenges, Fortinet pioneered the latest in Cybersecurity, delivered through its Security Fabric, the only architecture providing broad protection, integrated security, and security operations automated via a single management console.


Tuesday, June 18, 2019 03:30 PM|Tuesday, June 18, 2019 04:15 PM
Cybereason: How To Keep Your Job For More Than 13 Months
Sam Curry, Chief Product Officer, Cybereason

The greatest problem for CISO isn’t technical; we know what to do and how to secure infrastructure and stop attackers. The problem is keeping a seat at the executive table. This session will dive into the factors that make a difference between the bright burning but short-lived CISO and the truly successful, impactful and long term CISO. Join the discussion to keep your job for more than 13 months


Tuesday, June 18, 2019 03:30 PM|Tuesday, June 18, 2019 04:15 PM
ReliaQuest: Additional Session Details Coming Soon

ReliaQuest: Additional Session Details Coming Soon


Tuesday, June 18, 2019 03:30 PM|Tuesday, June 18, 2019 04:15 PM
Cyxtera: The Cyber Mission: to Protect National Prosperity and National Security

The mission of cyber professionals is to ensure that the cyber environment is safe and secure. Information technology (IT) is at the heart of today’s modern society. In this presentation, retired Air Force Brigadier General Gregory Touhill, the US government’s first Chief Information Security Officer and current President of the Cyxtera Federal Group, will discuss the mission and ethos of today’s cyber professional and why the cyber professional is one of the key roles in today’s modern society. In an engaging and provocative presentation General Touhill will discuss topics including the cyber threat environment, cyber workforce development, emerging technologies, and the future of cyber professionals.


Tuesday, June 18, 2019 04:10 PM|Tuesday, June 18, 2019 04:40 PM
CISO Circle Townhall: Gartner's Security and Risk Research Plans
Tom Scholtz, Distinguished VP Analyst, Gartner

Join Security & Risk Chief of Research for an interactive discussion on Gartner's research strategy for 2019/20.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 04:15 PM|Tuesday, June 18, 2019 04:45 PM
Networking Break


Tuesday, June 18, 2019 04:45 PM|Tuesday, June 18, 2019 05:30 PM
Gartner Keynote: Willful Disruption — Seven Digital Disruptions You Might Not See Coming
Daryl Plummer, Distinguished VP Analyst, Gartner

As digital projects move from optimization to transformation, the ability to disrupt becomes a critical discipline. Coping with disruption requires the ability to recognize, prioritize and respond in the right way. This presentation examines how General Managers can evaluate, track and plan for seven major disruptions using Gartner’s Digital Disruption toolkit.


Tuesday, June 18, 2019 05:00 PM|Tuesday, June 18, 2019 06:30 PM
Enterprise IT Leaders Members Networking Reception

Join your Enterprise IT Leader peers for an exclusive networking reception; Come join us in the Enterprise IT Leaders Lounge to relax and unwind after the day's sessions and networking with Gartner Leadership Partners and like minded Peers!

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 05:30 PM|Tuesday, June 18, 2019 07:00 PM
Women's Cocktail Reception - Who Am I?: Prominent Women in History
Roberta Witty, VP Analyst, Gartner
Joanna Huisman, Sr Director Analyst, Gartner

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 18, 2019 06:00 PM|Tuesday, June 18, 2019 09:00 PM
VIP Boat Cruise (Invitation Only)

Join Gartner and our exhibitors for a night on the Potomac! Visit the Exhibit Showcase to obtain a VIP ticket from one of the participating exhibitors. Shuttle service will be provided in the hotel lobby at 5:30 p.m. and the boat will depart at 6:00 p.m. Please Note: You will need a VIP ticket from one of the participating exhibitors and your Gartner Security & Risk Management Summit badge in order to board the boat. No exceptions will be made. Participating exhibitors include: BitSight Technologies, Guardicore, IntSights, McAfee, PerimeterX, Pluralsight, SecurityScorecard, Skybox Security, and Venafi.


Wednesday, June 19, 2019 07:00 AM|Wednesday, June 19, 2019 08:15 PM
Registration


Wednesday, June 19, 2019 07:00 AM|Wednesday, June 19, 2019 08:15 PM
Concierge Hours

Not sure which exhibitors to meet with or what sessions to attend? Let Gartner Event Concierge help you create a custom agenda and schedule meetings. Just email us at Jaimee.Zimmerer@gartner.com pre-event or once you arrive, and we’ll be in touch soon.


Wednesday, June 19, 2019 07:00 AM|Wednesday, June 19, 2019 08:15 PM
Enterprise IT Leaders Members Lounge

Join your Enterprise IT Leader peers in an exclusive lounge area, providing space to network with Peers and Leadership Partners, refresh and get some work done between sessions.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 07:30 AM|Wednesday, June 19, 2019 08:15 AM
Google Cloud: Chrome Enterprise's Innovative Approach to Endpoint Security
Loren Hudziak, Chrome Customer Engineer, Google, Inc

With enterprises being more targeted by malicious attacks than ever before, businesses need to ensure they are using the right tools to keep their data secure. In this session, attendees will learn about the many differentiating features of Chromebooks around security, and what really helps Chromebooks stand out from the pack.


Wednesday, June 19, 2019 07:30 AM|Wednesday, June 19, 2019 08:30 AM
Attendee Breakfast


Wednesday, June 19, 2019 07:30 AM|Wednesday, June 19, 2019 08:30 AM
CISO Circle Breakfast: Halfway to Star Trek, a Professional's Guide to Predicting the Future
Leigh McMullen, Distinguished VP Analyst, Gartner

In this light and entertaining session, Gartner Analyst and futurist, Leigh McMullen uses the "Half Way to Star Trek" scenario to illustrate a method for predicting and rapidly responding to the future based on proven concepts from Military Effects Based Operations planning doctrine.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 08:30 AM|Wednesday, June 19, 2019 09:15 AM
Guest Keynote: What is Culture?
Dr. Steve Robbins, Inclusion Expert, S.L. Robbins and Associates

Without understanding culture, we will have a difficult time understanding open- and closed-mindedness. Dr. Robbins quotes a famous sociologist to explain how culture plays a key role in how humans behave in a world full of differences. Culture also ties into the pursuit of inclusion & innovation, and it has everything to do with teamwork and leadership.


Wednesday, June 19, 2019 09:15 AM|Wednesday, June 19, 2019 09:45 AM
Gartner Zone: Your Attackers are Advanced….Are You?
Terry Bebbington, Sr Expert Partner, Practice, Gartner
Luke Simonetti, Expert Partner, Practice, Gartner
Beth Schumaecker, Director, Advisory, Gartner

60% of businesses will suffer major service failures due to the inability of cyber security teams to adequately mature their programs to combat the threats they face today. See how organizations are leveraging benchmarking to measure and improve their programs all the while achieving the best ROI for those investments. Gartner consultants share their experience on how capable programs are leveraging mitigating risk within the context of industry-specific leading practices and peer-group comparisons.


Wednesday, June 19, 2019 09:15 AM|Wednesday, June 19, 2019 09:45 AM
Networking Break


Wednesday, June 19, 2019 09:15 AM|Wednesday, June 19, 2019 03:15 PM
Exhibit Showcase

Visit the Exhibit Showcase to evaluate industry offerings that can move your business forward. Engage with your peers in our Networking Hub. Stick around for the afternoon dessert reception and attend a theater session to see technology in action.

Please note: Exhibitor meetings are available outside of the promoted Exhibit Showcase hours; please coordinate directly with the Exhibitor or request support from our Conference Concierge Team.


Wednesday, June 19, 2019 09:30 AM|Wednesday, June 19, 2019 09:50 AM
Market Guide for Endpoint Detection and Response
Peter Firstbrook, VP Analyst, Gartner
Prateek Bhajanka, Principal Analyst, Gartner

EDR is being considered by organizations irrespective of the size and the industry that they belong to. With the recent development and convergence in the EPP and EDR markets, clients are left confused about what approach to take. SRM leaders responsible for security of endpoint must understand:
1. The applicability and use of EDR
2. Benefits and challenges associated with EDR deployment and operations
3. EDR vendor landscape and market direction


Wednesday, June 19, 2019 09:30 AM|Wednesday, June 19, 2019 10:15 AM
Gartner Q&A - Willful Disruption: Seven Digital Disruptions You Might Not See Coming
Daryl Plummer, Distinguished VP Analyst, Gartner

Interested in hearing more from Daryl on what he thinks about digital disruptions?
Bring your questions to this post keynote interactive session and learn from those posed by your peers.


Wednesday, June 19, 2019 09:45 AM|Wednesday, June 19, 2019 10:30 AM
CISO Circle Meet & Greet with Dr. Steve Robbins
Patrick Lencioni, President, The Table Group, Best Selling Author, The Table Group

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 09:45 AM|Wednesday, June 19, 2019 10:30 AM
Meetup: Securing State and Local Governments

Discuss successes and failures in encouraging innovation and creativity in state and local government. What has worked? What has not? What are the best techniques to try? Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your selected Meetup

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 09:45 AM|Wednesday, June 19, 2019 10:30 AM
Meetup: Elevating Security Operations Center (SOC) / SIEM Efforts

Share best practices and ideas on security operation center (SOC) and security information and event management (SIEM) initiatives. Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your selected Meetup

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 09:45 AM|Wednesday, June 19, 2019 10:30 AM
Ask the Expert: Everything You Always Wanted to Know About Privacy (but Were Afraid to Ask)
Bart Willemsen, VP Analyst, Gartner

In this session, attendees MUST bring questions, even when afraid. Although Gartner is not in the business of determining what is compliant and what is not, foundational privacy insights can be shared between participants. Questions will be dealt with like 'what's purposeful processing?,' 'what to mind when outsourcing?,' and 'where is privacy going in the world' are only suggestions. End users only, registration required

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 09:45 AM|Wednesday, June 19, 2019 10:30 AM
Holistic DLP: Winning at Whack-a-Mole
Steve Riley, Sr Director Analyst, Gartner

Data, data everywhere and not a drop should leak. Your enterprise data wants to travel as broadly as it can — not only within the enterprise but across a panoply of cloud services and an endless proliferation of endpoints. Who needs heroic levels of DLP? How can you monitor, track, and manage something seemingly impossible? What are the best product and service options available today?


Wednesday, June 19, 2019 09:45 AM|Wednesday, June 19, 2019 10:30 AM
AI as a Target and Tool: An Attacker’s Perspective on Machine Learning
Mario de Boer, VP Analyst, Gartner

The increased use of AI in security has not gone unnoticed by attackers. In this session, we explore the attacker’s perspective on machine learning, covering adversarial as well as nefarious ML:

● How attackers may attack security solutions based on ML at training and at prediction stages

● How ML may accelerate innovation in attacker techniques.


Wednesday, June 19, 2019 09:45 AM|Wednesday, June 19, 2019 10:30 AM
Outlook for Security Outsourcing 2019
Toby Bussa, VP Analyst, Gartner
Pete Shoard, Sr Director Analyst, Gartner

There are simply not enough people with the right skills within security and risk management to address the increasing needs of organizations around the globe. This presentation addresses the challenges and opportunities S&RM leaders responsible for security operations looking to services providers to help alleviate the skills and talent shortage, allowing organizations to optimize, improve and accelerate their security and risk management programs and capabilities. This presentation will address Why and When to leverage outsourcing, what to outsource, and what to be aware of when outsourcing.


Wednesday, June 19, 2019 09:45 AM|Wednesday, June 19, 2019 10:30 AM
Case Study: True Cyber Partnerships Through Customer-Centric Security
John Godfrey, Chief Information Security Officer Associate Vice Chancellor for Information Security, University of Kansas Medical Center

What does partnership mean to you? What does it mean to your cyber program? True partnerships are hard to find … especially when most organizations see the security team as the shop of Dr. No! It is possible to have a customer-centric approach to security that will allow for the creation of a true partnership. This session will focus on a case study from the University of Kansas Medical Center (KUMC) and how they have taken a customer first approach to not only building out their cyber program, but how this approach has also allowed their cyber team to become a trusted partner.


Wednesday, June 19, 2019 09:45 AM|Wednesday, June 19, 2019 10:30 AM
Panel: Women in Leadership: Movers & Shakers, Ceiling Breakers, Ruckus Makers
Joanna Huisman, Sr Director Analyst, Gartner

Women in Leadership: Movers & Shakers, Ceiling Breakers, Ruckus Makers. 3 Leading women in IT in a panel discussion focused on the following questions:

● Which of those 3 are you and why?

● Has that always described you and if it hasn’t how have you transitioned from one to another?

● What is the guidance you would give someone to achieve one of those archetypes?

● What do you see missing from women in the workplace now that prevents the from achieving one of these archetypes?

● What was the one pivotal moment in your career that helped shape where you are today?


Wednesday, June 19, 2019 09:45 AM|Wednesday, June 19, 2019 10:30 AM
Meetup: Cybersecurity - Increasing Awareness and Communicating from Employee to Board Level

This Meetup will discuss practical methods for increasing end user awareness of cyber threats in your organization. What's worked for you? What tools are you using? What are the most effective ways to increase awareness at the associate level and to communicate at the board level? Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your selected Meetup

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 09:45 AM|Wednesday, June 19, 2019 10:30 AM
Designing Effective Security Architecture for IoT Solutions
Ramon Krikken, VP Analyst, Gartner

IoT Security is a big deal, and technical professionals need to be able to design effective security measures. Using the Gartner IoT reference model, this session explores risks that affect, and controls that are effective in IoT solutions.

Key Issues Covered:
-What are key risks and pitfalls in securing IoT?
-Which controls are similar to, or different from traditional security?
-How should organizations prepare for comprehensive IoT security?


Wednesday, June 19, 2019 09:45 AM|Wednesday, June 19, 2019 10:30 AM
Outlook for Data Security 2019
Brian Lowans, Sr Director Analyst, Gartner

Security and risk management leaders need to develop security strategies that treat data as a pervasive asset (and liability). New data privacy laws and the continued growth of data breaches are increasing business risks. Data security governance is an emerging risk-based framework that will help plan and orchestrate policies across data security products that are siloed and do not integrate.


Wednesday, June 19, 2019 09:45 AM|Wednesday, June 19, 2019 10:30 AM
Every Organization Should Assess the Value of an Incident Response Retainer
Sam Olyaei, Director Analyst, Gartner
Brian Reed, Sr Director Analyst, Gartner

Security incidents are not just a possibility but an inevitability. It is important for organizations of all size to have a well-planned incident response strategy, as well as the ability to retain outside assistance, if needed. This session will cover the options that an incident response retainer provides, as well as characteristics of various IR providers.


Wednesday, June 19, 2019 09:45 AM|Wednesday, June 19, 2019 10:35 AM
Becoming a Modern CISO: Master Your Business, Build Your Brand
Steve Wenc, VP, Team Manager, Gartner

To be successful, the modern CISO needs to become a business leader in charge of security, not just a security leader who works with the business. New and aspiring CISOs have an opportunity to increase their effectiveness by mastering the fundamentals of their business, learning to speak the language of their business partners and, in doing so, build their brand as an effective business partner. In this session, we will walk through the skill set and capabilities of a modern CISO and a simple, practical approach to learning your business and building your relationship with key partners.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 09:45 AM|Wednesday, June 19, 2019 10:45 AM
Roundtable: Get a Handle on the Security of Vendor Applications by Asking Some Key Questions
Mark Horvath, Sr Director Analyst, Gartner

Third-party applications and SaaS represent a large but opaque attack surface for Security and Risk Management Leaders. While no one can (or should) avoid using third-party apps, asking some key questions ahead of time can improve security outcomes:
What should I ask about privacy?
What elements of a Secure SDLC should I look for in vendors?
How can I make sure there are no hidden security surprises?

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 09:45 AM|Wednesday, June 19, 2019 10:45 AM
Roundtable: Will SaaS Be the Death of IT?
Jay Heiser, VP Analyst, Gartner

The use of SaaS continues to grow. Do they actually need IT? What is our role?

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 09:45 AM|Wednesday, June 19, 2019 11:15 AM
Workshop: Practical Privacy – Handling Subject Rights under the CCPA
Nader Henein, Sr Director Analyst, Gartner

The CCPA introduces extensive challenges when handling personal information; this raises the baseline not only in California but across the entire US landscape. This session will give security and risk management leaders the capabilities to prepare, maintain & evolve the organizations privacy program not only for compliance with the new laws but also to develop a competitive edge to drive depth and breadth in their customer base.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 09:45 AM|Wednesday, June 19, 2019 11:15 AM
Workshop: Pureplay or Suite BCM Software Solutions? That Is the Question!
Roberta Witty, VP Analyst, Gartner

There are many technology solution options available to manage the BCM program. Selecting the one most appropriate for your organization depends on your BCM program maturity, the buyer role, the scope of the program, the organization's geographic footprint, and more. In this workshop you will develop the framework for your organization's BCM software selection process.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 10:45 AM|Wednesday, June 19, 2019 11:15 AM
Attivo Networks: Deceptively Simple Detection: Exclusive Insights & Peer Exchange
Carolyn Crandall, Chief Deception Officer /CMO, Attivo Networks
Tony Cole, Chief Technology Officer, Attivo Networks

Join Carolyn Crandall, Chief Deception Officer and Tony Cole, Chief Technology Officer of Attivo Networks for an interactive discussion on threat detection innovation, why organizations are adopting deception (detection, intelligence, active defense), and perceptions attackers would like you to believe.

No slides, no presentations, just an engaging, off-the-record exchange among your peers.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 10:45 AM|Wednesday, June 19, 2019 11:15 AM
Cisco: Workload Security and Visibility
Vaishali Ghiya, Sr. Director, Cisco

Technologies like virtualization, SDN are rapidly rolling out new applications and services. Modern applications no longer reside just within a company’s physical data center but also deploy across a multicloud environment. Learn how to 1) protect workloads 2) deliver a zero-trust security approach with deep visibility and multi-layered segmentation.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 10:45 AM|Wednesday, June 19, 2019 11:15 AM
Secureworks: Operating a World-Class SOC

The day-to-day activities in your SOC boil down to how fast you detect a threat, and then how fast you can act on it. It’s all about speed. But speed requires threat intelligence, the right processes, and a set of tools to get the job done. Join this session to take home the tools and processes that work and learn what doesn’t work when detecting and responding to threats. Terry McGraw has spent decades in security operations for the U.S. Military, and now leads a team of analysts within Secureworks, one of the largest security services providers on the planet with five SOC’s that protect over 4,000 clients worldwide.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 10:45 AM|Wednesday, June 19, 2019 11:15 AM
Symantec: Top 3 Lessons – Integrated Cyber Defense: Customer Case Study
Varun Kohli, Head of Strategic Marketing, PMO & Global Demand, Symantec
Colin Slowik, Executive Director, HCSC

Over 15 million members, 20K employees, 60 office locations used to warrant a complex security infrastructure with many security controls. Hear how leveraging Symantec’s ICD platform approach transformed HCSC, the largest customer-owned health insurer in the US, allowing them to consolidate data protection across endpoints, drive down cost and complexity and improve their overall security posture.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 10:45 AM|Wednesday, June 19, 2019 11:15 AM
F-Secure: Utilizing Threat Hunting in a Continuous Response Approach to Cyber Defense
Tim Orchard, Managing Director, F-Secure Countercept, F-Secure

Cyber breaches are now a fact of life for many companies. It’s no longer a matter of ‘if’ a company will be breached, the question is ‘when’. And that calls for a shift in how organizations handle many aspects of security. Join us to explore how a “continuous response” methodology in the hands of the right team can actively identify and remediate potential threats before they escalate.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 10:45 AM|Wednesday, June 19, 2019 11:15 AM
VMware: Leveraging Modern Management and Analytics to Enhance User & Device Security Posture
Sachin Sharma, Sr. Product Line Marketing Manager, VMware

As users, apps and endpoints continue to evolve beyond the traditional perimeter, relying on legacy security practices, setting up more policies, and bolting on more tools will continue to lead to more complexity. Discover how you can stay a step ahead by simplifying user security and device hygiene across your digital workspace using intrinsic security with modern management and analytics.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 10:45 AM|Wednesday, June 19, 2019 11:30 AM
RiskRecon: Managing Risk Exposure: Revelations from the Internet Risk Surface Report
Wade Baker, Partner, Cyentia Institute

The Digital Transformation puts more value at risk in more places. This “risk surface” is the unforeseen undercurrent of high-velocity digital business. This keynote dives into the findings of our Internet Risk Surface research, revealing the true expanse of enterprise risk and forecasting solutions for managing risk surface in a hyper-connected and hyper-exposed world.


Wednesday, June 19, 2019 10:45 AM|Wednesday, June 19, 2019 11:30 AM
A10 Networks: The State of DDoS Weapons and Applying Zero-day Automated Protection
Rich Groves, Head of A10 Security Research, A10 Networks
Paul Nicholson, Sr. Director of Product Marketing, A10 Networks

DDoS attacks are evolving in complexity and speed. Learn about modern DDoS defense use cases and technologies to defeat DDoS attacks: Zero-day Automated Protection, ML and threat intelligence. CISOs and IT execs will gain insights to develop a fully-automated defense solution.


Wednesday, June 19, 2019 10:45 AM|Wednesday, June 19, 2019 11:30 AM
IBM: Additional Session Details Coming Soon

IBM: Additional Session Details Coming Soon

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 10:45 AM|Wednesday, June 19, 2019 11:30 AM
Trustwave: Additional Session Details Coming Soon

Trustwave: Additional Session Details Coming Soon


Wednesday, June 19, 2019 10:45 AM|Wednesday, June 19, 2019 11:30 AM
Forescout Technologies: Automation: The Missing Piece to Your Security Puzzle
Mitchell Greenfield, Director, Cyber Innovation & R&D, Ent. Information Protection, Humana, Humana
Tom Dolan, VP, Product Management, Forescout Technologies

The evolving business landscape is stretching security professionals’ capabilities to assess and mitigate risks across expanding networks. Hear from the Cyber Innovation team at Humana on how they are bringing forth the age of automation by implementing a strategy across their global enterprise to solve inventory challenges, network based controls, and efficiencies with incident response.


Wednesday, June 19, 2019 10:45 AM|Wednesday, June 19, 2019 11:30 AM
Veracode: Secure from the Start: Using Software Security to Stay Ahead of Competitors

Companies are leveraging software to solve life-changing problems, but innovating with speed doesn't mean the software is secure. To keep pace with the rate of change, keep a competitive advantage and continue changing the world with software, you have to implement security practices in your software development processes. Bottom line, the business of software is the business of software security.


Wednesday, June 19, 2019 10:45 AM|Wednesday, June 19, 2019 11:30 AM
Proofpoint: Who is Your Company’s Very Attacked Person and How To Protect Them
Tim Choi, Vice President, Product Marketing, Proofpoint

The world today experiences phishing and social engineering attacks on our C-level executives, R&D, Production & HR. The goal of these people-centric attacks are to take advantage of your employees’ moments of weakness and to compromise your business.
We will share who are the Very Attacked Persons, real world scenarios and suggest responses to protect your most important asset – your people.


Wednesday, June 19, 2019 10:45 AM|Wednesday, June 19, 2019 11:30 AM
ESET: Protect against Advanced Persistent Threats utilizing multiple layers

We’ll demonstrate four real-life targeted APT attack scenarios mapped to the MITRE ATT&CK knowledge base and how to prevent/detect attacks using endpoint security and EDR multiple layers.
We’ll focus on ESET’s discovery of LoJax, the first UEFI rootkit in the wild, a powerful, sophisticated malware persistence technique, deployed by the notorious APT group, Sednit.


Wednesday, June 19, 2019 10:45 AM|Wednesday, June 19, 2019 11:30 AM
Vectra AI: Parker Hannifin uses AI to Identify Lateral Movement From Enterprise to Cloud

Parker Hannifin, a global leader in Motion and Control Technologies, will share its investigation into a potential exfiltration of company data to an unknown Microsoft Azure instance. This session will include a discussion on day-to-day tools, processes and exercises that can be used to continually monitor modern infrastructures that support a wide variety of connected devices and systems.


Wednesday, June 19, 2019 10:45 AM|Wednesday, June 19, 2019 11:30 AM
Bitglass: Beyond Shadow IT: CASB Case Studies From Leading Organizations

As more organizations deploy cloud apps like Office 365, AWS, and Slack, securing corporate data becomes a challenge. While Cloud Access Security Brokers (CASBs) were originally used solely for shadow IT discovery, they have since emerged as the de facto standard for real-time cloud data & threat protection, securing a rapidly evolving enterprise cloud footprint, including SaaS, PaaS, and IaaS. This session will focus on immediately actionable advice that you can implement in your company immediately, including:
● Critical gaps in cloud applications that must be filled
● The most commonly used cloud security policies
● Architecture, deployment and integration considerations
● Case studies from major organizations in healthcare, financial services, government, and more


Wednesday, June 19, 2019 10:45 AM|Wednesday, June 19, 2019 11:30 AM
BitSight Technologies: Modernizing Your Third-Party Cyber Risk Management Program: Lessons from the Field
Jacob Olcott, Vice President -- Strategic Partnerships, BitSight Technologies
Evan Tegethoff, Director of Consulting Engineering, BitSight

Breaches and incidents affecting third-party suppliers, vendors, and business partners have dominated the news in recent years. This session will provide critical insight and lessons learned across BitSight’s 1700+ customer base, providing useful tips for organizations of all sizes as they consider modernizing their own third-party cyber risk management programs.


Wednesday, June 19, 2019 10:45 AM|Wednesday, June 19, 2019 11:30 AM
WhiteHat Security: Why Has DevOps Not Become DevSecOps, Yet
Joseph Feiman, Chief Strategy Officer, WhiteHat Security, Inc.

Why has DevOps not yet become DevSecOps, leaving DevOps insecure? This presentation dispels DevSecOps myths, such as: omnipotence of the shift-to-the-left, all-powerful automation and preeminence of the culture. It defines the ways AppSec technologies should change and introduce new capabilities to make DevSecOps a reality. It forecasts trends and estimates the pace of DevSecOps evolution.


Wednesday, June 19, 2019 11:30 AM|Wednesday, June 19, 2019 11:45 AM
Gartner Zone: Technology 101 – What’s Your ITScore & IT Budget?
Jaime Tirado, New Client Engagement Specialist, Gartner

Join this session to learn how the ITScore and the ITBudget assessments can help you. Gartner’s ITScore is designed to help IT leaders evaluate the maturity of both their organization as a provider of IT services, and the enterprise as a consumer of IT. Gartner’s ITBudget will show you how your spending compares to industry averages in a customized report.


Wednesday, June 19, 2019 11:45 AM|Wednesday, June 19, 2019 12:05 PM
Market Guide for Mobile Threat Defense
Dionisio Zumerle, Sr Director Analyst, Gartner

Mobile threat defense (MTD) solutions have matured and can provide value to organizations looking to strengthen their mobile security. Security and risk management leaders should leverage MTD to address evolving mobile security needs. This session will present the market dynamics, main vendors and use cases for MTD.
1. What is Mobile Threat Defense?
2. What does the market for MTD look like?
3. How are the main vendors differentiating?


Wednesday, June 19, 2019 11:45 AM|Wednesday, June 19, 2019 12:15 PM
Do the Simple Things Well in Information Security
Craig Lawson, VP Analyst, Gartner

Good information security hygiene is a must, but many organizations lose focus on getting the basics right, leading to an unjustified level of confidence in risk posture. Join us and learn:

● What are the key activities, capabilities and practices for organizations?

● What are the activities that you can delay or even skip entirely?

● Why doing the basics is more important than ever.


Wednesday, June 19, 2019 11:45 AM|Wednesday, June 19, 2019 12:15 PM
Building Successful Business Metrics for Technology Risk
Paul Proctor, Distinguished VP Analyst, Gartner

Metrics should inform better decision making. “Business alignment” is spoken about frequently, but execution is challenging throughout the Gartner client base. Key risk indicators (KRIs) should have defensible causal relationships to business impacts and present leading indicators to decision makers. Gartner has developed a methodology to integrate risk and corporate performance that helps achieve these goals.


Wednesday, June 19, 2019 11:45 AM|Wednesday, June 19, 2019 12:15 PM
Case Study: Top Ten Myths of IoT Security from the Builders' & Buyers' Perspectives
Brian Witten, Vice President & Product Security Officer, United Technologies


Wednesday, June 19, 2019 11:45 AM|Wednesday, June 19, 2019 12:15 PM
Quantum Is the New AI
Mark Horvath, Sr Director Analyst, Gartner

Like AI before it, quantum computing and related quantum technologies like quantum key exchange, quantum random number generation and homomorphic encryption are poised to make huge changes to the technology landscape as they mature. What are the important quantum computing technologies that will impact your business? How will long established security tools like RSA change?


Wednesday, June 19, 2019 11:45 AM|Wednesday, June 19, 2019 12:15 PM
Mixing Rewards and Consequences to Drive a More Security Aware Culture
Joanna Huisman, Sr Director Analyst, Gartner

Motivation is a fundamental driver of employee behavior that ensures the organization’s security. Security and risk management leaders can use positive and negative motivation — rewards and consequences — to urge staff to complete training and adhere to policies.

Key Challenges
-Determining which format for urging behavior appropriate to motivate security behavior — rewarding when encouraging action or punishing when preventing action — is complicated when management follows faulty instincts.
-Employees often do not perceive that the intent behind positive and negative formats is to drive greater competency and learning; rather than become motivated, they instead resent negative motivations and do not value positive ones.

Recommendations
-Security and risk management leaders overseeing information security should:
-Use a balance of reward and punishment to encourage appropriate behavior retention by understanding the primary motivators of their audience and then determining which consequences best address those motivations.
-Communicate what both motivation structures mean, why following them will be beneficial for individuals and how the motivation structures will be delivered, tracked and reinforced.


Wednesday, June 19, 2019 11:45 AM|Wednesday, June 19, 2019 12:15 PM
Mobile Security Strategy 201: Are Your Mobile Devices Secure From the Latest Attacks?
Patrick Hevesi, Sr Director Analyst, Gartner

Come see how secure the latest versions of your mobile operating systems and devices are against the current mobile attacks. This session will show which operating systems and devices you need to be using along with third-party solutions to protect your organization. We will demonstrate attacks and also discuss the right EMM/UEM, MTD and other mobile security solutions you should be using today.


Wednesday, June 19, 2019 11:45 AM|Wednesday, June 19, 2019 12:15 PM
Security and Identity in a Midsize Enterprise: Synergy or Distraction?
Henrique Teixeira, Sr Director Analyst, Gartner

Midsize enterprises operate close to the wallet and don’t distinguish certain IT capabilities from one another. This is often the case with identity and access management (IAM) and security and risk management (SRM). As MSEs formalize these functions, security and risk management leaders must establish:
● What distinguishes IAM and SRM from one another? What are the similarities and dependencies?
● How do these contribute to organizational imperatives?
● How can we coordinate initiatives and interactions to contribute to business outcomes?

Participants will gain insight into peer experience, Gartner research, and trends influencing their security and risk management program. This session is a good fit for you if your organization has between 5 and 50 people in IT and an IT budget between $5 million an d $30 million.


Wednesday, June 19, 2019 11:45 AM|Wednesday, June 19, 2019 12:15 PM
Follow Gartner Threat Intelligence Maturity Matrix to Maximize Market Opportunities
Ruggero Contu, Sr Director Analyst, Gartner

With many enterprises still misunderstanding on the different values TI can deliver, technology and service providers can benefit from an alignment to the Gartner threat intelligence maturity matrix to develop a product/service portfolio strategy that caters to different levels of readiness and potential demand. The presentation will highlight how TSP can develop a roadmap to focus on different product/services capabilities and therefore expand addressable market opportunities .


Wednesday, June 19, 2019 11:45 AM|Wednesday, June 19, 2019 12:15 PM
Solving the Digital Security Talent Gap: Why Women, Why Now?
Barika Pace, Sr Director Analyst, Gartner

CIO's are faced with the challenge of a competitive labor market and often miss opportunities to attract the right skill sets to digitally transform. However, U.S. EEO office reports that despite growing women grads in STEM, women remain underrepresented in technology fields. This session focuses on how traditional recruiting efforts might be sabotaging diversity in the workplace, and placing the organization at risk.


Wednesday, June 19, 2019 12:15 PM|Wednesday, June 19, 2019 01:00 PM
Microsoft: The Modern SOC: How to Fully Empower Your Security Analysts
Adam Hall, Director, Security, Microsoft

Cloud-based security enables your SecOps team to be more effective, more efficient, and less stressed. In this session we’ll look at how a few key tools in the modern SOC can improve the way you prioritize events, investigate incidents, and hunt for threats. You will see how Microsoft is enabling you to extend your team with on-demand access to both machine and human help.


Wednesday, June 19, 2019 12:15 PM|Wednesday, June 19, 2019 01:15 PM
Attendee Lunch


Wednesday, June 19, 2019 12:15 PM|Wednesday, June 19, 2019 01:15 PM
CISO Circle Lunch: How to Have an Engaging Conversation With Your CEO About Risk
Leigh McMullen, Distinguished VP Analyst, Gartner

Most CEOs are excellent problem solvers, but too often CISO’s seek approval rather than enable their CEO’s to participate in the decision making process. This causes disengagement, and is at the root of many of the challenges CISOs and IT leaders face. CISO’s need to use different tools to get their CEO to the table and keep them engaged so that they value the outcome of the decisions we ask for.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 12:40 PM|Wednesday, June 19, 2019 01:05 PM
Spanning Cloud Apps, a Kaseya company: Today’s Cyber Security Threats require a Multilayered Security Strategy
Richard Csaplar, Product Marketing Manager, Unitrends

Using just a firewall and virus scanner are no longer enough to protect against today’s cyber security threats. We will outline 3 solutions every organization must have to create a multilayered security strategy to protect against 21st century threats such as hackers, ransomware, and exploiting software vulnerabilities. We will outline how leveraging an active intrusion monitoring process is a critical to your strategy in defending against security breaches as happened to Equifax.


Wednesday, June 19, 2019 12:40 PM|Wednesday, June 19, 2019 01:05 PM
Illumio: Decoupling Security Segmentation from Network Architecture: Blueprint for Success

Learn about Fannie Mae’s journey to operationalize security segmentation. Protecting the digital assets of the trillion-dollar lender of lenders began with a mindset and architectural shift to separate security segmentation from the network. Then deploying the right technology to quickly enable and take advantage of that decoupling. And finally bringing about the organizational changes needed to support the strategic segmentation program.


Wednesday, June 19, 2019 12:40 PM|Wednesday, June 19, 2019 01:05 PM
AT&T Cybersecurity: Building Resilient Threat Detection, Alien Labs Threat Intelligence
Jaime Blasco, AVP Product Development, AT&T Cybersecurity

The speed and sophistication with which cybercriminals are launching attacks is increasing year-over-year. Defenders should be incorporating threat intelligence that goes beyond identifying IOCs to understanding the common tactics used by cybercriminals. Gain insight into Alien Labs and how it produces the tactical threat intelligence needed in today's threat landscape.


Wednesday, June 19, 2019 01:15 PM|Wednesday, June 19, 2019 01:40 PM
AC Global Risk: Reimagining Human Risk

Alex Martin will review the new dynamics of human risk that people cause to an organization and those within it. He will provide clear insights on the ever-changing landscape of human risk that organizations must navigate and deconstruct the plethora of human-based threats and fraud. Alex will offer a revolutionary technology and human-machine teaming approach to identifying levels of human risk.


Wednesday, June 19, 2019 01:15 PM|Wednesday, June 19, 2019 01:40 PM
HackerOne: Hacker-Powered Data - Security Weaknesses + Embracing Risk

Vulnerabilities are a fact of life; risk comes with it. Today, companies, enterprises, & governments are embracing collaboration with hackers to find vulnerabilities before criminals have a chance to exploit them. Using 6 years of data from 1,300+ bug bounty programs & 100,000+ valid vulnerabilities, this talk offers new analysis of the most common vulnerabilities not found on the OWASP top 10.


Wednesday, June 19, 2019 01:15 PM|Wednesday, June 19, 2019 01:40 PM
FireMon: Command the Hybrid Enterprise

Hybrid and multi-cloud environments are the new normal. This presentation will detail best practices to master real-time visibility, remove complexity and ensure policy management across the enterprise with tips that ensure continuous security and lower risk.


Wednesday, June 19, 2019 01:15 PM|Wednesday, June 19, 2019 01:40 PM
Valimail: Additional Session Details Coming Soon

Valimail: Additional Session Details Coming Soon


Wednesday, June 19, 2019 01:50 PM|Wednesday, June 19, 2019 02:15 PM
Align Salesforce to "your" Security Posture

Salesforce is a PaaS, not only a CRM. Infosec professionals now realize this whitespace can no longer be ignored given the amount of sensitive data that lives in it. Learn how customers like Wells Fargo, Intuit, and L'Oreal work with RevCult to deliver evidence-based compliance solutions to ensure that their Salesforce implementation is aligned to their broader security posture.


Wednesday, June 19, 2019 02:15 PM|Wednesday, June 19, 2019 03:00 PM
Meetup: Security Best Practices in Manufacturing

Take part in an interactive session with fellow manufacturing security professionals on the latest challenges and best approaches to overcome them. Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your selected Meetup

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 02:15 PM|Wednesday, June 19, 2019 03:00 PM
Ask the Expert: Handling Privacy Risk in Analytics and Machine Learning
Nader Henein, Sr Director Analyst, Gartner

As privacy regulations evolve, SRM leaders with a focus on privacy are finding it harder to work with information, and almost impossible to combine multiple data sets, especially when working collaboratively with third parties. We will address your questions, and look at the techniques as well as relevant technologies that will allow you to develop a repeatable process to work with personal data. This session is meant to answer your questions when it comes to handling the risk of mining large data sets of personal information for the purpose of analytics, fraud prevention or undirected discovery.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 02:15 PM|Wednesday, June 19, 2019 03:00 PM
Meetup: Successful Endpoint Security Strategies

As more employees use their consumer mobile devices for work, what are the best practices for protecting the corporate network? Join other security professionals in sharing successful strategies. Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your selected Meetup

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 02:15 PM|Wednesday, June 19, 2019 03:00 PM
Guest Keynote: The Ideal Team Player
Patrick Lencioni, President, The Table Group, Best Selling Author, The Table Group

Lencioni turns his attention to the individual team-member, revealing the three indispensable virtues—humility, hunger and people smarts—that make some people better team players than others. Pat explores the power this combination yields, and illustrates how team members with these traits drastically accelerate the process of building high-performing teams.


Wednesday, June 19, 2019 02:15 PM|Wednesday, June 19, 2019 03:00 PM
Meetup: Evolving the Workplace with Gender Equality Tips

Are you comfortable sharing perspectives and opinions as often as you would like? How do others react to you when you speak up? Are your views given equal weight? Do you feel you have unique challenges in your organization as a woman? Discuss practical strategies that will effect change in your organization. Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your selected Meetup

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 02:15 PM|Wednesday, June 19, 2019 03:15 PM
Roundtable: Midsize Enterprise — Addressing the Challenges of Doing Vulnerability Management
Toby Bussa, VP Analyst, Gartner

Vulnerability management is still not a standard practice for many organization even though it should be a core component of good security hygiene. This can be a bigger issue for resource challenged MSEs. This roundtable will help MSE participants understand what has worked and not worked for their peers, across people, processes and technologies, when implementing a vulnerability management capability.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 02:15 PM|Wednesday, June 19, 2019 03:15 PM
Roundtable: Cyber-physical Systems Security — Focus on Unmanned Aerial Systems (UAS) and Counter-UAS
Katell Thielemann, VP Analyst, Gartner

Discuss challenges, lessons learned, opportunities and latest trends with your peers in a facilitated roundtable discussion.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 02:15 PM|Wednesday, June 19, 2019 03:15 PM
Roundtable: All Your SaaS Belong to Us
Jay Heiser, VP Analyst, Gartner

Participants in this end-user roundtable will compare notes on the best practice for the care and feeding of SaaS. We will discuss shadow IT, integration with identity services, the use of CASB, backup and recovery options. Can policy and planning actually reduce the pain and cost of SaaS, or is the situation permanently out of control? Preregistration is required. Seats are limited.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 02:15 PM|Wednesday, June 19, 2019 03:15 PM
Roundtable: CASBs Six Years on — The Good, the Bad and the Ugly
Craig Lawson, VP Analyst, Gartner
Patrick Hevesi, Sr Director Analyst, Gartner
Steve Riley, Sr Director Analyst, Gartner

CASB customers unite! Now that CASBs have risen in popularity and, for many organizations, become parts of their overall cloud security strategies, we want to hear about your experiences. Gartner's CASB analysts will host this roundtable for CASB customers to share tips and tricks for valuable proofs of concepts, successful implementations, and resolved and ongoing issues during and after deployment. If you've replaced one vendor with another, we'd like to know the reasons.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 02:15 PM|Wednesday, June 19, 2019 03:45 PM
Workshop: MSSP Guidance for Midsize Enterprises
Paul Furtado, Sr Director Analyst, Gartner
Patrick Long, Assoc Principal Analyst, Gartner
Pete Shoard, Sr Director Analyst, Gartner

A workshop to discuss and facilitate MSE partners on how to find the right MSSP to meet their security use cases and the key capabilities that need to exist to build a good working relationship.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 02:15 PM|Wednesday, June 19, 2019 03:45 PM
Workshop: Creating a Balanced Mobile Strategy With BYOD and CYOD at the Core
Rob Smith, Sr Director Analyst, Gartner

This workshop addresses the challenges of implementing both Bring Your Own Device (BYOD) and Choose Your Own Device (CYOD) and how the two can be used together effectively to create an effective strategy for the Digital Workplace.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 02:30 PM|Wednesday, June 19, 2019 02:50 PM
The Magic Quadrant and Critical Capabilities for Integrated Risk Management
Jie Zhang, Sr Director Analyst, Gartner

This session will provide the study and result of Gartner's evaluation of the integrated risk management solutions market.


Wednesday, June 19, 2019 03:00 PM|Wednesday, June 19, 2019 03:30 PM
Networking Break


Wednesday, June 19, 2019 03:30 PM|Wednesday, June 19, 2019 04:00 PM
CrowdStrike: From Reactive to Predictive: Using Threat Intelligence to Enhance Endpoint Security
Jason Rivera, Director - Global Threat Intelligence Ad, CrowdStrike
Dan Larson, VP of Product Marketing, CrowdStrike

Cyber adversaries are faster, more capable, and more numerous than they have ever been in the past. In order to keep pace with the adversary’s evolution and to continue to protect the enterprise and the endpoint, this brief will discuss how organizations can leverage integrated threat intelligence to empower predictive and preemptive cybersecurity operations.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 03:30 PM|Wednesday, June 19, 2019 04:00 PM
Nozomi Networks: Accelerating Industrial Cybersecurity; Protecting Production & Profits

With recent attacks on industrial targets proliferating, protecting industrial and critical infrastructure environments has emerged as a top priority. This session will detail emerging threats and share specific recommendations to reduce risk to your industrial operations.

Speaker: Suzanne Spaulding; DHS Former Asst. Secretary of National Protection

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 03:30 PM|Wednesday, June 19, 2019 04:00 PM
NTT: Securing Intelligent Consumer Data
Shamlan Siddiqi, CTO, NTT DATA

The interconnected digital world creates an unprecedented volume of data about consumers. The changing perceptions of consumers towards data security and privacy and corporate use of Data/Analytics/AI, create new challenges. Businesses must help consumers be empowered about their data, securely. Shamlan Siddiqui of NTT DATA will show how enterprises can start thinking about their data differently.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 03:30 PM|Wednesday, June 19, 2019 04:00 PM
VMware: Additional Session Details Coming Soon

VMware: Additional Session Details Coming Soon

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 03:30 PM|Wednesday, June 19, 2019 04:00 PM
Tanium Inc.: Visibility Is More Than Asset Management

A lack of visibility and control across endpoints – laptops, servers, virtual machines, containers, or cloud infrastructure – not only prevents CIOs and CISOs from making confident decisions, it also leaves organizations open to disruption.
Join leaders from Tanium and your peers for a deep-dive discussion on how to overcome CIO and CISO challenges related to endpoint management.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 03:30 PM|Wednesday, June 19, 2019 04:00 PM
Secureworks: Operating a World-Class SOC

The day-to-day activities in your SOC boil down to how fast you detect a threat, and then how fast you can act on it. It’s all about speed. But speed requires threat intelligence, the right processes, and a set of tools to get the job done. Join this session to take home the tools and processes that work and learn what doesn’t work when detecting and responding to threats. Terry McGraw has spent decades in security operations for the U.S. Military, and now leads a team of analysts within Secureworks, one of the largest security services providers on the planet with five SOC’s that protect over 4,000 clients worldwide.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 03:30 PM|Wednesday, June 19, 2019 04:15 PM
Hitachi ID Systems: Additional Session Details Coming Soon

Hitachi ID Systems: Additional Session Details Coming Soon


Wednesday, June 19, 2019 03:30 PM|Wednesday, June 19, 2019 04:15 PM
Tenable, Inc.: Cyber-Risk Management: New Approaches for Reducing Your Cyber-Exposure

With vulnerabilities on the rise, how can you identify the biggest threats to your business – and know what to fix first? Organizations must translate raw vulnerability and threat intelligence data into business insights to help security teams prioritize and focus remediation based on risk and threat intelligence. This session describes new ways to prioritize, measure and benchmark an organization’s cyber exposure to help guide strategic decision making.


Wednesday, June 19, 2019 03:30 PM|Wednesday, June 19, 2019 04:15 PM
Agari: Unmasking BEC Scammers Using Active Defense Techniques

Business Email Compromise (BEC) scams have cost individuals and businesses more than $12.5B since October 2013. Learn how Agari and law enforcement agencies are working collectively to begin putting an end to BEC and other cybercriminal threats through the use of responsible Active Defense strategies and techniques leading to arrests and prosecution of a multinational BEC gang.


Wednesday, June 19, 2019 03:30 PM|Wednesday, June 19, 2019 04:15 PM
Sectigo: What Does it Take for End to End IoT Security? Lessons Learned & Solving the Problem
Jason Soroko, CTO of IoT, Sectigo

Connected IoT device components are born at the chip foundry, get assembled into chipsets and then into the final OEM device.  The operational lifespan includes initial boot, firmware updates and an enormous amount of data transfer and connected sessions. How do you ensure the integrity of all of this?  Learn what end to end security actually looks like.


Wednesday, June 19, 2019 03:30 PM|Wednesday, June 19, 2019 04:15 PM
MediaPRO: The 4 Mindsets of Winning Security Awareness Program Managers
Tom Pendergast, Chief Strategist, Security, Privacy, and, MediaPRO
Thomas Banasik, Sr Security Operations Center Manager, Veritas Technologies LLC

Running a successful awareness program is a job like no other. So it should come as no surprise that doing it well takes a certain mindset and some well-honed skills. Join our distinguished panel as they reflect on the mental models that lead awareness program managers to success, and the challenges and rewards you’ll have to overcome as you build a risk-aware culture in your organization.


Wednesday, June 19, 2019 03:30 PM|Wednesday, June 19, 2019 04:15 PM
MobileIron: Your Path to Zero Passwords
Brian Foster, Senior Vice President, Product Management, MobileIron

Passwords continue to be the number one cause of data breaches. Join Brian Foster, SVP of Product Management, MobileIron as he discusses a strategy to eliminate passwords using the world’s most ubiquitous product – the mobile phone. Learn how to implement a “never trust, always verify” mobile-centric zero trust security approach – a must for the modern enterprise.


Wednesday, June 19, 2019 03:30 PM|Wednesday, June 19, 2019 04:15 PM
Sophos: Reinventing Cloud Security using AI and Automation

IT infrastructure has been reimagined in the cloud, as has security. Hear how companies address challenges in cloud security with automatic discovery, inventory, response, and compliance of assets. We will walk through customer use cases to show how:
AI and automation enables teams to gain control of cloud environments
Security teams can better partner with DevOps and Compliance teams


Wednesday, June 19, 2019 03:30 PM|Wednesday, June 19, 2019 04:15 PM
Cofense: Phishing Defense: The Art of Human Intuitive Repulsion

Humans often sense when things aren’t quite right. The same is true as it applies to cybersecurity. This session examines why human intuition is a key part of phishing defense. Learn about phishing attacks seen in the wild, how attackers evolve tactics to avoid perimeter controls, and why conditioning employees to embrace "intuitive repulsion" can prevent more compromises than technology alone.


Wednesday, June 19, 2019 03:30 PM|Wednesday, June 19, 2019 04:15 PM
SailPoint: CISO Fireside Chat: Real-world Impacts of Identity Governance Programs
Richard Miller, Chief Information Security Officer, LifeBridge Health
Rob Nolan, Chief Information Security Officer, Noble Energy, Inc.
Paul Trulove, Chief Product Officer, SailPoint Technologies

As the explosion of data, applications, as well as human and nonhuman identities continue to impact organizations, businesses are addressing these challenges ensuring their identity program meets security and compliance requirements. Join this fireside chat with CISO’s overseeing programs at various stages of maturity, as they discuss identity strategy and their thoughts on the evolving market.


Wednesday, June 19, 2019 03:30 PM|Wednesday, June 19, 2019 04:15 PM
IntSights: Defend Forward: SOAR with External Threat Intelligence

Guy Nizan, cofounder and CEO of IntSights and former Israeli Defense Forces Unit 8200 intelligence officer, and Rick Rhodes, head of cyber security operations at BlueCross BlueShield of South Carolina, will present on how to operationalize external threat intelligence and why it is a critical - and often overlooked - component of your security orchestration, automation, and response capabilities.


Wednesday, June 19, 2019 03:30 PM|Wednesday, June 19, 2019 04:15 PM
Infosec; Additional Session Details Coming Soon

Infosec; Additional Session Details Coming Soon


Wednesday, June 19, 2019 04:30 PM|Wednesday, June 19, 2019 05:00 PM
This Is Totally Not a Presentation About Deception
Eric Ahlm, Sr Director Analyst, Gartner

The deception market is in full swing with a healthy field of competitors. But what is the real value of deception technology to buyers, and what approach to providing using deception will win over buyers in the long run? This presentation discusses the current trends and approaches in the deception market, and looks forward to how the market might evolve.


Wednesday, June 19, 2019 04:30 PM|Wednesday, June 19, 2019 05:00 PM
FedRAMP Demystified
Katell Thielemann, VP Analyst, Gartner

Created to support U.S. federal agencies’ adoption of cloud technologies, the FedRAMP program is attracting interest from other industry verticals and geographies. This session provides security and risk management leaders with key factors to consider when evaluating FedRAMP-authorized cloud options.


Wednesday, June 19, 2019 04:30 PM|Wednesday, June 19, 2019 05:00 PM
How to Cope With GDPR and Other Major Regional Privacy Regulations
Jie Zhang, Sr Director Analyst, Gartner

Regional and country-specific privacy mandates continue to increase. Mapping commonalities and managing risks for differences are crucial for security and risk leaders. This presentation offers a guide on reusing GDPR compliance investment for other major privacy requirements.


Wednesday, June 19, 2019 04:30 PM|Wednesday, June 19, 2019 05:00 PM
Gartner's Strategic Vision for Vulnerability Management
Craig Lawson, VP Analyst, Gartner

Earlier this year we published updated guidance on how to better run this foundational security process. This presentation will go over this new way of doing vulnerability more effectively.

- Why we made some significant changes to our guidance on this critical process
- What does the new RBVM actually look like
- How to bring this to life inside your own security programs


Wednesday, June 19, 2019 04:30 PM|Wednesday, June 19, 2019 05:00 PM
Constructing a Layered Cloud Security Architecture
Richard Bartley, Sr Director Analyst, Gartner

How do you start building a cloud security architecture? Do you use business needs and context to guide the selection of logical controls? What cloud provider native and third-party vendor security are available as security components? This session presents steps to construct cloud security architecture while aligning with required best practices, frameworks and standards.


Wednesday, June 19, 2019 04:30 PM|Wednesday, June 19, 2019 05:00 PM
How to Redefine Your Email Security Strategy for 2020 and Beyond
Neil Wynne, Principal Analyst, Gartner

Organizations continue to be plagued (and breached) by malicious emails because they’re using a fragmented approach that is inadequate against evolving attack tactics. Join us for a fresh perspective that will cover: 1. What are the components of an effective security strategy? 2. Why are the advantages of evaluating various email security controls as part of a platform rather than individually. 3. What is the best way to determine which vendors meet your requirements?


Wednesday, June 19, 2019 04:30 PM|Wednesday, June 19, 2019 05:00 PM
What to Know When Buying Incident Response and Data Breach Response Services
Toby Bussa, VP Analyst, Gartner
Brian Reed, Sr Director Analyst, Gartner

Buyers are increasingly adding incident response services, but fewer are adding data breach response services. These are distinct offerings, but often confused as being the same service. In this session for S&RM leaders we explain the differences between the services, the questions to consider when determining if you need one or both, and the provider landscape for these services.


Wednesday, June 19, 2019 04:30 PM|Wednesday, June 19, 2019 05:00 PM
Blockchain, Is This Stuff Secure? How CISOs Can Evaluate the Security Risks of Blockchain
Mark Horvath, Sr Director Analyst, Gartner

Blockchain has become a much-hyped technology with a lot of potential. Yet, with cyberthreats and data breaches, is this technology secure? As blockchain becomes more mainstream, CISOs must understand the security and privacy implications. What are the security risks of different models blockchain trust? What are the PKI issues inherent in blockchain and what's the best way to address them?


Wednesday, June 19, 2019 04:30 PM|Wednesday, June 19, 2019 05:00 PM
Why the CISO Needs to Care About Fraud, and What Can Be Done About It
Jonathan Care, Sr Director Analyst, Gartner

Fraud has historically been seen as a separate problem from information security and IT security. Yet for some time, its been clear that serious and organised fraud rings are using the same tricks as seen in advanced hacking attempts. Security and Risk management leaders attending this will benefit from learning how to align their fraud, risk and technical security resources and how improved intelligence can assist in this complex task.


Wednesday, June 19, 2019 04:30 PM|Wednesday, June 19, 2019 05:20 PM
Roundtable: CISO Huddle
Randy McCausland, VP, Team Manager, Gartner
Steve Wenc, VP, Team Manager, Gartner

Whether you’re a veteran huddler or a novice, it simply doesn’t matter. Come join your peers for an on-site version of the CISO Huddle to talk about all things security. No set agenda or topic; it’s what you want to talk about!

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 19, 2019 05:15 PM|Wednesday, June 19, 2019 05:45 PM
Operational Technology Security Market, Where Is the Opportunity?
Ruggero Contu, Sr Director Analyst, Gartner

This presentation will highlight the opportunities made available to security tech providers and provide guidance on the roles, controls and approaches to focus on to be successful in this fast maturing market.


Wednesday, June 19, 2019 05:15 PM|Wednesday, June 19, 2019 05:45 PM
Why the BIA Is Essential for Cyber-Response Planning
David Gregory, Sr Director Analyst, Gartner

The business impact analysis (BIA) is the essential foundation for the development of cross-functional business continuity and disaster recovery plans. This session will cover how the BIA can provide vital information in the preparations for managing a cyberattack.


Wednesday, June 19, 2019 05:15 PM|Wednesday, June 19, 2019 05:45 PM
Vendor Risk Management Is Now a Must-Have Discipline
Christopher Ambrose, VP Analyst, Gartner

Vendor risk management isn’t just required in highly regulated industries, its good practice in all industries. But today’s approaches are mired in lengthy and complex assessment surveys that span a variety of threats and risks. This session will discuss how to improve and enhance your model for managing vendor risks. 1) Why is vendor risk management important now? 2) What are the current best practices in a vendor risk management life cycle? 3) How can we improve the efficiency and value of our vendor risk management programs?


Wednesday, June 19, 2019 05:15 PM|Wednesday, June 19, 2019 05:45 PM
Creating Security Monitoring Use Cases With the MITRE ATT&CK Framework
Augusto Barros, VP Analyst, Gartner

The MITRE AT&CK framework has quickly become a popular tool for many security operations practices. This session illustrates how it can be used to address some of the most common challenges of security operations centers: How to create security monitoring use cases? How do we know if we are looking for right things? What should be the starting list of use cases on our SIEM deployment?


Wednesday, June 19, 2019 05:15 PM|Wednesday, June 19, 2019 05:45 PM
Five Questions on Security and Risk That You Must Be Prepared to Answer at Your Board Meetings!
Sam Olyaei, Director Analyst, Gartner

It is now common practice, and in certain cases mandated by regulation, for a board of directors to require periodic reporting and event-based updates on the state of security and risk management in an enterprise. Developing and communicating an effective message that balances the need to protect with the need to run your business is critical to success. However, in many cases, Security and Risk Leaders are left frustrated and/or unable to answer elementary questions that the Board asks. This presentation will discuss: 1) What is the role of the board and what do they care about?
2) What are some of the most common questions that Board Members Ask? (and a talk track for these questions)
3) How can Security and Risk Leaders flip the conversation to educate the Board on issues that they need to know about?


Wednesday, June 19, 2019 05:15 PM|Wednesday, June 19, 2019 05:45 PM
Everything You Need to Know About the Ever-Changing DDoS Threat
Lawrence Orans, VP Analyst, Gartner

In 2018, we saw a 1.3 Tbps attack against Github, the largest DDoS incident ever. The bad guys continue to innovate and launch ever more damaging attacks. In this session, we will analyze strategies for mitigating DDoS attacks and provide guidance for finding a solution that will match your budget.


Wednesday, June 19, 2019 05:15 PM|Wednesday, June 19, 2019 05:45 PM
The Characteristics of a Defensible, Risk-Based Cybersecurity Program
Tom Scholtz, Distinguished VP Analyst, Gartner

Effective cybersecurity is predicated on a defensible program. This presentation introduces and discusses the characteristics of a defensible security program.
Key issues:
- What are the components of a cybersecurity program?
- What makes the program defensible to key stakeholders?


Wednesday, June 19, 2019 05:15 PM|Wednesday, June 19, 2019 05:45 PM
The Six Principles of Successful Network Segmentation Projects
Jeremy D'Hoinne, VP Analyst, Gartner

Enterprise architecture evolves, but network segmentation remains a foundational element for network security leaders. While the principle is not new, finding the right balance between security and agility remains difficult. Many network segmentation projects fail before they reached the expected objective. Successful network security design projects require to:
1. Understand what segmentation should achieve, and what are the required complementary approaches
2. Leverage best practices for zoning decision, policy management and segmentation enforcement
3. Know where to start, and when to stop


Wednesday, June 19, 2019 05:15 PM|Wednesday, June 19, 2019 05:45 PM
Successfully Managing the Risks in Medical Devices: Hidden Dangers to Life and Limb
Nader Henein, Sr Director Analyst, Gartner

A mounting challenge for SRM leaders is the increasing volume of integration and capabilities in medical devices as they rapidly overtake the traditional market, promising better, more consistent monitoring, prevention and care. These devices cost millions of dollars to develop and test before they ever touch a patient; the focus is on consistency and resiliency. But too often, the security of those devices isn’t well-tested as device manufacturers rush to integrate these devices in the growing mesh of connected healthcare offerings. Hacks of medical devices could become a multibillion dollar nightmare for patients and the industry. This session identifies the five critical aspects in the connected device ecosystem putting patients at risk and how to navigate them successfully.


Wednesday, June 19, 2019 05:45 PM|Wednesday, June 19, 2019 08:45 PM
Power Up at the Pixel Party

Travel back in time with your favorite old school video games at Carbon Black's hospitality suite in National Harbor 7. We hope you remember them fondly and enjoy playing them again!


Wednesday, June 19, 2019 05:45 PM|Wednesday, June 19, 2019 08:45 PM
Join us at the Proofpoint Pub for Bacon and Bourbon Tasting

Stop by the Proofpoint Hospitality Suite for a bit of bacon and bourbon in a British pub atmosphere. Chat with our sommeliers about whiskeys from across the pond. The bacon, pub food, and whiskey tastings are on us….
● Wednesday, June 19
● 5:45 pm – 8:45 pm
● National Harbor 12


Wednesday, June 19, 2019 05:45 PM|Wednesday, June 19, 2019 08:45 PM
Get Smart in the Netskope Cloud Lounge

Netskope: Additional Hospitality Suite Details Coming Soon


Wednesday, June 19, 2019 05:45 PM|Wednesday, June 19, 2019 08:45 PM
Cisco Hog Wild

All attendees are invited to cruise over to National Harbor 5 for a night of blues, beer, and BBQ plus a chance to win a new Harley-Davidson motorcycle.


Wednesday, June 19, 2019 05:45 PM|Wednesday, June 19, 2019 08:45 PM
Handcrafted Cocktails With a Chance of Magic

Bitdefender: Additional Hospitality Suite Details Coming Soon


Wednesday, June 19, 2019 05:45 PM|Wednesday, June 19, 2019 08:45 PM
Okta: Additional Hospitality Suite Details Coming Soon

Okta: Additional Hospitality Suite Details Coming Soon


Wednesday, June 19, 2019 05:45 PM|Wednesday, June 19, 2019 08:45 PM
Veracode Gin Joint

Prohibition ends here – Break the rules and head over to the local speakeasy for a night to remember. Enjoy a glass of “giggle juice” and join us for good conversation, lively entertainment, delectable desserts and so much more. Be sure to enter quietly; leave silently. We don’t want any attention drawn to our secret – Remember discretion is paramount. No Snitches allowed!

Secret passcode required. Stop by Veracode Booth #155 to learn more.


Wednesday, June 19, 2019 05:45 PM|Wednesday, June 19, 2019 08:45 PM
Forcepoint Clubhouse

And They’re Off!
Don’t leave the Summit on the
backstretch—Head to the Forcepoint Clubhouse for a night at the races!
Wednesday, June 19
Post Time: 5:45 p.m. – 8:45 p.m.
Track Number: National Harbor 13


Thursday, June 20, 2019 07:00 AM|Thursday, June 20, 2019 12:15 PM
Enterprise IT Leaders Members Lounge

Join your Enterprise IT Leader peers in an exclusive lounge area, providing space to network with Peers and Leadership Partners, refresh and get some work done between sessions.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Thursday, June 20, 2019 07:00 AM|Thursday, June 20, 2019 12:15 PM
Concierge Hours

Not sure which exhibitors to meet with or what sessions to attend? Let Gartner Event Concierge help you create a custom agenda and schedule meetings. Just email us at Jaimee.Zimmerer@gartner.com pre-event or once you arrive, and we’ll be in touch soon.


Thursday, June 20, 2019 07:00 AM|Thursday, June 20, 2019 12:15 PM
Registration


Thursday, June 20, 2019 07:30 AM|Thursday, June 20, 2019 08:30 AM
Attendee Breakfast


Thursday, June 20, 2019 08:30 AM|Thursday, June 20, 2019 09:15 AM
Guest Keynote: Harnessing the Headwinds of Change
Nicole Malachowski, Retired U.S. Air Force Col., First Woman Thunderbird Pilot, Fighter Squadron Commander, Combat Veteran, White House Fellow and Advisor,

In flying, headwinds slow you down. At their worst, they cause you to change your plans and impact the effectiveness of weapons in combat. Headwinds demand that pilots be resilient and resourceful, literally on the fly. “Headwinds are the perfect metaphor for the change impacting organizations and individuals today,” says 21-year Air Force veteran Nicole Malachowski. A former fighter squadron commander and mission-ready pilot in three operational fighter squadrons and the first woman to fly on the Air Force Thunderbirds, Nicole has the perfect message to inspire audiences to think differently about the headwinds of change they face – organizationally and personally. Drawing on her extraordinary Air Force career, Nicole offers lessons on leadership, followership, and overcoming adversity. She weaves storytelling with breathtaking video from the cockpit of her jet as the Thunderbirds execute precision turns, rolls, and loops – all just 36” from one another at 400 mph and just 300 feet off the ground. Nicole’s keynote helps audiences ignite their own indomitable spirit in order to succeed far beyond what they might dream. “Failure isn’t fatal,” she says, “it’s the price of entry if you want to achieve something great.”


Thursday, June 20, 2019 08:30 AM|Thursday, June 20, 2019 09:30 AM
Roundtable: Is Your UEM/EMM/MDM Meeting Your Requirements?
Rob Smith, Sr Director Analyst, Gartner

This roundtable will discuss what's working and what isn't indevice management and security for enduser computing covering unified endpoint management (UEM), enterprise mobility management (EMM) and mobile device management (MDM).

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Thursday, June 20, 2019 08:30 AM|Thursday, June 20, 2019 09:30 AM
Roundtable: Application Security Strategies for a Midsize Enterprise
Dale Gardner, Sr Director Analyst, Gartner

This roundtable will bring together security and risk management leaders to share their experiences with embedding application security into their midsize enterprises. It will be an opportunity to discuss with peers what has worked, lessons learned, and how to effectively budget and prioritize efforts within the context of the midsize enterprise.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Thursday, June 20, 2019 08:30 AM|Thursday, June 20, 2019 09:30 AM
Roundtable: Overcoming Cybersecurity Staffing and Skill Shortages in Midsize Enterprises
Neil Wynne, Principal Analyst, Gartner
Paul Furtado, Sr Director Analyst, Gartner

Many midsize enterprises are struggling to attract and retain cybersecurity talent. Join us for this peer-driven discussion on how to manage with a small team. How have you successfully overcome these constraints? When is a managed service the answer? What makes the most sense to keep in-house? Preregistration is required. Seats are limited.
This session is a good fit for you if your organization has between five and 50 people in IT and an IT budget between $5 million and $30 million. We prequalify attendees for midsize enterprise sessions based on annual revenue between $50 million and $1 billion.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Thursday, June 20, 2019 08:30 AM|Thursday, June 20, 2019 09:30 AM
Roundtable: Cyber-physical Systems Security — Focus on Connected and Autonomous Vehicles
Katell Thielemann, VP Analyst, Gartner

Discuss challenges, lessons learned, opportunities and latest trends with your peers in a facilitated roundtable discussion.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Thursday, June 20, 2019 08:30 AM|Thursday, June 20, 2019 09:30 AM
Roundtable: Practical Privacy — Handling HR Data
Nader Henein, Sr Director Analyst, Gartner

Employee data is processed in every organization and comprises the highest privacy risk in many. Successful SRM leaders should actively administer human resources application and vendor risk by enforcing privacy engineering principles given the mounting exposure.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Thursday, June 20, 2019 09:15 AM|Thursday, June 20, 2019 09:45 AM
Networking Break


Thursday, June 20, 2019 09:45 AM|Thursday, June 20, 2019 10:15 AM
Claroty: Navigating the Convergence of OT and IT Security
Rob Nolan, Chief Information Security Officer, Noble Energy, Inc.

The role of the CISO at many industrial enterprises now includes protecting OT networks against security threats, but the complexity of integrating OT and IT security can be daunting. In this session, Rob Nolan, CISO of Noble Energy, and Dave Weinstein, Claroty CSO and former CTO of New Jersey, will discuss key takeaways and lessons learned from the challenges of IT/OT convergence.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Thursday, June 20, 2019 09:45 AM|Thursday, June 20, 2019 10:15 AM
Informatica LLC: Intelligence and Automation for Continuous Data Privacy Readiness
Russell Feldman, Vice President of Data Privacy and Protection, Informatica
Roger Hale, Chief Information Security Officer , Informatica

GDPR, CCPA, breaches and digital transformation are driving data security, data security governance and privacy together. We will explore the evolving risks all organizations are facing and how organizations can protect and govern personal data and demonstrate compliance.

Learn how AI and automation can improve data security, help govern sensitive data and improve privacy readiness.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Thursday, June 20, 2019 09:45 AM|Thursday, June 20, 2019 10:15 AM
BlueCat Networks (USA) Inc.: Intelligent DNS: From Threat Vector to Secret Weapon

Private DNS is architected for scale and reliability, not security. Most network administrators ignore this intrinsic tradeoff, seeing DNS as infrastructure. Malicious actors bank on this, using DNS to infiltrate networks. DNS shouldn’t resolve every query. DNS data can identify and prevent malicious activity on the network. Let's think differently and talk about DNS as a cybersecurity asset.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Thursday, June 20, 2019 09:45 AM|Thursday, June 20, 2019 10:30 AM
Menlo Security: Additional Session Details Coming Soon

Menlo Security: Additional Session Details Coming Soon


Thursday, June 20, 2019 09:45 AM|Thursday, June 20, 2019 10:30 AM
Morphisec, Inc.: Bulletproof Windows10 Security Made Simple
Ronen Yehoshua, CEO, Morphisec

Enterprises migrating to—or already on—Win10 have the ideal opportunity to maximize their security profile while simplifying operations, without additional cost or complexity. Leading-edge technology allows users to fully leverage the integrated Win10 security tools providing a critical prevention layer against advanced in-memory attacks, exploits, fileless attacks, zero-days and evasive malware.


Thursday, June 20, 2019 09:45 AM|Thursday, June 20, 2019 12:45 PM
CISO Research Discussion: Transforming Security Governance for Speed and Agility (Repeat)
Christopher Mixter, VP, Advisory, Gartner

As IT and business technologists expand their use of Agile and DevOps, effective CISOs are redesigning their governance practices to position Information Security as an accelerator of agility and speed-to-market. In this three-hour interactive session, we’ll see how the CISOs at JP Morgan, Cisco, and ADP make speed and agility design principles of information security governance, via a combination of self-service, embedding security expertise in development tools, and, creating a “pull” from developers to add information security to their competency set. Attendees will have the opportunity to discuss shared challenges and best practices. This session will be repeated on Thursday, June 20, at 9:45 a.m.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Thursday, June 20, 2019 10:45 AM|Thursday, June 20, 2019 11:30 AM
A ContinuousNext Organization Requires Risk-Aware Culture to Succeed
Earl Perkins, Managing Vice President, Gartner

Almost 50% of CIOs indicate that culture is the biggest barrier to digital business success. Culture is one of five major imperatives of ContinuousNext, a strategy to converge IT with its organization. A risk-aware culture ensures that the protection of that convergence is a priority. This presentation Introduces ContinousNext, risk culture fundamentals, and actions to ensure risk-aware culture.


Thursday, June 20, 2019 10:45 AM|Thursday, June 20, 2019 11:30 AM
A Practical Guide to Privacy in Blockchain
Mark Horvath, Sr Director Analyst, Gartner

Blockchain is a technology that depends on widespread, public dissemination of information to generate trust and resilience. However, this is often seen as a problem for privacy, especially with regulations like GDPR which hold a high bar for consent and data privacy. Can blockchain meet these kinds of regulatory requirements? If so how? What are the limits of blockchain in protecting user data?


Thursday, June 20, 2019 10:45 AM|Thursday, June 20, 2019 11:30 AM
Outlook for Identity and Access Management 2019
Henrique Teixeira, Sr Director Analyst, Gartner

IAM encompassess workforce and customer identities and access, to manage risk, reduce fraud and other losses, and enable desired business outcomes. Digitalization forces IAM leaders to focus on time to value, employee engagement, and customer satisfaction.
Key Issues:
What does a successful IAM program look like?
How can IAM quickly deliver real business value and support cyber defense?
How will IAM technology investments evolve?


Thursday, June 20, 2019 10:45 AM|Thursday, June 20, 2019 11:30 AM
How Digital Society and Your Ethics Impact Privacy
Bart Willemsen, VP Analyst, Gartner

Digital society is a fact, taking shape as we continue to develop our organizations and value propositions in communities, contact and collaboration. The changes ahead may be unforeseen, though must be guided and chosen deliberately to maintain universal human rights like privacy and freedom. Ethical dilemmas enable the conversation and provide the choices to be made to achieve the synergy needed between what your customer wants and what your technologies enable.


Thursday, June 20, 2019 10:45 AM|Thursday, June 20, 2019 11:30 AM
Innovation in Network Security Moving From Preventing to Detecting
Nat Smith, Sr Director Analyst, Gartner
John Watts, Sr Director, Analyst, Gartner

For years, network security has been built and deployed to erect a strong and impenetrable perimeter under the assumption preventing anything malicious from getting in means everything is implicitly safe on the inside. That is now a bad assumption and your customers know it. Come learn how to evolve your products for success through detection.


Thursday, June 20, 2019 10:45 AM|Thursday, June 20, 2019 11:30 AM
Top Challenges Security and Risk Leaders Face in China
Jie Zhang, Sr Director Analyst, Gartner

As the second largest economy, China continues to attract businesses to enter the market and expand as these businesses grow. But, security and risk leaders face a set of unique challenges. How to understand these challenges and apply best practices will enable CISOs and risk leaders to assure business successes.


Thursday, June 20, 2019 10:45 AM|Thursday, June 20, 2019 11:30 AM
Enabling DevSecOps With IAM
David Chase, Sr Director Analyst, Gartner

To speed up the development and delivery of quality software and increase it's security, we must manage our identities, their authentication, authorization, roles, and privileges across system and enterprise boundaries.


Thursday, June 20, 2019 10:45 AM|Thursday, June 20, 2019 11:30 AM
Further Evolution of Modern SOC: Automation, Delegation, Analytics
Anton Chuvakin, Distinguished VP Analyst, Gartner

This presentation presents a structured approach to plan, establish and efficiently operate a modern SOC. Gartner clients with successful SOCs put the premium on people rather than process and technology. People and process overshadow technology as predictors for SOC success or failure.

● Do I need a SOC and can I afford it?

● Where can I rely on automation and where do I need to outsource or delegate?

● Can SOAR tools really automate my SOC?


Thursday, June 20, 2019 10:45 AM|Thursday, June 20, 2019 11:30 AM
My CyberLife Scenario 2035
F. Christian Byrnes, Distinguished VP, Research, Gartner

Predicting the future is always uncertain, but there are trends and technologies in play today that can give us a glimpse of how business and security might look in 15 years. What will happen with security when everyone, everywhere is connected by 6G? How will technologies like Artificial Intelligence and Smart Contracts impact commerce? How will Quantum Computing effect security and privacy? Explore some possibilities, and catch a glimpse of what the world might look like in 2035!


Thursday, June 20, 2019 11:45 AM|Thursday, June 20, 2019 12:15 PM
Three Scenarios You Should Add to Your Incident Response Plan
Brian Reed, Sr Director Analyst, Gartner

Most organizations have an incident response plan to cover malware outbreaks, or very specific data loss scenarios. There are three additional scenarios that every incident response plan should include, and this session will cover what you should add to your incident response plan to better cover incidents of compromised credentials, insider threats and ransomware.


Thursday, June 20, 2019 11:45 AM|Thursday, June 20, 2019 12:15 PM
A Practical Guide to Creating a Useful Cybersecurity Risk Appetite Statement
Jeffrey Wheatman, VP Analyst, Gartner

How much risk is too much? Let's manage to our risk appetite! Sounds easy, but most CISOs don't know what their enterprise or cybersecurity risk appetite is. Join us on a trip to effective and efficient risk management.
1 - What is risk appetite and why you need to know yours?
2 - Best practices for having risk appetite discussions
3 - What does a good cybersecurity risk appetite statement look like?


Thursday, June 20, 2019 11:45 AM|Thursday, June 20, 2019 12:15 PM
The Future of Application Security Testing
Ayal Tirosh, Sr Principal Analyst, Gartner

Application security testing is challenged by the pace and complexity of application development and questions exist around the value they add. In this session, we will cover how application security testing technologies might advance in the coming years or how alternatives may emerge.


Thursday, June 20, 2019 11:45 AM|Thursday, June 20, 2019 12:15 PM
Challenges Integrated Risk Management Solutions Need to Address
Elizabeth Kim, Principal Analyst, Gartner

Transforming governance, risk and compliance (GRC) to integrated risk management (IRM) means that IRM solution providers must deliver solutions that meet customer demand for greater value from their IRM investment. IRM solution providers should understand the gaps of current GRC solutions to address customer challenges through the delivery and development of your IRM solutions.


Thursday, June 20, 2019 11:45 AM|Thursday, June 20, 2019 12:15 PM
Weaver or Slow Poke: All Drivers Need a Strategic Roadmap for Organizational Resilience
Roberta Witty, VP Analyst, Gartner

Organizational resilience must evolve with the changing needs of the modern digital world. Gartner offers a three- to five-year outlook and guidelines for security and risk management leaders to advance this discipline and achieve business outcomes. This presentation will discuss how to rollout an organizational resilience program that matches your organizational driving type.


Thursday, June 20, 2019 11:45 AM|Thursday, June 20, 2019 12:15 PM
The NIST Cybersecurity Framework v1.1 — What's New and How This Impacts You
Khushbu Pratap, Sr Principal Analyst, Gartner

This session discusses changes introduced in NIST CSF v1.1, NIST 800-53 v5, and RMF v2, as well as NIST 800-53 A (assessment guidance) and how it impacts existing cybersecurity activities.


Thursday, June 20, 2019 11:45 AM|Thursday, June 20, 2019 12:15 PM
Improve Technology Risk and Cybersecurity Through Better Customer Experience
Paul Proctor, Distinguished VP Analyst, Gartner

Great engagement between stakeholders is an essential component to the success of any risk and security program. Treat the experience of how risk and security is delivered as a fundamental component of what is delivered. The same techniques used to excel in customer experience can also be used to improve the delivery of appropriate technology risk and cybersecurity.


Thursday, June 20, 2019 11:45 AM|Thursday, June 20, 2019 12:15 PM
Focus More on the Realities of Cyber-physical Systems Security Than on the Concepts of IoT
Katell Thielemann, VP Analyst, Gartner

Siloed IoT/OT implementation and management distract from the real security and safety implications of the convergence of digital technologies and physical assets. To be effective, security and risk management leaders must instead holistically address the needs of cyberphysical systems. This session will discuss the opportunities and challenges related to securing cyberphysical systems.


Thursday, June 20, 2019 11:45 AM|Thursday, June 20, 2019 12:15 PM
Not Your Grandfather's Encryption: Emerging Approaches for Privacy-Enhanced Computation
Ramon Krikken, VP Analyst, Gartner

With cloud becoming a must-have or can't-avoid for many organizations, security teams are increasingly concerned with advanced attacks and regulatory requirements around data confidentiality and privacy. This session first covers basic encryption and key management in the cloud, and then examines other techniques — including emerging hardware-based approaches — that increase the trustworthiness of cloud-based infrastructure-as-a-service (IaaS).


Start planning your agenda now.