Agenda
Our Gartner experts, who are at the top of their fields, helped attendees address their most critical challenges. These key topics kickstarted conversations around priorities and initiatives so that attendees could tackle what was most important to them.
Faced with a fragmented, interdependent world, cybersecurity leaders have less control over decisions around cyber risk than ever before. This track gives you practical guidance on how to manage security teams, and stakeholders, through the evolving threat landscape.
Hybrid work and cloud/everything as a service have reframed security around a zero-trust identity and API security. Leading organizations are simplifying the complexity for understaffed and overwhelmed teams. This track provides strategy and tactics to help you plan.
Spanning the cycle from developers to customers, today’s leaders face a wide, diverse array of both risks and ways to manage, mitigate and respond to them. These sessions provide practical, real-world guidance on achieving a more secure software development life cycle and data management program.
SecOps is evolving from securing the business’s systems to securing its business operations as well. This track helps you understand the expanding attack surface, use automation to standardize, and prepare to effectively respond to a security incident.
Due to new challenges and lack of agility in program management, cybersecurity leaders struggle to mature their cyber and IT risk management practices beyond conducting assessments. This track highlights the latest trends and tools to help you improve automation and models.
Security product leaders must transform their offerings to be relevant in a new world and culture, rethink strategies and anticipate new buyer needs. This track focuses on helping leaders simplify and reframe current product offerings to succeed in changed markets.
As the role evolves, CISOs must adapt to ensure that the organization can balance risk decisions with business goals. The CISO Circle provides targeted content, workshops and networking opportunities. Join us and form valuable connections with peers and Gartner experts. (*Application is required.)
Gartner for Technical Professionals research explores insights into the security best practices, methodologies and tools needed to ensure operational success. Sessions provide advice on architecting, implementing and operating security controls for the hybrid enterprise.
Midsize organizations face the same threats and manage the same vulnerabilities as large ones, but with limited people, budget and time. This track provides pragmatic advice on overcoming the resource obstacles and applying the right level of protection and risk management.
Anyone in security can benefit from a greater awareness of diversity, equity and inclusion (DEI) efforts, but it is increasingly a mandatory skill set for leaders. This track helps you frame your DEI efforts with a security lens and assists you in your efforts to reduce intentional and unintentional bias.
Identity is a critical foundation for the security of the systems that support our rapidly expanding virtual world. This track ensures you have the tools and insights to support effective identity and fraud initiatives, enabling organizational success.
Tuesday, June 07, 2022 / 01:30 PM - 02:15 PM EDT
Andrew Walls, Distinguished VP Analyst, Gartner
Katell Thielemann, VP Analyst, Gartner
This keynote will deliver a repeatable methodology, grounded in sci-fi prototyping, that will allow you to identify the threats, vulnerabilities, and risks that organizations will face and develop the tools to fight them. We will map the evolution of the new cybersecurity leader over a 10-year period illustrating practical implementations of the methodology as it impacts with inventible barriers, fails, evolves, and re-emerges.
Tuesday, June 07, 2022 / 03:00 PM - 03:30 PM EDT
Jay Heiser, VP Analyst, Gartner
The challenges to security and risk management programs range from government/political intervention to digital business adoption to the impact of organizational culture of running a business. Security and risk management (SRM) leaders must develop a coherent program based on a clear vision and strategy. This presentation will address:
-What are the major trends affecting the security and risk management leader?
-What are the top challenges affecting the security and risk management leader?
-What actions and best practices should the security and risk management leader initiate?
Tuesday, June 07, 2022 / 03:00 PM - 03:30 PM EDT
Christie Struckman, VP Analyst, Gartner
With so much changing in both where, how and with whom work gets done, our organization’s culture needs to adapt accordingly. Use the language of attributes to understand your culture and diagnose what isn’t working now. Change those attributes to adapt to your changing ways of working, and maintain what makes your organization unique. Use our 5 step process for aligning your culture to your changing business needs.
Tuesday, June 07, 2022 / 03:00 PM - 03:45 PM EDT
Paul Rabinovich, Sr Director Analyst, Gartner
MFA is still underutilized. Passwordless authentication raises new concerns about security, administration and UX. Adaptive access is hard to implement consistently across multiple use cases. This session gives you an opportunity to ask practical questions about modern authentication that can help protect your organization against account takeover and user impersonation.
Tuesday, June 07, 2022 / 03:00 PM - 03:45 PM EDT
Bernard Woo, VP Analyst, Gartner
With Gen Z workers starting to enter into the workforce, cybersecurity leaders are confronted with managing the expectations of four different generations - within their teams and the greater organization culture. Participate in this roundtable to discuss the associated challenges and exchange ideas about how to successfully overcome them.
Tuesday, June 07, 2022 / 04:30 PM - 05:00 PM EDT
Alex Michaels, Principal, Advisory, Gartner
Ever felt you're playing catch up replacing and upskilling staff? Instead of reactive talent planning, effective CISOs create forward-looking workforce plans aligned to strategic priorities. Join us to learn how to create a workforce strategy covering recruitment, development, retention and redeployment to meet long-term goals.
Wednesday, June 08, 2022 / 10:30 AM - 11:00 AM EDT
Christie Struckman, VP Analyst, Gartner
An inclusive environment requires equal treatment of everyone. Yet, day to day, seemingly small actions can collectively and progressively create a scenario where people feel marginalized. Leaders can break habits by confronting behaviors and providing support for everyone in their organization.
Wednesday, June 08, 2022 / 10:30 AM - 11:00 AM EDT
Tricia Phillips, Managing Vice President, Gartner
Identity-first security has emerged as a theme in many major security initiatives and policies. Supporting these initiatives as well as delivering on business requirements for smooth, simple and secure access, and authentication decisions requires disparate IAM elements to work in concert. This session will provide an update on the major themes in IAM to ensure that your IAM decisions in 2022 will support the strategy of the future.
Wednesday, June 08, 2022 / 10:30 AM - 11:00 AM EDT
Jay Heiser, VP Analyst, Gartner
The top trends in this presentation represent business, market and technology dynamics that security and risk management leaders cannot afford to ignore. These trends have the potential to transform the security ecosystem and will accelerate their adoption over the next one to three years.
Wednesday, June 08, 2022 / 12:00 PM - 12:30 PM EDT
Andrew Walls, Distinguished VP Analyst, Gartner
Measuring the effectiveness of a security behaviour and culture change program (SBCP) can be tricky. Sometimes you need to get a sense of things ahead of your formal presentations to the Executive or the Board. Join this session to identify eight observable things that signal your SBCP is on the right path and helping to reduce human-born cyber risks in your organization.
Wednesday, June 08, 2022 / 12:00 PM - 12:30 PM EDT
Patrick Long, Sr Principal Analyst, Gartner
If we are to close the talent gap in cybersecurity, we must start thinking differently about how we select and cultivate talent. New collar workers — individuals who develop the technical and soft skills needed to work in tech jobs through nontraditional education paths — are handmade for midsize enterprises and tactical roles.
Wednesday, June 08, 2022 / 12:00 PM - 12:30 PM EDT
Christopher Mixter, VP, Research, Gartner
Security and risk management leaders are often treated as scapegoats in cases of breach. By the same token, digital business has propelled security and risk to become a boardroom issue, business units have increased their expectations (and demand) of their leadership, and regulatory demands are often challenging. This session will shed light on the leadership traits that aide in a successful and balanced approach between the demands of the business and the effectiveness of the leader.
Wednesday, June 08, 2022 / 02:45 PM - 03:15 PM EDT
Marty Resnick, VP Analyst, Gartner
Science fiction storytelling allows security and risk management leaders, to use exciting and intriguing stories to explain the unprecedented levels of disruptions and how they will affect their organizations and industry. This session will discuss the impact of sci-fi prototyping using the best practices and lessons learned from Gartner's own Stories From Planet B anthology.
Wednesday, June 08, 2022 / 02:45 PM - 03:15 PM EDT
Leigh McMullen, Distinguished VP Analyst, Gartner
Every year, Gartner produces impactful predictions across all practices. This presentation will compile the top predictions prepared by our cybersecurity experts for the year 2022-2023. Security and risk management leaders should monitor these trends to be successful in the digital era especially as most recognize that global change could potentially be one crisis away.
Wednesday, June 08, 2022 / 04:30 PM - 05:00 PM EDT
Tricia Phillips, Managing Vice President, Gartner
Many new digital identity initiatives rely on reliable and persistent access to smart devices, mobile phone numbers and email addresses, which inadvertently discriminate against the digitally disenfranchised. Ensuring equal but secure access to essential digital services should be a guiding principle of any digital identity initiative, and is possible with the right CIAM tools.
Wednesday, June 08, 2022 / 04:30 PM - 05:00 PM EDT
Lisa Neubauer, Director, Advisory, Gartner
CISOs keep generating detailed charts, dump them into 50-page decks and throw them at their executives, hoping that anyone knows what they are talking about ... or cares. Instead focus on these areas: (1) What messages resonate best? (2) What structures are best for executives, (3) If you must show operational metrics, how can you make them more palatable?
Thursday, June 09, 2022 / 10:30 AM - 11:00 AM EDT
Paul Proctor, Distinguished VP Analyst, Gartner
No one can tell you what your metrics should be … until now. Gartner has developed and vetted a prioritized list of metrics to describe the value of your cybersecurity program to satisfy the most challenging audiences including your board, CFO, COO, customers, partners and regulators. And we are working on benchmarks for each.
- What cybersecurity metrics should I measure?
- How can I use metrics to drive governance?
Thursday, June 09, 2022 / 10:30 AM - 12:00 PM EDT
Leigh McMullen, Distinguished VP Analyst, Gartner
Christine Lee, Sr Director, Research, Gartner
CISOs work in high stress, high burnout environments. Despite scarce resources and evolving threats, executive management and boards depend on your leadership and assurance. Are you prepared to steer your enterprise through change and crisis? This CISO Circle session will offer actionable insights for personal effectiveness and a beginner-friendly guided mindfulness practice.
Thursday, June 09, 2022 / 12:00 PM - 12:30 PM EDT
Katell Thielemann, VP Analyst, Gartner
Every year, Gartner collect data from thousands of CIOs on what matters most to them.
Join this session to learn:
• What’s most important to them
• How they role is changing
• Implications for security and risk leaders
• What to focus on next as a result
Thursday, June 09, 2022 / 12:00 PM - 12:30 PM EDT
William Candrick, Director Analyst, Gartner
With the rise of business technologists within global business — security leaders find it hard to influence decisions being made, everywhere, all of the time. This session will demonstrate how, using the concept of Cyber Judgement, top performing security teams teach their business partners how to make decisions in a risk-informed manner, and turn them into security advocates.
Thursday, June 09, 2022 / 12:00 PM - 12:30 PM EDT
Paul Furtado, VP Analyst, Gartner
A midsize guide to starting a formal cybersecurity program within your business. This session is tailored for midsize organizations who are starting or have immature security programs. It is a series of pragmatic advice that can be implemented to improve security awareness and a better security posture throughout the business.
Thursday, June 09, 2022 / 12:00 PM - 12:30 PM EDT
Lisa Pierce, VP, Advisory, Gartner
Baby boomers, Gen Xers, millennials and Gen Zers comprise your security function. Do you really understand their different behaviors and expectations? This is a must for security leadership, so that they can create an IT and security culture that leverages strengths and confronts weaknesses to uncover opportunities and overcome threats into our collaborative future. Change starts with people.
Thursday, June 09, 2022 / 02:00 PM - 02:30 PM EDT
Roberta Witty, VP Analyst, Gartner
This session highlights the importance of organizational resilience as a strategic imperative in the wake of the COVID-19 pandemic, the changing threat landscape, and the pace of digital innovation.
Thursday, June 09, 2022 / 02:00 PM - 02:30 PM EDT
Leigh McMullen, Distinguished VP Analyst, Gartner
Rebecca Lively, Deputy Director, 90th Cyberspace Operations Squadron
Christopher Raney, Deputy Executive Director, Technical Director, Naval Information Warfare Center Pacific
Andrew Walls, Distinguished VP Analyst, Gartner
Katell Thielemann, VP Analyst, Gartner
When warfare happens by remote control, Net Superiority becomes the new Air Superiority, in this session Gartner and industry experts discuss the future of warfare in cyberspace, and how every enterprise is directly on the battlefield.
Thursday, June 09, 2022 / 02:00 PM - 02:30 PM EDT
Tom Scholtz, Distinguished VP Analyst, Gartner
There is no such thing as a perfect, universally appropriate model for security organizations. Every enterprise must develop its own model, taking into consideration basic principles, practical realities and the challenges of digital transformation. This session will address the following issues: Trends and challenges in security organization design; Factors that influence security organizations; Best practices and contemporary conceptual design models for security organizations.
Thursday, June 09, 2022 / 02:00 PM - 02:45 PM EDT
Lisa Pierce, VP, Advisory, Gartner
Change starts with people. Security teams consist of baby boomers, Gen X's, millennials and Gen Z's but their managers often do not understand their different behaviors and expectations, and so have not created a working environment that taps into various generations' needs and wants. Security leadership must adapt and create an IT and security culture to uncover opportunities and overcome threats into our collaborative future.
Thursday, June 09, 2022 / 03:30 PM - 04:00 PM EDT
Tom Scholtz, Distinguished VP Analyst, Gartner
Consistent, practical strategic planning is a prerequisite for security and risk management leaders establishing and supporting the credibility of their security programs. This presentation:
- Introduces a generic security strategy planning process
- Shares the unique best practices associated with security strategy planning
- Provides practical advice on communicating the strategy to stakeholders.
Friday, June 10, 2022 / 09:00 AM - 10:00 AM EDT
Paul Proctor, Distinguished VP Analyst, Gartner
John McKinley, Founder, Great Falls Ventures
Gartner introduces our cybersecurity value delivery benchmark. Cost and value are the levers that drive every business outcome, except cybersecurity…until now. Measuring and reporting cybersecurity value delivery and establishing a standard of care accrues many benefits and shifts the landscape in cybersecurity investment and board governance. In this keynote, Distinguished Gartner analyst, Paul Proctor, will share how this new standard will incentivize appropriate investments and execution leading to improved protection levels globally.
Friday, June 10, 2022 / 10:30 AM - 11:00 AM EDT
Tom Scholtz, Distinguished VP Analyst, Gartner
We like to lament that "the users are the weakest link in the cybersecurity chain!" which means that as security and risk management leaders, you must understand the critical impact of the user community on your programs. From basic anti-phishing simulation through more proven communications techniques to sophisticated approaches based on the social science, this presentation provides insight into the latest best practices in the human aspects of security.
Friday, June 10, 2022 / 10:30 AM - 12:00 PM EDT
Marty Resnick, VP Analyst, Gartner
This workshop explores the storytelling techniques used to develop science fiction prototypes to prepare organizations' responses to disruptions.
Tuesday, June 07, 2022 / 03:00 PM - 03:30 PM EDT
Charlie Winckless, Sr Director Analyst, Gartner
Cloud security remains a top priority. This presentation summarizes the problems, recommended processes and new product types to address three key issues: What are the unique risks associated with public cloud service providers, and how can they be controlled? What are the unique security challenges of IaaS and how can they be mitigated? What are the unique control challenges of SaaS and how can they be addressed?
Tuesday, June 07, 2022 / 03:00 PM - 03:45 PM EDT
Dionisio Zumerle, VP Analyst, Gartner
With employees using all sorts of instant messaging tools, from WhatsApp to texting, enterprises are finding challenging to protect enterprise data. Some mobile applications are leaky or privacy-invasive and most of them do not allow the enterprise to monitor that there is no leakage of sensitive data. In this roundtable we will compare approaches and learn from each other about what works and what does not when it comes to instant messaging and mobile apps.
Tuesday, June 07, 2022 / 04:30 PM - 05:00 PM EDT
Neil MacDonald, Distinguished VP Analyst, Gartner
Changes in the threat landscape and ineffectiveness of current security architectures have created significant interest in zero trust security architectures. This presentation will pragmatically explore zero trust and zero trust networking and extend these concepts to operating systems, applications, users and data. Topics will include the NIST architectures for zero trust as well as technologies and vendors providing solutions.
Wednesday, June 08, 2022 / 10:30 AM - 11:00 AM EDT
John Watts, VP Analyst, Gartner
Thomas Lintemuth, VP Analyst, Gartner
Neil MacDonald, Distinguished VP Analyst, Gartner
To some, zero trust is the best path forward for information security requiring a complete rethinking of security architectures. To others, zero trust is just more of the same — with a catchier name. This session will feature multiple Gartner analysts covering zero trust arguing for and against the zero trust security paradigm. Attendees will be able to submit questions and feedback from their own zero trust journeys.
Wednesday, June 08, 2022 / 10:30 AM - 11:00 AM EDT
Nat Smith, Sr Director Analyst, Gartner
Check in to make sure you are current on network security offerings and how they complement each other, but stay to see how they are evolving and what new technologies will transform your current processes over the next few years.
Wednesday, June 08, 2022 / 10:30 AM - 11:30 AM EDT
Dawn Hubbard, Director Analyst, Gartner
IT leaders are seeing a proliferation of SaaS contracts. This session will cover:
- Key SaaS contract terms and which ones to negotiate
- Identifying and negotiating hidden SaaS costs
- How to futureproof SaaS contracts
Please note: Although some Gartner advice will be imparted in this session, attendees should come prepared to contribute their experiences and ideas.
Wednesday, June 08, 2022 / 12:00 PM - 12:20 PM EDT
Nat Smith, Sr Director Analyst, Gartner
The network firewall market faces the challenge of fulfilling multiple use cases and overlapping requirements because of the growth of hybrid environments. Although basic firewall features have become commodities, specialization in new firewall use cases such as FWaaS, cloud firewalls and OT firewalls is differentiating vendors. Come learn how to sort through the noise in the market.
Wednesday, June 08, 2022 / 12:00 PM - 12:20 PM EDT
Charlie Winckless, Sr Director Analyst, Gartner
Gartner published a new Magic Quadrant for Security Service Edge (SSE) covering the cloud-delivered security services of a SASE architecture. This session will cover how to think about solutions and vendors represented in this new market.
Wednesday, June 08, 2022 / 12:00 PM - 12:30 PM EDT
Dionisio Zumerle, VP Analyst, Gartner
With cloud-native applications, the lines between infrastructure and applications are increasingly blurry, while with DevOps, development and operations are also increasingly overlapping. Using data from a recent Gartner survey, this session will present recommendations to arrange people, process and technologies to protect application assets without slowing down the CI/CD pipeline.
Wednesday, June 08, 2022 / 02:45 PM - 03:05 PM EDT
Chris Silva, VP Analyst, Gartner
The pandemic has once again highlighted the importance of a robust endpoint security capability. With the market evolving, merging, and expanding, it is an imperative to use the most appropriate vendor or technology to meet its current and future objectives. This session will help the security and risk management leaders understanding the direction and approaches that the vendors take in the market.
Wednesday, June 08, 2022 / 02:45 PM - 03:15 PM EDT
Neil MacDonald, Distinguished VP Analyst, Gartner
Cloud-native applications are not inherently insecure, but are being deployed insecurely, driven by developers and a need for agility in service development and deployment. Security and risk management leaders must address container and Kubernetes security issues around vulnerabilities, visibility, compromise and compliance continuously across development and operations.
Wednesday, June 08, 2022 / 02:45 PM - 03:30 PM EDT
Jon Amato, Sr Director Analyst, Gartner
XDR, or Extended Detection and Response, is an extension of other technologies used for security monitoring and response, taking the analytics concepts used in tools like EDR and SIEM to a broader set of enterprise security tools. In this session we will discuss what XDR is, how your organization might benefit from using it, and whether XDR matters to you.
Wednesday, June 08, 2022 / 04:30 PM - 05:00 PM EDT
Jon Amato, Sr Director Analyst, Gartner
Endpoint now covers a wide variety of devices, and organisations invest heavily in trying to secure them. So why is it that malware attacks such as ransomware are still so prevalent. We discuss how securing the endpoint needs to go beyond protecting the individual endpoint, to protect the diverse range of endpoints that make up an organisation.
Thursday, June 09, 2022 / 10:30 AM - 11:00 AM EDT
John Watts, VP Analyst, Gartner
Zero-trust strategies for network security have gained notable popularity in recent years. However, organizations need to avoid "silver bullet" thinking and build strategies based on their desired business outcome. This session will highlight the forces that shape network security, threats that need to be addressed, and how to think about zero trust and SASE as part of an overall network security strategy.
Thursday, June 09, 2022 / 12:00 PM - 12:30 PM EDT
Charlie Winckless, Sr Director Analyst, Gartner
Extended detection and response, or "XDR," is on every security vendor’s marketing these days. But what is XDR and why do you need it? Is it an architecture or a product, and will it replace stuff you already have? This presentation explains what you need to know about XDR and what you should do about it.
Thursday, June 09, 2022 / 02:00 PM - 02:20 PM EDT
Chris Silva, VP Analyst, Gartner
Unified endpoint management — bringing together enterprise mobile and nonmobile platform management and security — is one of the hottest topics in enterprise IT. The vendor landscape is changing quickly. We present the Magic Quadrant and Critical Capabilities in this session.
Thursday, June 09, 2022 / 03:30 PM - 03:50 PM EDT
John Watts, VP Analyst, Gartner
Gartner published an update to the web application and API protection market last year. This session will cover how to think about solutions and vendors represented in this market.
Thursday, June 09, 2022 / 03:30 PM - 04:00 PM EDT
Neil MacDonald, Distinguished VP Analyst, Gartner
Enterprises are shifting to hybrid work environments to enable anywhere, anytime access to resources that are located everywhere -- in SaaS, in public cloud IaaS with some workloads in the traditional data center. A SASE strategy enables users, devices and branches zero trust access to resources, regardless of location. This session will lay out a strategic timeframe and roadmap for SASE adoption
Thursday, June 09, 2022 / 03:30 PM - 04:00 PM EDT
Tricia Phillips, Managing Vice President, Gartner
Obtaining confidence in a customer’s or employee's identity is the foundation of identity-first security. IAM leaders must understand the current state-of-the-art, balancing assurance needs with friction in the UX, while orchestrating multiple tools and becoming aware of strategic trends on the horizon.
Friday, June 10, 2022 / 10:30 AM - 11:00 AM EDT
Chris Silva, VP Analyst, Gartner
This session will cover best practices to enable users' access to corporate resources, for both times of crisis and under normal circumstances. We will examine why always-on VPN is often the wrong choice while determining what is the right one such as ZTNA, CASB, with the evolution to SASE
Friday, June 10, 2022 / 12:00 PM - 12:30 PM EDT
Dionisio Zumerle, VP Analyst, Gartner
We discuss findings from a 2022 Gartner survey on organizations that conducted SASE and XDR projects. We discuss what worked and what did not, and how vendor consolidation impacts their decisions and security strategy for these and other security projects.
Tuesday, June 07, 2022 / 03:00 PM - 03:30 PM EDT
Andrew Bales, Principal Analyst, Gartner
Data security is a top priority. This session covers current trends and emerging topics specific to data security. How organizations handle and consume data continues to rapidly evolve. Databases and cloud applications introduce rapidly evolving threats with countermeasures following slowly. Using data as the focus of security governance and architecture roadmaps is critical for any risk management program.
Tuesday, June 07, 2022 / 03:00 PM - 03:45 PM EDT
Kevin Matheny, VP Analyst, Gartner
Microservices architecture may be at the bottom of the Hype Cycle, but it's still wildly popular. This session provides an opportunity to speak directly with a Gartner expert covering microservices architecture to get answers to your burning questions.
Tuesday, June 07, 2022 / 03:00 PM - 04:30 PM EDT
Aaron Harrison, Director, Advisory, Gartner
Most orgs have two conflicting missions, developers that want to add more features, and a security team tasked with protecting the enterprise. Enforcement of security standards can be overbearing and often met with frustration. Learn how to fix this paradox by cocreating security standards, teaching secure coding practices, and automating security scans inside the Developer’s native environment.
Wednesday, June 08, 2022 / 10:00 AM - 10:50 AM EDT
William Dupre, Sr Director Analyst, Gartner
Dionisio Zumerle, VP Analyst, Gartner
Let's put API security vendors to the test in a Showfloor Showdown! The API security space is populated with many vendors using different approaches to protecting and discovering APIs. In this battle – featuring 42Crunch, Noname Security, and Salt Security – each vendor will get time to show how they would address a set of common use cases.
Wednesday, June 08, 2022 / 10:30 AM - 11:00 AM EDT
Kevin Matheny, VP Analyst, Gartner
APIs are everywhere, both inside and outside your organization. But far too many organizations do not have mechanisms in place to protect, secure and monitor APIs. This talk explains what API management is, why you need it, and how to successfully implement it within your organization.
Wednesday, June 08, 2022 / 12:00 PM - 12:30 PM EDT
Dale Gardner, Sr Director Analyst, Gartner
There are millions of open-source software projects in the world. Which ones are in your software? And what security, operational, and legal risks do they pose? Getting control and managing a myriad of risks requires information, process changed, and automated tools to spot and help remediate problems. In this session, we'll examine the various changes you should consider, along with the tools that can help in getting control.
Wednesday, June 08, 2022 / 12:00 PM - 12:30 PM EDT
Andrew Bales, Principal Analyst, Gartner
Microsoft offers wide range of data security capabilities yet clients struggle to identify which capability is provided with which license and whether Microsoft's native capabilities will meet their organization's requirements. This session will offer guidance on each of the data security feature of Microsoft like Microsoft AIP, DLP and RMS the Microsoft plus approach and best practices to implement it
Wednesday, June 08, 2022 / 02:45 PM - 03:30 PM EDT
William Dupre, Sr Director Analyst, Gartner
Organizations are looking for strategies that can be used to integrate application security into agile and DevOps processes. Share stories about successful security practices that enable process maturity and the move to DevSecOps
Wednesday, June 08, 2022 / 02:45 PM - 03:30 PM EDT
Dale Gardner, Sr Director Analyst, Gartner
Attackers are targeting software development systems, open-source artifacts and DevOps pipelines to compromise software supply chains. In this Ask the Expert session, we will answer questions on emerging trends such as software bill of materials, hermetic pipelines and binary authorization to mitigate risks both for internally developed applications and externally procured software
Wednesday, June 08, 2022 / 02:45 PM - 04:15 PM EDT
Mark Horvath, Sr Director Analyst, Gartner
While the security of applications continues to be a primary concern for CSIOs and Heads of Development, the majority of organizations still have a relatively basic (or nearly non-existent) application security testing program. This session walks through the steps you should be taking to turn your SLDC into an effective mechanism for securing applications, without breaking the bank.
Wednesday, June 08, 2022 / 04:30 PM - 05:00 PM EDT
Andrew Bales, Principal Analyst, Gartner
Organizations struggle to keep the business as the focus of their data security program. A cross-functional committee (CFC) can help keep the data security strategy centered on the business. This session will provide guidance for several questions, including "who should be included in your CFC?", "what is the importance and role of the CFC?", and "when should I establish this CFC?" among others!
Wednesday, June 08, 2022 / 04:30 PM - 05:00 PM EDT
Dale Gardner, Sr Director Analyst, Gartner
Traditional application security efforts often are reactive, incomplete, and unsuccessful in achieving their goals — barriers preventing success in scaling AppSec programs and in keeping pace with the faster pace of development. In this session, we’ll provide specific insights and guidance on how to shift programs to a more proactive, risk-based foundation better adapted to modern application development efforts — and greater AppSec success.
Wednesday, June 08, 2022 / 04:30 PM - 05:15 PM EDT
Mark Horvath, Sr Director Analyst, Gartner
DevSecOps promises to at last deliver effective application security — but lasting, tied to testing-oriented and gateway-focused approaches, guarantees failure. The urgent question then, is what does "success" look like? In this session we'll answer questions around the organizational process and the tool changes needed to help ensure a successful DevSecOps program and robust application security.
Thursday, June 09, 2022 / 10:30 AM - 11:00 AM EDT
Kevin Matheny, VP Analyst, Gartner
Your leaders are telling you they want microservices, your vendors are promising to deliver microservices, your developers want to create microservices. But, what is microservices architecture? Where should you use it, and where should you not? How do you successfully implement microservices? This talk provides answers to key client questions on microservices architecture.
Thursday, June 09, 2022 / 10:30 AM - 11:15 AM EDT
Andrew Bales, Principal Analyst, Gartner
Many organizations struggle to correctly implement a DLP solution or tool, keeping business requirements as the central driver for their data security initiatives. In this session, you can ask the expert about best practices for building a DLP program. Bring your questions ranging from business process best practices, to implementation and rollout guidance.
Thursday, June 09, 2022 / 12:00 PM - 12:30 PM EDT
Kevin Matheny, VP Analyst, Gartner
BAD decisions are Best Available Data decisions. This session introduces information-generating and decision-making techniques that architects can use to reduce risk and uncertainty in architecture decisions: Architectural Spikes, Decision Typing, Economic Frameworks, and Lightweight FMEA.
Thursday, June 09, 2022 / 02:00 PM - 02:30 PM EDT
Michael Hoeck, Sr Director Analyst, Gartner
Data breach is now more of a reality than a threat which can expose personal and corporate intellectual property. CIOs, CISOs and general counsel are teaming together to improve readiness for this reality. This session will provide insights to actionable and proactive steps to reduce exposure by establishing knowledge of your data to align with access expectations and life cycle management.
Thursday, June 09, 2022 / 02:00 PM - 02:30 PM EDT
Elle Finlayson, Senior Manager Information Security User Success, TechnipFMC
Angelique Grado, VP, Chief Information Security Officer, TechnipFMC
TechnipFMC builds technology for energy projects, systems and services and provides expertise across subsea and surface energy engineering. They develop OT and IOT products that need a very high level of security and risk management, the challenge to get all decentralised product teams across the business on the same level of maturity was the next leap for real improvements in this area. TechnipFMC CISO Angelique Grado decided to use the security champion model to create a master mind group, accelerating the opportunity and will share the brilliant results this has brought about over the last year. This is an example of not just DevSecOps, but getting application and product teams to fully embrace secure by design thinking.
Thursday, June 09, 2022 / 02:00 PM - 02:45 PM EDT
Jie Zhang, VP Analyst, Gartner
The new data security law in China, effective as of September 1, 2021, has far-reaching impacts. This analyst roundtable offers early clarity in assessing risks and an action path for organizations conducting business in or related to China.
Thursday, June 09, 2022 / 03:30 PM - 04:00 PM EDT
Michael Hoeck, Sr Director Analyst, Gartner
Vendors are merging data security capabilities into larger platforms to provide enhanced security beyond what each individual component could do alone. This forms a new capability known as “Data Security Platforms (DSP).” Not all vendors have already achieved broad coverage. This session shows the as-is state of DSP and its variants. IT leaders get into a position to judge what platform variant fits their context.
Friday, June 10, 2022 / 12:00 PM - 12:30 PM EDT
William Dupre, Sr Director Analyst, Gartner
The number an complexity of tools and techniques that make up good application security practices can be overwhelming. There are various application security testing tools, threat modeling processes, security requirements, as well as runtime security controls that need to be considered. This session will review the tools and practices that are essential to any application security program.
Tuesday, June 07, 2022 / 03:00 PM - 03:30 PM EDT
John Watts, VP Analyst, Gartner
The threat landscape is continually evolving, as attackers adapt their tactics and strategies to how businesses change. As organizations are transforming how they work, security and risk management leaders should gain baseline knowledge on:
1. The threats we all know, but still hurt us
2. How our changing world influences our threat exposure
3. The "best practices" that might not really be the best
Tuesday, June 07, 2022 / 04:30 PM - 05:00 PM EDT
Avivah Litan, Distinguished VP Analyst, Gartner
Detecting and stopping attacks and compromises against AI requires new techniques. Malicious attacks or benign AI compromises lead to different types of organizational harm and loss — financial, reputational or related to intellectual property, sensitive customer data or proprietary data, for example. These attacks and compromises need new tools and organizational structures to mitigate their harm.
Wednesday, June 08, 2022 / 10:30 AM - 11:15 AM EDT
Pete Shoard, VP Analyst, Gartner
This Ask the Expert session will focus on modern security operations centres (MSOCs). From building to outsourcing to operating and evolving, this session addresses all attendees' questions on how to get started, what to evolve first and where to get the best value for their SOC investment.
Wednesday, June 08, 2022 / 12:00 PM - 12:30 PM EDT
Dave Messett, Sr Director Analyst, Gartner
Security operation centers, fusion centers, outsourced monitoring, outsourced management, AI-guided investigations, AI augmentation — there’s a lot of hype about what the future holds for security operations and how to stop security analysts drowning in their work. So, what will it be like in the future?
Wednesday, June 08, 2022 / 02:45 PM - 03:15 PM EDT
John Collins, Sr Director Analyst, Gartner
Security operations are undergoing a transformative change when our security is planned and delivered. Do you really need to centralize data for security? Is there a single solution to solve all my security needs? How do we determine what is threat intelligence for us? Learn what technologies, processes and services will have the biggest impact on how security operations are delivered in 2022.
Wednesday, June 08, 2022 / 02:45 PM - 03:30 PM EDT
Pete Shoard, VP Analyst, Gartner
An exploratory session to discuss SOC requirements for detection and response capabilities, helping attendees identify the scenarios where a SIEM would be an appropriate choice and where more recent developments in the operations space fit with the introduction of concepts such as XDR.
Wednesday, June 08, 2022 / 04:30 PM - 05:00 PM EDT
John Collins, Sr Director Analyst, Gartner
Ever wanted to start threat hunting in your environment or contemplated what is required to do it? Here is a spoiler, you don't need a third party to do it for you as long as you have some necessary tools and capable personnel. Enter into the cyber wilds to get some foundational guidance on how your organization can perform the overly hyped and sensationalized art of threat hunting.
Wednesday, June 08, 2022 / 04:30 PM - 05:15 PM EDT
Mitchell Schneider, Sr Principal Analyst, Gartner
This roundtable discusses:
- The right metric for VM
- KRIs and KPIs to measure success of VM
Thursday, June 09, 2022 / 10:30 AM - 11:00 AM EDT
Pete Shoard, VP Analyst, Gartner
The MDR market is beginning to get to an initial stage of maturity, but there is still a high level of flux in the types of providers and the coverage of their solutions. During this session, we will offer participants a view into the direction of the market, the alignment with modern ways of working and core questions to ask providers offering these services, about their future.
Thursday, June 09, 2022 / 12:00 PM - 12:30 PM EDT
Mitchell Schneider, Sr Principal Analyst, Gartner
SIEM technologies have been a staple of the security diet for many years, but have evolved significantly over that time. During this session we will discuss the current market players, some key approaches to the market that are shaping its future direction and key trends that will influence how we consume SIEM in the future.
Thursday, June 09, 2022 / 02:00 PM - 02:30 PM EDT
Jon Amato, Sr Director Analyst, Gartner
Those responsible for vulnerability management are undoubtedly familiar with "The Pile" — the often-massive reports produced by a vulnerability assessment tool that tells us what we have to fix. Those reports are undoubtedly useful, but often intimidating due to their sheer size. In this session, we'll learn the best practices for sorting through the pile, identifying what's important stuff and getting what matters fixed first.
Thursday, June 09, 2022 / 02:00 PM - 02:45 PM EDT
Mitchell Schneider, Sr Principal Analyst, Gartner
This session discusses:
- How to do RBVM with process
- How to do RBVM with tools
- Best practices for RBVM
Thursday, June 09, 2022 / 03:30 PM - 04:00 PM EDT
Pete Shoard, VP Analyst, Gartner
A tour of the core perceptions around automation in the security operations domain, from self-developed capabilities using languages like Python and Java, embedded capabilities is SIEM platforms and case management systems and the likely future of SOAR solutions. During this session, we will explore the common misconceptions, what is realistically achievable and how best to choose the right route to automation.
Friday, June 10, 2022 / 10:30 AM - 11:15 AM EDT
Roberta Witty, VP Analyst, Gartner
This roundtable will be one where participants share how they are planning to continue business operations while the IT department is busy cleansing and recovering/rebuilding the IT infrastructure after a cyberattack. This session is not about cybersecurity incident response.
Friday, June 10, 2022 / 12:00 PM - 12:30 PM EDT
Katell Thielemann, VP Analyst, Gartner
Paul Proctor, Distinguished VP Analyst, Gartner
Just as COVID transitions from pandemic to endemic, the world is now gripped by the reality of hybrid warfare where kinetic actions may be local to the conflict, but cyber can impact anyone, anywhere. Many organizations, particularly ones in critical infrastructure sectors may be impacted either directly or indirectly. This session will cover the most pressing cybersecurity concerns as the situation unfolds and how organizations should build capabilities to deal with future conflicts.
Friday, June 10, 2022 / 12:00 PM - 12:30 PM EDT
Chris Silva, VP Analyst, Gartner
The high profile and intractability of ransomware attacks has been a big payday for the organizations behind these attacks. Reporting revenues in the $100s of Millions, todays threat landscape is witnessing a burgeoning "private sector" of threat actors with defense-grade techniques.
Motivated by financial gain, a greater volume and scope of targets means greater "success." Responding requires key investments in endpoint security, backup and recovery, and a mix of services to back up your team before, during and after an attack, something Gartner found only 13% of firms surveyed were able to avoid in 2021.
Tuesday, June 07, 2022 / 03:00 PM - 03:30 PM EDT
Bart Willemsen, VP Analyst, Gartner
Privacy-enhancing computation (PEC) techniques are one of Gartner’s top strategic technology trends for 2022. Other trends in privacy include the privacy UX, where data is allowed to be, and what you can do with AI. What are leading organizations focused on, the best capabilities to develop and how to plan your technology strategy to uncover value while making privacy a competitive differentiator
Tuesday, June 07, 2022 / 04:30 PM - 05:00 PM EDT
Paul Furtado, VP Analyst, Gartner
One of the biggest risks to our security accesses our systems on a daily basis. This presentation will focus on providing guidance on building an effective insider risk program. We will discuss the tools, tactics and techniques to balance the needs of the business with user's privacy. Recommendations will also be made on how to present the program effectively to leadership and end users.
Tuesday, June 07, 2022 / 04:30 PM - 05:00 PM EDT
Deepti Gopal, Director Analyst, Gartner
2022 introduces new ways of working in cyber risk management -- a foundation built on adaptive governance, value generation, and cyber risk management. This session will (1) debrief the three pillars in cyber risk management (2) summarize top risk projects for cybersecurity leaders with 'project cards' and (3) offer guidance on shortlisting projects.
Wednesday, June 08, 2022 / 10:30 AM - 11:15 AM EDT
Patrick Long, Sr Principal Analyst, Gartner
Join this discussion on security vendors that midsize enterprises love. Midsize enterprises are defined as organizations between $50 million and $1 billion in annual revenue and fewer than 1,000 employees. This session is a good fit for you if your organization has between five and 50 people in IT and an IT budget between $5 million and $30 million.
Wednesday, June 08, 2022 / 12:00 PM - 12:30 PM EDT
Paul Furtado, VP Analyst, Gartner
Gartner has observed a new approach to detecting and mitigating Insider Risk. Early detection and nudge-based intervention prove more cost effective than the traditional "detect, deter, destroy" model beloved by legacy security leaders. In this presentation, we outline how the new approach is not only better for the revenue line, it is also better for organizational culture and employee effectiveness.
Wednesday, June 08, 2022 / 02:45 PM - 03:05 PM EDT
Roberta Witty, VP Analyst, Gartner
Using the right tools relates to building an effective BCM program — for planning and preparedness and at time of crisis when executing response and recovery procedures. This presentation helps security and risk management leaders select the right mix of solutions and vendors for their BCM needs.
Wednesday, June 08, 2022 / 02:45 PM - 03:15 PM EDT
Christopher Ambrose, VP Analyst, Gartner
The market for vendor risk management products and services is complex, diverse and evolving, making it difficult to know how to choose the right solution. This session will highlight the key components of tools and solutions available to security and risk leaders when managing third parties
Wednesday, June 08, 2022 / 04:30 PM - 05:00 PM EDT
Katell Thielemann, VP Analyst, Gartner
2021 showed that attacks are moving closer to operational or mission-critical environments where cyber-physical systems (CPS) live. Whether they are born of OT/IT convergence or from IoT, IIoT, or Smart "X" efforts, CPS are everywhere and mandate different approaches to security than IT systems.
What are the top 10 must-dos to protect them
Wednesday, June 08, 2022 / 04:30 PM - 05:15 PM EDT
Bart Willemsen, VP Analyst, Gartner
Privacy enhancing computation has emerged as a leading trend across multiple domains. This session will focus on addressing your questions when handling personal data in data lakes and data warehouses across geographies. The goal is to extract the maximum value while maintaining a defensible posture and keeping privacy risk at bay.
Thursday, June 09, 2022 / 10:30 AM - 11:15 AM EDT
Bernard Woo, VP Analyst, Gartner
An increasing number of modern privacy regulations worldwide put strict demands on how data is handled, by whom, or even where. How do you select and control service providers? What if they suddenly announce a profound change in policy, like WhatsApp did for sharing data with Facebook? Not to mention numerous countries who want data to be nationally processed. Ask the Expert all you want to know in this area. End users only, come prepared with questions.
Thursday, June 09, 2022 / 12:00 PM - 12:30 PM EDT
Jie Zhang, VP Analyst, Gartner
Security and risk management leaders struggle to mature their cyber and IT risk management practices beyond conducting risk assessments. This session delivers a set of fundamental risk management processes that are essential to manage cyber and IT risk for their organizations.
Thursday, June 09, 2022 / 02:00 PM - 02:30 PM EDT
Bernard Woo, VP Analyst, Gartner
Privacy is profoundly impacting digital transformation priorities and lies at the core as organizations build new engagement models with consumers and relationships with employees. 2022 sits between major developments in Asia-Pacific and Europe in 2021 and the U.S. in 2023. Join this session to learn of these significant evolutions, both from the regulatory as well as technology perspectives
Thursday, June 09, 2022 / 02:00 PM - 02:30 PM EDT
Jay Heiser, VP Analyst, Gartner
Nahim Fazal, Director Analyst, Gartner
Pete Shoard, VP Analyst, Gartner
A 3-way crossfire debate on the state of the cybersecurity world. Come see leading Gartner analysts discuss how the current world events are affecting the cyber threat landscape.
Thursday, June 09, 2022 / 03:30 PM - 04:00 PM EDT
Marc Kerremans, VP Analyst, Gartner
Security and Risk Management (SRM) leaders should use process mining to assess risk by visualizing the logic of critical business process steps and their linkage to IT system dependencies. The design and effectiveness of risk controls can be significantly enhanced through an understanding of business processes using process mining
Thursday, June 09, 2022 / 03:30 PM - 04:00 PM EDT
Bart Willemsen, VP Analyst, Gartner
Organizations have continually hoarded data because it is often considered the "new gold". This habit, though, is about to be confronted with a rude awakening as privacy laws continue to demand the need for minimization throughout the data lifecycle. Join this session to learn how the rapidly evolving privacy landscape can serve as an impetus for initiating culture change around data.
Friday, June 10, 2022 / 10:30 AM - 11:00 AM EDT
Katell Thielemann, VP Analyst, Gartner
From SolarWinds to Kaseya to government bans on specific providers, supply chain security is an area of increased concerns. This session provides an overview of the technology supply chain risk management landscape, and suggested first steps for each category
Friday, June 10, 2022 / 10:30 AM - 11:00 AM EDT
Paul Furtado, VP Analyst, Gartner
Ransomware attacks have been morphing. Techniques used by the bad actors are changing. During this presentation, we will provide insight into the new tactics being used by the bad actors not only to access your environment, but what they are doing with your data once exfiltrated. Finally, we will also provide current data on the financial impact of a ransomware attack.
Friday, June 10, 2022 / 10:30 AM - 12:00 PM EDT
Bart Willemsen, VP Analyst, Gartner
Incident response is not just for CISOs. Understanding how you deal with data is one thing, but how to coordinate a response when things go wrong? It's a matter for the whole organization. How to understand the sensitivity and potential impact of your actions? Be a board member for one workshop, and use a given scenario to get comfortable with what the board requests in case risk becomes reality.
Friday, June 10, 2022 / 12:00 PM - 12:30 PM EDT
Patrick Long, Sr Principal Analyst, Gartner
Midsize enterprise (MSE) IT leaders face significant security challenges when trying to deliver IT services with small IT teams (usually fewer than 30 people) and limited IT budgets (usually less than $20 million). Join us for a discussion of the top trends that MSE IT leaders responsible for security and risk management should prioritize to stay current and proactive in protecting the organization and managing risk effectively.
Tuesday, June 07, 2022 / 03:00 PM - 03:30 PM EDT
Nat Smith, Sr Director Analyst, Gartner
Security vendors everywhere are scrambling to align with buyers’ need for security in the cloud, from the cloud and for the cloud, but where do you start? This session will highlight what is important to buyers, what are the strategic capabilities needed, what is easy that you should do right away and what is hard that you should really do anyway.
Tuesday, June 07, 2022 / 04:30 PM - 05:00 PM EDT
Patrick Hevesi, VP Analyst, Gartner
Come learn the future of cyber warfare and how to realize your Cybersecurity Mesh. This session will focus on how future technologies will play into build your security defense in depth architecture to get ahead of the most advanced attacks. We will look at how AI, Augmented Reality and Block chain can factor into your Cybersecurity Mesh Architecture of the future.
Wednesday, June 08, 2022 / 10:30 AM - 11:00 AM EDT
Mark Wah, Sr Director Analyst, Gartner
How is cloud adoption impacting security operations? Who are the new stakeholders in cloud-native security operations? Cloud-native security operations will evolve toward a federated shared responsibility model with shifting centers of gravity and ownership. Technology and service providers (T&SP) must embrace the change and adapt capabilities needed to enable new stakeholders.
Wednesday, June 08, 2022 / 12:00 PM - 12:30 PM EDT
Elizabeth Kim, Principal Analyst, Gartner
This presentation will provide use-case examples and architectural approaches to get threat intelligence to closely support security operations and a variety emerging business requirements. The presentation will define Threat Intelligence and its current adoption, provide examples of use cases and give some guidance on valuable approaches to follow to operationalize it.
Wednesday, June 08, 2022 / 02:45 PM - 03:15 PM EDT
Nat Smith, Sr Director Analyst, Gartner
Many security products advertise the use of AI, but what is important to the buyers? How are your direct and indirect competitors using AI today and what should you expect in the future? This session will help you evaluate your current AI investments, identify potential gaps and vulnerabilities and guide you to wisely invest for the future.
Wednesday, June 08, 2022 / 04:30 PM - 05:00 PM EDT
Mark Wah, Sr Director Analyst, Gartner
MDR is growing at more than 20% YoY on average. Some MDR providers are growing at high double digits and even triple digits. We have already seen a unicorn in this space and there are a few on the bubble. Explore how TSPs can enter this market or partner to capitalize on MDR's growth.
Thursday, June 09, 2022 / 10:30 AM - 11:00 AM EDT
Mark Wah, Sr Director Analyst, Gartner
Emerging risks and top security trends are driving innovation in security and risk management. Among many new areas in security that are emerging, which ones should you focus on? This session will explore high-impact emerging technologies in security and risk management.
Thursday, June 09, 2022 / 12:00 PM - 12:30 PM EDT
Dave Messett, Sr Director Analyst, Gartner
One of the hottest buzzwords in the security marketplace in 2022, XDR is the must have solution for all software vendors. But do you really have what it takes? This session will help define XDR, offer up a minimum set of use cases that must be addressable by an XDR solution and provide guidance on optimal integrations to help vendors plan their XDR strategy and roadmap.
Thursday, June 09, 2022 / 02:00 PM - 02:30 PM EDT
Mark Wah, Sr Director Analyst, Gartner
Hyperautomation has been fairly successful in security operations from the product and services perspective. Security services can achieve SaaS margins and security products can broaden integration and coverage. Join Mark Wah as he charts the growth of hyperautomation in security.
Tuesday, June 07, 2022 / 12:30 PM - 01:15 PM EDT
Patrick Hevesi, VP Analyst, Gartner
Bill Pray, Practice Vice President, Gartner
This orientation session is designed exclusively for CISO Circle attendees to help make Security & Risk Summit the most productive experience. Tips will be provided on how to navigate your way through the exclusive CISO Circle Program as well as the overall conference. Topics will include workshops, CISO luncheons and additional CISO-exclusive sessions, CIO networking and much more with plenty of time for Q&A.
Tuesday, June 07, 2022 / 03:00 PM - 04:30 PM EDT
Christopher Mixter, VP, Research, Gartner
Cybersecurity organizations operate an average of 16 different cybersecurity tools, and the industry spends upward of $65B annually in this space…yet most cybersecurity leaders see “duplicative capability and gaping holes,” not true coverage of enterprise exposures. In this workshop, attendees will learn how to move from tuning and integrating tools to truly extracting value from them, and build a best-in-class cybersecurity tool portfolio dashboard to guide future investments. This workshop is exclusive to CISO Circle attendees.
Tuesday, June 07, 2022 / 06:00 PM - 07:30 PM EDT
Patrick Hevesi, VP Analyst, Gartner
Bill Pray, Practice Vice President, Gartner
Come meet and mingle with your peers in this welcome reception.
Wednesday, June 08, 2022 / 07:30 AM - 08:30 AM EDT
Christie Struckman, VP Analyst, Gartner
Ash Ahuja, VP, Enterprise IT Leader, Gartner
Tricia Phillips, Managing Vice President, Gartner
Christine Lee, Sr Director, Research, Gartner
Lisa Neubauer, Director, Advisory, Gartner
Diverse Cybersecurity teams are more effective, but many organizations push away diverse staff through their cultivation of hero culture. Employees and candidates with primary childcare responsibilities, visible and invisible disabilities or neurodiversity, often cannot be sustainably successful in a hero culture. Join us at breakfast for an interactive panel discussion to help CISOs drive change.
Wednesday, June 08, 2022 / 10:30 AM - 11:15 AM EDT
William Candrick, Director Analyst, Gartner
Matt Chinn, Sr Principal, Research, Gartner
Beth Schumaecker, Managing Vice President, Gartner
Cloud adoption is widespread, and many organizations are now cloud-first in their technology adoption. Join your peers for a discussion on cloud security challenges and the solutions that have been most effective. Participants are encouraged to share their experiences.
Wednesday, June 08, 2022 / 10:30 AM - 12:00 PM EDT
Paul Proctor, Distinguished VP Analyst, Gartner
Your executives only care about risk, value, and cost. Why would you speak to them about anything else? This workshop will walk through the steps of identifying business processes and outcomes, aligning supporting technology stacks, and creating outcome-driven metrics to put cybersecurity in a business context.
Wednesday, June 08, 2022 / 12:30 PM - 02:00 PM EDT
Frances Karamouzis, Distinguished VP Analyst, Gartner
Jay Heiser, VP Analyst, Gartner
Charlie Winckless, Sr Director Analyst, Gartner
Bill Pray, Practice Vice President, Gartner
Patrick Hevesi, VP Analyst, Gartner
Join us for an exclusive LIVE Gartner Pitch Tank session intended to provide an opportunity for senior security leaders to shape the next generation of technology. Emerging startups with potentially disruptive products and services will showcase their innovations to an audience of executives and a panel made up of Gartner Analysts. CISOs will have the chance to disrupt the evolution of technology in cybersecurity and provide constructive feedback to a group of entrepreneurs, in a game-show format.
Wednesday, June 08, 2022 / 02:45 PM - 04:45 PM EDT
Christopher Mixter, VP, Research, Gartner
CISOs report frustration that the time and effort their teams invest in quantifying cyber risk rarely drives risk owners to take action. In this interactive Research Discussion, exclusively for CISO Circle participants, you’ll network with peers on their cyber risk quantification efforts and discover how to use CRQ to effectively influence business decision making. This session will feature a deep-dive into Verizon’s CRQ practice, which delivers trustworthy, timely, and empowering guidance to risk owners without major investment in new data and skills…and without the need to conduct scenario likelihood calculations.
Wednesday, June 08, 2022 / 04:00 PM - 05:30 PM EDT
Christine Lee, Sr Director, Research, Gartner
Leigh McMullen, Distinguished VP Analyst, Gartner
CISOs work in high stress, high burnout environments. Despite scarce resources and evolving threats, executive management and boards depend on your leadership and assurance. Are you prepared to steer your enterprise through change and crisis? This CISO Circle session will offer actionable insights for personal effectiveness and a beginner-friendly guided mindfulness practice.
Thursday, June 09, 2022 / 07:00 AM - 09:00 AM EDT
Leigh McMullen, Distinguished VP Analyst, Gartner
Bill Pray, Practice Vice President, Gartner
Matt Chinn, Sr Principal, Research, Gartner
Deepti Gopal, Director Analyst, Gartner
Join us for an exclusive townhall session with VP, Distinguished Analyst Leigh McMullen as he shares Gartner’s latest research proposals on pricing and quantifying cyber risk. With board-level interest at an all time high, leaders must be able to leverage principles of expected value and deterrence to provide assurance and value to the business. Attendees will also get a chance to shape the future of this research with their own experiences and practical implementations.
Thursday, June 09, 2022 / 10:30 AM - 11:15 AM EDT
Christopher Mixter, VP, Research, Gartner
In the last few years, CISOs have been thrust into the ranks of the c-suite as cybersecurity rises in priority for organizations. CISOs struggle to understand what success now looks like and what they need to do to attain it. As a consequence, 60% admit they rarely disconnect from work; 22% are available to their company 24/7. To what end? It's time for CISOs to take a step back and start making hard choices about how to pursue their value proposition.
Thursday, June 09, 2022 / 10:30 AM - 12:00 PM EDT
Leigh McMullen, Distinguished VP Analyst, Gartner
Christine Lee, Sr Director, Research, Gartner
CISOs work in high stress, high burnout environments. Despite scarce resources and evolving threats, executive management and boards depend on your leadership and assurance. Are you prepared to steer your enterprise through change and crisis? This CISO Circle session will offer actionable insights for personal effectiveness and a beginner-friendly guided mindfulness practice.
Thursday, June 09, 2022 / 12:30 PM - 01:45 PM EDT
Alex Stamos, Former Chief of Security at Facebook & Professor at Stanford,
Patrick Hevesi, VP Analyst, Gartner
Bernard Woo, VP Analyst, Gartner
Bill Pray, Practice Vice President, Gartner
All CISO Circle members are invited to a Fireside Chat with Guest Keynoter, Alex Stamos.
Thursday, June 09, 2022 / 02:00 PM - 02:30 PM EDT
Leigh McMullen, Distinguished VP Analyst, Gartner
Rebecca Lively, Deputy Director, 90th Cyberspace Operations Squadron
Christopher Raney, Deputy Executive Director, Technical Director, Naval Information Warfare Center Pacific
Andrew Walls, Distinguished VP Analyst, Gartner
Katell Thielemann, VP Analyst, Gartner
When warfare happens by remote control, Net Superiority becomes the new Air Superiority, in this session Gartner and industry experts discuss the future of warfare in cyberspace, and how every enterprise is directly on the battlefield.
Thursday, June 09, 2022 / 02:00 PM - 04:00 PM EDT
Christopher Mixter, VP, Research, Gartner
CISOs report frustration that the time and effort their teams invest in quantifying cyber risk rarely drives risk owners to take action. In this interactive Research Discussion, exclusively for CISO Circle participants, you’ll network with peers on their cyber risk quantification efforts and discover how to use CRQ to effectively influence business decision making. This session will feature a deep-dive into Verizon’s CRQ practice, which delivers trustworthy, timely, and empowering guidance to risk owners without major investment in new data and skills…and without the need to conduct scenario likelihood calculations.
Thursday, June 09, 2022 / 02:15 PM - 03:45 PM EDT
Ash Ahuja, VP, Enterprise IT Leader, Gartner
Paul Proctor, Distinguished VP Analyst, Gartner
Almost 100% of leaders have now reported to their board/executives at least once in the last two years. In some industries, quarterly reports are standard. In others, board members have dedicated cybersecurity committees overseen by board members. Attendees should expect the following:
1) Insights to the Three Stages of Board Reporting At Every Organization
2) A Mock Security Board Presentation by Gartner’s Board Experts.
3) An interactive discussion that highlights new techniques, nuances and dynamics to consider
Thursday, June 09, 2022 / 03:30 PM - 04:15 PM EDT
William Candrick, Director Analyst, Gartner
Matt Chinn, Sr Principal, Research, Gartner
Beth Schumaecker, Managing Vice President, Gartner
A majority of security incidents involve social engineering. This consistent trend suggests current compliance-based approaches to security awareness are insufficient. Join your peers for a discussion on practical ways to manage risk by changing employee behavior. Participants are encouraged to share their experiences.
Friday, June 10, 2022 / 07:00 AM - 09:00 AM EDT
Bill Pray, Practice Vice President, Gartner
Join us for a conclusion of the CISO Circle as our host recaps highlights and thoughts from our time together.
Friday, June 10, 2022 / 10:15 AM - 11:00 AM EDT
John McKinley, Founder, Great Falls Ventures
Jamil Farshchi, Chief Information Security Officer, Equifax
Paul Proctor, Distinguished VP Analyst, Gartner
Join Equifax Board Member, John McKinley and CISO Jamil Farshchi in a Fireside Chat to discuss how they help their board members better understand cyber risk in a way that's more transparent, measurable, and easier to consume. This chat will be moderated by Gartner VP Distinguished Analyst, Paul Proctor.
Friday, June 10, 2022 / 10:30 AM - 11:15 AM EDT
Christopher Mixter, VP, Research, Gartner
In the last few years, CISOs have been thrust into the ranks of the c-suite as cybersecurity rises in priority for organizations. CISOs struggle to understand what success now looks like and what they need to do to attain it. As a consequence, 60% admit they rarely disconnect from work; 22% are available to their company 24/7. To what end? It's time for CISOs to take a step back and start making hard choices about how to pursue their value proposition.
Friday, June 10, 2022 / 10:30 AM - 11:15 AM EDT
Matt Chinn, Sr Principal, Research, Gartner
William Candrick, Director Analyst, Gartner
Beth Schumaecker, Managing Vice President, Gartner
Cloud adoption is widespread, and many organizations are now cloud-first in their technology adoption. Join your peers for a discussion on cloud security challenges and the solutions that have been most effective. Participants are encouraged to share their experiences.
Tuesday, June 07, 2022 / 03:00 PM - 03:30 PM EDT
Thomas Lintemuth, VP Analyst, Gartner
Zero Trust is more than a marketing term once you see through all the marketing. Organizations are building application access with Zero Trust principles. We will discuss five key items you need to know for zero trust to work for your organization
Tuesday, June 07, 2022 / 04:30 PM - 05:00 PM EDT
Thomas Lintemuth, VP Analyst, Gartner
Richard Bartley, VP Analyst, Gartner
Dennis Xu, Sr Director Analyst, Gartner
Migrating resources to IaaS tenants opens up questions on how to provide network security. This session presents security and risk management technical professionals with guidance on when the appropriate option would be an incumbent firewall vendor versus a cloud-native firewall.
Tuesday, June 07, 2022 / 04:30 PM - 05:00 PM EDT
Jon Amato, Sr Director Analyst, Gartner
Ransomware is a threat that requires a whole-business approach to defend against and the diversity of tools, techniques, and processes that enterprise security professionals can bring to bear to protect against ransomware can be intimidating. In this session, attendees will learn how to assess their program of ransomware defense and quickly close the gaps that attackers will use to make your organization the next name on their list of victims
Wednesday, June 08, 2022 / 10:00 AM - 10:50 AM EDT
William Dupre, Sr Director Analyst, Gartner
Dionisio Zumerle, VP Analyst, Gartner
Let's put API security vendors to the test in a Showfloor Showdown! The API security space is populated with many vendors using different approaches to protecting and discovering APIs. In this battle – featuring 42Crunch, Noname Security, and Salt Security – each vendor will get time to show how they would address a set of common use cases.
Wednesday, June 08, 2022 / 10:30 AM - 11:00 AM EDT
Dennis Xu, Sr Director Analyst, Gartner
Security service edge (SSE) is an emerging market that consolidates CASB, SWG, and ZTNA. Vendors from all three traditional markets are all either building or buying into the SSE market. Do you buy SSE from CASB vendors or SWG vendors? We will discuss the key strengths and weaknesses of CASB vs. SWG vendors as they march into SSE, and which type best suits your needs
Wednesday, June 08, 2022 / 10:30 AM - 11:15 AM EDT
Anthony Carpino, Director Analyst, Gartner
Data loss prevention has always been a difficult subject to address, especially when budgets are concerned. This session will help security and risk management technical professionals consider the cost of risk mitigation that comes from an effective DLP strategy versus the potential loss without it.
Wednesday, June 08, 2022 / 12:00 PM - 12:30 PM EDT
Patrick Hevesi, VP Analyst, Gartner
This session will discuss the reference architecture and dive deep into how to build the cybersecurity mesh architecture (CSMA). We will discuss the evolution of best-of-breed to the new CSMA along with pros and cons of each approach. Finally, we will discuss the vendor landscape from larger security vendors with full stacks to open source/distributed CSM solutions
Wednesday, June 08, 2022 / 02:45 PM - 03:15 PM EDT
Richard Bartley, VP Analyst, Gartner
How do you decide on which cloud security controls to deploy? The bewildering array of cloud security patterns can make common approaches to cloud security daunting. This session presents practical steps toward designing the right set of native and vendor layered cloud security components for your organization
Wednesday, June 08, 2022 / 02:45 PM - 03:15 PM EDT
Charlie Winckless, Sr Director Analyst, Gartner
Patrick Hevesi, VP Analyst, Gartner
Cloud security remains a challenge; we have to protect data when it is out of our control. This session will address the emerging trends in cloud security, what they bring to your organization and how to use them most effectively. Security is seen as an obstruction to cloud adoption; this will show you how to enable without losing protection
Wednesday, June 08, 2022 / 04:30 PM - 05:00 PM EDT
Patrick Hevesi, VP Analyst, Gartner
This session will discuss the evolution of Office 365 into Microsoft 365 and the security, identity and compliance features that all organizations must implement. We will discuss third-party options as well as the built in native Microsoft features along with strengths and weaknesses of each
Wednesday, June 08, 2022 / 04:30 PM - 05:15 PM EDT
Dennis Xu, Sr Director Analyst, Gartner
Do you have a specific question related to securing your Microsoft 365 environment you want to ask an analyst? Have you read a Gartner research on Microsoft 365 Security and have questions to ask? Come ask your question to a Gartner analyst and walk away with the answer on the spot.
Thursday, June 09, 2022 / 10:00 AM - 10:50 AM EDT
Dennis Xu, Sr Director Analyst, Gartner
Richard Bartley, VP Analyst, Gartner
Let's put SSE vendors to the test in a Showfloor Showdown! Security service edge (SSE) is an emerging technology that secures web, cloud services, and private apps from anywhere. Vendors from CASB, SWG, and ZTNA markets are all marching toward this new market using different approaches. Come watch Netskope, Skyhigh Security, and Zscaler to demonstrate how they address a set of common use cases.
Thursday, June 09, 2022 / 10:30 AM - 11:00 AM EDT
Paul Rabinovich, Sr Director Analyst, Gartner
In this session we will look at a best-of-breed verses all-in-one tooling discussions of the expanding portfolio of tools that manage our machine identities, secrets, keys and certificates.
Thursday, June 09, 2022 / 10:30 AM - 11:00 AM EDT
Eric Grenier, Director Analyst, Gartner
This session will cover managing and securing your workforce as organizations navigate the anywhere workspace. We will cover best practices for managing your endpoints and mobile devices and the best practices for securing those devices using your UEM (MDM) and UES (EPP, EDR, MTD) tools
Thursday, June 09, 2022 / 10:30 AM - 11:15 AM EDT
Nahim Fazal, Director Analyst, Gartner
What do we mean about ZTA , what are the first steps that we need to complete, and can we buy it out of the box?
Thursday, June 09, 2022 / 10:30 AM - 12:00 PM EDT
Jon Amato, Sr Director Analyst, Gartner
Ransomware is a unique threat, and demands a unique incident response plan. Tabletop exercises, or "role playing games for security professionals," are one of the best ways of creating those plans. In this workshop, we will work through a series of live ransomware-specific tabletop exercises, and help you be the dungeon master your organization needs
Thursday, June 09, 2022 / 11:50 AM - 12:40 PM EDT
Dennis Xu, Sr Director Analyst, Gartner
Richard Bartley, VP Analyst, Gartner
Let's put SSE vendors to the test in a Showfloor Showdown! Security service edge (SSE) is an emerging technology that secures web, cloud services, and private apps from anywhere. Vendors from CASB, SWG, and ZTNA markets are all marching toward this new market using different approaches. Come watch iboss, Lookout, and Palo Alto Networks demonstrate how they address a set of common use cases.
Thursday, June 09, 2022 / 12:00 PM - 12:30 PM EDT
Thomas Lintemuth, VP Analyst, Gartner
Organizations of all types are having to allow work from home, some for the first time. Find out how enterprise controls, cloud controls and the home office controls come together to secure the remote user experience.
Thursday, June 09, 2022 / 02:00 PM - 02:45 PM EDT
Eric Grenier, Director Analyst, Gartner
This session will cover best practices, considerations, and gotchyas when moving device management from Microsoft ConfigMgr (CMT) on-premises to Microsoft Endpoint Manager (UEM) in the cloud. We will even discuss the management of mobile devices (iOS and Android) with MEM using MDM and MAM.
Thursday, June 09, 2022 / 02:00 PM - 03:30 PM EDT
William Dupre, Sr Director Analyst, Gartner
Threat modeling helps identify weaknesses and vulnerabilities in a system design, aiding in the creation of relevant controls to address risks within a system. Attendees will play a threat modeling game to learn how to identify weaknesses within an application design.
Thursday, June 09, 2022 / 03:30 PM - 04:15 PM EDT
Richard Bartley, VP Analyst, Gartner
An Ask the Experts session to help clients who are looking to augment their IaaS and PaaS deployments with Cloud Native Application Protection Platform (CNAPP) capabilities. The session will cover what CNAPP capabilities are, what are important fundamental capabilities, and what areas vendors are using to differentiate their tools.
Friday, June 10, 2022 / 10:30 AM - 11:00 AM EDT
Patrick Hevesi, VP Analyst, Gartner
Come see how secure the latest versions of your mobile OSes and devices are against the current mobile attacks. This session will show which operating systems and devices you need to be using along with third-party solutions to protect your organization. We will demonstrate attacks and also discuss the right EMM/UEM, MTD and other mobile security solutions your should be using today
Friday, June 10, 2022 / 10:30 AM - 11:00 AM EDT
Anthony Carpino, Director Analyst, Gartner
Astrophysics teaches that space is taken up by dark matter, little is known about it, but it's everywhere. The same holds true for data. This session covers what dark data is, the value or risk lurking within and what security and risk management technical professionals can do to shed light on it
Friday, June 10, 2022 / 12:00 PM - 12:30 PM EDT
Thomas Lintemuth, VP Analyst, Gartner
Sunburst showed the supply chain can be leveraged to exfiltrate data out of many enterprise environments. Learn how NDR, Segmentation, Deception and other Network controls team up to identity and stop supply chain attacks.
Friday, June 10, 2022 / 12:00 PM - 12:30 PM EDT
Nahim Fazal, Director Analyst, Gartner
Intelligence created by an adversary through interactions with a deception assets generates real-time IOCs and TTPs that feed directly into better threat detection, threat hunting and threat modelling
Friday, June 10, 2022 / 12:00 PM - 12:30 PM EDT
Paul Rabinovich, Sr Director Analyst, Gartner
Implementing hybrid identity for Microsoft 365 and protecting employee, administrator and partner access can be daunting. This session will guide you through best practices for Microsoft 365 IAM.
Tuesday, June 07, 2022 / 03:00 PM - 03:30 PM EDT
Christie Struckman, VP Analyst, Gartner
With so much changing in both where, how and with whom work gets done, our organization’s culture needs to adapt accordingly. Use the language of attributes to understand your culture and diagnose what isn’t working now. Change those attributes to adapt to your changing ways of working, and maintain what makes your organization unique. Use our 5 step process for aligning your culture to your changing business needs.
Tuesday, June 07, 2022 / 03:00 PM - 03:45 PM EDT
Bernard Woo, VP Analyst, Gartner
With Gen Z workers starting to enter into the workforce, cybersecurity leaders are confronted with managing the expectations of four different generations - within their teams and the greater organization culture. Participate in this roundtable to discuss the associated challenges and exchange ideas about how to successfully overcome them.
Wednesday, June 08, 2022 / 10:30 AM - 11:00 AM EDT
Christie Struckman, VP Analyst, Gartner
An inclusive environment requires equal treatment of everyone. Yet, day to day, seemingly small actions can collectively and progressively create a scenario where people feel marginalized. Leaders can break habits by confronting behaviors and providing support for everyone in their organization.
Wednesday, June 08, 2022 / 04:30 PM - 05:00 PM EDT
Tricia Phillips, Managing Vice President, Gartner
Many new digital identity initiatives rely on reliable and persistent access to smart devices, mobile phone numbers and email addresses, which inadvertently discriminate against the digitally disenfranchised. Ensuring equal but secure access to essential digital services should be a guiding principle of any digital identity initiative, and is possible with the right CIAM tools.
Thursday, June 09, 2022 / 12:00 PM - 12:30 PM EDT
Lisa Pierce, VP, Advisory, Gartner
Baby boomers, Gen Xers, millennials and Gen Zers comprise your security function. Do you really understand their different behaviors and expectations? This is a must for security leadership, so that they can create an IT and security culture that leverages strengths and confronts weaknesses to uncover opportunities and overcome threats into our collaborative future. Change starts with people.
Thursday, June 09, 2022 / 02:00 PM - 02:45 PM EDT
Lisa Pierce, VP, Advisory, Gartner
Change starts with people. Security teams consist of baby boomers, Gen X's, millennials and Gen Z's but their managers often do not understand their different behaviors and expectations, and so have not created a working environment that taps into various generations' needs and wants. Security leadership must adapt and create an IT and security culture to uncover opportunities and overcome threats into our collaborative future.
Tuesday, June 07, 2022 / 03:00 PM - 03:45 PM EDT
Paul Rabinovich, Sr Director Analyst, Gartner
MFA is still underutilized. Passwordless authentication raises new concerns about security, administration and UX. Adaptive access is hard to implement consistently across multiple use cases. This session gives you an opportunity to ask practical questions about modern authentication that can help protect your organization against account takeover and user impersonation.
Wednesday, June 08, 2022 / 10:30 AM - 11:00 AM EDT
Tricia Phillips, Managing Vice President, Gartner
Identity-first security has emerged as a theme in many major security initiatives and policies. Supporting these initiatives as well as delivering on business requirements for smooth, simple and secure access, and authentication decisions requires disparate IAM elements to work in concert. This session will provide an update on the major themes in IAM to ensure that your IAM decisions in 2022 will support the strategy of the future.
Thursday, June 09, 2022 / 10:30 AM - 11:00 AM EDT
Paul Rabinovich, Sr Director Analyst, Gartner
In this session we will look at a best-of-breed verses all-in-one tooling discussions of the expanding portfolio of tools that manage our machine identities, secrets, keys and certificates.
Tuesday, June 07, 2022 / 04:30 PM - 05:00 PM EDT
Paul Furtado, VP Analyst, Gartner
One of the biggest risks to our security accesses our systems on a daily basis. This presentation will focus on providing guidance on building an effective insider risk program. We will discuss the tools, tactics and techniques to balance the needs of the business with user's privacy. Recommendations will also be made on how to present the program effectively to leadership and end users.
Wednesday, June 08, 2022 / 12:00 PM - 12:30 PM EDT
Patrick Long, Sr Principal Analyst, Gartner
If we are to close the talent gap in cybersecurity, we must start thinking differently about how we select and cultivate talent. New collar workers — individuals who develop the technical and soft skills needed to work in tech jobs through nontraditional education paths — are handmade for midsize enterprises and tactical roles.
Wednesday, June 08, 2022 / 04:30 PM - 05:00 PM EDT
Tricia Phillips, Managing Vice President, Gartner
Many new digital identity initiatives rely on reliable and persistent access to smart devices, mobile phone numbers and email addresses, which inadvertently discriminate against the digitally disenfranchised. Ensuring equal but secure access to essential digital services should be a guiding principle of any digital identity initiative, and is possible with the right CIAM tools.
Thursday, June 09, 2022 / 12:00 PM - 12:30 PM EDT
Paul Furtado, VP Analyst, Gartner
A midsize guide to starting a formal cybersecurity program within your business. This session is tailored for midsize organizations who are starting or have immature security programs. It is a series of pragmatic advice that can be implemented to improve security awareness and a better security posture throughout the business.
Friday, June 10, 2022 / 10:30 AM - 11:00 AM EDT
Paul Furtado, VP Analyst, Gartner
Ransomware attacks have been morphing. Techniques used by the bad actors are changing. During this presentation, we will provide insight into the new tactics being used by the bad actors not only to access your environment, but what they are doing with your data once exfiltrated. Finally, we will also provide current data on the financial impact of a ransomware attack.
Friday, June 10, 2022 / 12:00 PM - 12:30 PM EDT
Patrick Long, Sr Principal Analyst, Gartner
Midsize enterprise (MSE) IT leaders face significant security challenges when trying to deliver IT services with small IT teams (usually fewer than 30 people) and limited IT budgets (usually less than $20 million). Join us for a discussion of the top trends that MSE IT leaders responsible for security and risk management should prioritize to stay current and proactive in protecting the organization and managing risk effectively.