Gartner Security & Risk Management Summit 2019 June 17 - 20 / National Harbor, MD

Not sure which exhibitors to meet with or what sessions to attend? Let Gartner Event Concierge help you create a custom agenda and schedule meetings. Just email us at Jaimee.Zimmerer@gartner.com pre-event or once you arrive, and we’ll be in touch soon.

This orientation session is designed to help attendees make Security & Risk Summit the most productive experience. Tatiana Wells, Senior Director, Gartner Events will provide many tips on how to navigate your way through the overall conference. Topics will include a review of the agenda, interactive sessions, networking and much more with plenty of time for Q&A.

Identifying the core features to call out to a potential managed security service provider (MSSP) when scoping the need for an outsourced service is critical for a successful engagement. This session will provide practical examples of how to establish effective requirements and use cases before engaging providers:

● What are the key service performance metrics to insist on from an MSSP?

● How can you define service customization requirements to ensure additional service charges are managed?

● How can you align internal processes with the providers' outputs?

As traditional perimeters drop, the endpoint is becoming the last line of defense against breaches. This session will explore the changing nature of the endpoint and endpoint workloads as well as defensive strategies. This session will explore:
The changing nature of the workload on endpoints from Win32 to cloud applications and the changing form factors from mobile to VDI.
Attacker tradecraft from targeted nation-state tools to mass-propagated automated attack kits.
The changing endpoint defensive strategies from detection and response to proactive hardening.

Have you ever questioned the following? -- What Security Framework is appropriate for my enterprise? Can I just align and implement controls found in ISO27001, CIS CSC, HITRUST or NIST CSF? How do I begin to measure my progress in terms of Maturity? How do I map all of this back to my business needs? If so, you are not alone.

Security and Risk Management leaders are often faced with the continuous challenge of developing and (re)shaping their cybersecurity program strategy based on changing business needs and risk appetite. To complement this, leaders are often tasked with picking a defensible framework that aligns with an appropriate controls catalog based on repeatable and scalable processes. However, Gartner Research continues to show a cultural disconnect between foundational elements of program management and changing business needs. This presentation will define the basic elements of a security program , describes the differences between each layer, and tie them into an overall strategy planning process that will ensure a defensible security program that facilitates business needs.

As long as business is doing well business leaders are applauded and rewarded, but the moment something bad happens the CISO is blamed for not properly protecting business information. How can security and risk management leaders ensure roles and responsibilities are clear? What can be done to ensure ownership of risk is well-defined? How much risk should the CISO actually own?

MITRE ATT&CK framework is getting good traction in the industry, both from the vendor community as well as client organization standpoints. It is a powerful and convenient way to map attackers’ tactics, techniques and procedures (TTPs) to real-world observation of attack patterns in the wild. Further, the ATT&CK framework follows a general “killchain” approach that makes it suitable for many use cases.

The penetration testing market is undergoing a transformation. S&RM leaders responsible for threat and vulnerability management need to understand the options available to them and how to select the best option.
Questions to be addressed in this session include
-- What types of tests are available in the market?
-- Should I hire a single tester or leverage a broker?
-- What new technologies are poised to disrupt the pen testing market, such as automated pen testing solutions, and breach and attack simulation tools?

The focus on people can’t just be within process thinking — it must work for leadership too. Leaders lead people, as much as initiatives. One key way to improve your leadership is to leverage personal behavioral or personality distinctions — most specifically, cognitive styles in your communication and persuasion leadership activities. This tutorial will provide a model for doing this that leverage industry tools (specifically the DISC model) and provide a role-playing exercise to cement your understanding.

Not sure which exhibitors to meet with or what sessions to attend? Let Gartner Event Concierge help you create a custom agenda and schedule meetings. Just email us at Jaimee.Zimmerer@gartner.com pre-event or once you arrive, and we’ll be in touch soon.

This orientation session is designed exclusively for CISO Circle attendees to help make Security & Risk Summit the most productive experience. Tatiana Wells, Senior Director, Gartner Events will provide many tips on how to navigate your way through the exclusive CISO Circle Program as well as the overall conference. Topics will include workshops, CISO luncheons and additional CISO-exclusive sessions, CIO networking and much more with plenty of time for Q&A.

As complexity continues to grow and risks, threats and vulnerabilities multiply with no end in sight, how can security and risk management leaders move beyond reacting? Attendees will learn how to think differently about their role in value preservation and value creation, and how finding sweet spots in a human to machine continuum can help. The Security and Risk Management Leaders’ New Imperative.

Security and Risk Management Leaders should implement or improve upon these Top 10 security projects in 2019. Any security project must be supported by technology, address the changing needs of cybersecurity and reduce risk by adopting a CARTA strategic approach with all security projects.

For decades, organizations have tried to keep pace with a never-ending stream of vulnerabilities — with limited success. New approaches, driven by the actual risk posed by a given flaw, promise the ability to finally get ahead of the torrent. In this presentation, we’ll examine the rapidly emerging market for threat and vulnerability management solutions, and how trends like DevOps will impact the market.

The trend of technology vendors offering managed services using their technology has not abated, and is only going to grow in the face of increasingly complex solutions, the lack of affordable, skilled talent in the market, and increasing customer demands for 24/7 coverage.
This presentation will help answer questions like
-- Should I leverage my vendors for services or centralize services with a single provider?
-- What is the optimal mix of services providers?
-- What internal resources and skills will I need to have to be successful in this changing landscape?

Traditional risk assessment approaches related to IT and security risk assessments are not scalable, diverse (device/entity/user/code/robots/identity), and are sensitive to the unique challenges of digital projects. Digital businesses are birthed in a new time and terrain — the C-suite and the Board are not sure of what to expect from the first and second lines of defense in terms of risk assessment outcomes. This session introduces reset mechanisms for risk leaders through the lens of four questions:
(1) How to catch-up with digital optimization and transformation?
(2) What are second line priorities in a constantly changing digital ecosystem?
(3) How to transpose adaptive and continuous?
(4) Will conversational AI and helper bots further the cause of risk management in the near future?

After more than 10 years of understanding the need to put cybersecurity and technology risk in a business context, organizations still struggle. The foundation of a mature security function that can offer defined levels of protection at defined cost is a business-centric service catalog. Writing business-centric value statements for risk and security bridges the knowledge gap with executives.

Educating business managers on the value of organizational resilience is a challenge for many organizations. Often, this challenge arises because business managers don't understand or appreciate the value of availability and resilience risk information or their relationship to it, leading to no change in the level of resilience for the organization. This session will introduce how to craft risk-adjusted LPIs that will measure the organization's level of resilience.

Security-as-insurance as an offering has begun, particularly for SMBs. This creates new opportunities to monetize offerings for security providers, but it could also enable a mechanism for organizations to behave differently. If security is treated as insurance, then how does it have the potential to affect behavior among employers and employees? It’s a new scenario that companies are not visualizing from the perspective of what it means to change a business model and how it could potentially shift organizational behavior, as a result. How could security-as-insurance help shape organizational culture and behavior towards security, so that security risks and threats are taken more compellingly/seriously? This will be the focus of this presentation. “Model shift to change culture and behavior scenario.”

Cloud native applications rely heavily on containers and serverless functions to build out event-driven, microservices based application architectures. Legacy on-premises security patterns won't work and won't scale for the needs of cloud native applications. This presentation will discuss the security patterns and best practices for securing cloud-native applications, including container security..

This session is part 2 of 2. This session will pick up where the 101 session ended and discuss the advanced security features included in the M365 E5 license suite. We will finish discussing licensing then dive into advanced data protection, email protection, conditional access, Azure AD premium P2 and all of the other advanced features. Then we will compare and discuss use cases where third-party solutions can be integrated and if they are required.

Digital transformation continues to challenge the conventions of information risk and security management. It requires a coherent digital security program based on a clear vision and strategy. This presentation will:
- share a compelling vision for security and risk management.
- identify the key 'digital differences' that must be integrated into the security program.

Netskope; Additional Session Details Coming Soon

iboss; Additional Session Details Coming Soon

OneTrust; Additional Session Details Coming Soon

Symantec; Additional Session Details Coming Soon

Microsoft; Additional Session Details Coming Soon

Secureworks; Additional Session Details Coming Soon

NTT Security; Additional Session Details Coming Soon

Bitdefender; Additional Session Details Coming Soon

ServiceNow, Inc; Additional Session Details Coming Soon

Forcepoint; Additional Session Details Coming Soon

Zscaler: Additional Session Details Coming Soon

IT leaders and IT professionals devote a lot of time to their job and not enough to taking a long-term view of their career. The complexity in managing our work and personal life impedes our ability to find time to devote to ourselves and identifying and working towards what we want out of a career. One that successfully meets your work/life balance needs. In this session, learn practical approaches to building a satisfying and rich career by addressing two key questions:
1) How to use the past to inform your definition of career success
2) How to plan for the career you want

Armor Cloud Security; Additional Session Details Coming Soon

Cisco Systems; Additional Session Details Coming Soon

Check Point Software Technologies; Additional Session Details Coming Soon

Rsam; Additional Session Details Coming Soon

Nominet; Additional Session Details Coming Soon

Lookout; Additional Session Details Coming Soon

OpenText; Additional Session Details Coming Soon

ForgeRock; Additional Session Details Coming Soon

There is growing interest in and vendor marketing of a "zero trust" approach to networking. Zero trust starts with an initial security posture of default deny. However, for business to happen, ultimately trust must be established and continuously assessed - a strategic approach embodied in Gartner's Continuous Adaptive Risk and Trust Assessment (CARTA). This presentation will explain the concept of zero trust networking, map it to Gartner's CARTA strategic approach and provide specific examples and recommendations for zero trust networking and other information security projects in 2019.

Cloud security remains a top priority. This presentation summarizes the problems, recommended processes, and new product types to address three key issues:
What are the unique risks associated with public cloud service providers, and how can they be controlled?
What are the unique security challenges of IaaS and how can they be mitigated?
What are the unique control challenges of SaaS, and how can they be addressed?

'Key security market segments like SWG, SEG, SIEM, EPP have been around for a long time and the credible vendors in these markets are well established players. On one hand, the case can be made that these markets are 'dead' and no new vendors are likely to emerge. On the other hand, these areas are very critical to any organizations' security program and require significant R&D investment from incumbent vendors to keep pace with attacker methods. This presentation helps address the following key issues:
- What is the state of key 'mature' security markets in security?
- How vendors differentiate in these markets?
- How buyers approach vendor selection and technology strategy in these markets?

Modern security operations are evolving. They heavily rely on foundational technologies such as SIEM to accomplish their mission, and also adopt various analytics approaches. They struggle with more automation — of both thinking and acting — that promises to relieve humans from the routine tasks, but sometimes adding more work to the overworked security teams. This session will address these key issues: (1) What defines best-in-class security operations of 2018? (2) What trends are affecting security operations? (3) What will the future bring?

Against the backdrop of an uncertain future organizations that have the ability to change rapidly will have a leg up. Yet conventional wisdom is that change is hard, especially culture change — especially in regard to understanding and managing risk. Getting this right can be a source of long-term competitive advantage.

"Top" trends highlight ongoing strategic shifts in the security ecosystem that aren't yet widely recognized, but are expected to have broad industry impact and significant potential for disruption.
This presentation will describe the most significant trends in cybersecurity and how leading organizations are taking advantage of these trends.
Key issues explored will include:
Top technological improvements in the security product landscape
Trends in creating a top notch security organization
Strategic trends that will influence security strategy

Application architectures drastically change, yet most organizations still protect their applications with traditional defenses. Applications become more dynamic, run on untrusted and unattended devices and the software logic is more and more distributed between various backends and the front end. Serverless, mobile and single page applications are only a few examples. This trend is leading to new threats and new application level attacks that the industry has been recently experiencing. This session will provide a strategy for security and risk management leaders to shift their approach and avoid this trend from becoming a security failure. From application shielding to runtime application protection to browser protections, we will present the approaches, tools and vendors that will secure modern applications.
1. How are applications changing with digital business?
2. What strategies, tools and techniques can SRM leaders responsible for the security of applications and data put in place to protect against threats?

End user organizations still lack visibility and control of data as it is created, stored, transported, manipulated and accessed. Changing regulations are also impacting how they protect their information and why they even have the data. This session will focus on the needs of the end users and how vendors can help their customers be successful in their plight toward compliance and better information protection.

This session will cover why certification to the business continuity standard ISO 22301 does not mean that the organization is resilient. It will discuss the advantages of certifying as well as the pitfalls and how to avoid them.

Join this peer-driven discussion on security vendors that midsize enterprises love. This session is a good fit for you if your organization has between five and 50 people in IT and an IT budget between $5 million and $30 million. We prequalify attendees for midsize enterprise sessions based on annual revenue between $50 million and $1 billion. Preregistration is required. Seats are limited.

Initially security incidents only occurred in IT but the world has seen attacks in OT as well. Organizations need to implement security in OT to protect this domain from these attacks. This will ensure not only an uninterrupted operation, but also that no harm to people and the environment occurs. What are organizations doing to address this? Is the maturity of OT security at par with IT security?

Service providers and end users may have very different definitions of what "response" means in the context of triage, investigation and action related to security alerts. In this roundtable, we'll explore the various types of "response" on offer from service providers, and discuss how and when those might fit into an organization's security monitoring operations.
We'll discuss:
What do vendors mean by "response"?
What is the difference between "response" and "Response"?
What makes sense for your organization?

This roundtable is an opportunity to learn from your peers on how they have expanded the scope of their chief compliance officers (CCO) role to incorporate privacy regulations.

Cybersecurity is one of the most misunderstood words in our profession today. Just what does it mean, and why should you care is the topic of this “Ask the Analyst” session. The audience can have the opportunity to ask the analyst questions that clarify the definition of cybersecurity, its taxonomy and critical areas of coverage for them, and establish a common language with vendors and providers.

Security and risk management leaders must develop strong incident response (IR) capabilities where personally identifiable information (PII) is compromised. This workshop will use a scenario that highlights the impact of cross-border data flows and privacy management to help validate IR capabilities.

A dive into evaluating your IT resilience capabilities through various mental models, preconditions for success of resilience projects, cultural changes necessary for resilience, and success measures of a resilience effort.

Splunk, Inc.; Additional Session Details Coming Soon

IBM; Additional Session Details Coming Soon

Tanium Inc.;Additional Session Details Coming Soon

Carbon Black: Additional Session Details Coming Soon

CyberArk; Additional Session Details Coming Soon

Mimecast; Additional Session Details Coming Soon

Synack; Additional Session Details Coming Soon

Cisco Systems; Additional Session Details Coming Soon

AT&T Business; Additional Session Details Coming Soon

Google Cloud; Additional Session Details Coming Soon

CrowdStrike; Additional Session Details Coming Soon

As more security vendors target your hybrid and cloud SaaS, IaaS and PaaS solutions, we are getting lost in too many acronyms. This session will help decipher the acronym soup and provide prescriptive guidance on what your organization needs to protect your cloud infrastructure and applications. We will also discuss best practices on implementations and how to evaluate and build shortlist for your vendor selections.

Security and risk management leaders have struggled to hire and retain staff with the right skills, especially since the inception of digital business. Leaders have begun to accept the shortage of skills as a reality and continue to look for ways to manage this reality. In this presentation, we discuss the outlook for security talent in digital businesses and address the following questions: What can you do to ensure your team's skill sets are developed for a digital world? What does the future of talent look like with technologies such as Machine Learning , blockchain, IoT looming? What are some of the emerging roles that leaders should plan for as organizations transform their digital businesses? How can organizations stay ahead of the curve and ensure that they are able to manage the risk of participating in a digital ecosystem?

SaaS SIEM can offer concrete benefits to organizations that lack resources to run SIEM products deployed on premises. Interest in SaaS SIEM among Gartner customers is growing, but is not matched by selection of that deployment option over traditional SIEM, or other services based alternatives, such as managed-SIEM or MSS/MDR. In this session we explore the potential benefits of SaaS SIEM, recognize the challenges this type of delivery model may present and offer guidance of helping potential buyers determine whether SaaS SIEM is an appropriate option for them. We address:

Where does SaaS SIEM fit in the landscape of security monitoring products and services?
What are the benefits, and the challenges?
How to determine whether SaaS SIEM may be a good option for your requirements.

This session provides an overview on the state of risk management planning, decisions, challenges, and solutions. This expands on the "State of Risk Management" from previous summits. In 2019, this outlook will converge three parallel risk conversations — digital transformation, information risk, and building and maintaining resilient organizations.

Email gateways are the most deployed control against phishing. However, prevention is far from perfect. In this session we discuss the human role in both phishing detection as well as phishing response.

● How can we best change user behavior?

● What are the best practices for security operations when dealing with phishing?

● Which emerging solutions can support with phishing detection and response?

The threat level and risk to midsize enterprises continue to rise with the volume and frequency of attacks, while the resources available to defend against them remain flat. Join us for a discussion about how you can identify the most appropriate technologies and prioritize the actions you can take to protect your organization and manage risk effectively.

This session is a good fit for you if your organization has between five and 50 people in IT and an IT budget between $5 million and $30 million. We prequalify attendees for midsize enterprise sessions based on annual revenue between $50 million and $1 billion.

Endpoints security challenges are rising to new levels of complexity as the definition blurs across clouds, BYO, workstations, mobile, wearable, “things” and pure software. This session will address
1) How are endpoint security risks expanding?
2) What are the primary attack trends that will influence the strategic requirements for endpoint security?
3) Which technologies and practices will protect endpoints in 2025?

Security markets continue to exhibit vibrant growth and activity, with ample opportunities for gains. But fundamental trends promise to disrupt markets, upending long-standing strategies. In this presentation we’ll answer questions such as which security market segments offer the greatest opportunities? What changes lie ahead? And, how can vendors respond to ensure continued competitiveness?

Robotic process automation deployments are becoming more and more commonplace in enterprises. Often these are initiatives led by line of business, and IT and security are involved late in the process. RPA is used to handle sensitive data and privileged operations, such as handling payments in the financial department. In this roundtable participants are going to discuss best practices and success stories so far in setting up secure RPA processes, as well as the main security failures to avoid.

Discuss challenges, lessons learned, opportunities and latest trends with your peers in a facilitated roundtable discussion.

SRM leaders with a focus on privacy will be given an open forum where they can ask their questions and and receive guidance as they seek to understand and prepare for the CCPA. The intent is to answer your questions, provide step by step actionable advice, with plenty of real world examples, references to existing documentation and supporting solutions.

Gartner breaks down development into a series of activities (planning, coding, testing, CI/CD, etc.) and has mapped tools and processes into each for improving security outcomes.
Use the Gartner DevSecOps framework to answer questions like:
How do I improve my security outcomes in DevOps?
What cultural changes are effective at driving secure development?
Which tools should my team use?

The digital business must trust a growing set of external entities, including cloud services, professional services, suppliers and other intimately connected organizations.

● Will they infect you with malware?

● Will they safely protect your information?

● How do other organizations scale themselves to assess the security risk represented by hundreds, or thousands, of external parties?

Successful Gartner clients often mention a "use case first" approach to their SIEM deployment, across both internal, co-managed or fully outsourced models. But what is a use case, and how can Security and Risk Management leaders adopt a "use case first" approach? In this session we will take an actionable and pragmatic approach to developing security use cases for your SIEM.

This workshop discusses real-world experiences on solving the challenges associated with identifying users and devices in a mobile landscape. It also discusses the convergence of mobility management and Identity management technologies and the implications this poses to the Digital Workplace.
Key Issues:

● Do I need to implement mobile identity?

● If so, how?

● What are the best practices in deploying it?

Do GDPR, LGPD, CCPA etc really mean you can’t touch any data for analytics anymore, unless you have explicit consent? Of course, not. But whether for marketing, service personalization or plain performance analytics, all have a potential privacy impact? Protecting privacy while retaining information value, means organizations must rearchitect their analytics process design.

This session will highlight the latest trends in network-based advanced threat detection, including new techniques for anomaly detection. We will address challenges such as the growing percentage of encrypted traffic and its impact on threat detection. Attendees will learn about the key vendors in the market.

At a minimum, cloud computing breaks into 3 primary layers: SaaS, PaaS and IaaS. This presentation will explain the 3 primary security controls for each of these layers: CASB, CSPM and CWPP respectively. In each section, we'll explore selection criteria and example vendors for each solution category.

Organizations have embraced agile development methodologies and DevOps practices, and technical professionals must find ways to integrate application security into this world. 1) What are the ways to modernize secure design practices like threat modeling? 2) How can we perform continuous security testing as part of CI/CD? 3) How do you effectively leverage security controls external to code?

Cloud providers’ focus on offering security features is changing competitive dynamics in the security market. This presentation examines the motivations and strategies of Tier-1 cloud providers in security and analyzes how they affect customer purchasing decisions in security. This presentation will help address the following key issues:
- Are cloud providers emerging as key security vendors for clients?
- Are security vendors threatened by cloud providers' moves in security?
- What scenarios are likely to play out in the next 12-18 months?

Organizations must balance growing investment opportunities against growing financial risks for data. Let's review 3 steps (1) investigate how Infonomics can be used to assess these financial risks caused by security, compliance or accidental events (2) use the risk assessment to categorize and prioritise each dataset for action and (3) develop financial investment strategies to manage the different data risk categories and apply appropriate investment, management or security actions

The benefits of information/cybersecurity must be translated into business terminology. This presentation describes proven methods for linking the security to business value.
Key issues:
- What are proven strategies for obtaining business support?
- What is a practical model for communicating the value of a security program?
- What techniques can be used to for justifying security projects?

The business case for diversity and inclusion is well established: Superior financial results, higher rates of innovation, and greater levels of employee engagement. Yet many companies and functions within those companies struggle to recruit and retain nontraditional employees. This session will present the results from Gartner's Diversity and Inclusion survey that tested the following hypotheses: – Gender diversity leads to higher IT and Tech team performance.
– Gender diversity leads to higher organization performance.
– Inclusion leads to higher IT and Tech team performance.
– Inclusion leads to higher organization performance.

Security & Risk Management Leaders are challenged to continuously adapt their organizations to meet the needs of rapid changes in digital business. This presentation introduces the Gartner Operating Model for the Information Security Function to address this challenge. This operating model represents how it orchestrates its capabilities to deliver against its operational and strategic objectives.

Your opportunity to engage with the Keynote presenters, ask questions that are top of your mind, and network with your peers.

InfoSec Institute; Additional Session Details Coming Soon

Aruba, a Hewlett Packard Enterprise company; Additional Session Details Coming Soon

Not sure which exhibitors to meet with or what sessions to attend? Let Gartner Event Concierge help you create a custom agenda and schedule meetings. Just email us at Jaimee.Zimmerer@gartner.com pre-event or once you arrive, and we’ll be in touch soon.

CISO Circle Breakfast: Digital Society

Join us for a presentation about art and inspiration from author Leah Tinari. Her new book "Limitless: 24 Remarkable American Women of Vision, Grit, and Guts" showcases female trailblazers, whose vision, grit, and guts paved the way not only for the generations to come, but for Tinari’s own artistic journey. You will have the opportunity to buy an autographed book directly from Leah as well.

Join us for this exclusive breakfast to kickoff the midsize enterprise attendee experience at the Security & Risk Management Summit. This is an excellent opportunity to learn about the specific midsize enterprise sessions planned for the event as well as connect with peers. To start the conversation, attendees will be presented with some of the key findings from recent midsize enterprise surveys and research. This session is a good fit for you if your organization has between 5 and 50 people in IT and an IT budget between $5 million an d $30 million. We prequalify attendees for midsize enterprise sessions based on annual revenue between $50 million and $1 billion.

Developers in Agile and DevOps are told to "own their code," which includes security. However, most developers have had minimal training or interest in it. How can developers make progress? How can development leads and CIOs change the culture around security? How can developer avoid long, ineffective classes on secure coding?
Find out how to use coaches to overcome these and other problems.

Hardly any business processes 100% of personal data itself anymore. Every outsourcing activity increases potential privacy risk. How to select and control service providers that process personal data on your behalf? In this roundtable, participants can mirror approaches and are encouraged to share their lessons learned, and their best practices for procuring services, selecting the right collaboration partners, and controlling that collaboration while it lasts

This session will review famous cybersecurity incidents with a focus on the root cause and lessons learned from the response.
Key issues explored include:
How are more advanced hackers breaching organizations?
What is the root cause of the breach?
Key lessons learned for incident response playbooks and public relations.

Many organisations have separated the management of data analytics, IT, security and even privacy. Clients need to focus on (1) how can a data security governance framework provide business focus (2) what are the practical steps to develop the framework and (3) how can the framework architect a successful data security strategy

A cyberattack is often said to be an IT/DR issue. This session will discuss why this is not the case and argue that it is a ‘business issue’ and that the business managers should develop manual workarounds and communications strategies to ensure that critical activities are maintained at a satisfactory level. In turn this will allow the IT/DR team to continue application recovery.

Machine learning, artificial intelligence and other data science techniques make big claims of disruptive capabilities for security buyers. Dividing the real from the hype is no simple task. This presentation discusses some of the current and real uses for such approaches in the security operations center (SOC) with a focus on the jobs well suited for the new artificial interns. Use cases, examples and the justification to do so will be discussed.

There is no such thing as a perfect, universally appropriate model for security organizations. Every enterprise must develop its own model, taking into consideration basic principles, practical realities and the challenges of digital transformation. This presentation will address the following key issues:
- What are the trends and challenges in security organization design?
- What are the factors that influence security organization?
- What are the current best practices and contemporary conceptual design models for security organization?

This talk track will examine where we are on the pendulum for fully autonomous defense, articulate the landscape of capabilities that exist and how the market is evolving towards autonomous defense.

Mitre's ATT&CK framework, while relatively new, is gaining traction in many security operations teams around the world.
This session will be part introduction to the ATT&CK framework for folks, pros and cons, use cases for it, that might not have heard about this but also will attempt to tie this into our own CARTA framework where applicable as well.

Three main points covered:
- What is this framework about
- How is it applicable in security operations and how it relates to our own CARTA framework
- What you can do with a framework like this in your security operations program

CISOs are continually asked for quantitive valuations for cybersecurity risk. When they come to the table with numbers, which are based on models, estimates and guesses, to nobodies' surprise, business leaders don't believe it.
Come share your thoughts with a panel of analysts and join a real-time debate on this simple question — Which works better — qualitative or qualitative risk assessment.

In a world of cloud, does infrastructure security matter? As organizations move more services to the cloud, the problem shifts to managing user access, and data. Attend this session to learn about emerging trends on the convergence of cloud, identity and data security, as well as best practices regarding cloud security, that you can leverage now.

The threat landscape is a moving target. Attack campaigns might hit multiple organizations, but each enterprise should analyze its own threat landscape. Security and risk management leaders should gain baseline knowledge on:
1. Future trends more than statistics about the past
2. Potential threats more than attack patterns
3. Response options more than defense technologies

The rapid adoption of SaaS applications such as Microsoft’s O365, Salesforce and others is driving enterprises to rearchitect their networks, so that remote offices can achieve direct internet access with SD-WAN and other techniques. Enterprises will be purchasing more cloud-based security services and fewer appliances. Here, we will highlight best practices that enable a smooth transition to the adoption of cloud-based security services.

The presentation will explore experiences that have worked and/or failed to protect employee and their business data when traveling internationally. Topics will include loss, theft, surrender of login and password credentials, export controls, encryption and masking, VPNs and other secured communications, and variations in workplace rights and expectations. Attendees will receive copies of Gartner’s international travel advice and examples of travel rules and policies from real companies.

This roundtable will bring together security and risk management leaders to share their experiences with embedding application security into their midsize enterprises. It will be an opportunity to discuss with peers what has worked, lessons learned, and how to effectively budget and prioritize efforts within the context of the midsize enterprise.

Continuity of operations needs to be evaluated for every part of the business process. But do AI and blockchain have special considerations, or less, due to the nature of the technology. This roundtable will provide participants to discuss amongst their peers the issues that exist for recovery, continuity and resilience for these underlying technologies being integrated in almost every new offering.

Employee data is processed in every organization and comprises the highest privacy risk in many. Successful SRM leaders should actively administer human resources application and vendor risk by enforcing privacy engineering principles given the mounting exposure.

Data encryption is frequently cited as a requirement to meet various data protection and privacy regulations (1) lets review what the regulations might require, (2) what does encryption or tokenization actually provide for data security (3) do you need to apply any other data security controls

Discuss challenges, lessons learned, opportunities and latest trends with your peers in a facilitated roundtable discussion.

As cloud becomes more significant, it becomes more formalized, driving more interest in written policies. The attendees in this workshop will discuss their cloud policy thoughts, hopes, and dreams--and will share practical experience in the form, content, dissemination and enforcement of cloud policy.

Security leaders are drafting guidance documents for their executives and consultants who need to travel to China — to include a set of dos and don’ts, what to watch out for (at customs' sites, coffee bars, etc.) – in order to best protect corporate and personal information. This workshop will offer an exercise for drafting a set of such guidance.

Comodo Cybersecurity; Additional Session Details Coming Soon

McAfee; Additional Session Details Coming Soon

KnowBe4; Additional Session Details Coming Soon

Fasoo; Additional Session Details Coming Soon

One Identity; Additional Session Details Coming Soon

Beyondtrust; Additional Session Details Coming Soon

Darktrace; Additional Session Details Coming Soon

ThreatConnect; Additional Session Details Coming Soon

Zscaler; Additional Session Details Coming Soon

SecurityScorecard; Additional Session Details Coming Soon

The biggest challenge for SRM leaders is how to, more effectively, communicate with a range of stakeholders. Stop using acronyms, jargon and technobabble and get more traction, align with business goals and be viewed as a strategic leader.
1 - Benefits of better communication?
2 - What are the top causes of miscommunication?
3 - How can SRM leaders be more effective risk communicators?

Digital business is forcing changes in the focus, direction and currency for organizations. It is even changing what leaders believe is the management of risk. This presentation describes those changes, their impacts and your options in evolving current risk process— or allowing its extinction in favor of something new.

Cloud computing represents a fundamental shift in the way IT projects are planned, built, delivered, maintained -- and secured. Many existing practices and habits do not easily map to as-a-service models. How does cloud security differ from on-premises security? What are the most important new concepts and capabilities to understand and develop? How can we not fall into debate traps over whether the cloud is secure?

Risk management continues to be an area of growing maturity and investment for most organizations, as the risk landscape becomes increasingly complex and interconnected. As a result, new technology solutions are emerging to increase the collaborative nature of risk management and support data-driven decision making. This session explores how integrated risk management (IRM) will help improve risk management practices in 2019 and beyond.

Left to itself, SaaS becomes an unruly pet. Data shares open to the Internet, regulatory noncompliance, overspend and collaboration sprawl negatively impacts everyone. What are the problems with SaaS? What processes and policies can help manage SaaS use? What tools can help govern SaaS?

IT buyers just want to fix today's problems. But it’s time for you to think like an investor, and not get burned over the next technology shift.

● What are the steps CISOs must follow to build a strategic security roadmap, using Gartner's Hype Cycle and other predictors?

● How to assess time for new partnerships based on long- and short-term behavior of vendors?

● How do security vendors influence your business integrity?

Containers and microservices architectures require DevSecOps, a protection strategy different from traditional VMs with monolithic applications. Technical professionals tasked with securing containers must harden the CI/CD pipeline so that everything that ran through it can be considered secure.

This session will cover the different types of insider threat scenarios, and how you should incorporate these scenarios in your incident response playbook format. We will cover the indicators that could help identify compromised credentials, accidental and negligent activities, as well as malicious insider threats that require a coordinated response.

IBM: Additional Session Details Coming Soon

RSA; Additional Session Details Coming Soon

TITUS; Additional Session Details Coming Soon

Onapsis Inc.; Additional Session Details Coming Soon

Kenna Security; Additional Session Details Coming Soon

NetSPI; Additional Session Details Coming Soon

Terranova Security; Additional Session Details Coming Soon

Imperva; Additional Session Details Coming Soon

Venafi; Additional Session Details Coming Soon

Corelight; Additional Session Details Coming Soon

Application security continues to be a significant challenge for many organizations. This session covers the current outlook for application vulnerabilities and application security programs, as well as the newest developments in application security practices and technologies.

Society treats security like a black box and security people like wizards. They expect you to cast some spells, protect the organization, and if there is an incident, the primary question is “who made a mistake?” To address this, we can double down on teaching people the complexities and technology of security or we can change the conversation.

Privacy has come to be acknowledged as a fundamental human right, worldwide. Increasingly, regulatory pressure to enhance control over personal data affects how we look at our analytic activities, customer's rights and the CX, project development and outsourcing activities. Organizations need to establish a risk-based approach to handle personal data to mature privacy protection and deliver customer trust and satisfaction.

Providers must evolve their pricing and packaging in order to align to the primary way their products are being delivered - managed security services. This talk will cover the core ways the providers must evolve their licensing, pricing and integrations to promote their solutions to the managed service providers in the market.

This will be an update to previously presented work going about 2-3 years now on threat intelligence.
Key points covered in the session:
- Key points to be thinking about to get value from Threat Intelligence
- Key use cases we see clients implementing successfully
- Key technologies being adopted in modern security programs for intelligence lead initiatives

While the idea of cloud contingency planning as a means of risk management has been around for over a decade, it's not been adopted or become an imperative for organizations. However, with the increasingly complex ecosystem and IT environment, this idea has started to resurface in terms of business strategy conversations and regulatory evaluations for resilience. In this session, we will cover what it really means, if it's possible, and where organizations should consider starting this practice.

Cloud service providers may not always be ‘compliant’ with a regulation, although in some cases they do need to step up to specific requirements. The more mature a cloud service provider, the more help they can offer in demonstrating their compatibility with a regulation and in helping their customers understand how to use their offerings in a controlled and compliant way. This session addresses these common questions from risk, security, and procurement leaders. (1) How to contextualize security and privacy considerations for the cloud (2) How to gauge CSP's maturity in supporting compliance obligations (3) What tools to consider to better manage security and privacy compliance activities in the cloud.

Technical professionals are confronted with attacks that target web applications and APIs, and they struggle to find the appropriate mix of security controls. 1) What are the common attack patterns? 2) What technologies are useful in mitigating each type of attack? 3) What adjustments must be made for cloud-native application development?

Sustainable disruption brings relentless pressure to change and adapt, while keeping the spirit of a startup mindset. This session will address how emerging tech CEOs can enable organizational mechanisms by empowering disruptive thinkers and leaders without formal authority. This session will include an interactive project where attendees are asked to work together to create an object as a team and discover their own leadership style.

This workshop session will cover diving into an incident response scenario that requires for planning, response and recovery from a phishing attack. The initial phishing attack will be due to an accidental data disclosure that then enables the adversary to commit fraud, tarnish your brand, and includes elements of account takeover and business email compromise.

A one-page cybersecurity strategy has been the goal for CISOs forever and the effort always falls short. They are too technical and don't resonate with the business people, or are so 'soft,' technical staff doesn't know what to do with it.
Join us for this engaging workshop on how to craft a simple, easy to use one page strategy to propel your program to success

Join Security & Risk Chief of Research for an interactive discussion on Gartner's research strategy for 2019/20.

Varonis Systems: Additional Session Details Coming Soon

Verizon: Additional Session Details Coming Soon

Okta: Additional Session Details Coming Soon

Rapid7: Additional Session Details Coming Soon

Balbix: Additional Session Details Coming Soon

Ampcus: Additional Session Details Coming Soon

VMware: Additional Session Details Coming Soon

Fortinet: Additional Session Details Coming Soon

Cybereason: Additional Session Details Coming Soon

ReliaQuest: Additional Session Details Coming Soon

Cyxtera: Additional Session Details Coming Soon

As digital projects move from optimization to transformation, the ability to disrupt becomes a critical discipline. Coping with disruption requires the ability to recognize, prioritize and respond in the right way. This presentation examines how General Managers can evaluate, track and plan for seven major disruptions using Gartner’s Digital Disruption toolkit.

Not sure which exhibitors to meet with or what sessions to attend? Let Gartner Event Concierge help you create a custom agenda and schedule meetings. Just email us at Jaimee.Zimmerer@gartner.com pre-event or once you arrive, and we’ll be in touch soon.

Organizations are experimenting with artificial intelligence in security. As evaluation procedures mature, the first disillusions happen. This session will review the state of AI and machine learning usage in various security and risk management areas, and give CISOs recommendations to:
1. Navigate towards AI marketing
2. Define evaluation principle for solutions adding new algorithmic approaches to existing security fields
3. Prepare to avoid or minimize the backlash when results are not up to expectations

Lencioni turns his attention to the individual team-member, revealing the three indispensable virtues—humility, hunger and people smarts—that make some people better team players than others. Pat explores the power this combination yields, and illustrates how team members with these traits drastically accelerate the process of building high-performing teams.

Data, data everywhere and not a drop should leak. Your enterprise data wants to travel as broadly as it can — not only within the enterprise but across a panoply of cloud services and an endless proliferation of endpoints. Who needs heroic levels of DLP? How can you monitor, track, and manage something seemingly impossible? What are the best product and service options available today?

The increased use of AI in security has not gone unnoticed by attackers. In this session, we explore the attacker’s perspective on machine learning, covering adversarial as well as nefarious ML:

● How attackers may attack security solutions based on ML at training and at prediction stages

● How ML may accelerate innovation in attacker techniques.

There are simply not enough people with the right skills within security and risk management to address the increasing needs of organizations around the globe. This presentation addresses the challenges and opportunities S&RM leaders responsible for security operations looking to services providers to help alleviate the skills and talent shortage, allowing organizations to optimize, improve and accelerate their security and risk management programs and capabilities. This presentation will address Why and When to leverage outsourcing, what to outsource, and what to be aware of when outsourcing.

Please join us for a lively discussion with Larry Taxson, C2S Program Executive.

Women in Leadership: Movers & Shakers, Ceiling Breakers, Ruckus Makers

IoT Security is a big deal, and technical professionals need to be able to design effective security measures. Using the Gartner IoT reference model, this session explores risks that affect, and controls that are effective in IoT solutions.

Key Issues Covered:
-What are key risks and pitfalls in securing IoT?
-Which controls are similar to, or different from traditional security?
-How should organizations prepare for comprehensive IoT security?

Security and risk management leaders need to develop security strategies that treat data as a pervasive asset (and liability). New data privacy laws and the continued growth of data breaches are increasing business risks. Data security governance is an emerging risk-based framework that will help plan and orchestrate policies across data security products that are siloed and do not integrate.

Security incidents are not just a possibility but an inevitability. It is important for organizations of all size to have a well-planned incident response strategy, as well as the ability to retain outside assistance, if needed. This session will cover the options that an incident response retainer provides, as well as characteristics of various IR providers.

This roundtable will discuss what's working and what isn't indevice management and security for enduser computing covering unified endpoint management (UEM), enterprise mobility management (EMM) and mobile device management (MDM).

As privacy regulations evolve, SRM leaders with a focus on privacy are finding it harder to work with information, and almost impossible to combine multiple data sets, especially when working collaboratively with third parties. We will address your questions, and look at the techniques as well as relevant technologies that will allow you to develop a repeatable process to work with personal data. This session is meant to answer your questions when it comes to handling the risk of mining large data sets of personal information for the purpose of analytics, fraud prevention or undirected discovery.

Third-party applications and SaaS represent a large but opaque attack surface for Security and Risk Management Leaders. While no one can (or should) avoid using third-party apps, asking some key questions ahead of time can improve security outcomes:
What should I ask about privacy?
What elements of a Secure SDLC should I look for in vendors?
How can I make sure there are no hidden security surprises?

The use of SaaS continues to grow. Do they actually need IT? What is our role?

Participants in this end-user roundtable will compare notes on the best practice for the care and feeding of SaaS. We will discuss shadow IT, integration with identity services, the use of CASB, backup and recovery options. Can policy and planning actually reduce the pain and cost of SaaS, or is the situation permanently out of control? Preregistration is required. Seats are limited.

The CCPA introduces extensive challenges when handling personal information; this raises the baseline not only in California but across the entire US landscape. This session will give security and risk management leaders the capabilities to prepare, maintain & evolve the organizations privacy program not only for compliance with the new laws but also to develop a competitive edge to drive depth and breadth in their customer base.

There are many technology solution options available to manage the BCM program. Selecting the one most appropriate for your organization depends on your BCM program maturity, the buyer role, the scope of the program, the organization's geographic footprint, and more. In this workshop you will develop the framework for your organization's BCM software selection process.

RiskRecon: Additional Session Details Coming Soon

A10 Networks; Additional Session Details Coming Soon

Trustwave; Additional Session Details Coming Soon

Forescout Technologies; Additional Session Details Coming Soon

Veracode; Additional Session Details Coming Soon

Proofpoint; Additional Session Details Coming Soon

ESET; Additional Session Details Coming Soon

Vectra AI; Additional Session Details Coming Soon

Bitglass; Additional Session Details Coming Soon

BitSight Technologies; Additional Session Details Coming Soon

WhiteHat Security; Additional Session Details Coming Soon

Good information security hygiene is a must, but many organizations lose focus on getting the basics right, leading to an unjustified level of confidence in risk posture. Join us and learn:

● What are the key activities, capabilities and practices for organizations?

● What are the activities that you can delay or even skip entirely?

● Why doing the basics is more important than ever.

The deception market is in full swing with a healthy field of competitors. But what is the real value of deception technology to buyers, and what approach to providing using deception will win over buyers in the long run? This presentation discusses the current trends and approaches in the deception market, and looks forward to how the market might evolve.

Metrics should inform better decision making. “Business alignment” is spoken about frequently, but execution is challenging throughout the Gartner client base. Key risk indicators (KRIs) should have defensible causal relationships to business impacts and present leading indicators to decision makers. Gartner has developed a methodology to integrate risk and corporate performance that helps achieve these goals.

Like AI before it, quantum computing and related quantum technologies like quantum key exchange, quantum random number generation and homomorphic encryption are poised to make huge changes to the technology landscape as they mature. What are the important quantum computing technologies that will impact your business? How will long established security tools like RSA change?

Motivation is a fundamental driver of employee behavior that ensures the organization’s security. Security and risk management leaders can use positive and negative motivation — rewards and consequences — to urge staff to complete training and adhere to policies.

Key Challenges
-Determining which format for urging behavior appropriate to motivate security behavior — rewarding when encouraging action or punishing when preventing action — is complicated when management follows faulty instincts.
-Employees often do not perceive that the intent behind positive and negative formats is to drive greater competency and learning; rather than become motivated, they instead resent negative motivations and do not value positive ones.

Recommendations
-Security and risk management leaders overseeing information security should:
-Use a balance of reward and punishment to encourage appropriate behavior retention by understanding the primary motivators of their audience and then determining which consequences best address those motivations.
-Communicate what both motivation structures mean, why following them will be beneficial for individuals and how the motivation structures will be delivered, tracked and reinforced.

Come see how secure the latest versions of your mobile operating systems and devices are against the current mobile attacks. This session will show which operating systems and devices you need to be using along with third-party solutions to protect your organization. We will demonstrate attacks and also discuss the right EMM/UEM, MTD and other mobile security solutions you should be using today.

Midsize enterprises operate close to the wallet and don’t distinguish certain IT capabilities from one another. This is often the case with identity and access management (IAM) and security and risk management (SRM). As MSEs formalize these functions, security and risk management leaders must establish:

● What distinguishes IAM and SRM from one another? What are the similarities and dependencies?

● How do these contribute to organizational imperatives?

● How can we coordinate initiatives and interactions to contribute to business outcomes?
Participants will gain insight into peer experience, Gartner research, and trends influencing their security and risk management program.

CIO's are faced with the challenge of a competitive labor market and often miss opportunities to attract the right skill sets to digitally transform. However, U.S. EEO office reports that despite growing women grads in STEM, women remain underrepresented in technology fields. This session focuses on how traditional recruiting efforts might be sabotaging diversity in the workplace, and placing the organization at risk.

Most CEOs are excellent problem solvers, but too often CISO’s seek approval rather than enable their CEO’s to participate in the decision making process. This causes disengagement, and is at the root of many of the challenges CISOs and IT leaders face. CISO’s need to use different tools to get their CEO to the table and keep them engaged so that they value the outcome of the decisions we ask for.

Demisto; Additional Session Details Coming Soon

Illumio; Additional Session Details Coming Soon

HackerOne; Additional Session Details Coming Soon

FireMon; Additional Session Details Coming Soon

Valimail; Additional Session Details Coming Soon

Without understanding culture, we will have a difficult time understanding open- and closed-mindedness. Dr. Robbins quotes a famous sociologist to explain how culture plays a key role in how humans behave in a world full of differences. Culture also ties into the pursuit of inclusion & innovation, and it has everything to do with teamwork and leadership.

Many midsize enterprises are struggling to attract and retain cybersecurity talent. Join us for this peer-driven discussion on how to manage with a small team. How have you successfully overcome these constraints? When is a managed service the answer? What makes the most sense to keep in-house? Preregistration is required. Seats are limited.
This session is a good fit for you if your organization has between five and 50 people in IT and an IT budget between $5 million and $30 million. We prequalify attendees for midsize enterprise sessions based on annual revenue between $50 million and $1 billion.

In this session, attendees MUST bring questions, even when afraid. Although Gartner is not in the business of determining what is compliant and what is not, foundational privacy insights can be shared between participants. Questions will be dealt with like 'what's purposeful processing?,' 'what to mind when outsourcing?,' and 'where is privacy going in the world' are only suggestions. End users only, registration required

Vulnerability management is still not a standard practice for many organization even though it should be a core component of good security hygiene. This can be a bigger issue for resource challenged MSEs. This roundtable will help MSE participants understand what has worked and not worked for their peers, across people, processes and technologies, when implementing a vulnerability management capability.

Discuss challenges, lessons learned, opportunities and latest trends with your peers in a facilitated roundtable discussion.

CASB customers unite! Now that CASBs have risen in popularity and, for many organizations, become parts of their overall cloud security strategies, we want to hear about your experiences. Gartner's CASB analysts will host this roundtable for CASB customers to share tips and tricks for valuable proofs of concepts, successful implementations, and resolved and ongoing issues during and after deployment. If you've replaced one vendor with another, we'd like to know the reasons.

A workshop to discuss and facilitate MSE partners on how to find the right MSSP to meet their security use cases and the key capabilities that need to exist to build a good working relationship.

This workshop addresses the challenges of implementing both Bring Your Own Device (BYOD) and Choose Your Own Device (CYOD) and how the two can be used together effectively to create an effective strategy for the Digital Workplace.

Tenable, Inc.; Additional Session Details Coming Soon

Agari; Additional Session Details Coming Soon

MediaPRO; Additional Session Details Coming Soon

Sophos; Additional Session Details Coming Soon

Cofense; Additional Session Details Coming Soon

SailPoint; Additional Session Details Coming Soon

IntSights: Additional Session Details Coming Soon

Infosec; Additional Session Details Coming Soon

Hitachi ID Systems; Additional Session Details Coming Soon

Created to support U.S. federal agencies’ adoption of cloud technologies, the FedRAMP program is attracting interest from other industry verticals and geographies. This session provides security and risk management leaders with key factors to consider when evaluating FedRAMP-authorized cloud options.

Regional and country-specific privacy mandates continue to increase. Mapping commonalities and managing risks for differences are crucial for security and risk leaders. This presentation offers a guide on reusing GDPR compliance investment for other major privacy requirements.

Earlier this year we published updated guidance on how to better run this foundational security process. This presentation will go over this new way of doing vulnerability more effectively.

- Why we made some significant changes to our guidance on this critical process
- What does the new RBVM actually look like
- How to bring this to life inside your own security programs

How do you start building a cloud security architecture? Do you use business needs and context to guide the selection of logical controls? What cloud provider native and third-party vendor security are available as security components? This session presents steps to construct cloud security architecture while aligning with required best practices, frameworks and standards.

Buyers are increasingly adding incident response services, but fewer are adding breach response services. These are distinct offerings, but often confused as being the same service. In this session for S&RM leaders we explain the differences between the services, the questions to consider when determining if you need one or both, and the provider landscape for these services.

Blockchain has become a much-hyped technology with a lot of potential. Yet, with cyberthreats and data breaches, is this technology secure? As blockchain becomes more mainstream, CISOs must understand the security and privacy implications. What are the security risks of different models blockchain trust? What are the PKI issues inherent in blockchain and what's the best way to address them?

What is the single most crucial security control? Have the cloud and mobility destroyed civilized security as we know it? Everybody has ideas. But who has the answers? Three Gartner analysts, who have probably too many opinions, will attempt to upstage each other on stage. And you get to watch!

Fraud has historically been seen as a separate problem from information security and IT security. Yet for some time, its been clear that serious and organised fraud rings are using the same tricks as seen in advanced hacking attempts. Security and Risk management leaders attending this will benefit from learning how to align their fraud, risk and technical security resources and how improved intelligence can assist in this complex task.

With many enterprises still misunderstanding on the different values TI can deliver, technology and service providers can benefit from an alignment to the Gartner threat intelligence maturity matrix to develop a product/service portfolio strategy that caters to different levels of readiness and potential demand. The presentation will highlight how TSP can develop a roadmap to focus on different product/services capabilities and therefore expand addressable market opportunities .

This presentation will highlight the opportunities made available to security tech providers and provide guidance on the roles, controls and approaches to focus on to be successful in this fast maturing market.

The business impact analysis (BIA) is the essential foundation for the development of cross-functional business continuity and disaster recovery plans. This session will cover how the BIA can provide vital information in the preparations for managing a cyberattack.

Vendor risk management isn’t just required in highly regulated industries, its good practice in all industries. But today’s approaches are mired in lengthy and complex assessment surveys that span a variety of threats and risks. This session will discuss how to improve and enhance your model for managing vendor risks. 1) Why is vendor risk management important now? 2) What are the current best practices in a vendor risk management life cycle? 3) How can we improve the efficiency and value of our vendor risk management programs?

The MITRE AT&CK framework has quickly become a popular tool for many security operations practices. This session illustrates how it can be used to address some of the most common challenges of security operations centers: How to create security monitoring use cases? How do we know if we are looking for right things? What should be the starting list of use cases on our SIEM deployment?

It is now common practice, and in certain cases mandated by regulation, for a board of directors to require periodic reporting and event-based updates on the state of security and risk management in an enterprise. Developing and communicating an effective message that balances the need to protect with the need to run your business is critical to success. However, in many cases, Security and Risk Leaders are left frustrated and/or unable to answer elementary questions that the Board asks. This presentation will discuss: 1) What is the role of the board and what do they care about?
2) What are some of the most common questions that Board Members Ask? (and a talk track for these questions)
3) How can Security and Risk Leaders flip the conversation to educate the Board on issues that they need to know about?

In 2018, we saw a 1.3 Tbps attack against Github, the largest DDoS incident ever. The bad guys continue to innovate and launch ever more damaging attacks. In this session, we will analyze strategies for mitigating DDoS attacks and provide guidance for finding a solution that will match your budget.

Effective cybersecurity is predicated on a defensible program. This presentation introduces and discusses the characteristics of a defensible security program.
Key issues:
- What are the components of a cybersecurity program?
- What makes the program defensible to key stakeholders?

Enterprise architecture evolves, but network segmentation remains a foundational element for network security leaders. While the principle is not new, finding the right balance between security and agility remains difficult. Many network segmentation projects fail before they reached the expected objective. Successful network segmentation projects require to:
1. understand what segmentation should achieve, and what are the required complementary approaches
2. Leverage best practices for zoning decision, policy management and segmentation enforcement
3. Know where to start, and when to stop

Not sure which exhibitors to meet with or what sessions to attend? Let Gartner Event Concierge help you create a custom agenda and schedule meetings. Just email us at Jaimee.Zimmerer@gartner.com pre-event or once you arrive, and we’ll be in touch soon.

We have always had a fascination with the future. From the Oracle of Delphi, to predictive analytics, and today’s weather forecast. But particularly in times of risk, pressure and uncertainty, it is easy to forget about the future. That’s far away. But thinking about the future gives you the perspective that you need in order to add value. Today, every professional should be a bit of a futurist, to take the lead in a volatile, uncertain, complex and ambiguous world. Learn from Gartner's global "Digitopia" studies, with the zeitgeist from over 25 countries.

In flying, headwinds slow you down. At their worst, they cause you to change your plans and impact the effectiveness of weapons in combat. Headwinds demand that pilots be resilient and resourceful, literally on the fly. “Headwinds are the perfect metaphor for the change impacting organizations and individuals today,” says 21-year Air Force veteran Nicole Malachowski. A former fighter squadron commander and mission-ready pilot in three operational fighter squadrons and the first woman to fly on the Air Force Thunderbirds, Nicole has the perfect message to inspire audiences to think differently about the headwinds of change they face – organizationally and personally. Drawing on her extraordinary Air Force career, Nicole offers lessons on leadership, followership, and overcoming adversity. She weaves storytelling with breathtaking video from the cockpit of her jet as the Thunderbirds execute precision turns, rolls, and loops – all just 36” from one another at 400 mph and just 300 feet off the ground. Nicole’s keynote helps audiences ignite their own indomitable spirit in order to succeed far beyond what they might dream. “Failure isn’t fatal,” she says, “it’s the price of entry if you want to achieve something great.”

Gigamon; Additional Session Details Coming Soon

Morphisec, Inc.; Additional Session Details Coming Soon

Almost 50% of CIOs indicate that culture is the biggest barrier to digital business success. Culture is one of five major imperatives of ContinuousNext, a strategy to converge IT with its organization. A risk-aware culture ensures that the protection of that convergence is a priority. This presentation Introduces ContinousNext, risk culture fundamentals, and actions to ensure risk-aware culture.

Blockchain is a technology that depends on wide-spread, public dissemination of information to generate trust and resilience. However, this is often seen as a problem for privacy, especially with regulations like GDPR which hold a high bar for consent and data privacy. Can blockchain meet these kinds of regulatory requirements? If so how? What are the limits of blockchain in protecting user data?

IAM encompassess workforce and customer identities and access, to manage risk, reduce fraud and other losses, and enable desired business outcomes. Digitalization forces IAM leaders to focus on time to value, employee engagement, and customer satisfaction.
Key Issues:
What does a successful IAM program look like?
How can IAM quickly deliver real business value and support cyber defense?
How will IAM technology investments evolve?

Digital society is a fact, taking shape as we continue to develop our organizations and value propositions in communities, contact and collaboration. The changes ahead may be unforeseen, though must be guided and chosen deliberately to maintain universal human rights like privacy and freedom. Ethical dilemmas enable the conversation and provide the choices to be made to achieve the synergy needed between what your customer wants and what your technologies enable.

For years, network security has been built and deployed to erect a strong and impenetrable perimeter under the assumption preventing anything malicious from getting in means everything is implicitly safe on the inside. That is now a bad assumption and your customers know it. Come learn how to evolve your products for success through detection.

As the second largest economy, China continues to attract businesses to enter the market and expand as these businesses grow. But, security and risk leaders face a set of unique challenges. How to understand these challenges and apply best practices will enable CISOs and risk leaders to assure business successes.

To speed up the development and delivery of quality software and increase it's security, we must manage our identities, their authentication, authorization, roles, and privileges across system and enterprise boundaries.

This presentation presents a structured approach to plan, establish and efficiently operate a modern SOC. Gartner clients with successful SOCs put the premium on people rather than process and technology. People and process overshadow technology as predictors for SOC success or failure.

● Do I need a SOC and can I afford it?

● Where can I rely on automation and where do I need to outsource or delegate?

● Can SOAR tools really automate my SOC?

Most organizations have an incident response plan to cover malware outbreaks, or very specific data loss scenarios. There are three additional scenarios that every incident response plan should include, and this session will cover what you should add to your incident response plan to better cover incidents of compromised credentials, insider threats and ransomware.

How much risk is too much? Let's manage to our risk appetite! Sounds easy, but most CISOs don't know what their enterprise or cybersecurity risk appetite is. Join us on a trip to effective and efficient risk management.
1 - What is risk appetite and why you need to know yours?
2 - Best practices for having risk appetite discussions
3 - What does a good cybersecurity risk appetite statement look like?

Application security testing is challenged by the pace and complexity of application development. In this session, we will cover how application security testing technologies and offerings might advance in the coming years to meet the demands of digital business.

Organizational resilience must evolve with the changing needs of the modern digital world. Gartner offers a three- to five-year outlook and guidelines for security and risk management leaders to advance this discipline and achieve business outcomes. This presentation will discuss how to rollout an organizational resilience program that matches your organizational driving type.

This session discusses changes introduced in NIST CSF v1.1, NIST 800-53 v5, and RMF v2, as well as NIST 800-53 A (assessment guidance) and how it impacts existing cybersecurity activities.

Great engagement between stakeholders is an essential component to the success of any risk and security program. Treat the experience of how risk and security is delivered as a fundamental component of what is delivered. The same techniques used to excel in customer experience can also be used to improve the delivery of appropriate technology risk and cybersecurity.

Siloed IoT/OT implementation and management distract from the real security and safety implications of the convergence of digital technologies and physical assets. To be effective, security and risk management leaders must instead holistically address the needs of cyberphysical systems. This session will discuss the opportunities and challenges related to securing cyberphysical systems.

With cloud becoming a must-have or can't-avoid for many organizations, security teams are increasingly concerned with advanced attacks and regulatory requirements around data confidentiality and privacy. This session first covers basic encryption and key management in the cloud, and then examines other techniques — including emerging hardware-based approaches — that increase the trustworthiness of cloud-based infrastructure-as-a-service (IaaS).