View By:

Agenda / Day

Monday, September 14, 2020 / 12:15 PM - 12:45 PM EDT

Top Security Projects for 2020-2021

Brian Reed, Sr Director Analyst, Gartner

Security and risk management leaders should implement or improve upon these top 10 security projects in 2020. Any security project must be supported by technology, address the changing needs of cybersecurity and reduce risk by adopting a CARTA strategic approach with all security projects.

Monday, September 14, 2020 / 12:15 PM - 12:45 PM EDT

A Pragmatic Approach to Implementing a Zero Trust Security Architecture

Neil MacDonald, Distinguished VP Analyst, Gartner

Changes in the threat landscape and ineffectiveness of current security architectures has driven an explosion of interest in zero trust security architectures. This presentation will build on the concepts of zero-trust networking and extend to operating systems, applications (including development), users and data. Topics will include the new NIST draft standard for zero trust as well as technologies and vendors providing solutions.

Monday, September 14, 2020 / 12:15 PM - 12:45 PM EDT

DevSecOps: What Does Success Look Like?

Pete Shoard, Sr Director Analyst, Gartner

Dale Gardner, Sr Director Analyst, Gartner

DevSecOps promises to at last deliver effective application security — but lasting ties to testing-oriented, gateway-focused approaches guarantee failure. The urgent question then, is what does "success" look like? In this session we'll examine the organizational, process, and tool changes needed to help ensure a successful DevSecOps program and robust application security.

Monday, September 14, 2020 / 12:15 PM - 12:45 PM EDT

Outlook for Endpoint and Mobile Security

Rob Smith, Sr Director Analyst, Gartner

Endpoints security challenges are rising to new levels of complexity as the definition blurs across clouds, BYO, workstations, mobile, wearable, “things” and pure software. This session will address:
. The evolution of device security to a single Unified Endpoint Security (UES) solution
. The evolution of network security from on-premise to cloud based since devices are frequently accessing cloud based services.
. The evolution of modern data protection for devices including VDI, encryption, and DRM

Monday, September 14, 2020 / 12:15 PM - 12:45 PM EDT

Outlook for Identity and Access Management

David Mahdi, Sr Director Analyst, Gartner

IAM encompasses workforce, partner, citizen and customer identities and access, to manage risk and enable desired business outcomes. Decentralized identity, CARTA, fraud management and autonomous governance will drive opportunities and challenges for IAM leaders in 2020 and beyond. Key Issues:
. What does a successful IAM program look like in 2020?
. How can IAM quickly deliver real business value, improve customer retention and support cyber defense against fraud?
. How predictive and autonomous IAM governance will play a role in modern challenges in compliance and privileged access management?
. How will passwordless and decentralized identity disrupt old business models for authentication and access management?

Monday, September 14, 2020 / 12:15 PM - 12:45 PM EDT

Outlook for Risk: Technology, Information, and Resilience

Khushbu Pratap, Director Analyst, Gartner

This session walks through the state of risk management practices across technology and information exposures that influence organizational resilience. The current and future role of risk management leadership will be laid out in this session.

Monday, September 14, 2020 / 12:15 PM - 12:45 PM EDT

Use Risk, Value and Cost to Change Executive Priorities and Investments in Security

Paul Proctor, Distinguished VP Analyst, Gartner

Cybersecurity should balance the need to protect against the need to achieve desired business outcomes. This balance can best be achieved through risk-optimized decisions in a business context that meet stakeholder needs and expectations. SecQuilibrium is the right balance between the needs to protect and the needs to run your business.

Monday, September 14, 2020 / 01:45 PM - 02:15 PM EDT

Creating Trust and Safety on the Internet

Jonathan Care, Sr Director Analyst, Gartner

The internet, like any other society, is populated with all kinds of people. Some people try to get real work done while others have sensitive or proprietary data they must protect. Successful e-businesses, — whether retail, financial (or other) services — social platforms, sharing economies all make use of this untrustworthy medium.
- What does trust and safety mean?
- Where is it applicable?
- How do we know where it is being applied?
- What can we observe?
- What can we measure? Since mulling this idea on client inquiries we have seen the industry start to gain traction around this idea in 2019. .
- What does trust and safety mean?
- Where is it applicable?
- How do we know where it is being applied?
- What can we observe? What can we measure?

Monday, September 14, 2020 / 01:45 PM - 02:15 PM EDT

Five Cultural Elements for Successful DevSecOps

Mark Horvath, Sr Director Analyst, Gartner

Tools play a crucial role in DevSecOps, but even the best tool is no good if no one uses it. This session goes over five cultural practices the most successful teams use to move from DevOps to DevSecOps, without slowing everything down.

Monday, September 14, 2020 / 01:45 PM - 02:15 PM EDT

Outlook for Data Security

Ramon Krikken, Distinguished VP Analyst, Gartner

This session covers current trends and emerging topics in the area of data security. From databases to files, threats are rapidly evolving and countermeasures slowly follow. Planning a data-centric roadmap for security governance and security architecture is a critical component of any security and risk management program.

Monday, September 14, 2020 / 01:45 PM - 02:15 PM EDT

Outlook for Privacy 2021

Nader Henein, VP Analyst, Gartner

Privacy is not slowing! Consumers continue to demand that their privacy be protected, not just respected and legislators continue to react by enacting data protection laws. It is not sufficient (or efficient) to focus on baseline compliance. This session describes the latest developments in the landscape and steps to evolve the privacy management program from focusing on compliance only to value creation in the business.

Monday, September 14, 2020 / 01:45 PM - 02:15 PM EDT

The Economics of Cyber Security: Using the ‘Dismal Science’ to Make Better Security Decisions

Tom Scholtz, Distinguished VP Analyst, Gartner

Economics is called “the dismal science” because scarce resources mean not every need can be met. As a security and risk leader with unlimited challenges and limited resources, you face difficult decisions about what to prioritize. Is there a better way to balance digital business opportunity against cyber risk? What are the opportunity costs of your security investments? How can you articulate the business value of security? If you treat data as a financial asset, can economic models help you make more effective investment decisions? In this keynote, we’ll look at how looking at security and risk dilemmas through the lens of economics can help you make better decisions. We will also discuss trends in security spending, and introduce new tools, models and concepts to help you understand the impact of tradeoffs, improve cost optimization and evaluate where resources will have the greatest impact on security and the business.

Monday, September 14, 2020 / 01:45 PM - 02:15 PM EDT

You’ve Got Cloud Security All Wrong — Why Identity and Data Security Are Paramount in a Cloud World

David Mahdi, Sr Director Analyst, Gartner

In a world of cloud, does infrastructure security matter? As organizations move more services to the cloud, the problem shifts to managing user access and data. Attend this session to learn about emerging trends on the convergence of cloud, identity and data security, as well as best practices regarding cloud security, that you can leverage now.

Monday, September 14, 2020 / 02:30 PM - 03:00 PM EDT

Leadership Vision for Security and Risk Management 2021

Jay Heiser, VP Analyst, Gartner

The challenges to security and risk management programs range from governmental/political intervention to digital business adoption to the impact of organizational culture of running a business. Security and Risk Management (SRM) leaders must develop a coherent program based on a clear vision and strategy. This presentation will address:
. What constitutes an effective vision and strategy for SRM leaders?
. What are the elements of a SRM program?
. What are the drivers shaping SRM strategy in 2020-2021?

Monday, September 14, 2020 / 02:30 PM - 03:00 PM EDT

Outlook for Application Security

Dale Gardner, Sr Director Analyst, Gartner

DevOps, new deployment models and technologies pose an existential threat to application security programs. But all is not lost. In this session, we'll show how — by embracing the tenets of DevOps, adopting new approaches to application security, and leveraging evolving security technologies — it's possible to achieve success in DevSecOps, with lessons learned for all development styles.

Monday, September 14, 2020 / 02:30 PM - 03:00 PM EDT

Outlook for Security Monitoring and Operations

Augusto Barros, VP Analyst, Gartner

Security monitoring and operations are rapidly evolving to keep up with a very dynamic threat landscape. Automation, advanced analytics and machine learning are some of the tools leveraged by security professionals to keep up with threats. This session will address these key issues:
. What trends are affecting security operations?
. What defines best-in-class security operations of 2020?
. What is the outlook for security monitoring and operations for the years ahead?

Monday, September 14, 2020 / 02:30 PM - 03:00 PM EDT

The Future of Endpoint Management and Security in a Post-COVID-19 World

Rob Smith, Sr Director Analyst, Gartner

How is endpoint device management and security evolving since the COVID-19 crisis? What are the best practices to manage and secure endpoints today and tomorrow? This session will address what should be done today while keeping an eye on the future as technology evolves.

Monday, September 14, 2020 / 02:30 PM - 03:00 PM EDT

Vendor Risk Management Is Now a Must-Have Discipline

Christopher Ambrose, VP Analyst, Gartner

Edward Weinstein, Sr Director Analyst, Gartner

Vendor risk management isn’t just required in highly regulated industries, it's good practice in all industries. But today’s approaches are mired in lengthy and complex assessment surveys that span a variety of threats and risks. This session will discuss how to improve and enhance your model for managing vendor risks.
. Why is vendor risk management important now?
. What are the current best practices in a vendor risk-management life cycle?
. How can we improve the efficiency and value of our vendor risk-management programs?

Tuesday, September 15, 2020 / 11:00 AM - 11:30 AM EDT

Guest Keynote

Tuesday, September 15, 2020 / 11:45 AM - 12:15 PM EDT

Building an Information Security Workforce Strategy

Beth Schumaecker, Sr Director, Advisory, Gartner

Supporting the business during the digital era requires that Information Security staff possess a much more diverse set of skills than in the past. This Information Security Strategic Workforce Planning session will focus on building out the inputs we need to orient our planning around the skills and competencies essential for success.

Tuesday, September 15, 2020 / 11:45 AM - 12:15 PM EDT

COVID-19 as a Resilience Game Changer: How the World Will Never Be the Same

Roberta Witty, VP Analyst, Gartner

The COVID-19 pandemic has shown how focus on efficiency has greatly hampered pandemic response and continuity of operations. The result is a dearth of organizational resilience. This session will present the lessons learned that every organization must now integrate into operations so that panic and chaos don't take over again during crisis situations.

Tuesday, September 15, 2020 / 11:45 AM - 12:15 PM EDT

How to Respond to the 2020 Threat Landscape

Katell Thielemann, VP Analyst, Gartner

David Gregory, Sr Director Analyst, Gartner

The threat landscape is a moving target. Attack campaigns might hit multiple organizations, but each enterprise should analyze its own threat landscape. Security and risk management leaders should gain baseline knowledge on:
. Optimizing Prediction and Prevention
. Knowing When Detection is Required
. Preparing to Respond When Things go Wrong

Tuesday, September 15, 2020 / 11:45 AM - 12:15 PM EDT

IAM Leaders Guide to PAM

Felix Gaehtgens, VP Analyst, Gartner

An introduction for privileged access management. What value does PAM bring today to reduce your security risk? What do you need to know about PAM to build an outlook for the future? AM vs. IGA vs. PAM. Trending questions about PAM.

Tuesday, September 15, 2020 / 11:45 AM - 12:15 PM EDT

Outlook for Cloud Security

Steve Riley, Sr Director Analyst, Gartner

Cloud security remains a top priority. This presentation summarizes the problems, recommended processes, and new product types to address three key issues:
. What are the unique risks associated with public cloud service providers, and how can they be controlled?
. What are the unique security challenges of IaaS and how can they be mitigated?
. What are the unique control challenges of SaaS, and how can they be addressed?

Tuesday, September 15, 2020 / 11:45 AM - 12:15 PM EDT

Technical Insights: Do You Still Need a SIEM?

Augusto Barros, VP Analyst, Gartner

For years SIEMs have been the cornerstone of security operations centers and the primary security monitoring tool for many organizations. However, with the adoption of newer threat detection tools, massive migrations to cloud services and the increasing adoption of technologies such as IoT and mobile, does it still make sense to invest in a SIEM? This session addresses the role of the SIEM in a modern SOC, covering the following issues:
- Is the SIEM capable of detecting modern threats?
- Does the SIEM scale to address the volume of data generated by the cloud?
- Is it possible for a SOC to operate without a SIEM?

Tuesday, September 15, 2020 / 11:45 AM - 12:15 PM EDT

Technology Risk and Cybersecurity Metrics for Your Board

Srinath Sampath, Sr Director Analyst, Gartner

Reporting risk and security to your board is challenging for every organization in the Gartner client base. Executives don’t know what they need. We offer these concrete examples that share all the necessary characteristics to satisfy non-IT executives and your board.

Tuesday, September 15, 2020 / 12:30 PM - 01:00 PM EDT

Applying CARTA to Access Management

Michael Kelley, Sr Director Analyst, Gartner

As a security framework, all elements of CARTA can be applied to any technology. For access management, this includes concepts like continuous authentication and continuous authorization, applying dynamic (always being evaluated) approaches to access management. In this approach, adaptive and contextual authentication, as well as leveraging session management as a control plane, and UEBA as for visibility, will allow a near-real-time response to a variety of AM issues, including credential theft, session hijacking and others.

Tuesday, September 15, 2020 / 12:30 PM - 01:00 PM EDT

Creating a Defensible Data Security Strategy Requires an Economics and a Data Risk Assessment

Brian Lowans, Sr Director Analyst, Gartner

Any business that creates, stores or processes data must identify, prioritize and mitigate business and financial risks. Security and risk management leaders must understand the economics of the business choices and risks that result. Orchestration of adequate security and privacy controls is critical to mitigate these risks.

Tuesday, September 15, 2020 / 12:30 PM - 01:00 PM EDT

Deception Should Be Part of Your Threat Detection Strategy

Pete Shoard, Sr Director Analyst, Gartner

During this session, we will cover the different deception deployment models, the benefits and limitations of deception products and services and how do you need to have your deception technology managed. Attendees will better understand deception as part of a wider security strategy, availability of products on the market and how service providers are adopting this technology.

Tuesday, September 15, 2020 / 12:30 PM - 01:00 PM EDT

How Leaders Can Support Women in IT

Christie Struckman, VP Analyst, Gartner

Gender imbalance is stagnating if not getting worse in many IT organizations. The challenge is not just hiring more women, it’s also not losing them. Leaders can support the women in IT by creating, curating and managing a pipeline program. Creating an inclusive environment also means confronting behaviors that marginalize women.

Tuesday, September 15, 2020 / 12:30 PM - 01:00 PM EDT

How to Address Risk and Security in SaaS Agreements

Christopher Ambrose, VP Analyst, Gartner

Luke Ellery, Sr Director Analyst, Gartner

Risk and security teams struggle to ensure the contractual clauses in SaaS agreements protect their organization or comply with internal policy and external regulation. This session will provide insight to help you identify the key contractual clauses that must be addressed to protect your organization:
● The challenges in negotiating SaaS agreements: What can realistically be achieved?
● What are the key contract clauses to protect your data and minimize risk?
● What provisions do we need to reduce risk at termination or transition to another supplier?

Tuesday, September 15, 2020 / 12:30 PM - 01:00 PM EDT

Model Your Risk Assessment on the Digital Business Runway

Jie Zhang, VP Analyst, Gartner

Digital transformation relies heavily on new technology adoptions. While organizations innovate and create values through digital business, a set of new risks are emerging. These emerging risks require security and risk leaders' special attention. This session equips you with a model to assess the emerging risks.

Tuesday, September 15, 2020 / 02:00 PM - 02:30 PM EDT

Digital Business Requires a Delicate Balance in Risk Culture: What's Yours Like?

Srinath Sampath, Sr Director Analyst, Gartner

To succeed at digital business, organizations need to make bold & innovative business choices while simultaneously protecting their business outcomes. The culture of the organization - specifically as it relates to risk-taking - is a significant yet underutilized driver. This session will cover how to build a risk culture that powers your digital future.

Tuesday, September 15, 2020 / 02:00 PM - 02:30 PM EDT

How to Write a Recovery Plan

Roberta Witty, VP Analyst, Gartner

Recovery plans vary in quality and quantity based on their age ("We have a plan that is five years old"), the experience of the team developing the plan, the type of automation being used or not and more. This session will present best practices for developing recovery plans that actually work in a business disruption.

Tuesday, September 15, 2020 / 02:00 PM - 02:30 PM EDT

IT Leaders Guide to IAM Program Management

David Collinson, Sr Director Analyst, Gartner

IT leaders often struggle to know where to begin and how to initiate a well-run IAM program. This session will help you by taking you through the initial steps, best practices and lessons from organizations that have been through this process before.

Tuesday, September 15, 2020 / 02:00 PM - 02:30 PM EDT

Outlook for Network Security

Lawrence Orans, VP Analyst, Gartner

The cloud era is forcing network security professionals to adapt on several fronts. Enterprises are spending more on cloud-based security services, as a replacement for physical appliances in private data centers. Also, as enterprises move workloads to IaaS clouds, they are turning to micro-segmentation to secure key assets. This session will deliver key insights into these important trends.

Tuesday, September 15, 2020 / 02:00 PM - 02:30 PM EDT

Outlook for Security Talent, Careers, and People

David Gregory, Sr Director Analyst, Gartner

Richard Addiscott, Sr Director Analyst, Gartner

The information security profession is growing at a rate of 37% through 2022. Organizations need to ensure that they recruit, develop and retain the right talent to keep up with this demand. This presentation explores how organizations will need to extend diversity, flex recruitment strategies and create the right organizational culture to recruit, grow and retain the best talent.

Tuesday, September 15, 2020 / 02:00 PM - 02:30 PM EDT

Technical Insights: The Future of Cloud Security Posture Management

Richard Bartley, Sr Director Analyst, Gartner

Cloud security posture management services are now offered by cloud providers, CASB service vendors, firewall vendors, as well as dedicated vendors. Which is the right set of services for you and your cloud implementation? This session takes a look across these capabilities and discusses priorities and technical directions.

Tuesday, September 15, 2020 / 02:00 PM - 02:30 PM EDT

When It Comes to Security Metrics, Context Is More Important Than Content

Jeffrey Wheatman, VP Analyst, Gartner

Useful and actionable security metrics continue to be elusive. Program leaders often share what they have rather than what they should. Maybe we have been going about it the wrong way. Maybe, the problem isn’t what you tell your stakeholders, but rather the way you tell them.
. What are the biggest challenges in reporting security metrics?
. Why context is more important than the actual metrics?
. What can leaders do to provide the proper level of context and drive action?

Tuesday, September 15, 2020 / 02:45 PM - 03:15 PM EDT

Five Steps to Creating a Simple Business-Aligned Cybersecurity Strategy

Jeffrey Wheatman, VP Analyst, Gartner

Everyone knows how important strategic planning is for success and yet it is an immense challenge … for pretty much everyone. Join us to learn a simple approach that can be used to create a simple story that links security program activities to business goals in a way the drives better decisions.
. What makes a good strategy?
. What kind of narratives work?
. What does a sample strategy look like?

Tuesday, September 15, 2020 / 02:45 PM - 03:15 PM EDT

Maturing Business Continuity Programs

David Gregory, Sr Director Analyst, Gartner

Continuous improvement of business continuity plans is essential to ensure that they continue to reflect the organizational needs and priorities. This session will show how to develop, grow and benchmark your resilience program.

Tuesday, September 15, 2020 / 02:45 PM - 03:15 PM EDT

Passwordless Authentication, More or Less

David Mahdi, Sr Director Analyst, Gartner

There are many different ways to eliminate passwords to significantly improve UX/CX, enhance security or both, but technology constraints make a universal approach elusive. IAM must take pains to craft a cohesive strategy across key use cases.
● What are the key drivers for passwordless authentication?
● What options are available and what value do they provide?
● What are the barriers to going passwords – and what does success look like?

Tuesday, September 15, 2020 / 02:45 PM - 03:15 PM EDT

The Diversity Dilemma

Debra Christmas, Sr Executive Partner, Gartner

As organizations work to address the ongoing diversity issue in tech, there remains an intense focus on the lack of gender diversity. Despite being half of the workforce, women are grossly underrepresented. Add race and ethnicity to the mix and the numbers are abysmal. This session will talk about current issues and will present concrete actions for moving the dial.

Tuesday, September 15, 2020 / 02:45 PM - 03:15 PM EDT

The Future of Network Security Is in the Cloud: Introducing the Secure Access Service Edge

Neil MacDonald, Distinguished VP Analyst, Gartner

Digital business is turning organizations inside out. More users, data, systems and applications will be outside of the enterprise than inside. This drives a need for cloud-based delivery of networking (notably SD-WAN) and security capabilities (notably SWG) to get closer to the users that need access to the internet and their data, systems and applications that are pretty much everywhere but a central office. Here, we introduce the secure access service edge where SD-WAN, FWaaS, SWG, CASB, WAF, DNS protection and ZTNA converge over the next several years creating significant disruption in the vendor landscape and opportunities for every organization.

Tuesday, September 15, 2020 / 02:45 PM - 03:15 PM EDT

The State of the IoT Network Landscape

Tim Zimmerman, VP Analyst, Gartner

Organizations must recognize the differing networking requirements for IoT use cases in order to deploy the correct network and security architecture and ecosystem, otherwise they will fail. This presentation reviews different market segments and analyzes usage scenarios to identify the network strategy needed to properly implement IoT solutions.

Wednesday, September 16, 2020 / 11:00 AM - 11:30 AM EDT

Guest Keynote

Wednesday, September 16, 2020 / 11:45 AM - 12:15 PM EDT

Cut Through the "Zero Trust" Vendor Hype

John Watts, Sr Director, Analyst, Gartner

"Zero trust" has emerged as a popular buzzword for the security industry in 2020. Security and risk management leaders need help cutting through the vendor hype for practical advice on how to succeed including:
- Practical implementations of zero trust.
- What problems it solves, but more importantly, what it doesn't.
- Real-world implementation feedback from clients.

Wednesday, September 16, 2020 / 11:45 AM - 12:15 PM EDT

Fighting Ransomware in Midsize Enterprises

Paul Furtado, Sr Director Analyst, Gartner

Ransomware continues to wreak havoc in businesses globally. This session provides some insights on how to best protect your business and how to recover in the event you are compromised. We will discuss best practices and some "no cost" activities to help thwart the bad actors.

Wednesday, September 16, 2020 / 11:45 AM - 12:15 PM EDT

Security Organization Dynamics

Tom Scholtz, Distinguished VP Analyst, Gartner

There is no such thing as a perfect, universally appropriate model for security organizations. Every enterprise must develop its own model, taking into consideration basic principles, practical realities and the challenges of digital transformation. This presentation will address the following key issues:
. What are the trends and challenges in security organization design?
. What are the factors that influence security organization?
. What are the current best practices and contemporary conceptual design models for security organization?

Wednesday, September 16, 2020 / 11:45 AM - 12:15 PM EDT

Solving the Challenges of Modern Remote Access in a Post-COVID-19 World

Rob Smith, Sr Director Analyst, Gartner

This session will discuss the challenges of enabling users to access corporate resources in a post-COVID-19 world. Is always-on VPN still the right access choice or should new technologies such as ZTNA and CASB be used instead? And what about policies?

Wednesday, September 16, 2020 / 11:45 AM - 12:15 PM EDT

Technical Insights: CASB 201: Use Cases, Architecture and the Continuing Evolution of Securing Cloud Applications

Ramon Krikken, Distinguished VP Analyst, Gartner

CASB is to SaaS as the firewall is to the data center. Come learn how to best take advantage of CASBs as your business continues to migrate more services to the cloud. We will discuss the different use cases and best practices on how to deploy CASB, as well as the continuing evolution of security architecture through CASB and related technologies such as zero-trust network access (ZTNA).

Wednesday, September 16, 2020 / 12:30 PM - 01:00 PM EDT

Five Cost Optimization Techniques Security and Risk Leaders Must Use in Uncertain Times

Sam Olyaei, Director Analyst, Gartner

Looking past the immediate implications of the current health and economic crisis, organizations are ill prepared to confront the impact on their services and goals. As economic uncertainty settles in and working environments become more difficult, leaders must create a cost-optimization plan to aid their organizations in navigating past this challenging turn, especially as it relates to security and risk management. This session will equip leaders with the information necessary to make a decision on where the balance between running the business and protecting the business shall be.

Wednesday, September 16, 2020 / 12:30 PM - 01:00 PM EDT

Security Program Management 101 — Pick a Framework, Already

Jeffrey Wheatman, VP Analyst, Gartner

Richard Addiscott, Sr Director Analyst, Gartner

Have you ever questioned the following?
- What security framework is appropriate for my enterprise?
- Can I just align and implement controls found in ISO27001, CIS CSC, HITRUST or NIST CSF?
- How do I begin to measure my progress in terms of maturity?
- How do I map all of this back to my business needs?
If so, you are not alone.
This presentation will define the basic elements of a security program, describe the differences between each layer, and tie them into an overall strategy planning process that will ensure a defensible security program that facilitates business needs.

Wednesday, September 16, 2020 / 12:30 PM - 01:00 PM EDT

Best Practices for CIAM

Abhyuday Data, Sr Principal Analyst, Gartner

What are companies doing for CIAM? What are the primary considerations for a company planning to move from a “build it” to a “buy it” CIAM capability? How can you differentiate yourself from your competitors through a superior CIAM portal that your customers love? What are the main considerations, and how is privacy regulation impacting these decisions? We will discuss best practices around CIAM, what are the main considerations, how to plan for the best user experience and which vendors you can partner with to achieve your goals.

Wednesday, September 16, 2020 / 12:30 PM - 01:00 PM EDT

SOC in the Era of Clouds

Gorka Sadowski, Sr Director Analyst, Gartner

How are SecOps and SOC evolving in the era of cloud-first initiatives? On-prem, legacy approaches need to be rethought considering the changing landscape, and the unique requirements that organizations are putting on their security operations

Wednesday, September 16, 2020 / 12:30 PM - 01:00 PM EDT

Trends in Midsize Enterprise Security

Patrick Long, Principal Analyst, Gartner

Midsize enterprise (MSE) IT leaders face significant security challenges when trying to deliver IT services with small IT teams (usually fewer than 30 people) and limited IT budgets (usually less than $20 million). Join us for a discussion of the top trends that MSE IT leaders responsible for security and risk management should prioritize to stay current and proactive in protecting the organization and managing risk effectively.

Wednesday, September 16, 2020 / 12:30 PM - 01:00 PM EDT

What Are, and Why You Need, Incident Response Services

Toby Bussa, VP Analyst, Gartner

Incidents happen, and when they do many organizations are not prepared. Incident response services are an important component of an organization's incident response capabilities. This session will explain what incident response services are, why you need them, how they support your incident response capabilities, and how to procure these services.

Wednesday, September 16, 2020 / 02:00 PM - 02:30 PM EDT

Crisis and Risk Management Discretionary Budgeting

Brent Predovich, Assoc Principal Analyst, Gartner

Security and risk management leaders tasked with the reactive art of attack-damage mitigation, have struggled with budgets running wild. Understand how to set the expectations for your budget and advocate for a discretionary attack-damage mitigation budget.

Wednesday, September 16, 2020 / 02:00 PM - 02:30 PM EDT

Developing an Agile Cybersecurity Program for the Post-COVID-19 World: Lessons Learned From the Pandemic

Tom Scholtz, Distinguished VP Analyst, Gartner

In the post-COVID-19 renewal phase, enterprises are rapidly adopting new digital technologies to help reset their business strategies. This results in new cybersecurity risks and challenges. Cybersecurity programs must react to this new reality — they must become much more agile to help manage the risk inherent in this seismic shift to digitalization, and also become better prepared for the next global shock. This presentation shares practical advice on how to reengineer security programs to become agile.

Wednesday, September 16, 2020 / 02:00 PM - 02:30 PM EDT

Magic Quadrant for Network Security Products

Rajpreet Kaur, Sr Principal Analyst, Gartner

This session will cover the latest Magic Quadrants for three most important network security devices: Network firewalls, secure web gateways and web application firewalls.

Wednesday, September 16, 2020 / 02:00 PM - 02:30 PM EDT

Moving From 0 to 1: A Midsize Guide on How to Create a Formal Cybersecurity Program

Paul Furtado, Sr Director Analyst, Gartner

A midsize guide to starting a formal cybersecurity program within your business. This session is tailored for midsize organizations who are starting or have immature security programs. It is a series of pragmatic advice that can be implemented to improve security awareness and a better security posture throughout the business.

Wednesday, September 16, 2020 / 02:00 PM - 02:30 PM EDT

Outlook for Managed Security Services

Pete Shoard, Sr Director Analyst, Gartner

Managed security services are a sensible and efficient choice for many organizations, large and small to enable or augment their security operations. Gartner presents their view on the range of core services available in the market, cutting through the jargon and aligning the needs of consumers with available service types and providing predictions on the future of the market.

Wednesday, September 16, 2020 / 02:00 PM - 02:30 PM EDT

Protecting Data and Securely Collaborating with Office 365

Steve Riley, Sr Director Analyst, Gartner

Securing Office 365 can be daunting — perhaps even overwhelming. Microsoft continues to add new security features at a blistering pace, and inquiry trends show that while some customers enjoy this, others struggle with finding the most relevant controls to meet security requirements. Come to this session to receive answers to your most pressing questions about Office 365 security.

* What are the most important controls to implement, and what is a reasonable sequence?
* Is it OK to go all-in with Microsoft, or are third-party products still necessary?
* What is Microsoft's overall direction for Office 365 security, and what does that mean for customers?

Wednesday, September 16, 2020 / 02:45 PM - 03:15 PM EDT

Accelerate Your IAM Using DevOps and Agile Approaches

Kevin Kampman, Sr Director Analyst, Gartner

IAM adoption has traditionally been seen as a monolithic and waterfall style deployment activity. These characteristics are changing as the needs of the business preclude extended investment and adoption. Learn how organizations have used DevOps and agile approaches to improve alignment with business requirements and practices.

Wednesday, September 16, 2020 / 02:45 PM - 03:15 PM EDT

DLP: Build Before You Buy

Zaira Pirzada, Principal, Advisory, Gartner

Security and risk management leaders are prone to buying a DLP tool before identifying risks, governance requirements and the ground that is necessary to operate DLP successfully. The objective of this session is to teach SRM leaders the preliminary steps necessary to implement DLP as a program and a process. These steps will yield success upon tool selection, implementation and maintenance.

Wednesday, September 16, 2020 / 02:45 PM - 03:15 PM EDT

Security Vendor Consolidation Trends: Should You Pursue a Consolidation Strategy?

John Watts, Sr Director, Analyst, Gartner

This session will reveal the recent Gartner 2020 survey on security vendor consolidation trends and provide insights on how organizations should be thinking about a security vendor consolidation vs a best of breed strategy today. Attendees will receive practical advice on strategy risks, vendor rationalization techniques, and guidance for strategy execution.

Wednesday, September 16, 2020 / 02:45 PM - 03:15 PM EDT

Strategies for Consistent Security and Compliance in a Hybrid Multicloud World

Neil MacDonald, Distinguished VP Analyst, Gartner

Most enterprises will have data centers for years to come and most have adopted a multi-cloud strategy by design. This presentation will outline strategies for the consistent management and security of a hybrid multi-cloud environment composed of physical machines, virtual machines, containers and serverless workloads.

Wednesday, September 16, 2020 / 02:45 PM - 03:15 PM EDT

The VPN Is Dead: Long Live Zero-Trust Network Access

Steve Riley, Sr Director Analyst, Gartner

Zero-trust network access (ZTNA), sometimes called software-defined perimeters (SDP), replaces traditional technologies and eliminates the need to extend excessive trust. Instead, it provides adaptive, identity-aware, precision access that improves flexibility, agility and scalability, while offering a consistent experience regardless of who the user is or where they are.
. What is ZTNA, exactly, and why is it suddenly so popular?
. What are the benefits and the common emerging use cases?
. What can we expect it to evolve into as it matures?

Wednesday, September 16, 2020 / 02:45 PM - 03:15 PM EDT

U.S. DoD’s New Cybersecurity Maturity Model Certification — Fix or Folly?

Katell Thielemann, VP Analyst, Gartner

As the U.S. Department of Defense rolls out its new CMMC approach, some view it as a revolutionary fix to contractor cybersecurity issues, while others see a bureaucratic folly that will further constrain DoD technology adoption. What is it? Why does it matter? What does it mean for security and risk management leaders everywhere?

Thursday, September 17, 2020 / 11:45 AM - 12:15 PM EDT

IAM Leaders Guide to Identity Governance and Administration

David Collinson, Sr Director Analyst, Gartner

An introduction to identity governance and administration. What value does IGA bring today? What are the main challenges? What is the outlook for the future?

Thursday, September 17, 2020 / 11:45 AM - 12:15 PM EDT

Identifying and Managing Open Source Software Risks in DevSecOps Environments

Dale Gardner, Sr Director Analyst, Gartner

The nearly ubiquitous presence of open source software within applications and their supporting infrastructure introduces an array of risks, and has led to some of the most damaging security incidents on record. This session will deliver guidance on the necessary policies, processes, and tools — including software composition analysis and vulnerability assessment — necessary to identify and manage these risks.

Thursday, September 17, 2020 / 11:45 AM - 12:15 PM EDT

Resetting Executive Engagement, Business Context, and the How We Invest in Security

Paul Proctor, Distinguished VP Analyst, Gartner

What is the right amount of security? How much should we be spending? How can this all be put in a business context? How do I satisfy the regulators? And how do we create a safer world?

Thursday, September 17, 2020 / 11:45 AM - 12:15 PM EDT

Sovereignty, Shadows and Spies: How Can You Trust the Cloud?

Jay Heiser, VP Analyst, Gartner

Is your cloud solutions provider facilitating or resisting government surveillance? How can you know? You can't avoid the cloud by building a digital wall around your organization. Can any technology or law save you from the cloud? Will local providers come to your rescue? This provocative session will cut through the myths, so that your organization can stop wasting time solving problems that can't be fixed.

Thursday, September 17, 2020 / 11:45 AM - 12:15 PM EDT

CISO Circle: The Drivers for an Effective Security and Risk Leader

Sam Olyaei, Director Analyst, Gartner

William Candrick, Director, Research, Gartner

Security and risk management leaders are often treated as scapegoats when it comes to an incident or breach. Regardless of the effort, they are often blamed for matters beyond their control. By the same token, digital business has propelled security and risk to become a boardroom issue, business units have increased their expectations (and demand) of their leadership, and regulatory demands are often challenging. This presentation will shed light on the traits that aid in a successful and balanced approach between the demands of the business and the effectiveness of the leader.

Thursday, September 17, 2020 / 11:45 AM - 12:15 PM EDT

The State of Artificial Intelligence in Security and Risk Management

Jeremy D'Hoinne, VP Analyst, Gartner

This session covers why everyone speaks about how artificial intelligence might solve security and risk management challenges, but struggle when asked to provide a concrete example. It will show examples of what we call AI today, explain how it can be useful but also its limitations, and explain what to look for.

Thursday, September 17, 2020 / 12:30 PM - 01:00 PM EDT

Build an Actionable Risk Appetite Framework for Technology Risk

Srinath Sampath, Sr Director Analyst, Gartner

Most security and risk management leaders fail to shape their security programs around the executive leaders’ risk appetite — and they usually cite ignorance of the latter. What’s worse is that organizations that have risk appetite statements find them too impractical to use. This session will cover best practices on how to influence key decisions through an actionable risk appetite framework.

Thursday, September 17, 2020 / 12:30 PM - 01:00 PM EDT

Face Value: Biometric Authentication Risks and Opportunities

Ant Allan, VP Analyst, Gartner

Early promises of easy, secure and universal authentication through unique personal traits have been unfulfilled for decades, but in the past 10 years we have seen a surge in interest and adoption.
● What is biometric authentication and what are its benefits over other orthodox methods?
● What are the key biometric authentication risks and how can you deal with them?
● Where can biometric authentication methods add value in accelerated digitalization?

Thursday, September 17, 2020 / 12:30 PM - 01:00 PM EDT

Practical Privacy in Action: What Two Years of Modern Privacy Laws Have Taught Us

Bernard Woo, Sr Director Analyst, Gartner

Privacy regulations across the globe have developed more over the past two years than they have in the preceding century. This has placed substantial pressure on organisations regarding how they store and handle personal information pertaining to their employees and their customers. This session focuses on the top three mistakes, top three capabilities and top three hacks learned through out two years in the trenches of the GDPR, the CCPA, the LGPD and many more.

Thursday, September 17, 2020 / 12:30 PM - 01:00 PM EDT

Security Program Governance Best Practices for Digital Transformation

Tom Scholtz, Distinguished VP Analyst, Gartner

Effective governance should be a cornerstone of security programs and ineffective governance is the most common cause of failure. Security and risk leaders need to implement governance capabilities that support accountability, authority, risk management and assurance. This presentation will share strategies for establishing effective, adaptive security governance to enable digital transformation.

Thursday, September 17, 2020 / 12:30 PM - 01:00 PM EDT

Technical Insights: Cloud Security Through the Looking Glass

Patrick Hevesi, VP Analyst, Gartner

Have you stumbled down a rabbit hole as you are building and deploying your cloud security strategy. Terms like CASB, CSPM, CWPP and more are being thrown at you, with more coming everyday. Vendors are trying to sell you best of breed, while other large security vendors are buying and building for a more integrated cloud security solution. This session will discuss the right approach to build your cloud security strategy, give you insight to the ever changing vendor landscape and provide a roadmap on where to go as you navigate the wonderland that is cloud security.

Thursday, September 17, 2020 / 12:30 PM - 01:00 PM EDT

Three Ways to Gain Support for Your Security Awareness Program

Brian Reed, Sr Director Analyst, Gartner

Securing investment from executives for a security awareness program depends on persuasive justification and strong negotiation skills. Support for awareness programs can be dismissed or deprioritized as larger projects impacting bottom-line performance compete for attention. This presentation will cover the three ways that you can gain organizational support for your security awareness program.

Thursday, September 17, 2020 / 02:00 PM - 02:30 PM EDT

Assessing the Impact of Machine Learning and Artificial Intelligence on Security

Anna Belak, Director Analyst, Gartner

Security organizations are flooded with AI/ML marketing from security vendors, but it is hard to understand how much of this is real and effective. This research reviews areas where AI/ML methods are successfully used for security and provides guidance for judging their effectiveness and suitability for your environment.

Thursday, September 17, 2020 / 02:00 PM - 02:30 PM EDT

How to Tell Your Story Like a Pro

Leigh McMullen, Distinguished VP Analyst, Gartner

Whether it's in the board room or the big stage at an event like symposium, having great is just part of the equation. This session is about how to TELL your story. how to structure it for different audiences and different formats, and how to make sure your message sticks!

Thursday, September 17, 2020 / 02:00 PM - 02:30 PM EDT

I Like the Idea of SASE, but How Do I Put SASE Into Practice in My Network?

Nat Smith, Sr Director Analyst, Gartner

We are buying into digital transformation so my network and security architectures need to take advantage of secure access services edge (SASE), but SASE seems like a framework for vendors. How do I best take advantage of SASE? Where do I start, and how do I get the most value from my existing investments? What should be my goals for the next year, next three years, and the next five years? Come get some guidance and structure to help you succeed with SASE.

Thursday, September 17, 2020 / 02:00 PM - 02:30 PM EDT

Leveraging CARTA and CIAM to Prevent Fraud and Protect Privacy

Michael Kelley, Sr Director Analyst, Gartner

After Facebook privacy scandals, and publicity around so many data breaches, consumers and the public opinion have pushed the industry to do the inconceivable: To entertain the idea that #thefutureisprivate. This session discusses how continuous adaptive risk and trust assessment (CARTA) for CIAM can help prevent internal fraud and achieve a more private future. Includes contexts for CIAM and internal fraud. Based on "Implications of Facebook’s Privacy Scandal: Key Takeaways and Next Steps" — using this in the context of CIAM, to leverage CARTA to prevent "internal" fraud.

Thursday, September 17, 2020 / 02:00 PM - 02:30 PM EDT

Selecting the Right IT Risk Management Solution

Khushbu Pratap, Director Analyst, Gartner

This session walks through requirements planning, decision making and stakeholder communication, and also discusses overlap with cybersecurity tools, compliance solutions, security operations, analysis and reporting tools as well as risk management capabilities available with cloud service providers.

Thursday, September 17, 2020 / 02:00 PM - 02:30 PM EDT

Top Trends in Security and Risk Management

Peter Firstbrook, VP Analyst, Gartner

"Top trends" highlights ongoing strategic shifts in the security ecosystem that aren't yet widely recognized, but are expected to have broad industry impact and significant potential for disruption. This presentation will describe the most significant trends in security and risk management and how leading organizations are taking advantage of these trends. Key issues explored will include:
. Top technological improvements in the security product landscape
. Trends in creating a top notch security organization
. Long-term trends that will influence security strategy

Thursday, September 17, 2020 / 02:45 PM - 03:15 PM EDT

Cybersecurity 2030: A Look Ahead

Toby Bussa, VP Analyst, Gartner

This session will take a look at what security and risk management will look like in 10 years. What will be the same? What will change? What will you need to start thinking about now to be prepared in the future?

Thursday, September 17, 2020 / 02:45 PM - 03:15 PM EDT

Gartner's Strategic Vision for Vulnerability Management

Craig Lawson, VP Analyst, Gartner

Gartner has been evolving its guidance on how to better run vulnerability management, which is a foundational security process. This presentation will go over this new way of doing vulnerability more effectively.
. Why we made some significant changes to our guidance on this critical process?
. What does the new RBVM actually look like?
. How to bring this to life inside your own security programs?

Thursday, September 17, 2020 / 02:45 PM - 03:15 PM EDT

Mobile Security Strategy 201: Are Your Mobile Devices Secure From the Latest Attacks?

Patrick Hevesi, VP Analyst, Gartner

Come see how secure the latest versions of your mobile OSes and devices are against the current mobile attacks. This session will show which operating systems and devices you need to be using along with third-party solutions to protect your organization. We will demonstrate attacks and also discuss the right EMM/UEM, MTD and other mobile security solutions your should be using today.

Thursday, September 17, 2020 / 02:45 PM - 03:15 PM EDT

The BCM Software Ecosystem

David Gregory, Sr Director Analyst, Gartner

BCMP, C/IM, EMNS, IRM The technologies available to BCM leaders are many, but selecting the right solution can be daunting. In addition, the markets are merging to deliver a single-pane-of-glass approach to managing a business disruption. This session will review the BCM software ecosystem markets and then compare them so that participants will have a methodology to use for product selection.

Thursday, September 17, 2020 / 02:45 PM - 03:15 PM EDT

The Long-Term Evolution of Endpoints Will Reshape Enterprise Security

Dionisio Zumerle, VP Analyst, Gartner

Endpoints are becoming digital consumer experience enablers that are more tightly controlled and natively fortified against attacks. Security and risk management leaders must design long-term security and investment strategies that align with this technology trend.

Thursday, September 17, 2020 / 02:45 PM - 03:15 PM EDT

When Ransomware Becomes Siegeware

Wam Voster, Sr Director Analyst, Gartner

Many buildings have become Smart Buildings. Connected systems for air conditioning, heating, access control are now being connected to networks and the internet to allow for optimization, energy efficiency, and remote facility management. What would happen if these systems are infected with ransomware? What can SRM Leaders do to address this?

Thursday, September 17, 2020 / 04:00 PM - 04:30 PM EDT

Keynote — Crisis Culture Hacking: How to Keep Your Employees Sane Over the Long Haul

Mary Mesaglio, Distinguished VP Analyst, Gartner

If you feel like your team is demotivated and could use a shot of morale, you’re not alone. Leaders are being asked to rally employees to carry the enterprise through perhaps the most challenging business conditions they have ever encountered. In this environment, leaders can use crisis culture hacking to keep employees positive and motivated. This keynote session shows you how.

Want to stay informed?

Get conference email updates.
Contact Information

All fields are required.

  • Step 2 of 2