2022 day highlights

Our Gartner experts, who are at the top of their fields, helped attendees address their most critical challenges. These key topics kickstarted conversations around priorities and initiatives so that attendees could tackle what was most important to them.

Gartner Opening Keynote: Cybersecurity 2032: Accelerating the Evolution of Cybersecurity

Speakers:  Andrew Walls, Distinguished VP Analyst, Gartner 

                    Katell Thielemann, VP Analyst, Gartner

Key take-aways

  • To become a sustainable leader with sustainable teams, you will need to surround yourself with the people who complement (your) weaknesses.
  • A strategy of bringing business into cybersecurity decisions produces better resilience, and more willing collaboration between business users and the office of the CISO.
  • Gartner predicts that by 2035, 90% of detection and 60% of response to cyberattacks will be handled by AI. The volume and speed of attacks will grow by multiple orders of magnitude. AIs will classify those attacks and only raise an alert when a predefined threshold is reached, allowing the cybersecurity team to focus on the attacks that matter.
  • We have to shift to a predictive model, not simply as a matter of best practice but as a matter of career resilience and preserving our mental and physical wellbeing.
Featured Session: Outlook for Cloud Security

Speaker:  Charlie Winckless, Senior Director Analyst, Gartner

Key take-aways

  • Many organizations started leveraging traditional security products in the cloud in the early cloud adoption phase. This approach can work in the short term, but as application and DevOps teams adopt cloud-native services, traditional security products are not able to address these use cases.
  • Cloud-native security needs to address runtime protection, cloud configuration, artifact scanning and DevSecOps enablement.
  • Born in the cloud enterprises and their security investments can be a guide to the future state of security.”
  • Align security with the underlying architecture and business criticality. One size does not fit all.
  • Cloud security capabilities are likely newer and more versatile, so apply these to your on-premises systems where suitable.
  • Looking ahead on the horizon of cloud security, new technologies and trends that may emerge include cloud providers becoming security providers, security or policy as code, data and cloud sovereignty, confidential computing and more.
Featured Session: What Security Needs to Know and Do About the New AI Attack Surface Ecosystem

Speaker:  Avivah Litan, Distinguished VP Analyst, Gartner

Key take-aways

  • In a 2021 survey, Gartner found that AI teams are more concerned about AI risk overall compared to CISOs. It's not every day that someone is more concerned about information risk than the security team.
  • Another Gartner survey found that compromises against enterprise AI are common, with 41% of organizations reporting that they’ve experienced an AI privacy breach or security incident.
  • The AI attack surface is comprised of attacks that use AI, such as deepfakes, and attacks against AI, such as social engineering using AI-generated voice.
  • The top reasons why AI teams do not follow security guidelines are that it is too resource-intensive or that it takes too long to implement. It's clear that security teams must make guidance less burdensome for developers and data scientists.
  • Two-thirds of organizations are using a task force to manage AI privacy, security and risk, and those organizations are seeing better AI project results.
  • Organizations that spend time and resources now on supporting AI trust, transparency, and security will see improved AI outcomes in terms of adoption, achieved business goals and both internal and external user acceptance.
Featured session: Top Trends in Security and Risk Management

Speakers: Jay Heiser, VP Analyst, Gartner

Key take-aways

  • Attack Surface Expansion. A dramatic increase in attack surface is emerging from changes in the use of digital systems, including new hybrid work, accelerating use of public cloud, more tightly interconnected supply chains, expansion of public-facing digital assets, and greater use of operational technology.
  • Identity Threat Detection and Response (ITDR). ITDR describes the collection of tools and best practices to successfully defend identity systems from endemic levels of attacks.
  • Digital Supply Chain Risk. As widespread vulnerabilities such as URGENT/11 and Log4j spread throughout the supply chain via reuse across all types of technology stacks, more attacks will emerge.
  • Vendor Consolidation. Security technology convergence is accelerating, driven by the need to reduce complexity, leverage commonalities, reduce administration overhead and provide more effective security. 
  • Cybersecurity Mesh. Cybersecurity mesh creates and leverages interoperable connections between security tools to promote a consistent security posture, allowing tools to share and leverage security intelligence and apply a dynamic policy model. 
  • Distributing Decisions. By 2025, a single, centralized CISO will no longer be sufficient to manage the cybersecurity needs of a digital organization.
  • Beyond Awareness. Human errors continue to feature in the majority of data breaches, a clear signal that traditional approaches to security awareness training are no longer effective.
Featured Session: The Key Drivers for CISO Effectiveness

Speaker: Christopher Mixter, VP, Research, Gartne

Key take-aways

  • CISOs operate in a silo, and thus they are often overworked, met with unrealistic expectations and serve as a scapegoat. At the end of the day there is rarely anyone at the organization that shares the same accountability as the CISO does.
  • Gartner considers four key factors when evaluating CISO effectiveness: functional leadership, information security service delivery, enterprise responsiveness and scaled governance.
  • Few CISOs excel in every category, and in fact only 12% of CISOs that Gartner surveyed excel in all four categories of effectiveness.
  • Effective CISOs are far less likely to report business-disrupting security incidents or project delays due to information security, and on the personal side, fewer effective CISOs feel overwhelmed by security alerts or by stress at work.
  • There are 14 controllable differentiators of CISO effectiveness, which we’ve nested under four categories. An effective CISO is an executive influencer, a future-risk manager, a workforce architect and a stress navigator.
  • We are seeing a great deal of experimentation as organizations realize that old org charts no longer fit new digital ecosystems.
Featured Session: The Top Cybersecurity Predictions for 2022-2023

Speaker:  Leigh McMullen, Distinguished VP Analyst at Gartner

Key take-aways

  • Through 2023, government regulations requiring organizations to provide consumer privacy rights will cover 5 billion citizens and more than 70% of global GDP: Security and risk management leaders should enforce a comprehensive privacy standard in line with the GDPR. This will allow their businesses to differentiate themselves in an increasingly competitive market and grow unhindered.
  • By 2025, 80% of enterprises will adopt a strategy to unify web, cloud services and private application access from a single vendor’s SSE platform: Create a dedicated team of security and networking experts with a shared responsibility for secure access engineering spanning on-premises, remote workers, branch offices and edge locations.
  • 60% of organizations will embrace Zero Trust as a starting point for security by 2025. Over half will fail to realize benefits: Communicate business relevance of ZT by aligning resilience and agility.
  • By 2025, 60% of organizations will use cybersecurity risk as a primary determinant in conducting third-party transactions and business engagements: Leverage risk-based evaluations that highlight transparency and reward participants.
  • Through 2025, 30% of nation states will pass legislation that requires ransomware payments, fines and negotiations, up from less than 1% in 2021: Recognize the impact of paying. Modern ransomware gangs have shifted to steal data as well as encrypt it. Payment means the stolen data won’t be published, but it may very well be sold or otherwise disclosed at a later date if the information has value.
Featured Session: The Multigenerational Workforce in Security

Speakers:  Lisa Pierce, VP, Advisory, Gartner

Key take-aways

  • Generational issues are top of mind for all leaders. The two most significant generational issues are an aging workforce and the integration of new generations - these are as significant as finding solutions to improve talent and finding new hires.
  • For the first time in modern history we have more generations in the workforce than we have ever had before and managing this multigenerational workforce brings a set of new challenges.
  • Gartner recommends using four methods to ensure generational harmony and resilience. 
  • Security leaders should use the CARE method - Communicate transparently, Actively listen, Relationship first, Empathetic engagement - when working with employees, especially when seeking to change behavior.
  • Build equitable and personal development plans: This will ensure that the security team can work more effectively in a collaborative environment, sharing responsibility for results, building camaraderie and morale.
  • Create reverse-mentoring programs: Each generation contributes to the professional growth of the other. This helps bridge the generational divide, effectively integrating a multigenerational workforce and more fully leveraging the capabilities of each generation.
  • Set reasonable new hire expectations and inclusively hire all generations: Write job descriptions with what is truly needed at that time for that position. Remember that key motivators can vary by generation.
  • Most cybersecurity professionals believe that a combination of mentorship, intentional career mapping and technical education can help them progress.
Featured Session: Outlook for Privacy, 2022-2023

Speaker:  Bernard Woo, Senior Director Analyst, Gartner

Key take-aways

  • The privacy regulatory landscape is getting more and more complicated, and in the face of such pressures, organizations cannot afford to be simply chasing compliance using checklists. You must evolve and become efficient and effective.
  • With an average budget of $2.2 million, the privacy office is unlikely to be able to afford a lot on its own, so privacy leaders must be selective and get other business units on board.
  • Identify the key people who help drive your privacy program forward, then figure out key priorities for these stakeholders over the next two to three years and see if you can find one or more capabilities that align with those initiatives.
  • Like a timer or some type of fitness tracker, privacy controls are data centric tools that draw insights and enable control at the data level, such as automated data discovery and mapping tools.
  • Sometimes called privacy platforms, privacy management tools and are intended to be the central repository for your compliance related documentation. These tools can help conduct risk assessments, document records of processing activities or build reports about the privacy program.
  • Privacy user experience consists of a suite of capabilities that present and manage notices and policy statements, as well as record consent and preferences provided by customers, and handle subject rights requests submitted.
Featured Session: Security Strategy Planning Best Practices

Speaker:  Tom Scholtz, Distinguished VP Analyst, Gartner

Key take-aways

  • A functional security program is the single most important prerequisite for finding the elusive balance between protection and productivity.
  • Organizations often struggle to implement a continuously improving information security program that deals effectively with the increasing volatility of business, technology and threat environments. This puts the enterprise at an untenable risk of security incidents.
  • A prerequisite for getting business support for the security program is a clear vision that reflects the business, technology and environmental drivers that are unique to the enterprise.
  • When communicating to the executive, create a one-page document that highlights the most important components of the security strategy: the vision statement, the risks faced and the plan to address them.
  • Appropriate decision rights, adaptive governance, fast risk assessment, dynamic planning, adaptive controls and an agile operating model are all key factors that make a security program agile.
  • Your strategy needs to be crystal clear on three elements: Where are we, where are we going and how will we get there?

A look back at 2022's agenda

View By:

A look back at 2022's agenda

Tuesday, June 07, 2022 / 07:00 AM - 05:00 PM EDT

Gartner Zone

Gartner Zone is a way to experience Gartner solutions through product demos, interactive digital experiences showcasing how Gartner tools and insights help address an organization’s mission-critical priorities.

Tuesday, June 07, 2022 / 07:00 AM - 06:30 PM EDT

Registration & Information

Tuesday, June 07, 2022 / 12:30 PM - 01:15 PM EDT

CISO Circle: Welcome & Orientation

Patrick Hevesi, VP Analyst, Gartner

Bill Pray, Practice Vice President, Gartner

This orientation session is designed exclusively for CISO Circle attendees to help make Security & Risk Summit the most productive experience. Tips will be provided on how to navigate your way through the exclusive CISO Circle Program as well as the overall conference. Topics will include workshops, CISO luncheons and additional CISO-exclusive sessions, CIO networking and much more with plenty of time for Q&A.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Tuesday, June 07, 2022 / 01:30 PM - 02:15 PM EDT

Gartner Opening Keynote: Cybersecurity 2032: Accelerating the Evolution of Cybersecurity

Andrew Walls, Distinguished VP Analyst, Gartner

Katell Thielemann, VP Analyst, Gartner

This keynote will deliver a repeatable methodology, grounded in sci-fi prototyping, that will allow you to identify the threats, vulnerabilities, and risks that organizations will face and develop the tools to fight them. We will map the evolution of the new cybersecurity leader over a 10-year period illustrating practical implementations of the methodology as it impacts with inventible barriers, fails, evolves, and re-emerges.

Tuesday, June 07, 2022 / 02:15 PM - 05:00 PM EDT

Visions of Trust, sponsored by OneTrust

Stop by the OneTrust Engagement Zone to learn how thousands of companies are building trust with customers and reducing time spent on lengthy questionnaires by creating a Trust Profile and joining the OneTrust Third-Party Risk Exchange. A Trust Profile enables vendors to create a shareable single source of truth to provide customers with secure access to privacy, security, and compliance details, certifications and attestations, and supporting documentation. Attendees who sign up at the booth to create a FREE trust profile at the conference will be entered to win a Meta Quest 2 Virtual Reality System.

Tuesday, June 07, 2022 / 02:15 PM - 05:00 PM EDT

IDHub Zero to AD in 30min. Blazing fast Identity Management, sponsored by SATH, Inc.

How much do you pay for IT per hour, minute, or seconds? Time isn't only money, it's your barrier to growth, and reacting to changes and threats. Technology brought us groceries in hours and entertainment in seconds. With IDHub, tasks that take hours, are now seconds. Projects that take weeks, happen in minutes. Try it, to believe it. IDHub Zero to AD in 30 Minutes Experience. The fastest, full-featured IDM product to enter your consideration.

Tuesday, June 07, 2022 / 02:15 PM - 05:00 PM EDT

IBM Sounds of Security, sponsored by IBM

Learn why you need to use the same creativity and collaboration as a composer or musician as you create your security strategy.

Tuesday, June 07, 2022 / 03:00 PM - 03:30 PM EDT

How to Better Prepare and Respond to the Evolving Threat Landscape

John Watts, VP Analyst, Gartner

The threat landscape is continually evolving, as attackers adapt their tactics and strategies to how businesses change. As organizations are transforming how they work, security and risk management leaders should gain baseline knowledge on:
1. The threats we all know, but still hurt us
2. How our changing world influences our threat exposure
3. The "best practices" that might not really be the best

Tuesday, June 07, 2022 / 03:00 PM - 03:30 PM EDT

Leadership Vision for Security and Risk Management 2022

Jay Heiser, VP Analyst, Gartner

The challenges to security and risk management programs range from government/political intervention to digital business adoption to the impact of organizational culture of running a business. Security and risk management (SRM) leaders must develop a coherent program based on a clear vision and strategy. This presentation will address:
-What are the major trends affecting the security and risk management leader?
-What are the top challenges affecting the security and risk management leader?
-What actions and best practices should the security and risk management leader initiate?

Tuesday, June 07, 2022 / 03:00 PM - 03:30 PM EDT

Outlook for Cloud Security

Charlie Winckless, Sr Director Analyst, Gartner

Cloud security remains a top priority. This presentation summarizes the problems, recommended processes and new product types to address three key issues: What are the unique risks associated with public cloud service providers, and how can they be controlled? What are the unique security challenges of IaaS and how can they be mitigated? What are the unique control challenges of SaaS and how can they be addressed?

Tuesday, June 07, 2022 / 03:00 PM - 03:30 PM EDT

Outlook for Data Security

Andrew Bales, Principal Analyst, Gartner

Data security is a top priority. This session covers current trends and emerging topics specific to data security. How organizations handle and consume data continues to rapidly evolve. Databases and cloud applications introduce rapidly evolving threats with countermeasures following slowly. Using data as the focus of security governance and architecture roadmaps is critical for any risk management program.

Tuesday, June 07, 2022 / 03:00 PM - 03:30 PM EDT

Prepare to Use Privacy-Enhancing Computation and Other Top Privacy Trends

Bart Willemsen, VP Analyst, Gartner

Privacy-enhancing computation (PEC) techniques are one of Gartner’s top strategic technology trends for 2022. Other trends in privacy include the privacy UX, where data is allowed to be, and what you can do with AI. What are leading organizations focused on, the best capabilities to develop and how to plan your technology strategy to uncover value while making privacy a competitive differentiator

Tuesday, June 07, 2022 / 03:00 PM - 03:30 PM EDT

Technical Insights: 5 Steps to Start the Zero Trust Journey

Thomas Lintemuth, VP Analyst, Gartner

Zero Trust is more than a marketing term once you see through all the marketing. Organizations are building application access with Zero Trust principles. We will discuss five key items you need to know for zero trust to work for your organization

Tuesday, June 07, 2022 / 03:00 PM - 03:30 PM EDT

The Five Steps of Culture Change to Align to the Future of Work

Christie Struckman, VP Analyst, Gartner

With so much changing in both where, how and with whom work gets done, our organization’s culture needs to adapt accordingly. Use the language of attributes to understand your culture and diagnose what isn’t working now. Change those attributes to adapt to your changing ways of working, and maintain what makes your organization unique. Use our 5 step process for aligning your culture to your changing business needs.

Tuesday, June 07, 2022 / 03:00 PM - 03:30 PM EDT

Transform Traditional Network Security Products Into Agile Cloud-Based and SASE Solutions

Nat Smith, Sr Director Analyst, Gartner

Security vendors everywhere are scrambling to align with buyers’ need for security in the cloud, from the cloud and for the cloud, but where do you start? This session will highlight what is important to buyers, what are the strategic capabilities needed, what is easy that you should do right away and what is hard that you should really do anyway.

Tuesday, June 07, 2022 / 03:00 PM - 03:45 PM EDT

Ask the Expert: Best Practices for MFA, Passwordless Authentication and Continuous Adaptive Trust

Paul Rabinovich, Sr Director Analyst, Gartner

MFA is still underutilized. Passwordless authentication raises new concerns about security, administration and UX. Adaptive access is hard to implement consistently across multiple use cases. This session gives you an opportunity to ask practical questions about modern authentication that can help protect your organization against account takeover and user impersonation.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Tuesday, June 07, 2022 / 03:00 PM - 03:45 PM EDT

Ask the Expert: Microservices Architecture

Kevin Matheny, VP Analyst, Gartner

Microservices architecture may be at the bottom of the Hype Cycle, but it's still wildly popular. This session provides an opportunity to speak directly with a Gartner expert covering microservices architecture to get answers to your burning questions.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Tuesday, June 07, 2022 / 03:00 PM - 03:45 PM EDT

Roundtable: Making Your Multi-Generational Cybersecurity Team Work (Without Bickering)

Bernard Woo, Sr Director Analyst, Gartner

With Gen Z workers starting to enter into the workforce, cybersecurity leaders are confronted with managing the expectations of four different generations - within their teams and the greater organization culture. Participate in this roundtable to discuss the associated challenges and exchange ideas about how to successfully overcome them.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Tuesday, June 07, 2022 / 03:00 PM - 03:45 PM EDT

Roundtable: How Do You Protect Enterprise Data With Instant Messaging?

Dionisio Zumerle, VP Analyst, Gartner

With employees using all sorts of instant messaging tools, from WhatsApp to texting, enterprises are finding challenging to protect enterprise data. Some mobile applications are leaky or privacy-invasive and most of them do not allow the enterprise to monitor that there is no leakage of sensitive data. In this roundtable we will compare approaches and learn from each other about what works and what does not when it comes to instant messaging and mobile apps.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Tuesday, June 07, 2022 / 03:00 PM - 04:30 PM EDT

Workshop: Adapt Security Testing Tools and Processes to Developers, and Change Organizational Culture

Aaron Harrison, Director, Advisory, Gartner

Most orgs have two conflicting missions, developers that want to add more features, and a security team tasked with protecting the enterprise. Enforcement of security standards can be overbearing and often met with frustration. Learn how to fix this paradox by cocreating security standards, teaching secure coding practices, and automating security scans inside the Developer’s native environment.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Tuesday, June 07, 2022 / 03:00 PM - 04:30 PM EDT

CISO Circle Workshop: Optimize Your Cybersecurity Tool Portfolio

Christopher Mixter, VP, Research, Gartner

Cybersecurity organizations operate an average of 16 different cybersecurity tools, and the industry spends upward of $65B annually in this space…yet most cybersecurity leaders see “duplicative capability and gaping holes,” not true coverage of enterprise exposures. In this workshop, attendees will learn how to move from tuning and integrating tools to truly extracting value from them, and build a best-in-class cybersecurity tool portfolio dashboard to guide future investments. This workshop is exclusive to CISO Circle attendees.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Tuesday, June 07, 2022 / 03:45 PM - 04:15 PM EDT

ServiceNow: Don't Be the Roadblock to Digital Transformation.

Barbara Kay, Head of Product Marketing, Security and, ServiceNow

Jonathan Alboum, FEDERAL CTO, ServiceNow Inc

In this post-pandemic, digital-first era, business and government leaders are refining their digital transformation plans. Not just a lift and shift to cloud, but digitized customer and employee experiences that reflect cyber resilience, risk management, third-party risk mitigation, and NIST and MITRE ATT&CK best practices. Join us to learn how security and risk leaders, including the Federal Government, are collaborating with IT to deliver effective and secure operations.

Tuesday, June 07, 2022 / 03:45 PM - 04:15 PM EDT

VMware: Why Workloads Are More Secure on VMware Clouds

Ambika Kapur, VP of Marketing, NSBU

Moving apps and data out of the data center into multi-cloud environments has expanded threat surfaces, putting enterprises at greater risk from the devastation of ransomware and other advanced attacks. And with modern apps having tens of thousands of components, defending against these attacks must go beyond segmentation inside the data center and firewalls at the perimeter. Attend this session to see how VMware’s security innovations inside the cloud provide the strongest defense in the industry. ​

Tuesday, June 07, 2022 / 03:45 PM - 04:15 PM EDT

Infosec: Build an Agile Cybersecurity Workforce – Lessons from Leidos CyberEDGE Academy

Kristin Zurovitch, Director Global Analyst Relations, Infosec Institute

James Beamon, DEAN, CYBEREDGE ACADEMY, Leidos, Inc.

Building a cybersecurity workforce that’s capable of flexing with your business and the evolving threatscape is key to securing your organization — and your talent pipeline. Leidos strengthened how it upskills and retains top security professionals with its CyberEDGE Academy and shares lessons learned for building an internal Training as a Service model to more agilely detect and mitigate risk.

Tuesday, June 07, 2022 / 03:45 PM - 04:15 PM EDT

OneTrust: Trust-Based TPM: A Deep Dive on Trust-First TPRM & its Organizational Value

Blake Brannon, Chief Technology Officer, OneTrust

TPM is key to holistic security, but have you considered TPM from a trust-based lens? Learn to weave the fabric of trust throughout your organization by pivoting your TPM strategy to be fully integrated with each silo of enterprise trust. Join us as we break down the transition, define trust-based third-party management and provide actionable steps to implement a trust-first third-party management strategy.

Tuesday, June 07, 2022 / 03:45 PM - 04:15 PM EDT

CrowdStrike: Adapt and Persevere: The Evolving 2022 Cybersecurity Landscape

Adam Meyers, SVP ON INTEL, CrowdStrike

Nina Padavil, STRATEGIC THREAT ADVISOR, CrowdStrike

Cybercriminals and nation-state actors are moving with unprecedented speed and sophistication taking advantage of rapid geopolitical, economic and technological shifts to refine their tradecraft. CrowdStrike closely monitors adversary activity with visibility into the shifting dynamics of adversary tactics, intent and motivation. In this session, you will learn about emerging threat actors and the latest campaigns, tactics and techniques, and gain critical insight into what you need to know in order to stay ahead of today’s threats in an increasingly ominous threat landscape.

Tuesday, June 07, 2022 / 03:45 PM - 04:15 PM EDT

IBM: The Top Three Trends Driving Cybersecurity Forward

Bob Kalka, VP, IBM Security

XDR, zero trust and modernizing security all have merit as distinct initiatives to keep enterprises secure. But to protect against a morphing threat landscape you need to have an alchemy of all three. We will share our point of view on fusing these elements together through risk quantification and planning, open platforms, community investment, and a maniacal focus to break down the silo’s that have held security back. We’ll share results on how organizations reduce threats, drive down the cost of data breaches, and build their environments for continuous security and business outcomes.

Tuesday, June 07, 2022 / 03:45 PM - 04:15 PM EDT

Beyond Identity: The Nexus of Strong Auth & Zero Trust - a CISO's Perspective

Marcos Christodonte Ii, CISO, Unqork

Patrick McBride, CMO, Beyond Identity

This fireside-chat with Marcos Christodonte, Global CISO of no-code provider Unqork. Marcos will discuss bridging the gap between identity and cybersecurity and why advanced authentication became a foundational building block of his zero trust strategy.

Unqork, experienced incredible growth amid the pandemic—almost tripling in size from 2020 to 2022. Marco’s challenge was how to onboard so many new remote employees without increasing the risk of unauthorized access?  They wanted a passwordless solution that was not standard 2FA. Standard MFA/2FA is no longer enough.

Tuesday, June 07, 2022 / 03:45 PM - 04:15 PM EDT

Tanium: Accelerating the Evolution of Security Using a Converged Approach

Steve Daheb, CHIEF MARKETING OFFICER, Tanium

CIOs have millions of globally distributed assets to see and control, but most of them can’t tell how many endpoints they have, what applications run on them, or whether they have the right access controls across them. This session describes the convergence of real-time visibility and remediation using one plane of glass/one source of truth, unified controls and a common taxonomy. We will discuss the need for new generations of tools and new frameworks for them.

Tuesday, June 07, 2022 / 03:45 PM - 04:30 PM EDT

ETSS: 5 Traits of a Robust Cyber Defense Using XDR, moderated by Secureworks

Lisa Washburn, SR. DIRECTOR, Dell Technologies

Stacy Leidwinger, VP Of Portfolio Marketing, Secureworks

A strong and effective cyber defense is layered and integrated and working like a well-oiled machine. But how can you be sure your cybersecurity strategies are truly battle ready? In this session, learn how to overcome visibility gaps, underutilized cybersecurity software, and persistent talent shortages to build a robust cyber defense strategy.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Tuesday, June 07, 2022 / 03:45 PM - 04:30 PM EDT

ETSS: Building a Culture of Security, moderated by AWS

Quint Van Deman, Business Development Manager, Amazon Web Services

Danielle Ruderman, Security Growth Strategies, AWS

Security is everyone’s job, and its management has become a strategic concern of the enterprise. The way forward is for enterprise leaders to build a culture of security. Join Quint Van Deman, Principal, AWS Security, for a perspective on how AWS establishes and nurtures a culture of security around the world, and how this approach can be leveraged in other organizations. Participants will have the opportunity to share how they define a culture of security, discuss how to align security to business objectives, and share techniques that align with keeping the enterprise secure.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Tuesday, June 07, 2022 / 03:45 PM - 04:30 PM EDT

ETSS: Cyber Resilience in the Age of Mass Vulnerabilities – a CISO Perspective, moderated by Trustwave

Nate Lesser, CISO, Children’s National Hospital

Kory Daniels, CISO, Trustwave

Edgar Acosta, DIRECTOR, INFORMATION SECURITY, DCP Midstream

In an era of exploding attack surfaces and the continued persistence of ransomware, how are CISOs responding? Hear from your peers at leading enterprises on their approaches to the new normal, moderated by global MDR and consulting leader Trustwave. Where are CISOs investing? What is the role of XDR? How are they managing through the continued skills shortage? The panel will bring their real-world experiences to the table.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Tuesday, June 07, 2022 / 03:45 PM - 04:30 PM EDT

ETSS: Secure the future – The Internet as Corporate Network, moderated by Cloudflare

Jennifer Taylor, Head of Product, Cloudflare

It’s now or never to modernize security. Apps live in the cloud, teams work remotely, and cyber threats exploit the excessive trust built into perimeter-based approaches. Traditional networks can no longer stretch to cover these rapidly expanding risks.

This roundtable session – led by Jen Taylor, Chief Product Officer of Cloudflare – will explore how organizations can adapt to these changes. In particular, the conversation will explore successful strategies to take advantage of the power and promise of the Internet as a new type of corporate network.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Tuesday, June 07, 2022 / 03:45 PM - 04:30 PM EDT

ETSS: Tales from the field: A CISO’s Take on the OT Security Maturity Journey, moderated by Claroty

Keith Osullivan, CISO, Standard Industries

The security maturity journey for cyber-physical systems (CPS) is something with which IT security professionals must increasingly contend. Fueled by the surge in poorly secured digitization initiatives, the uptick in CPS attacks has catapulted CPS to the top of many of a CISO’s priority list. But when it comes to mitigating risks posed by CPS — where to start?
Keith O’Sullivan, CISO at Standard Industries and IT security leader-turned-CPS security trailblazer will address this question by sharing his top tips from building numerous CPS security programs from the ground up on a global scale.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Tuesday, June 07, 2022 / 03:45 PM - 04:30 PM EDT

ETSS: AI for Enterprise-Wide Cyber Protection, moderated by Darktrace

Evolving threats call for evolved thinking. Cyber security and cyber risk are firmly on board-level agendas, and siloed solutions with limited response capabilities are insufficient. In this session, discuss how AI technology can fundamentally strengthen security posture. Able to make micro-decisions in real time, you will be able to discuss the reality of AI which constantly continuously updates its understanding of an entire digital ecosystem from endpoint, to cloud, to cyber-physical systems, offering protection at a scale far beyond human purview.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Tuesday, June 07, 2022 / 04:30 PM - 05:00 PM EDT

A Pragmatic Approach to Implementing a Zero Trust Security Architecture

Neil MacDonald, Distinguished VP Analyst, Gartner

Changes in the threat landscape and ineffectiveness of current security architectures have created significant interest in zero trust security architectures. This presentation will pragmatically explore zero trust and zero trust networking and extend these concepts to operating systems, applications, users and data. Topics will include the NIST architectures for zero trust as well as technologies and vendors providing solutions.

Tuesday, June 07, 2022 / 04:30 PM - 05:00 PM EDT

Develop an Actionable Workforce Strategy for Cybersecurity

Alex Michaels, Principal, Advisory, Gartner

Ever felt you're playing catch up replacing and upskilling staff? Instead of reactive talent planning, effective CISOs create forward-looking workforce plans aligned to strategic priorities. Join us to learn how to create a workforce strategy covering recruitment, development, retention and redeployment to meet long-term goals.

Tuesday, June 07, 2022 / 04:30 PM - 05:00 PM EDT

Top Cyber Risk Projects for 2022-23 To Thrive in A Constantly Evolving Risk Environment

Deepti Gopal, Director Analyst, Gartner

2022 introduces new ways of working in cyber risk management -- a foundation built on adaptive governance, value generation, and cyber risk management. This session will (1) debrief the three pillars in cyber risk management (2) summarize top risk projects for cybersecurity leaders with 'project cards' and (3) offer guidance on shortlisting projects.

Tuesday, June 07, 2022 / 04:30 PM - 05:00 PM EDT

Protection From the Risk Within — Managing Insider Risk

Paul Furtado, VP Analyst, Gartner

One of the biggest risks to our security accesses our systems on a daily basis. This presentation will focus on providing guidance on building an effective insider risk program. We will discuss the tools, tactics and techniques to balance the needs of the business with user's privacy. Recommendations will also be made on how to present the program effectively to leadership and end users.

Tuesday, June 07, 2022 / 04:30 PM - 05:00 PM EDT

Technical Insights: Plotting Your Course to Ransomware Defense

Jon Amato, Sr Director Analyst, Gartner

Ransomware is a threat that requires a whole-business approach to defend against and the diversity of tools, techniques, and processes that enterprise security professionals can bring to bear to protect against ransomware can be intimidating. In this session, attendees will learn how to assess their program of ransomware defense and quickly close the gaps that attackers will use to make your organization the next name on their list of victims

Tuesday, June 07, 2022 / 04:30 PM - 05:00 PM EDT

The Future of Cybersecurity Mesh

Patrick Hevesi, VP Analyst, Gartner

Come learn the future of cyber warfare and how to realize your Cybersecurity Mesh. This session will focus on how future technologies will play into build your security defense in depth architecture to get ahead of the most advanced attacks. We will look at how AI, Augmented Reality and Block chain can factor into your Cybersecurity Mesh Architecture of the future.

Tuesday, June 07, 2022 / 04:30 PM - 05:00 PM EDT

What Security Needs to Know and Do About the New AI Attack Surface

Avivah Litan, Distinguished VP Analyst, Gartner

Detecting and stopping attacks and compromises against AI requires new techniques. Malicious attacks or benign AI compromises lead to different types of organizational harm and loss — financial, reputational or related to intellectual property, sensitive customer data or proprietary data, for example. These attacks and compromises need new tools and organizational structures to mitigate their harm.

Tuesday, June 07, 2022 / 04:30 PM - 05:00 PM EDT

Crossfire Debate: Cloud Firewall — Native vs. Incumbent —The Battle Begins

Thomas Lintemuth, VP Analyst, Gartner

Richard Bartley, Sr Director Analyst, Gartner

Dennis Xu, Sr Director Analyst, Gartner

Migrating resources to IaaS tenants opens up questions on how to provide network security. This session presents security and risk management technical professionals with guidance on when the appropriate option would be an incumbent firewall vendor versus a cloud-native firewall.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Tuesday, June 07, 2022 / 05:00 PM - 06:30 PM EDT

Exhibit Showcase Networking Reception

Join us for the opening networking reception on the Exhibit Showcase where you can engage with your peers, Gartner experts, and exhibitors while enjoying delicious food and beverages. Evaluate industry offerings that can move your business forward. Attend a theater session to see technology in action.

Tuesday, June 07, 2022 / 05:15 PM - 05:35 PM EDT

CyberProof: Enable Your Journey to Cloud Native Security: Lessons From the Pioneers

Tony Velleca, CEO, Cyberproof

For many organizations, moving to the cloud is an essential part of their Digital Transformation strategy. The journey to Cloud Native Security however comes with a wide range of both new challenges and new opportunities. This session will present solutions and lessons learned from some of the largest cloud security migrations to help CIOs, CISOs, and Security Operations leaders develop a strategy for overcoming those challenges, and optimizing the new opportunities. Examples include cost effective and scalable data ingestion, and making the most of new data sources.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Tuesday, June 07, 2022 / 05:15 PM - 05:35 PM EDT

ForgeRock: What to Look for in an Identity Cloud Provider

Kelvin Brewer, SR. MANAGER PUBLIC SECTOR SALES ENGINEER, ForgeRock

Join ForgeRock to unpack the essentials of a modern identity cloud. Identity cloud providers may seem to offer similar services, but they are not the same. Given evolving threats, growing regulatory requirements, and government mandates it’s important to know the difference. We will explore various architecture models and their impact on cloud resources. We’ll address data residency and data sovereignty through the privacy lens, and discuss architectural solutions for better breach protection. You’ll leave the session with a better understanding of questions to ask identity cloud providers.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Tuesday, June 07, 2022 / 05:40 PM - 06:00 PM EDT

Securonix: Let Hunters Hunt – How To Provide The Data And The Tools Hunters Need to Find Threats

Augusto Barros, VP of Solutions, Securonix

Threat hunting seems to be an effort incompatible with SIEMs. Those tools usually do not collect and keep the data hunters need, and they also restrict how they can analyze the data when searching for hidden threats. But isn't it possible to have a SIEM that could also be used by threat hunters?

This session shows how a modern SIEM can provide capabilities to support threat hunting, enabling expanded data collection and retention, and providing an expanded toolset for hunters to perform data exploration with the most advanced analytics techniques.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Tuesday, June 07, 2022 / 05:40 PM - 06:00 PM EDT

Trellix: Rejuvenate Your Business with a Unified Approach to XDR

Elisa Lippincott, SENIOR PRODUCT MARKETING MANAGER, Trellix

The XDR hype is real and so are the threats that can impact your business. And even if you have the right tools to protect your organization, they may not meet your changing needs. Can you correlate events across your tools to keep up with and respond to emerging threats in real time? Can you automate your security processes and prioritize alerts that matter?
The XDR hope is real and can evolve your team into a proactive powerhouse. Learn how Trellix XDR gives you the upper hand over threats by bringing detection, prevention, response and remediation together in a living security ecosystem.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Tuesday, June 07, 2022 / 05:40 PM - 06:00 PM EDT

HYPR: Evaluating & Addressing Authentication Risks In A Zero Trust Environment

Alex Consilvio, REGIONAL SALES DIRECTOR, HYPR

Many of the current cyber attacks, while impacting many different services, organizations and business globally, can often be traced back to an issue with authentication and passwords. In this session, we discuss how new attack vectors have undermined current authentication options. We will also present 5 key elements that you should consider when evaluating risk that may be lurking in your environment.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Tuesday, June 07, 2022 / 06:00 PM - 07:30 PM EDT

CISO Circle Exclusive: Welcome Reception sponsored by Securiti

Patrick Hevesi, VP Analyst, Gartner

Bill Pray, Practice Vice President, Gartner

Come meet and mingle with your peers in this welcome reception.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Tuesday, June 07, 2022 / 06:05 PM - 06:25 PM EDT

Cyware: Maturing Security Operations in a Remote World

Neal Dennis, SR, THREAT INTELLIGENCE ANALYST, Cyware Labs, Inc

Over the past few years, the world rapidly transitioned from physical to remote environments. The shift was inevitable, but as organizations continue to catch up, security operations need effective solutions for these new requirements. By tapping into emerging technologies and augmenting existing security tools, cyber fusion centers are becoming the future of security operations with both cloud infrastructure and hybrid teams.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Tuesday, June 07, 2022 / 06:05 PM - 06:25 PM EDT

Recorded Future: The Formula for Trusted Intelligence - Human + Machine Analysis

Jared Der-Yeghiayan, DIRECTOR, Recorded Future

In today’s world, information is everywhere. While it’s easy to find, collect, and aggregate, the hard part is turning that data into intelligence you can trust. Recorded Future’s Insikt Group understands this challenge all too well, dedicated to using machine + human analysis on the dark web and thousands of other sources to track threat actors and their activities. Join Jared Der-Yeghiayan, Director of Advanced Cybercrimes & Engagements to understand how important machines and humans are to having a powerhouse security intelligence team, and why machines can’t fully automate analysts’ jobs.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Tuesday, June 07, 2022 / 06:05 PM - 06:25 PM EDT

42Crunch: It's Time for API Security As Code

Isabelle Mauny, --, 42Crunch

Defining API security is very much a manual process: security policies are defined in multiple places - WAFs, API Management or even code. How can we reliably secure and deploy our APIs, several times per day? How do we track an evolving security posture and enforce corporate security policies? We show an approach to describe security requirements and policies so that APIs can be reliably protected and tested each time they are deployed. We explain an API security as code concept, describe what can be achieved with current tooling and introduce OpenAPI extensions that can be used for security.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Tuesday, June 07, 2022 / 06:30 PM - 09:30 PM EDT

Rapid7 Reception

Enjoy this exhibitor hosted reception sponsored by Rapid7

Wednesday, June 08, 2022 / 07:00 AM - 09:00 AM EDT

Attendee Breakfast

Wednesday, June 08, 2022 / 07:00 AM - 05:00 PM EDT

Gartner Zone

Gartner Zone is a way to experience Gartner solutions through product demos, interactive digital experiences showcasing how Gartner tools and insights help address an organization’s mission-critical priorities.

Wednesday, June 08, 2022 / 07:00 AM - 06:30 PM EDT

Registration & Information

Wednesday, June 08, 2022 / 07:30 AM - 08:30 AM EDT

CISO Circle Exclusive Breakfast: Is Hero Culture Sabotaging Your Diversity Initiative?

Christie Struckman, VP Analyst, Gartner

Ash Ahuja, VP, Enterprise IT Leader, Gartner

Tricia Phillips, Managing Vice President, Gartner

Christine Lee, Sr Director, Research, Gartner

Lisa Neubauer, Director, Advisory, Gartner

Diverse Cybersecurity teams are more effective, but many organizations push away diverse staff through their cultivation of hero culture. Employees and candidates with primary childcare responsibilities, visible and invisible disabilities or neurodiversity, often cannot be sustainably successful in a hero culture. Join us at breakfast for an interactive panel discussion to help CISOs drive change.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 09:00 AM - 09:45 AM EDT

Guest Keynote: Conversation with John Brennan, Former CIA Director & Senior National Security & Intelligence Analyst

Leigh McMullen, Distinguished VP Analyst, Gartner

Patrick Hevesi, VP Analyst, Gartner

John Brennan, CIA Director (2013–2017), Senior National Security and Intelligence Analyst for NBC News and MSNBC,

A consummate insider who worked his way up through the ranks to head the Central Intelligence Agency, John Brennan had a front row seat in the turbulent and tumultuous arena of world affairs for more than three decades.
In this conversation, Mr. Brennan will discuss the role of government in protecting markets in cyberspace, how public and private partnerships can (and need to) evolve to meet the rising threats or cyber criminals and nation state actors. Additionally, Mr. Brennan will share what it’s like to try and drive innovation and security awareness at a board level; pulling all of the above into board level messaging.

Wednesday, June 08, 2022 / 09:45 AM - 10:30 AM EDT

Refreshment Break

Join us for refreshments in a brief break between sessions.

Wednesday, June 08, 2022 / 09:45 AM - 05:00 PM EDT

Visions of Trust, sponsored by OneTrust

Stop by the OneTrust Engagement Zone to learn how thousands of companies are building trust with customers and reducing time spent on lengthy questionnaires by creating a Trust Profile and joining the OneTrust Third-Party Risk Exchange. A Trust Profile enables vendors to create a shareable single source of truth to provide customers with secure access to privacy, security, and compliance details, certifications and attestations, and supporting documentation. Attendees who sign up at the booth to create a FREE trust profile at the conference will be entered to win a Meta Quest 2 Virtual Reality System.

Wednesday, June 08, 2022 / 09:45 AM - 05:00 PM EDT

IBM Sounds of Security, sponsored by IBM

Learn why you need to use the same creativity and collaboration as a composer or musician as you create your security strategy.

Wednesday, June 08, 2022 / 09:45 AM - 05:00 PM EDT

IDHub Zero to AD in 30min. Blazing fast Identity Management, sponsored by SATH, Inc.

How much do you pay for IT per hour, minute, or seconds? Time isn't only money, it's your barrier to growth, and reacting to changes and threats. Technology brought us groceries in hours and entertainment in seconds. With IDHub, tasks that take hours, are now seconds. Projects that take weeks, happen in minutes. Try it, to believe it. IDHub Zero to AD in 30 Minutes Experience. The fastest, full-featured IDM product to enter your consideration.

Wednesday, June 08, 2022 / 09:45 AM - 06:30 PM EDT

Exhibit Showcase Open Hours

Visit the Exhibit Showcase to evaluate industry offerings that can move your business forward. Engage with your peers, Gartner experts, and exhibitors. Attend a theater session to see technology in action.

Wednesday, June 08, 2022 / 10:00 AM - 10:30 AM EDT

Exclusive: VIP Meet & Greet with John Brennan

John Brennan, CIA Director (2013–2017), Senior National Security and Intelligence Analyst for NBC News and MSNBC,

All CISO Circle members are invited to meet with John Brennan in an exclusive Meet & Greet, hosted by Gartner Expert, Leigh McMullen.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 10:00 AM - 10:50 AM EDT

Showfloor Showdown: The API Security Vendor Challenge

William Dupre, Sr Director Analyst, Gartner

Dionisio Zumerle, VP Analyst, Gartner

Let's put API security vendors to the test in a Showfloor Showdown! The API security space is populated with many vendors using different approaches to protecting and discovering APIs. In this battle – featuring 42Crunch, Noname Security, and Salt Security – each vendor will get time to show how they would address a set of common use cases.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 10:30 AM - 11:00 AM EDT

Charting the Future of Cloud-Native Security Operations

Mark Wah, Sr Director Analyst, Gartner

How is cloud adoption impacting security operations? Who are the new stakeholders in cloud-native security operations? Cloud-native security operations will evolve toward a federated shared responsibility model with shifting centers of gravity and ownership. Technology and service providers (T&SP) must embrace the change and adapt capabilities needed to enable new stakeholders.

Wednesday, June 08, 2022 / 10:30 AM - 11:00 AM EDT

Confront Behaviors That Marginalize Women (Anyone Really!)

Christie Struckman, VP Analyst, Gartner

An inclusive environment requires equal treatment of everyone. Yet, day to day, seemingly small actions can collectively and progressively create a scenario where people feel marginalized. Leaders can break habits by confronting behaviors and providing support for everyone in their organization.

Wednesday, June 08, 2022 / 10:30 AM - 11:00 AM EDT

Expert Guide to Network Security, Now and Into the Future

Nat Smith, Sr Director Analyst, Gartner

Check in to make sure you are current on network security offerings and how they complement each other, but stay to see how they are evolving and what new technologies will transform your current processes over the next few years.

Wednesday, June 08, 2022 / 10:30 AM - 11:00 AM EDT

Outlook for Identity and Access Management 2022

Tricia Phillips, Managing Vice President, Gartner

Identity-first security has emerged as a theme in many major security initiatives and policies. Supporting these initiatives as well as delivering on business requirements for smooth, simple and secure access, and authentication decisions requires disparate IAM elements to work in concert. This session will provide an update on the major themes in IAM to ensure that your IAM decisions in 2022 will support the strategy of the future.

Wednesday, June 08, 2022 / 10:30 AM - 11:00 AM EDT

Technical Insights: Do I Buy a SSE Product From a CASB Vendor or SWG Vendor?

Dennis Xu, Sr Director Analyst, Gartner

Security service edge (SSE) is an emerging market that consolidates CASB, SWG, and ZTNA. Vendors from all three traditional markets are all either building or buying into the SSE market. Do you buy SSE from CASB vendors or SWG vendors? We will discuss the key strengths and weaknesses of CASB vs. SWG vendors as they march into SSE, and which type best suits your needs

Wednesday, June 08, 2022 / 10:30 AM - 11:00 AM EDT

Technical Insights: Why You Need API Management and How to Implement It

Kevin Matheny, VP Analyst, Gartner

APIs are everywhere, both inside and outside your organization. But far too many organizations do not have mechanisms in place to protect, secure and monitor APIs. This talk explains what API management is, why you need it, and how to successfully implement it within your organization.

Wednesday, June 08, 2022 / 10:30 AM - 11:00 AM EDT

Top Trends in Security and Risk Management

Jay Heiser, VP Analyst, Gartner

The top trends in this presentation represent business, market and technology dynamics that security and risk management leaders cannot afford to ignore. These trends have the potential to transform the security ecosystem and will accelerate their adoption over the next one to three years.

Wednesday, June 08, 2022 / 10:30 AM - 11:00 AM EDT

Crossfire Debate: Zero Trust — Hype or Hope?

John Watts, VP Analyst, Gartner

Thomas Lintemuth, VP Analyst, Gartner

Neil MacDonald, Distinguished VP Analyst, Gartner

To some, zero trust is the best path forward for information security requiring a complete rethinking of security architectures. To others, zero trust is just more of the same — with a catchier name. This session will feature multiple Gartner analysts covering zero trust arguing for and against the zero trust security paradigm. Attendees will be able to submit questions and feedback from their own zero trust journeys.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 10:30 AM - 11:15 AM EDT

Roundtable: Security Vendors That Midsize Enterprises Love

Patrick Long, Principal Analyst, Gartner

Join this discussion on security vendors that midsize enterprises love. Midsize enterprises are defined as organizations between $50 million and $1 billion in annual revenue and fewer than 1,000 employees. This session is a good fit for you if your organization has between five and 50 people in IT and an IT budget between $5 million and $30 million.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 10:30 AM - 11:15 AM EDT

Ask the Expert: Building a Modern SOC

Pete Shoard, VP Analyst, Gartner

This Ask the Expert session will focus on modern security operations centres (MSOCs). From building to outsourcing to operating and evolving, this session addresses all attendees' questions on how to get started, what to evolve first and where to get the best value for their SOC investment.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 10:30 AM - 11:15 AM EDT

Ask the Expert: Is Data Loss Prevention Still Worth the Price of Protection?

Anthony Carpino, Director Analyst, Gartner

Data loss prevention has always been a difficult subject to address, especially when budgets are concerned. This session will help security and risk management technical professionals consider the cost of risk mitigation that comes from an effective DLP strategy versus the potential loss without it.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 10:30 AM - 11:15 AM EDT

CISO Circle Exclusive: Roundtable: How to Effectively Manage the Cyber Risks of the Cloud?

William Candrick, Director Analyst, Gartner

Matt Chinn, Sr Principal, Research, Gartner

Beth Schumaecker, Managing Vice President, Gartner

Cloud adoption is widespread, and many organizations are now cloud-first in their technology adoption. Join your peers for a discussion on cloud security challenges and the solutions that have been most effective. Participants are encouraged to share their experiences.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 10:30 AM - 11:30 AM EDT

Contract Negotiation Clinic: Software as a Service

Dawn Hubbard, Director Analyst, Gartner

IT leaders are seeing a proliferation of SaaS contracts. This session will cover:
- Key SaaS contract terms and which ones to negotiate
- Identifying and negotiating hidden SaaS costs
- How to futureproof SaaS contracts
Please note: Although some Gartner advice will be imparted in this session, attendees should come prepared to contribute their experiences and ideas.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 10:30 AM - 12:00 PM EDT

CISO Circle Workshop: Building Risk, Value, and Cost Charts for Cybersecurity

Paul Proctor, Distinguished VP Analyst, Gartner

Your executives only care about risk, value, and cost. Why would you speak to them about anything else? This workshop will walk through the steps of identifying business processes and outcomes, aligning supporting technology stacks, and creating outcome-driven metrics to put cybersecurity in a business context.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 11:15 AM - 11:45 AM EDT

CyberArk: Critical Infrastructure at Risk - Examining the Current Threat Landscape

Joe Strickland, SOLUTIONS ARCHITECT, CyberArk

The need to protect critical infrastructure remains at an all-time high. While spurred by attacks on Ukraine, this sector has a long history of being targeted. In fact, a recent report found 88% of energy and utilities companies have been hit with a successful supply chain-related attack. We’ll explore recent attacks, identify common Tactics, Techniques and Procedures (TTPs) and Indicators of Compromise (IOCs), and discuss recommendations for improving resilience - from continuous monitoring and detection, securing remote vendor access and enforcing identity-centric security practices.

Wednesday, June 08, 2022 / 11:15 AM - 11:45 AM EDT

Ivanti: How to Proactively Combat a Multibillion-Dollar Cybercrime Industry​

Chris Goettl, Mgr, Product Management, Ivanti

As an industry, we underestimated the challenge of finding and fixing software vulnerabilities used by ransomware, leaving organizations at high risk of falling victim to attacks. In this session, attendees will learn how vendor severity and CVSS scores alone may leave them blind to real-world risks. They will also learn how shifting to a risk-based approach to vulnerability management and patch remediation can help to proactively combat cyber threats

Wednesday, June 08, 2022 / 11:15 AM - 11:45 AM EDT

ThreatLocker: Zero Trust for Applications

Danny Jenkins, CEO and Co Founder, ThreatLocker, Inc

The Zero Trust framework is based on the principle of "never trust, always verify." Join us to learn about Zero Trust, how to adopt it for applications, and the technologies you need to take control of your environment in the fight against ransomware.

Wednesday, June 08, 2022 / 11:15 AM - 11:45 AM EDT

Deep Instinct: From Linear to Exponential – How to Win the Daily Cyber War

Yariv Fishman, VP PRODUCT, Deep Instinct

Think you know what’s coming next? Almost instantly, threat actors change their flight pattern. As attacks continue to grow exponentially in volume and severity, it’s near impossible to keep up. SOC teams are reporting record alert fatigue levels and ignoring false positives, as never before seen attacks regularly breach the largest organizations defense systems. It would seem it is not humanly possible to detect unknown attacks, not to mention preventing them.
What if we could harness the power of an artificial brain to help us stop cyber-attacks? Join us for an innovative look at a prevention-first strategy.

Wednesday, June 08, 2022 / 11:15 AM - 11:45 AM EDT

Okta: How to Secure your Workforce from Identity-Centric Attacks

Erika Messerschmidt, Sr. Solutions Engineer, Okta

Dean Scontras, VP STATE, LOCAL AND EDUCATION SLED, Okta

Identity acts as the basis for the secure adoption of modern IT innovations, and for the pursuit of digital transformation initiatives that are essential for business competitiveness. Join Okta's Dean Scontras and Erika Messerschmidt to learn more about what the future has in store for the public sector and technology.

Wednesday, June 08, 2022 / 11:15 AM - 11:45 AM EDT

Fasoo: Build a True Zero-Trust Data Security Platform

Ron Arden, EXECUTIVE VICE PRESIDENT, Fasoo

John Herring, CEO, Fasoo Inc

Anthony Juliano, CTO, GENERAL PARTNER, Landmark Ventures

Your sensitive unstructured data found new places to travel and hide as work from home, multiple cloud and collaboration services took charge the past two years. The risk of a data breach posed by insider threats, cloud misconfigurations, third-party sharing and end-user mistakes continue at all-time highs as new workplace cultures take hold.

Learn how to empower a secure hybrid workplace and enable a zero-trust security policy with Fasoo Data Security Platform that lets you discover, classify, protect, share, audit and analyze sensitive files.

Wednesday, June 08, 2022 / 11:15 AM - 11:45 AM EDT

OneTrust: Securing the Supply Chain: What Does Our Supply Chain Look Like?

Jason Sabourin, PRODUCT MANAGER, OneTrust

As companies continue to streamline operations internally along with vendors in their third-party supply chain, evolving compliance regulations have become top priority while risk mitigation strategies must be “always on” to reduce threats and accomplish objectives. In this session, we'll discuss the need for security, compliance, and third-party chiefs to create a game plan for their businesses.

Wednesday, June 08, 2022 / 11:15 AM - 11:45 AM EDT

Dispel: Applying Moving Target Defense to Cyber Physical Systems

Ian Schmertzler, PRESIDENT, Dispel

It’s been less than 3 years since Moving Target Defense meaningfully entered NIST’s standards, but you’d be hard pressed today to fuel a car, drink a beverage, or clean a counter in the United States without touching something made or moved by a company that uses MTD for its operational technology.

We’ll cover how and why this happened, what implementations look like, and for those of you with cyber physical systems of your own, how to go about getting this done.

Wednesday, June 08, 2022 / 11:15 AM - 11:45 AM EDT

Darktrace: Turning the Tables on Cyber-attackers With a Continuous AI Loop Approach

Nicole Eagan, Chief Strategy Officer, AI Officer, Darktrace

In the face of skyrocketing cyber risk, detecting and responding to attacks is no longer enough. Organizations must take proactive steps to prevent threats before they happen, and to recover if compromised. In this session, Darktrace unveil an ambitious new approach to security, with core engines powering AI technologies to prevent, detect, respond, and ultimately heal from attacks. Together, these engines combine to strengthen organizations’ security posture in a virtuous AI feedback ‘loop,’ which provides powerful end-to-end, bespoke, and self-learning solutions unique to each organization.

Wednesday, June 08, 2022 / 11:15 AM - 11:45 AM EDT

Zscaler: Minimize Your Internal and External Attack Surface With Zero Trust

Brett James, DIRECTOR, TRANSFORMATION STRATEGY, Zscaler

Zero trust has become the primary approach to secure modern organizations, based on the principle of least-privilege access that no user or application should be inherently trusted. In this session we will explore the different attack surfaces normally present in large enterprise IT infrastructures and walk through in detail how a zero trust architecture can help reduce or even eliminate them. Allowing you to minimize your attack surfaces through zero trust architecture principals, making your organization more agile and able to use cloud more effectively and securely.

Wednesday, June 08, 2022 / 11:15 AM - 12:00 PM EDT

ETSS: How to modernize SOC with CyberSecurity Mesh Architecture, moderated by Atos

Vinod Vasudevan, GLOBAL CTO MDR & GLOBAL DEPUTY CTO CYB, Atos

Enterprise digital estate is dispersed with security technologies for datacenter, cloud, SaaS, and industry solutions. CyberSecurity Mesh Architecture (CSMA) is the next generation approach that enables seamless convergence of existing investments with the new world of cloud-native security features and industry solutions. This session looks at real-world security incidents and the modus operandi of organized cybercrime syndicates. We assess how CSMA can be used to modernize SOC for better detection and response against conventional and emerging threats.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 11:15 AM - 12:00 PM EDT

ETSS: Modernizing Cybersecurity with XDR, moderated by IBM

Bob Kalka, VP, IBM Security

XDR can sound a lot like empty promises and unmet expectations. Whether we like it or not, our IT and security landscape is getting more complex, and unfortunately so is the threat landscape. We need to modernize while living with the cost, skills and business execution speed challenges. It should be with automation, workflow and faster and more accurate decision making that will effectively face cyber threats of the future. Join the conversation as we discuss CISOs best practices and challenges for ensuring that their SOC teams have the right tools and support to protect their organizations.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 11:15 AM - 12:00 PM EDT

ETSS: Identity Improves Speed to Containment for Incident Response, moderated by CrowdStrike

James Perry, SENIOR DIRECTOR PROFESSIONAL SERVICES, CrowdStrike

About 80% of today’s attacks use compromised credentials often obtained through cleverly disguised phishing attacks on unsuspecting business users. These attacks usually involve the misuse of valid user credentials, which can be difficult to detect as malicious activity until it’s too late. CrowdStrike discusses the value that Identity Threat Detection brings to an Incident Response engagement. This type of solution plays a pivotal role in identifying malicious user behavior and actions, and delivers speed to containment to stop an attack before the threat actor can achieve widespread damage.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 11:15 AM - 12:00 PM EDT

ETSS: Should the CISO Report to the CIO? moderated by Cisco

Bruce Brody, SENIOR CISO ADVISOR, Cisco Systems, Inc.

In many organizations, the CISO reports to the CIO. Much has been written about the pros and cons of this organizational construct. Lately, organizations in the Fortune 500 have elevated the CISO to a reporting relationship under, variously, the Chief Risk Officer, the Chief Security Officer, the Chief Financial Officer, the General Counsel, or even the Chief Executive Officer. Where the CISO belongs organizationally in any enterprise is a function of the responsibilities of the CISO and the way those roles and responsibilities play into the missions and operations of the enterprise.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 11:15 AM - 12:00 PM EDT

ETSS: What Role Does Your Security Play in Your DevOps Strategy? moderated by Fastly

Sean Leach, Chief Architect, Fastly

The demand for digital has forced organizations to extend their legacy systems with modern digital platforms. The DevOps approach has allowed organizations to keep up with the need for digital but security often is an afterthought when it should be a part of the DevOps lifecycle.

Join Fastly to discuss how to:
Create a collaborative culture of security within your DevOps goals
Balance security needs with competing business priorities
Hear from peers on what success (and failures) they've had in trying to reach these goals

You’ll take away actionable insights from this invaluable discussion.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 11:15 AM - 12:00 PM EDT

ETSS: Inside a Ransomware Hacker’s Mind, moderated by Secureworks

Terrence Mcgraw, EXECUTIVE SECURITY CONSULTANT, Secureworks

What's the profile of a modern-day hacker? Hollywood paints a romantic caricature of “the Hacker in the Hoodie.” Although it may make for entertaining film, this caricature bears little resemblance to what you are up against. Threat actors are components in a wide, organized criminal economy that functions as a near peer competitor to your business, monetized by the theft of your data. Make no mistake, these are existential threats to your business. We will take a deeper look into the threat actor landscape and ecosystem so you can better assess your business risk.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 12:00 PM - 12:20 PM EDT

Magic Quadrant for Enterprise Network Firewalls

Nat Smith, Sr Director Analyst, Gartner

The network firewall market faces the challenge of fulfilling multiple use cases and overlapping requirements because of the growth of hybrid environments. Although basic firewall features have become commodities, specialization in new firewall use cases such as FWaaS, cloud firewalls and OT firewalls is differentiating vendors. Come learn how to sort through the noise in the market.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 12:00 PM - 12:20 PM EDT

Magic Quadrant for Security Service Edge (SSE)

Charlie Winckless, Sr Director Analyst, Gartner

Gartner published a new Magic Quadrant for Security Service Edge (SSE) covering the cloud-delivered security services of a SASE architecture. This session will cover how to think about solutions and vendors represented in this new market.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 12:00 PM - 12:30 PM EDT

8 Signs That You Have Security Conscious Corporate Culture

Andrew Walls, Distinguished VP Analyst, Gartner

Measuring the effectiveness of a security behaviour and culture change program (SBCP) can be tricky. Sometimes you need to get a sense of things ahead of your formal presentations to the Executive or the Board. Join this session to identify eight observable things that signal your SBCP is on the right path and helping to reduce human-born cyber risks in your organization.

Wednesday, June 08, 2022 / 12:00 PM - 12:30 PM EDT

A New Look at Insider Risk

Paul Furtado, VP Analyst, Gartner

Gartner has observed a new approach to detecting and mitigating Insider Risk. Early detection and nudge-based intervention prove more cost effective than the traditional "detect, deter, destroy" model beloved by legacy security leaders. In this presentation, we outline how the new approach is not only better for the revenue line, it is also better for organizational culture and employee effectiveness.

Wednesday, June 08, 2022 / 12:00 PM - 12:30 PM EDT

Best Practices to Operationalize Threat Intelligence (TI)

Elizabeth Kim, Principal Analyst, Gartner

This presentation will provide use-case examples and architectural approaches to get threat intelligence to closely support security operations and a variety emerging business requirements. The presentation will define Threat Intelligence and its current adoption, provide examples of use cases and give some guidance on valuable approaches to follow to operationalize it.

Wednesday, June 08, 2022 / 12:00 PM - 12:30 PM EDT

Enabling Cloud-Native DevSecOps

Dionisio Zumerle, VP Analyst, Gartner

With cloud-native applications, the lines between infrastructure and applications are increasingly blurry, while with DevOps, development and operations are also increasingly overlapping. Using data from a recent Gartner survey, this session will present recommendations to arrange people, process and technologies to protect application assets without slowing down the CI/CD pipeline.

Wednesday, June 08, 2022 / 12:00 PM - 12:30 PM EDT

Managing Open-Source Software Risks in DevSecOps Environments

Dale Gardner, Sr Director Analyst, Gartner

There are millions of open-source software projects in the world. Which ones are in your software? And what security, operational, and legal risks do they pose? Getting control and managing a myriad of risks requires information, process changed, and automated tools to spot and help remediate problems. In this session, we'll examine the various changes you should consider, along with the tools that can help in getting control.

Wednesday, June 08, 2022 / 12:00 PM - 12:30 PM EDT

Technical Insights: Cybersecurity Mesh Architecture: The Next Generation of Security Architecture

Patrick Hevesi, VP Analyst, Gartner

This session will discuss the reference architecture and dive deep into how to build the cybersecurity mesh architecture (CSMA). We will discuss the evolution of best-of-breed to the new CSMA along with pros and cons of each approach. Finally, we will discuss the vendor landscape from larger security vendors with full stacks to open source/distributed CSM solutions

Wednesday, June 08, 2022 / 12:00 PM - 12:30 PM EDT

What Does the Future Hold for SecOps?

Dave Messett, Sr Director Analyst, Gartner

Security operation centers, fusion centers, outsourced monitoring, outsourced management, AI-guided investigations, AI augmentation — there’s a lot of hype about what the future holds for security operations and how to stop security analysts drowning in their work. So, what will it be like in the future?

Wednesday, June 08, 2022 / 12:00 PM - 12:30 PM EDT

Winning the Talent War for Cybersecurity in Midsize Enterprises

Patrick Long, Principal Analyst, Gartner

If we are to close the talent gap in cybersecurity, we must start thinking differently about how we select and cultivate talent. New collar workers — individuals who develop the technical and soft skills needed to work in tech jobs through nontraditional education paths — are handmade for midsize enterprises and tactical roles.

Wednesday, June 08, 2022 / 12:00 PM - 12:30 PM EDT

Data Protection in Microsoft 365

Andrew Bales, Principal Analyst, Gartner

Microsoft offers wide range of data security capabilities yet clients struggle to identify which capability is provided with which license and whether Microsoft's native capabilities will meet their organization's requirements. This session will offer guidance on each of the data security feature of Microsoft like Microsoft AIP, DLP and RMS the Microsoft plus approach and best practices to implement it

Wednesday, June 08, 2022 / 12:00 PM - 12:30 PM EDT

The Key Drivers for CISO Effectiveness

Christopher Mixter, VP, Research, Gartner

Security and risk management leaders are often treated as scapegoats in cases of breach. By the same token, digital business has propelled security and risk to become a boardroom issue, business units have increased their expectations (and demand) of their leadership, and regulatory demands are often challenging. This session will shed light on the leadership traits that aide in a successful and balanced approach between the demands of the business and the effectiveness of the leader.

Wednesday, June 08, 2022 / 12:00 PM - 02:00 PM EDT

Attendee Lunch

Wednesday, June 08, 2022 / 12:00 PM - 02:00 PM EDT

Exhibit Showcase Dessert Reception

Join us for a dessert reception on the Exhibit Showcase where you can engage with peers, Gartner experts, and exhibitors while enjoying delicious treats. Evaluate industry offerings that can move your business forward. Attend a theater session to see technology in action.

Wednesday, June 08, 2022 / 12:30 PM - 02:00 PM EDT

CISO Circle Lunch: The Gartner Pitch Tank — Cybersecurity

Frances Karamouzis, Distinguished VP Analyst, Gartner

Jay Heiser, VP Analyst, Gartner

Charlie Winckless, Sr Director Analyst, Gartner

Bill Pray, Practice Vice President, Gartner

Patrick Hevesi, VP Analyst, Gartner

Join us for an exclusive LIVE Gartner Pitch Tank session intended to provide an opportunity for senior security leaders to shape the next generation of technology. Emerging startups with potentially disruptive products and services will showcase their innovations to an audience of executives and a panel made up of Gartner Analysts. CISOs will have the chance to disrupt the evolution of technology in cybersecurity and provide constructive feedback to a group of entrepreneurs, in a game-show format.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 12:45 PM - 01:05 PM EDT

Invicti Security: Security Champions: The Human Side of DevSecOps

Mark Townsend, VICE PRESIDENT PROFESSIONAL SERVICES, Invicti

There’s a human element to modern AppSec that can’t be overlooked: Security Champions. For organizations that build and manage software, Security Champions serve the critical role of advocate for security tools and best practices, helping to break down communication silos. Over time, when security is embedded into existing workflows and Security Champions are on hand to make sure everything is running smoothly, DevSecOps is much more friction-free. Join us for this session as we explore how to find Security Champions within your organization, and how to keep them engaged.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 12:45 PM - 01:05 PM EDT

Exabeam: End Fatigue, Improve Accuracy with Fusion SIEM ML-Based Alert Prioritization

Sanjay Chaudhary, VP OF PRODUCT MGMT., Exabeam

When signals get missed by legacy tools, breaches happen, and adversaries gain the upper hand. Advanced Threat Detection, Investigation, and Response (TDIR) in a SIEM starts with understanding normal activity for all users and devices, UEBA. While simple in concept, lateral movement, credential swapping, and privilege escalations are nearly impossible to detect using legacy tools. Discover how the industry-leading UEBA in Exabeam Fusion SIEM continuously learns to extend the power of data science to detect the threats other tools miss, reduce alert fatigue and improve accuracy.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 12:45 PM - 01:05 PM EDT

Lookout: Data Centric Cloud Security

As apps and data have moved to the cloud to support the hybrid work style, IT is struggling to protect data and to provide a secure and productive work environment.

Lookout can help. At Lookout, we deliver a full cloud security stack that allows you to secure your workforce and device, helps you secure access to private apps, and protects your data across various SaaS and cloud apps deployed in a multi cloud environment. Come join us to know more about how Lookout goes above and beyond to secure your data using the industry’s most advanced cloud security platform.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 01:10 PM - 01:30 PM EDT

Hunters: SOC Renovation - 3 Principles to Adapt to Detection & Response at the Scale of Threats

Patrick Vandenberg, HEAD OF PRODUCT MARKETING, Hunters

Between skills shortages and the escalating sophistication of threats, security teams are looking beyond SIEM to overcome data volume, complexity, and false positives. CISOs are exploring modern approaches to data ingestion and retention, and automation of threat management for increased SOC effectiveness, and that starts with a renovation of the tooling that security teams rely on.

Join this session to learn:
- The three key principles to a successful SOC platform renovation
- How SOCs are leveraging automation to improve their threat detection, and incident response practices

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 01:10 PM - 01:30 PM EDT

Onapsis: Protecting Business-Critical Applications from Interconnected Risk

Beth Barach, DIRECTOR PRODUCT MARKETING, Onapsis

Now more than ever, hackers have the means, the resources and the motives to exploit and attack your organization’s most critical business systems. Ransomware attacks, application-specific vulnerabilities, such as Log4j & ICMAD, and attacks from threat actor groups, like Elephant Beetle, have introduced risk to organizations. In this session, you will learn about the growing threats to your business-critical applications, why defense-in-depth strategies are no longer as effective as they used to be and what you can do to ensure your organization is protected from these external threats.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 01:10 PM - 01:30 PM EDT

Arista: Building Your Defenses with the "Every Threat is an Insider Threat" Mindset

Kevin Ekbatani, FIELD CTO, Awake Security

Should we stop trusting our co-workers? Yes. Attackers increasingly do not rely on malware. Instead, they trick or coerce your employees or partners to do the dirty work. So, whether you have a disgruntled or malicious insider or an external threat actor who has stolen passwords, these threats stay under the radar by abusing valid credentials, IT tools, and business processes. This session will explore why and how leading CISOs are building their security programs around the insider threat and how this translates to defenses against everything from ransomware to supply chain attacks.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 01:35 PM - 01:55 PM EDT

Terranova Security: How to Establish a Security-aware Organizational Culture

Theo Zafirakos, CISO, Terranova World Wide Corporation

The goal of successful security awareness training programs goes beyond deploying courses and phishing simulations. It encompasses creating a security-aware organizational culture, where end users are supported throughout the program's lifecycle. Join Terranova Security for an in-depth look into how your organization can build a winning culture from the ground up, using engaging content, gamification, and other elements to boost employee participation and recognition. You'll also gain insight into how to secure executive buy-in, increase motivation, and track the cultural shift.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 01:35 PM - 01:55 PM EDT

Reciprocity: Navigating Foreseeable Risk Requires a Business-Centric Approach

Regardless of how large the cybersecurity investment, incidents are happening and will continue to happen. History has now shown that you can’t spend or outsource your way out of the situation. Therefore, the right approach is a business-oriented approach—managing risk in context of business priorities and outcomes to balance an organization’s risk appetite with prioritized investments to achieve a desired business outcome. This approach is the new imperative for effective IT and cyber risk management

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 01:35 PM - 01:55 PM EDT

Synack: Staying Secure in the Midst of a Talent Crisis

The worldwide cyber talent shortage is real and growing. Just in the US, the Labor Department estimates 600,000 more openings than qualified professionals. Globally, the gap is 2.7 million. Initiatives are underway to address the shortage spanning government, industry groups, and the private sector, however the short-term cybersecurity implications are alarming. The lack of skilled practitioners is leaving vulnerabilities unpatched and organizations dangerously exposed. But effective and innovative solutions can bridge the talent gap and address both near term and longer term needs.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 02:00 PM - 02:30 PM EDT

Axonius: How to Solve SaaS Complexity (The Comprehensive Way)

Amir Ofek, CEO, AxoniusX, Axonius

Gaining control over the SaaS application landscape has become a major concern for IT and security teams. By nature, SaaS apps are immensely interconnected and complex, making them difficult to manage and secure.

How do you do that with hundreds — or even thousands — of apps used within your company?

Join this session to hear Amir Ofek, CEO of AxoniusX, discuss the key SaaS challenges, what’s wrong with existing approaches to solving them, and how both business value and risk management needs can be addressed in one single comprehensive solution.

Wednesday, June 08, 2022 / 02:00 PM - 02:30 PM EDT

Palo Alto Networks: What’s Next for Zero Trust Network Access?

Matt De Vincentis, Sr. Director Product Marketing, Prisma, Palo Alto Networks

Today, applications and data are everywhere, and the concept of work has been transformed from a place we go to something we do, anywhere at any time. Point products, VPN, and “trusted” network zones no longer provide adequate protection but instead introduce risk. The industry tried to fix secure access with Zero Trust Network Access, but the first generation of these solutions were disjointed and incomplete. Securing our new reality of hybrid work requires a fresh approach to ZTNA that doesn’t repeat the mistakes of the past.

Wednesday, June 08, 2022 / 02:00 PM - 02:30 PM EDT

Ping Identity: Applying Risk for More Secure, Convenient Passwordless Experiences

Aubrey Turner, EXECUTIVE ADVISOR, Ping Identity

Passwordless authentication is all the rage. And rightly so, given its promise of driving engagement and boosting productivity via more secure and frictionless user experiences. However, the path to passwordless often leads to more questions than answers. Don’t fret! We’ll offer a passwordless journey roadmap that delves into leveraging different risk signals like user behavior and device characteristics to make smarter authentication decisions.

Wednesday, June 08, 2022 / 02:00 PM - 02:30 PM EDT

Secureworks: The State of Cyber Threat

Barry Hensley, Chief Threat Intelligence Officer, Secureworks

Barry Hensley, Chief Threat Intelligence Officer of Secureworks, discusses the top ways threat actors are continuing to innovate and evolve across the threat landscape. Across ransomware, supply chain exploits, zero-day attacks, business email compromise, and other evolving risks, threat actors aren’t slowing down. In this session, Col. (USA, Retired) Hensley, former Director of the Army’s Global Network Operations and Security Center, shares keen insights into the nature of today’s threats and vulnerabilities.

Wednesday, June 08, 2022 / 02:00 PM - 02:30 PM EDT

Splunk: Gone in 52 Seconds… and 42 minutes: A Story of Ransomware Encryption Speeds

Andrew Morris, STAFF SECURITY STRATEGIST, Splunk

Douglas Brush, GLOBAL CISO ADVISOR, Splunk

Security teams often focus on mitigation and response when it comes to ransomware infections. Splunk SURGe research on ten major ransomware strains indicates that if a business is hit with a ransomware attack, it may be too late to stop it from finishing the job. Join Andrew Morris, Splunk Security Strategist, to learn how quickly ten major ransomware strains can encrypt 100,000 files and practical strategies for preventing ransomware infections.

Wednesday, June 08, 2022 / 02:00 PM - 02:30 PM EDT

Kyndryl: Chief Cyber Resilience Officer – The Next Logical Step for the CISO

Kristin Lovejoy, Global Practice Leader - Security & Resi, Kyndryl

Increasing digitization, the expanding use of hybrid cloud, blockchain, AI, 5G and IoT/IIoT, all contribute to an environment increasingly vulnerable to cyberattacks and/or disruptions. As rising number of incidents has shown, conventional security approaches are insufficient. An emerging role – the Chief Cyber Resilience Officer – is taking on additional corporate responsibility to not only anticipate, withstand and respond to cyber events, but also to recover from them. In this session, learn about the emergence of Cyber Resilience as a framework, function, and regulatory focus.

Wednesday, June 08, 2022 / 02:00 PM - 02:30 PM EDT

Microsoft: Top Ten Cloud Security Best Practices

Kristin Burke, PRINCIPAL SECURITY GBB, Microsoft

As companies continue to increase their footprint with IaaS and PaaS services across multicloud environments, implementing a comprehensive strategy to protect cloud native applications is top of mind for security teams. Join us for this session where we discuss how Microsoft Defender for Cloud can help you stay on top of your security posture across all major cloud providers, and how to protect all your workloads including servers, containers, databases and more - whether they’re running in the cloud or on-prem.

Wednesday, June 08, 2022 / 02:00 PM - 02:30 PM EDT

KnowBe4: The Next Evolution of Security Awareness: Awareness, Behavior, Culture, & Human Risk

Perry Carpenter, Chief Evangelist and Strategy Officer, KnowBe4, Inc.

"Security Awareness" is a slippery topic for a lot of people. It's a well-known phrase -- and, let's face it, it's a phrase that can be very misleading. Just because someone is aware doesn’t mean they will care. And even motivated and engaged employees still make mistakes. So, what’s the way forward?

In this session, Perry Carpenter outlines the art and science of secure behavior and will give practical tips for shaping behavior, shifting culture, and ultimately, driving down human risk in your organization.

Wednesday, June 08, 2022 / 02:00 PM - 02:30 PM EDT

Proofpoint: Attackers Do Not Operate in Product Silos – Neither Should Your Security

Deborah Watson, RESIDENT CISO, Proofpoint

Cheryl Tang, Director Product Marketing, Proofpoint

Attackers are no longer targeting assets or infrastructure; they are using people as the point of initial access for most cybersecurity incidents. Most ransomware incidents start with an initial access point of people, using credential phishing attacks. Attackers are also using diverse tactics, techniques, and procedures (TTPs) to gain access to then move laterally, cause damage and exfiltrate data. Organizations must look at security with a people-centric lens, and approach this with a platform approach that can bridge, integrate, and unify your defensive strategies.

Wednesday, June 08, 2022 / 02:00 PM - 02:30 PM EDT

ReliaQuest: Detection, Investigation, and Response in a Cloud-Based World

Carrie Mills, Senior Manager of Threat Intelligence an, Southwest Airlines

Cloud transformation has taken centerstage and is credited with driving business success through the many recent global challenges. For many, this concept is new and do not fall into their traditional way of managing security leading to lack of confidence in securing these technologies. In this session we will go into details of why visibility is key to cloud security and how GreyMatter has been architected from the ground-up to support multi-cloud and hybrid cloud environments.

Wednesday, June 08, 2022 / 02:00 PM - 02:45 PM EDT

ETSS: The Road to Passwordless with FIDO & PKI, moderated by Axiad

Bassam Al-Khalidi, CO-CEO, Axiad IDS, Inc.

Despite significant advances in MFA technology and broad adoption of the FIDO2 standard, enterprises have been slow to adopt phishing-resistant passwordless authentication. This may be because the market lacked a comprehensive enterprise solution for FIDO2, but things are changing. The standard itself is evolving, and new platforms enabling enterprises to manage FIDO credentials together with PKI or Phone authenticators are becoming more available. This session will discuss FIDO2—its evolution, the challenges it poses for enterprises, and available technology to address its challenges.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 02:00 PM - 02:45 PM EDT

ETSS: Digital DNA - Transparency & Trust Through the Supply Chain, moderated by Intel

Patrick Bohart, DIR OF MARKETING, Intel

With today's security challenges, it is important to expand the traditional definition of the supply chain to cover both physical and digital. Digital supply chain security is based on traceability and transparency, device trust, resilience, and hygiene. This expands to recording and tracking key device info, including manufacturing data and subsequent modifications across its lifecycle.
In this session, you will learn how Intel leverages a suite of tools, ingredients, industry standards, and enterprise solutions for a more comprehensive approach to supply chain security.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 02:00 PM - 02:45 PM EDT

ETSS: MAD for TOAR, Benchmarking Threat-Informed Defence, moderated by CYBER RANGES

Dr. Almerindo Graziano, CEO, CYBER RANGES , Silensec

We show you how to combine next-gen cyber ranging, incident response solutions and cyber threat intelligence into a one-click robust solution integrating tabletop exercises and life-like attack simulations on high-fidelity replica IT/OT infrastructure. No painfully long planning, no high-resource delivery! Supporting MITRE ATT&CK TOAR brings managerial and operational personnel together to tackle the latest cyber attacks. You experience how to run frequent, large-scale, cost-efficient, COTS/bespoke, threat-informed cyber attack and defend simulations toward continuous capability benchmarking.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 02:00 PM - 02:45 PM EDT

ETSS: Modernizing Cybersecurity with XDR, moderated by IBM

Bob Kalka, VP, IBM Security

XDR can sound a lot like empty promises and unmet expectations. Whether we like it or not, our IT and security landscape is getting more complex, and unfortunately so is the threat landscape. We need to modernize while living with the cost, skills and business execution speed challenges. It should be with automation, workflow and faster and more accurate decision making that will effectively face cyber threats of the future. Join the conversation as we discuss CISOs best practices and challenges for ensuring that their SOC teams have the right tools and support to protect their organizations.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 02:00 PM - 02:45 PM EDT

ETSS: No Other Option But To See Every Packet and Process, moderated by VMware

Scott Lundgren, CTO - SECURITY BUSINESS UNIT, VMware - Carbon Black SBU

We cannot play peek-a-boo with threats, nor depend on appliances that are bolted on to the fraction of infrastructure that we happen to control. We need to automate the collection of full-fidelity telemetry of each endpoint and within each workload. We need to inspect and control network data, and not just at a few points between network switches. We must automate the analysis and investigation—of every packet and every process. Join this roundtable to explore strategies for intelligent detection and faster response to combat even the most sophisticated real-world attacks.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 02:00 PM - 02:45 PM EDT

ETSS: Third-Party Cyber Risk: Zero-day Findings and Mitigation, moderated by BlueVoyant

Jim Rosenthal, CEO, Bluevoyant

Your vendor, supplier, and partner ecosystem is now YOUR attack surface. Managing distributed risk associated with hundreds and even thousands of vendors, suppliers, and partners is fast becoming today’s defining cybersecurity challenge. As organizations have increased the number and variety of third parties they work with, they have simultaneously exposed their enterprise to the vulnerabilities of those partners. Join this conversation to discuss the latest strategies to reduce supply chain/external ecosystem risk associated with zero-day vulnerabilities.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 02:45 PM - 03:05 PM EDT

Magic Quadrant and Critical Capabilities for Endpoint Protection Platform

Chris Silva, VP Analyst, Gartner

The pandemic has once again highlighted the importance of a robust endpoint security capability. With the market evolving, merging, and expanding, it is an imperative to use the most appropriate vendor or technology to meet its current and future objectives. This session will help the security and risk management leaders understanding the direction and approaches that the vendors take in the market.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 02:45 PM - 03:05 PM EDT

The Business Continuity Management Software Ecosystem

Roberta Witty, VP Analyst, Gartner

Using the right tools relates to building an effective BCM program — for planning and preparedness and at time of crisis when executing response and recovery procedures. This presentation helps security and risk management leaders select the right mix of solutions and vendors for their BCM needs.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 02:45 PM - 03:15 PM EDT

A Guide to Navigating the Vendor Risk Management Market

Christopher Ambrose, VP Analyst, Gartner

The market for vendor risk management products and services is complex, diverse and evolving, making it difficult to know how to choose the right solution. This session will highlight the key components of tools and solutions available to security and risk leaders when managing third parties

Wednesday, June 08, 2022 / 02:45 PM - 03:15 PM EDT

Anticipate How AI Will Change How You Build Security Products

Nat Smith, Sr Director Analyst, Gartner

Many security products advertise the use of AI, but what is important to the buyers? How are your direct and indirect competitors using AI today and what should you expect in the future? This session will help you evaluate your current AI investments, identify potential gaps and vulnerabilities and guide you to wisely invest for the future.

Wednesday, June 08, 2022 / 02:45 PM - 03:15 PM EDT

Best Practices for Securing Cloud-Native Applications Built on Containers and Kubernetes

Neil MacDonald, Distinguished VP Analyst, Gartner

Cloud-native applications are not inherently insecure, but are being deployed insecurely, driven by developers and a need for agility in service development and deployment. Security and risk management leaders must address container and Kubernetes security issues around vulnerabilities, visibility, compromise and compliance continuously across development and operations.

Wednesday, June 08, 2022 / 02:45 PM - 03:15 PM EDT

Outlook for Security Operations 2022

John Collins, Sr Director Analyst, Gartner

Security operations are undergoing a transformative change when our security is planned and delivered. Do you really need to centralize data for security? Is there a single solution to solve all my security needs? How do we determine what is threat intelligence for us? Learn what technologies, processes and services will have the biggest impact on how security operations are delivered in 2022.

Wednesday, June 08, 2022 / 02:45 PM - 03:15 PM EDT

Stories From Planet B: Using Story Prototyping in Cybersecurity

Marty Resnick, VP Analyst, Gartner

Science fiction storytelling allows security and risk management leaders, to use exciting and intriguing stories to explain the unprecedented levels of disruptions and how they will affect their organizations and industry. This session will discuss the impact of sci-fi prototyping using the best practices and lessons learned from Gartner's own Stories From Planet B anthology.

Wednesday, June 08, 2022 / 02:45 PM - 03:15 PM EDT

Technical Insights: Cloud Security 201: The Quest for the Holy Grail

Charlie Winckless, Sr Director Analyst, Gartner

Patrick Hevesi, VP Analyst, Gartner

Cloud security remains a challenge; we have to protect data when it is out of our control. This session will address the emerging trends in cloud security, what they bring to your organization and how to use them most effectively. Security is seen as an obstruction to cloud adoption; this will show you how to enable without losing protection

Wednesday, June 08, 2022 / 02:45 PM - 03:15 PM EDT

The Top Cybersecurity Predictions for 2022-2023

Leigh McMullen, Distinguished VP Analyst, Gartner

Every year, Gartner produces impactful predictions across all practices. This presentation will compile the top predictions prepared by our cybersecurity experts for the year 2022-2023. Security and risk management leaders should monitor these trends to be successful in the digital era especially as most recognize that global change could potentially be one crisis away.

Wednesday, June 08, 2022 / 02:45 PM - 03:15 PM EDT

Technical Insights: Practical Guide to Architecting Cloud Security

Richard Bartley, Sr Director Analyst, Gartner

How do you decide on which cloud security controls to deploy? The bewildering array of cloud security patterns can make common approaches to cloud security daunting. This session presents practical steps toward designing the right set of native and vendor layered cloud security components for your organization

Wednesday, June 08, 2022 / 02:45 PM - 03:15 PM EDT

Case Study: The Journey to Security Executive: Top Focus Areas

Tim Rains, VP Trust & Cyber Risk, T-Mobile

Andrew Walls, Distinguished VP Analyst, Gartner

There is no single career path to take to become a security executive at a major corporation. However, there are focus areas that can help you prepare for an executive role and be successful in it. Join Tim Rains, Vice President of Trust & Cyber Risk at T-Mobile, as he provides insights from his 25-year career that includes several significant security roles at Microsoft, Amazon Web Services, and T-Mobile.

Wednesday, June 08, 2022 / 02:45 PM - 03:30 PM EDT

Roundtable: Implementing Application Security in Agile and DevOps Processes

William Dupre, Sr Director Analyst, Gartner

Organizations are looking for strategies that can be used to integrate application security into agile and DevOps processes. Share stories about successful security practices that enable process maturity and the move to DevSecOps

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 02:45 PM - 03:30 PM EDT

Ask the Expert: How to Mitigate Software Supply Chain Security Risks

Dale Gardner, Sr Director Analyst, Gartner

Attackers are targeting software development systems, open-source artifacts and DevOps pipelines to compromise software supply chains. In this Ask the Expert session, we will answer questions on emerging trends such as software bill of materials, hermetic pipelines and binary authorization to mitigate risks both for internally developed applications and externally procured software

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 02:45 PM - 03:30 PM EDT

Roundtable: Is My SIEM an XDR?

Pete Shoard, VP Analyst, Gartner

An exploratory session to discuss SOC requirements for detection and response capabilities, helping attendees identify the scenarios where a SIEM would be an appropriate choice and where more recent developments in the operations space fit with the introduction of concepts such as XDR.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 02:45 PM - 03:30 PM EDT

Ask the Expert: Is XDR the Next Big Thing in Security? Or Another Passing Fad?

Jon Amato, Sr Director Analyst, Gartner

XDR, or Extended Detection and Response, is an extension of other technologies used for security monitoring and response, taking the analytics concepts used in tools like EDR and SIEM to a broader set of enterprise security tools. In this session we will discuss what XDR is, how your organization might benefit from using it, and whether XDR matters to you.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 02:45 PM - 04:15 PM EDT

Workshop: Building a Secure Software Development Life Cycle

Mark Horvath, Sr Director Analyst, Gartner

While the security of applications continues to be a primary concern for CSIOs and Heads of Development, the majority of organizations still have a relatively basic (or nearly non-existent) application security testing program. This session walks through the steps you should be taking to turn your SLDC into an effective mechanism for securing applications, without breaking the bank.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 02:45 PM - 04:45 PM EDT

CISO Circle Research Discussion: The CISO’s Guide to Cyber Risk Quantification

Christopher Mixter, VP, Research, Gartner

CISOs report frustration that the time and effort their teams invest in quantifying cyber risk rarely drives risk owners to take action. In this interactive Research Discussion, exclusively for CISO Circle participants, you’ll network with peers on their cyber risk quantification efforts and discover how to use CRQ to effectively influence business decision making. This session will feature a deep-dive into Verizon’s CRQ practice, which delivers trustworthy, timely, and empowering guidance to risk owners without major investment in new data and skills…and without the need to conduct scenario likelihood calculations.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 03:15 PM - 03:45 PM EDT

Refreshment Break

Join us for refreshments in a brief break between sessions.

Wednesday, June 08, 2022 / 03:20 PM - 03:40 PM EDT

Armis: Securely Innovate and Grow with New Assets and Technologies

Dana Tamir, VP Product Marketing, Armis

Security is the number one barrier to innovation and introduction of new technologies. With limited budgets and resources, we can barely wrap our hands around existing technologies that are currently in use. Surprised by unknown connected assets, or shadow IT? Struggling with the daunting accumulation of technical debt? Is there a better way to manage all that? Learn how organizations use extreme asset visibility to: Improve IT Hygiene and reduce technical debt, Introduce new technologies while managing the cyber-asset attack surface, and Protect against unseen operational and cyber risks

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 03:20 PM - 03:40 PM EDT

HackerOne: Build Resistance to Attacks by Unlocking the Value of Ethical Hackers

Sean Ryan, SR. PRINCIPAL, Hackerone

Attack surfaces are expanding, spurred on by the continuous release of new digital services and business transformation. In this session, you will learn why it’s time to implement an attack resistance management strategy to find unknown risks missed by automated tools, then unlock the security expertise of ethical hackers to identify critical gaps and prioritize fixes for your exploitable assets.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 03:20 PM - 03:40 PM EDT

IriusRisk: Decentralized Threat Modeling

Stephen de Vries, CEO, IriusRisk

Steve Cosby, VP APPLICATION AND ENTERPRISE SECURITY, American Express

Jason Nelson, DIRECTOR, Citi

Daniel Herrera, EXECUTIVE DIRECTOR, JP Morgan Chase

Threat Modeling is traditionally performed by security experts, but with the need to scale it across all of an organizations applications a new approach is needed. This panel will discuss the need for and the challenges of implementing a federated or decentralized approach to threat modeling.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 03:45 PM - 04:15 PM EDT

Cybereason: Defeat Modern Malicious Operations with XDR

Jason Forcht, CONSULTING ENGINEER, OFFICE OF THE CISO, Cybereason

Today’s cybercriminals and ransomware gangs are continuing to outgun prevention and detection strategies. The problem: Attackers are (1) operationalizing exploits at a record rate, (2) targeting more organizations, and (3) are increasingly operating to reduce dwell time. The challenge is that adversaries attack organizations, and not just an individual user or asset. If under attack—the initial access can lead to broader compromise. Join Cybereason for a session on 2022 attacker trends & kill chains, top defense recommendations, and the Defender’s view inside our AI-driven Cybereason XDR.

Wednesday, June 08, 2022 / 03:45 PM - 04:15 PM EDT

eSentire: Real Heroes Don’t Wear Capes – Managing Cyber Risk Against Unrealistic Expectations

Michael Smith, Vice President Of IT Operations, HKS

Greg Crowley, CISO, eSentire

Most organizations fall victim to cyberattacks because business leaders don’t understand the risk. Join eSentire CISO Greg Crowley in a conversation with Michael Smith, the VP of Information Technology from HKS, Inc as they discuss the challenges in managing and quantifying cyber risk. These experts will share their hard-won lessons, and provide practical guidance on how to evaluate risk, align to business priorities, and communicate expectations to non-technical business leaders.

Wednesday, June 08, 2022 / 03:45 PM - 04:15 PM EDT

Trustwave: C-Level’s Perspective: Public and Private Responses to the New Cyber Threat Landscape

Kevin Kerr, LEAD SECURITY PRINCIPAL CONSULTANT, Trustwave

Ron Thompson, CDO & DDTO, NASA

Paul Cunningham, CHIEF TECHNOLOGY ADVISOR, World Wide Technology

Ron Thompson, Paul Cunningham, and Kevin Kerr bring 60 years of expertise protecting mission critical outcomes (Space Program, Veterans, Energy/National Lab) from a C-suite perspective. In this session, they'll discuss threats to critical infrastructure and the broader commercial space, and how organizations can leverage strategic partners to better manage risk and improve cyber resilience.

Wednesday, June 08, 2022 / 03:45 PM - 04:15 PM EDT

Rapid7: Prioritizing Risk in the Cloud: Context is King

Chris Deramus, VP, TECHNOLOGY, Rapid7

Peter Scott, COO/CFO -> VP of Products, Rapid7

For far too long, cloud security teams have been forced to make decisions using isolated, binary data points that don’t accurately depict risk to their environments. But as cloud adoption continues to expand and become a more essential aspect of nearly every businesses strategy, security teams need a more effective approach to prioritize and remediate the risks they identify in their cloud environments. Join us to learn how consolidating and distributing rich context from each layer of cloud environments will help establish the next generation of cloud-native security operations.

Wednesday, June 08, 2022 / 03:45 PM - 04:15 PM EDT

Wiz: Building Trust: Using CNAPPs to Enable Developers to Secure Their Cloud Applications

Yinon Costica, VP PRODUCT, WIZ

As cloud adoption expands, security teams are faced with securing an increasingly complex cloud estate. Keeping pace requires a new approach. Completely agentless, CNAPPs take minutes to set up and enable security teams to unify a fragmented security stack and empower cloud engineers to take action. CNAPPs remove friction and highlight critical risks so that engineering teams have the incentive and context needed to remediate without security team oversight. In this session, learn what CNAPPs are, see a live demo, and get a practical guide for how to evolve your cloud security program.

Wednesday, June 08, 2022 / 03:45 PM - 04:15 PM EDT

Checkmarx: What Stinks? How Developer Code ‘Hygiene’ Impacts Security

Peter Chestna, CISO, NORTH AMERICA, Checkmarx

The majority of code in modern applications is made up of open source components. This allows developers to focus on value-generating features instead of on scaffolding and foundations. That doesn’t mean you should ignore these key elements though. The challenge? This scaffolding isn’t free like a lunch—it’s free like a puppy.

This session will provide actionable guidance for responsible use and governance of open source software including:
• How cautious are you in your component selection?
• Do you keep track of what you’re using?
• Have you provided for regular maintenance?

Wednesday, June 08, 2022 / 03:45 PM - 04:15 PM EDT

Veracode: Accelerate Your FedRAMP Compliance Journey with Cloud-Native Architectures

Timothy Jarrett, Senior Director, Product Management, Veracode

Bradley Taylor, SENIOR MANAGER, Coalfire

Robert Parrott, CHIEF ARCHITECT AND VP, Veracode

Join architectural leaders from AWS, Coalfire and Veracode to learn how cloud-native architectures can accelerate your journey toward FedRAMP (or similarly stringent) certification by:
- Streamlining procedures for critical functions like asset controls, encryption & container images
- Simplifying asset inventories, even in containerized environments
- Reducing change control board burdens
- Enabling developers to work in their own toolsets while maintaining full auditability
- Implementing a platform-oriented SDLC that scans source code when crossing the boundary for maximum efficiency

Wednesday, June 08, 2022 / 03:45 PM - 04:15 PM EDT

Zimperium: Why Secure Mobile & Why Now: Real World Insights from Zimperium

Jt Keating, SVP, MARKETING, Zimperium

42% of organizations report that mobile devices and apps led to a security incident in 2021. This is not surprising since 23% of mobile devices were exposed to malware and there was a 466% increase in exploited zero day vulnerabilities exploited on mobile devices… just to name a few threats.
Active detection of these attacks is required, but what do CISOs need to know to protect mobile devices and apps? Please join experts from Zimperium as they provide a comprehensive look at the mobile threat landscape and explain what has driven enterprises to prioritize mobile security.

Wednesday, June 08, 2022 / 03:45 PM - 04:15 PM EDT

Hitachi ID: How to Bring Business and Cyber Together With the NIST Cybersecurity Framework

Tony Dale, DIRECTOR, CYBERSECURITY, Lower Colorado River Authority

Nicholas Brown, CRO, Hitachi ID

Business and cyber teams may find themselves speaking different languages which can result in confusion and frustration. Getting on the same sheet of music can be challenging, but it is possible. The National Institute of Standards and Technology Cybersecurity Framework (NIST CSF) is the gold standard to address such issues. This session describes how a cybersecurity department at a large public utility in Texas collaborated with business leadership to adopt the NIST CSF. Join this session to learn how they won recognition by the US Department of Commerce as a cybersecurity success story.

Wednesday, June 08, 2022 / 03:45 PM - 04:15 PM EDT

Dragos: Building an Effective Cybersecurity Program for Operational Technology (OT) Systems

Michael Mylrea, SR. DISTINGUISHED ENGINEER, National Resilience Inc

Peter Vescuso, CMO, Dragos

Awareness of cyber threats targeting industrial infrastructure has never been higher. Yet for many industrials, the journey to protect the critical OT that controls the lifeblood of the business has only just begun. Building an effective OT cyber program requires multi-disciplinary teams that understand the differences between IT and OT, as well as the significant cultural and organizational barriers. Join us to learn what makes OT environments unique, how to ensure safety and reliability, and insights from a case study with National Resilience, a fast-growing U.S. biopharma manufacturer.

Wednesday, June 08, 2022 / 03:45 PM - 04:30 PM EDT

ETSS: “Left of Boom” Cybersecurity, moderated by Cisco

Bruce Brody, SENIOR CISO ADVISOR, Cisco Systems, Inc.

In March 2022, at least partially in response to the potential for malicious cyber activity against the United States, the White House reiterated its warnings to private sector partners to harden their cyber defenses immediately. The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) also published its “Shields Up” guidance for all organizations. These suggested measures might all be characterized as “Left of Boom” cybersecurity and should be part of every organization’s approach to effective cybersecurity and risk management.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 03:45 PM - 04:30 PM EDT

ETSS: Cyber Pearl Harbor is Here – Is Your Team Prepared? moderated by AttackIQ

Brett Galloway, CEO, AttackIQ, Inc.

Jonathan Reiber, SENIOR DIRECTOR, CYBERSECURITY STRATEGY, AttackIQ

James Trainor, SENIOR VICE PRESIDENT, Aon Service Corporation

Virgina Gambale, MANAGING PARTNER, Azimuth Partners

Nation-states and cybercriminals are aggressively targeting public and private sector networks to compromise, steal, or destroy information. It’s no longer a question of if, but when, an adversary will break past your defenses. While organizations are spending more than ever before in defensive cyberoperations, the unfortunate success of adversaries is measured in trillions of dollars lost. Hear from CISOs who are leading strategies to answer: Are we ready for an attack? Could adversaries hold us to ransom? How do we train our teams to fight?

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 03:45 PM - 04:30 PM EDT

ETSS: ZeroTrust Foundation + Communication Security, moderated by SafeGuard Cyber

Rusty Carter, CHIEF PRODUCT OFFICER, SafeGuard Cyber

Establishing a Zero Trust foundation is a top priority for many organizations today. It’s paramount that investments in Zero Trust maximize effectiveness and create a foundation for ongoing development. A successful Zero Trust foundation requires the ability to continuously authenticate and authorize actions based on risk. A crucial, yet missing element in many unsuccessful Zero Trust foundations is adaptive authorization and authentication based on the context and intent of communications. Join us as we dive into a critical piece for an impactful Zero Trust foundation - human communications.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 03:45 PM - 04:30 PM EDT

ETSS: Modernizing Cybersecurity with XDR, moderated by IBM

Bob Kalka, VP, IBM Security

XDR can sound a lot like empty promises and unmet expectations. Whether we like it or not, our IT and security landscape is getting more complex, and unfortunately so is the threat landscape. We need to modernize while living with the cost, skills and business execution speed challenges. It should be with automation, workflow and faster and more accurate decision making that will effectively face cyber threats of the future. Join the conversation as we discuss CISOs best practices and challenges for ensuring that their SOC teams have the right tools and support to protect their organizations.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 03:45 PM - 04:30 PM EDT

Venafi: ETSS: Rise of Machines Meets Digital Transformation, moderated by Venafi

Kevin Bocek, VP Strategy, Venafi

The number of machines of all types is on the rise. Every machine requires an identity. Compromise, misuse, and fraud of machine identities are prime attack vectors. Errors create debilitating outages and result in millions of dollars in lost revenue. That’s why leading analysts are recommending Machine Identity Management as a top security trend. During this session, we will discuss the impact that this is having on an organization’s ability to move faster in their quest for Digital Transformation and the steps that should be taken to strengthen the enterprise security strategy and posture

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 03:45 PM - 04:30 PM EDT

ETSS: The Outside-In Approach to Risk Management, moderated by CyCognito

Emma Zaballos, PRODUCT MARKETING, CyCognito

Sabastian High, BUSINESS INFORMATION SECURITY OFFICER, Anthem, Inc.

For security leaders protecting distributed, hyperconnected, ever-evolving IT ecosystems, it’s time to see your organization the way attackers do—from the outside in—to truly rule your risk.

Join Sabastian High, BISO, Anthem, as he discusses why this is a critical time to master and scale your external risk management. He will discuss the metrics he uses to measure external risk that his team can act on to stay ahead of attackers, and that he can use to communicate with business leaders in their own language. Then, session sponsor CyCognito, will address how EASM platforms make it all happen.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 04:00 PM - 05:30 PM EDT

CISO Circle Workshop: Don’t Let Stress Burn You Out: Mindfulness 101 for Cybersecurity Leaders (Repeat)

Christine Lee, Sr Director, Research, Gartner

Leigh McMullen, Distinguished VP Analyst, Gartner

CISOs work in high stress, high burnout environments. Despite scarce resources and evolving threats, executive management and boards depend on your leadership and assurance. Are you prepared to steer your enterprise through change and crisis? This CISO Circle session will offer actionable insights for personal effectiveness and a beginner-friendly guided mindfulness practice.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 04:30 PM - 05:00 PM EDT

CPS Security — Top 10 Must-Dos

Katell Thielemann, VP Analyst, Gartner

2021 showed that attacks are moving closer to operational or mission-critical environments where cyber-physical systems (CPS) live. Whether they are born of OT/IT convergence or from IoT, IIoT, or Smart "X" efforts, CPS are everywhere and mandate different approaches to security than IT systems.
What are the top 10 must-dos to protect them

Wednesday, June 08, 2022 / 04:30 PM - 05:00 PM EDT

Is Your Digital Identity Strategy Full of Socioeconomic Discrimination?

Tricia Phillips, Managing Vice President, Gartner

Many new digital identity initiatives rely on reliable and persistent access to smart devices, mobile phone numbers and email addresses, which inadvertently discriminate against the digitally disenfranchised. Ensuring equal but secure access to essential digital services should be a guiding principle of any digital identity initiative, and is possible with the right CIAM tools.

Wednesday, June 08, 2022 / 04:30 PM - 05:00 PM EDT

MDR! MDR! MDR! If You Are Not in, You Are Too Late!

Mark Wah, Sr Director Analyst, Gartner

MDR is growing at more than 20% YoY on average. Some MDR providers are growing at high double digits and even triple digits. We have already seen a unicorn in this space and there are a few on the bubble. Explore how TSPs can enter this market or partner to capitalize on MDR's growth.

Wednesday, June 08, 2022 / 04:30 PM - 05:00 PM EDT

Outlook for Endpoint Security 2022

Jon Amato, Sr Director Analyst, Gartner

Endpoint now covers a wide variety of devices, and organisations invest heavily in trying to secure them. So why is it that malware attacks such as ransomware are still so prevalent. We discuss how securing the endpoint needs to go beyond protecting the individual endpoint, to protect the diverse range of endpoints that make up an organisation.

Wednesday, June 08, 2022 / 04:30 PM - 05:00 PM EDT

Stop Reporting Operational Metrics to the C-Suite, Really ... Stop

Lisa Neubauer, Director, Advisory, Gartner

CISOs keep generating detailed charts, dump them into 50-page decks and throw them at their executives, hoping that anyone knows what they are talking about ... or cares. Instead focus on these areas: (1) What messages resonate best? (2) What structures are best for executives, (3) If you must show operational metrics, how can you make them more palatable?

Wednesday, June 08, 2022 / 04:30 PM - 05:00 PM EDT

Technical Insights: Microsoft 365: Office, EMS and Windows 10 — Top Security Features to Implement

Patrick Hevesi, VP Analyst, Gartner

This session will discuss the evolution of Office 365 into Microsoft 365 and the security, identity and compliance features that all organizations must implement. We will discuss third-party options as well as the built in native Microsoft features along with strengths and weaknesses of each

Wednesday, June 08, 2022 / 04:30 PM - 05:00 PM EDT

Threat Hunting Starter Kit: The Tools and People Required to Start Hunting on Your Own

John Collins, Sr Director Analyst, Gartner

Ever wanted to start threat hunting in your environment or contemplated what is required to do it? Here is a spoiler, you don't need a third party to do it for you as long as you have some necessary tools and capable personnel. Enter into the cyber wilds to get some foundational guidance on how your organization can perform the overly hyped and sensationalized art of threat hunting.

Wednesday, June 08, 2022 / 04:30 PM - 05:00 PM EDT

Why You Need a Data Security Steering Committee

Andrew Bales, Principal Analyst, Gartner

Organizations struggle to keep the business as the focus of their data security program. A cross-functional committee (CFC) can help keep the data security strategy centered on the business. This session will provide guidance for several questions, including "who should be included in your CFC?", "what is the importance and role of the CFC?", and "when should I establish this CFC?" among others!

Wednesday, June 08, 2022 / 04:30 PM - 05:00 PM EDT

Fix What Matters: Provide DevOps Teams With Risk Prioritized Vulnerability Guidance

Dale Gardner, Sr Director Analyst, Gartner

Traditional application security efforts often are reactive, incomplete, and unsuccessful in achieving their goals — barriers preventing success in scaling AppSec programs and in keeping pace with the faster pace of development. In this session, we’ll provide specific insights and guidance on how to shift programs to a more proactive, risk-based foundation better adapted to modern application development efforts — and greater AppSec success.

Wednesday, June 08, 2022 / 04:30 PM - 05:15 PM EDT

Ask the Expert: Hands-On Privacy — Managing Personal Data Risk for Analytics and Data Science Workloads

Bart Willemsen, VP Analyst, Gartner

Privacy enhancing computation has emerged as a leading trend across multiple domains. This session will focus on addressing your questions when handling personal data in data lakes and data warehouses across geographies. The goal is to extract the maximum value while maintaining a defensible posture and keeping privacy risk at bay.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 04:30 PM - 05:15 PM EDT

Ask the Expert: DevSecOps — What Does Success Look Like?

Mark Horvath, Sr Director Analyst, Gartner

DevSecOps promises to at last deliver effective application security — but lasting, tied to testing-oriented and gateway-focused approaches, guarantees failure. The urgent question then, is what does "success" look like? In this session we'll answer questions around the organizational process and the tool changes needed to help ensure a successful DevSecOps program and robust application security.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 04:30 PM - 05:15 PM EDT

Ask the Expert: Microsoft 365 Security Best Practices

Dennis Xu, Sr Director Analyst, Gartner

Do you have a specific question related to securing your Microsoft 365 environment you want to ask an analyst? Have you read a Gartner research on Microsoft 365 Security and have questions to ask? Come ask your question to a Gartner analyst and walk away with the answer on the spot.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 04:30 PM - 05:15 PM EDT

Roundtable: How to Measure Vulnerability Management

Mitchell Schneider, Sr Principal Analyst, Gartner

This roundtable discusses:
- The right metric for VM
- KRIs and KPIs to measure success of VM

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 05:00 PM - 06:30 PM EDT

Exhibit Showcase Networking Reception

Join us for a networking reception on the Exhibit Showcase where you can engage with your peers, Gartner experts, and exhibitors while enjoying delicious food and beverages. Evaluate industry offerings that can move your business forward. Attend a theater session to see technology in action.

Wednesday, June 08, 2022 / 05:15 PM - 05:35 PM EDT

SNYK: Mitigating Risks in Software Supply Chain Security

Mic Mccully, FIELD STRATEGIST, Snyk

By 2025, 45% of organizations worldwide will have experienced attacks on their software supply chains which are only becoming increasingly complex due to the changes in how modern software is built. These trends, together with new federal regulations, require organizations to take action to ensure the security and integrity of their software. But this is easier said than done.

This session will explore the software supply chain as an attack vector-by identifying risks and mitigation strategies throughout the software development processes and environment. Join us to learn us to learn more!

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 05:15 PM - 05:35 PM EDT

A-LIGN: CMMC Has Not Gone Away: Prepare Using NIST 800-171

CMMC started amid great fanfare (and panic) in 2019 and began to move forward with many ups and downs. Being overly ambitious in timing and scope, CMMC was updated in late 2021 to "CMMC 2.0" and re-focused on the basics with independent validation.

NIST 800-171 was ALWAYS the foundation of CMMC and the best way for proactive organizations to ensure that they will be CMMC ready when it finally comes knocking at their door. In this presentation, A-LIGN Federal Practice Lead, Tony Bai explains CMMC and how organizations can leverage NIST 800-171 to pave a way to CMMC 2.0 certification success.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 05:15 PM - 05:35 PM EDT

SureCloud: GRC & Compliance Leaders: How To Bring Complex Vulnerability Data To Life

Alex Brown, VP Product, SureCloud

Your organizations’ scanning and penetration test data often show thousands of vulnerabilities, yet your risk and control platforms show that everything is compliant. How is this possible?

This session will explain how to unify your testing and your risk and control data to identify your organization’s most critical compliance and security issues. We will provide advice and practical suggestions for how to contextualize technical testing data and achieve a joined-up view of assurance activities, so you can mitigate the risks that arise from system vulnerabilities more effectively.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 05:40 PM - 06:00 PM EDT

Intel: Hardened DevSecOps Pipelines – Secure Your Software Supply Chain

Darren Pulsipher, ENTERPRISE SOLUTION ARCHITECT, Intel

When organizations think about security, they focus their scarce resources on securing production environments and data. However, recent attacks on the development process led to infiltration of the software supply chain developers rely on. A modern approach to hardened DevSecOps environments can utilize hardware root of trust, secure build enclaves, attested traceability of build steps and ingredients, and incorruptible CICD pipelines.

Find out how to leverage today’s technologies to harden your DevSecOps pipeline and help guarantee software integrity.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 05:40 PM - 06:00 PM EDT

Fortinet: The Rise of the Super SOC: Approaches to Integrating Multi-organization Cybersecurity

Jim Richberg, PUBLIC SECTOR FIELD CISO, Fortinet

With increasing serious cyber threats and federal funds flowing to refresh and expand infrastructure, generating shared cyber situational awareness is becoming a top-of-mind issue. But the challenges of creating a federated/joint capability across organizations is different from building a Security Operation Center within a single enterprise. This session will frame the problem, explore some of the building blocks and alternative approaches, and apply some of the presenter's lessons learned from building and integrating these capabilities within the US Government.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 05:40 PM - 06:00 PM EDT

Illumio: Contain Ransomware and improve Cyber-resilience with Zero Trust Segmentation

Trevor Dearing, DIRECTOR, CRITICAL INFRASTRUCTURE SOLUTI, Illumio

Paul Dant, SENIOR DIRECTOR, CYBERSECURITY STRATEGY, Illumio

Ransomware gangs have changed their approach, they now use malware to prevent an organization from functioning. If that organization is a hospital, then the consequences can be life threatening. Stopping an attack from spreading through an organization can maintain business resilience during an attack. It is important to be able to continue to maintain availability during an attack. Learn how Zero Trust Segmentation contains an attack and can protect your data and industry critical assets and provide the necessary resilience.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 06:05 PM - 06:25 PM EDT

HCL Technologies: Accelerating Vulnerability Remediation Through Automation

Dan Wolff, Director, HCL

Nearly 1/3 of all detected vulnerabilities remain open after a year, largely due to organizational complexity and too many security tools that don’t work together. Aligning security and IT operations teams to quickly remediate risks is a top CISO and CIO goal.

Join Dan Wolff, HCL BigFix Director of Products to see how new automation solutions can automate and unify your security and IT operations teams to streamline vulnerability response. This session will illuminate proven pathways to uniting these teams to simplify tools, reframe the remediation processes, and optimize the organization.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 06:05 PM - 06:25 PM EDT

Hyperproof: Are You Thinking Controls First? - Why Motorola Is & You Should Be Too

Aidan Collins, HEAD OF ENTERPRISE BUSINESS, Hyperproof

Marco Siccardo, HEAD OF SOLUTIONS ARCHITECTURE, Hyperproof

Peter Chase, CHIEF CUSTOMER OFFICER, Hyperproof

Data regulations, customer requirements for their vendors’ security/privacy posture, and the risk landscape are all rapidly shifting, and compliance and security assurance leaders have increasingly struggled with how to keep up. In response, companies like Motorola have revamped their entire approach to compliance and adopted a controls-first strategy designed to satisfy their risk environment and what regulators, auditors, and customers want to see at the same time. This session showcases why a controls first approach works at scale and how to put it into practice.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 06:05 PM - 06:25 PM EDT

Rubrik: Defend Against & Respond to Cyber Attacks with an Observability Engine For Data Security

Roger Reid, GTM Tech Lead Security Sales, Rubrik

The security of data & applications has become ever more important with the risk in cyber attacks. Organizations often leave large amounts of data undefended, while needing weeks or months to respond to incidents. In this session, learn how Rubrik’s observability engine for data security, a part of Rubrik’s Zero Trust Data Security platform, empowers customers to use machine learning to identify when, where, and how cyber threats have impacted systems, so compromises can be remediated as quickly as possible.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Wednesday, June 08, 2022 / 06:30 PM - 08:30 PM EDT

Zimperium Casino Royale

Press Your Luck at the Zimperium Casino Royale
Security shouldn't be a gamble, but that doesn't mean you can't come roll the dice with us for an evening! Join Zimperium for a glitzy casino-themed party with top shelf cocktails, great food, and fun casino games on Wednesday, June 8, 2022 from 6:30 - 8:30 PM in the Maryland Ballroom.

Wednesday, June 08, 2022 / 06:30 PM - 09:30 PM EDT

Tanium Networking Reception

Join us for a Networking Reception at Pose Ultra Lounge!

Thursday, June 09, 2022 / 07:00 AM - 09:00 AM EDT

Attendee Breakfast

Thursday, June 09, 2022 / 07:00 AM - 09:00 AM EDT

CISO Circle Breakfast: Pricing Cyber Risk

Leigh McMullen, Distinguished VP Analyst, Gartner

Bill Pray, Practice Vice President, Gartner

Matt Chinn, Sr Principal, Research, Gartner

Deepti Gopal, Director Analyst, Gartner

Join us for an exclusive townhall session with VP, Distinguished Analyst Leigh McMullen as he shares Gartner’s latest research proposals on pricing and quantifying cyber risk. With board-level interest at an all time high, leaders must be able to leverage principles of expected value and deterrence to provide assurance and value to the business. Attendees will also get a chance to shape the future of this research with their own experiences and practical implementations.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 07:00 AM - 05:15 PM EDT

Gartner Zone

Gartner Zone is a way to experience Gartner solutions through product demos, interactive digital experiences showcasing how Gartner tools and insights help address an organization’s mission-critical priorities.

Thursday, June 09, 2022 / 07:00 AM - 06:30 PM EDT

Registration & Information

Thursday, June 09, 2022 / 09:00 AM - 09:45 AM EDT

Guest Keynote: The Poker Game of Life: Using Poker to Enhance Thinking and Decision Making

Maria Konnikova, Author, Psychologist, Poker Champion, & Journalist,

In this talk, Maria Konnikova combines her personal experience as a champion poker player with her original research into the psychology of human decision-making to explore how we can all learn to make better decisions in every aspect of our lives – from the negotiating table to our personal relationships. How can we think probabilistically, manage our emotions, evaluate risk, distinguish the noise of chance from the elements of control, learn when to go all in, and when to fold? Journey with Konnikova into some of the deepest crevices of the human mind, and emerge with a roadmap for how you can – immediately and practically – become a clearer thinker and more optimal decision maker in all areas of your life.

Thursday, June 09, 2022 / 09:45 AM - 10:30 AM EDT

Refreshment Break

Join us for refreshments in a brief break between sessions.

Thursday, June 09, 2022 / 09:45 AM - 05:00 PM EDT

Visions of Trust, sponsored by OneTrust

Stop by the OneTrust Engagement Zone to learn how thousands of companies are building trust with customers and reducing time spent on lengthy questionnaires by creating a Trust Profile and joining the OneTrust Third-Party Risk Exchange. A Trust Profile enables vendors to create a shareable single source of truth to provide customers with secure access to privacy, security, and compliance details, certifications and attestations, and supporting documentation. Attendees who sign up at the booth to create a FREE trust profile at the conference will be entered to win a Meta Quest 2 Virtual Reality System.

Thursday, June 09, 2022 / 09:45 AM - 05:00 PM EDT

IBM Sounds of Security, sponsored by IBM

Learn why you need to use the same creativity and collaboration as a composer or musician as you create your security strategy.

Thursday, June 09, 2022 / 09:45 AM - 05:00 PM EDT

IDHub Zero to AD in 30min. Blazing fast Identity Management, sponsored by SATH, Inc.

How much do you pay for IT per hour, minute, or seconds? Time isn't only money, it's your barrier to growth, and reacting to changes and threats. Technology brought us groceries in hours and entertainment in seconds. With IDHub, tasks that take hours, are now seconds. Projects that take weeks, happen in minutes. Try it, to believe it. IDHub Zero to AD in 30 Minutes Experience. The fastest, full-featured IDM product to enter your consideration.

Thursday, June 09, 2022 / 09:45 AM - 06:45 PM EDT

Exhibit Showcase Open Hours

Visit the Exhibit Showcase to evaluate industry offerings that can move your business forward. Engage with your peers, Gartner experts, and exhibitors. Attend a theater session to see technology in action.

Thursday, June 09, 2022 / 10:00 AM - 10:50 AM EDT

Showfloor Showdown: Security Service Edge (SSE) Vendor Demo Challenge (Session 1)

Dennis Xu, Sr Director Analyst, Gartner

Richard Bartley, Sr Director Analyst, Gartner

Let's put SSE vendors to the test in a Showfloor Showdown! Security service edge (SSE) is an emerging technology that secures web, cloud services, and private apps from anywhere. Vendors from CASB, SWG, and ZTNA markets are all marching toward this new market using different approaches. Come watch Netskope, Skyhigh Security, and Zscaler to demonstrate how they address a set of common use cases.

Thursday, June 09, 2022 / 10:30 AM - 11:00 AM EDT

Emerging Technologies in Security and Risk Management

Mark Wah, Sr Director Analyst, Gartner

Emerging risks and top security trends are driving innovation in security and risk management. Among many new areas in security that are emerging, which ones should you focus on? This session will explore high-impact emerging technologies in security and risk management.

Thursday, June 09, 2022 / 10:30 AM - 11:00 AM EDT

Machine Identities, Secrets, Keys and Certificates – The Team, the Process and the Tools

Paul Rabinovich, Sr Director Analyst, Gartner

In this session we will look at a best-of-breed verses all-in-one tooling discussions of the expanding portfolio of tools that manage our machine identities, secrets, keys and certificates.

Thursday, June 09, 2022 / 10:30 AM - 11:00 AM EDT

The State of Network Security in the Hybrid Work Era

John Watts, VP Analyst, Gartner

Zero-trust strategies for network security have gained notable popularity in recent years. However, organizations need to avoid "silver bullet" thinking and build strategies based on their desired business outcome. This session will highlight the forces that shape network security, threats that need to be addressed, and how to think about zero trust and SASE as part of an overall network security strategy.

Thursday, June 09, 2022 / 10:30 AM - 11:00 AM EDT

Technical Insights: How Much Microservices Do You Need and How Do You Get There?

Kevin Matheny, VP Analyst, Gartner

Your leaders are telling you they want microservices, your vendors are promising to deliver microservices, your developers want to create microservices. But, what is microservices architecture? Where should you use it, and where should you not? How do you successfully implement microservices? This talk provides answers to key client questions on microservices architecture.

Thursday, June 09, 2022 / 10:30 AM - 11:00 AM EDT

Technical Insights: Secure Your Users and Devices Wherever They Are With UEM and UES

Eric Grenier, Director Analyst, Gartner

This session will cover managing and securing your workforce as organizations navigate the anywhere workspace. We will cover best practices for managing your endpoints and mobile devices and the best practices for securing those devices using your UEM (MDM) and UES (EPP, EDR, MTD) tools

Thursday, June 09, 2022 / 10:30 AM - 11:00 AM EDT

The Future of MDR, Where Next?

Pete Shoard, VP Analyst, Gartner

The MDR market is beginning to get to an initial stage of maturity, but there is still a high level of flux in the types of providers and the coverage of their solutions. During this session, we will offer participants a view into the direction of the market, the alignment with modern ways of working and core questions to ask providers offering these services, about their future.

Thursday, June 09, 2022 / 10:30 AM - 11:00 AM EDT

The Top 10 Cybersecurity Value Metrics Every Organization Should Use

Paul Proctor, Distinguished VP Analyst, Gartner

No one can tell you what your metrics should be … until now. Gartner has developed and vetted a prioritized list of metrics to describe the value of your cybersecurity program to satisfy the most challenging audiences including your board, CFO, COO, customers, partners and regulators. And we are working on benchmarks for each.
- What cybersecurity metrics should I measure?
- How can I use metrics to drive governance?

Thursday, June 09, 2022 / 10:30 AM - 11:15 AM EDT

Roundtable: Privacy and the Supply Chain; What to Mind With Your Service Providers

Bernard Woo, Sr Director Analyst, Gartner

An increasing number of modern privacy regulations worldwide put strict demands on how data is handled, by whom, or even where. How do you select and control service providers? What if they suddenly announce a profound change in policy, like WhatsApp did for sharing data with Facebook? Not to mention numerous countries who want data to be nationally processed. Ask the Expert all you want to know in this area. End users only, come prepared with questions.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 10:30 AM - 11:15 AM EDT

Ask the Expert: How to Build a Zero Trust Architecture

Nahim Fazal, Director Analyst, Gartner

What do we mean about ZTA , what are the first steps that we need to complete, and can we buy it out of the box?

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 10:30 AM - 11:15 AM EDT

Ask the Expert: What Steps Should I Take to Build a DLP Program?

Andrew Bales, Principal Analyst, Gartner

Many organizations struggle to correctly implement a DLP solution or tool, keeping business requirements as the central driver for their data security initiatives. In this session, you can ask the expert about best practices for building a DLP program. Bring your questions ranging from business process best practices, to implementation and rollout guidance.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 10:30 AM - 11:15 AM EDT

CISO Circle Ask the Expert: The Roadmap to CISO Effectiveness

Christopher Mixter, VP, Research, Gartner

In the last few years, CISOs have been thrust into the ranks of the c-suite as cybersecurity rises in priority for organizations. CISOs struggle to understand what success now looks like and what they need to do to attain it. As a consequence, 60% admit they rarely disconnect from work; 22% are available to their company 24/7. To what end? It's time for CISOs to take a step back and start making hard choices about how to pursue their value proposition.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 10:30 AM - 12:00 PM EDT

Workshop: Learning the Craft of the Ransomware Dungeon Master

Jon Amato, Sr Director Analyst, Gartner

Ransomware is a unique threat, and demands a unique incident response plan. Tabletop exercises, or "role playing games for security professionals," are one of the best ways of creating those plans. In this workshop, we will work through a series of live ransomware-specific tabletop exercises, and help you be the dungeon master your organization needs

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 10:30 AM - 12:00 PM EDT

CISO Circle Workshop: Don’t Let Stress Burn You Out: Mindfulness 101 for Cybersecurity Leaders

Leigh McMullen, Distinguished VP Analyst, Gartner

Christine Lee, Sr Director, Research, Gartner

CISOs work in high stress, high burnout environments. Despite scarce resources and evolving threats, executive management and boards depend on your leadership and assurance. Are you prepared to steer your enterprise through change and crisis? This CISO Circle session will offer actionable insights for personal effectiveness and a beginner-friendly guided mindfulness practice.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 11:15 AM - 11:45 AM EDT

Broadcom Software: Symantec Supports Broadridge by Securely Powering the Global Financial Marketplace

Mark Schlesinger, SENIOR TECHNICAL FELLOW, Broadridge Financial Solution

Broadridge, a global Fintech leader with $5 billion in revenues, provides critical infrastructure powering investing, corporate governance and communications to enable better financial lives. They process $9 Trillion daily in fixed income and equity trades and manage more than 2 Billion critical shareholder communications every year for mutual fund/equity shareholders. Learn how Symantec by Broadcom Software supports Broadridge securely powering the global financial marketplace driving digital transformation for their clients, to get ahead of today’s challenges and capitalize on what’s next.

Thursday, June 09, 2022 / 11:15 AM - 11:45 AM EDT

Deepwatch: Defining XDR: What Is It, Where Does It Fit In

David Stoicescu, CISO, Deepwatch

Wrapping your arms around the newest and hottest trends can be a challenge, especially when everyone's definition about the latest thing is ideally positioned to capture your attention, not necessarily attempting to encompass what it is, and how it fits into the types of problems you’re looking to solve, right now.

Join this session to learn more about what XDR is, what it isn't (more importantly), and how your people operations plays an important role in defining and creating a security foundation that makes sense, and addresses your biggest risks.

Thursday, June 09, 2022 / 11:15 AM - 11:45 AM EDT

IronNet: Take Back The Power From Cyber Attackers Using Attack Intelligence

Raj Sivasankar, VP OF PRODUCT MANAGEMENT, IronNet

With ongoing cybersecurity breaches, organizations simply don’t have enough analysts to track major threats and respond quickly enough to alerts from their security stack. Organizations with varying cyber maturity can narrow this gap by enabling their SOC with the capability of seeing unknown threats on the network to gain better attack intelligence. This session will provide a comprehensive overview of unique attack intelligence, its benefits, and how it can be operationalized to protect your organization.

Thursday, June 09, 2022 / 11:15 AM - 11:45 AM EDT

Menlo Security: The Reason why Ransomware is Really HEATing Up

Mark Guntrip, SR DIR, CYBERSECURITY STRATEGY, Menlo Security

When entire workforces went remote in 2020, organizations pivoted quickly to new business models by migrating apps and services to the cloud to enable the anywhere, everywhere workforce. That’s resulted in business users spending an average of 75% of their workday working in a browser. These same digital enhancements, however, also ushered in widespread transformation that expanded attack surfaces and created new opportunities for cyber miscreants, giving rise to Highly Evasive Adaptive Threats (HEAT), which are used as beachheads for initiating ransomware, data theft, and account takeovers.

Thursday, June 09, 2022 / 11:15 AM - 11:45 AM EDT

Mimecast: Smarter XDR Demands Email Security

Julian Martin, VP ECOSYSTEM & ALLIANCES, Mimecast

Neil Clauson, REGIONAL CISO, Mimecast

XDR is often focused upon the endpoint, but what about the original entry point into the organization – email? Learn how Mimecast’s email security provides valuable threat sharing capabilities to connect your controls, improves your response during a breach and leverages one of the most extensible ecosystems to choose the XDR solution appropriate for your organization.

Thursday, June 09, 2022 / 11:15 AM - 11:45 AM EDT

Code42: How IRM Enables Data Security by Uniting Security and Employees

Nathan Hunstad, PRINCIPAL SECURITY RESEARCHER AND ENGINE, Code42

It sounds counterintuitive to suggest that security and employees should (and really must) unite to frame the ultimate data security plan. Legacy tools have created siloed approaches to security that have divided people vs unite them. Insider Risk is not a new threat but the hybrid/remote era of work has introduced a whole new level of internal threats. It is time for a new approach - IRM.
This session outlines how security teams combat internal threats and effectively address these incidents with colleagues in a way that fosters a relationship between their team and employees.

Thursday, June 09, 2022 / 11:15 AM - 11:45 AM EDT

Tenable: Master the 3 Levels of Risk Decision-Making Impacting your Security Team

Nathan Wenzler, Chief Security Strategist, Tenable

Daily, you make decisions that affect IT ops, data and system security, executive-level strategy, and possibly, the future success of your org. Security leaders straddle the lines of executive, strategic, and tactical decision making, and must be experts at navigating all three in order to drive efforts to mitigate risk across the board. This session will explore navigating the 3 levels of risk decision making within your org, and how you can enhance engagement and align metrics for technical teams, business units and executives alike.

Thursday, June 09, 2022 / 11:15 AM - 11:45 AM EDT

Varonis: Adversary Tradecraft – What You Need To Know now as Ransomware Defenders

Kilian Englert, Technical Marketing Manager, Varonis

Ransomware gangs dwell in networks for months, stealing data and leaving backdoors before they start dropping ransom notes. We'll teach you how big-game ransomware gangs operate and showcase common tactics, techniques, and procedures that will help you prepare for an attack. Then we'll run a step-by-step attack simulation and show you how our IR team would respond using the Varonis alerts that trigger at each and every phase.

Thursday, June 09, 2022 / 11:15 AM - 11:45 AM EDT

iboss: A Customer’s Journey - Secure and Connect a Hybrid Workforce with Zero Trust

Tim Roddy, VP OF PRODUCT MARKETING, IBOSS SECURITY

Stephen Clemons, VP - PUBLIC SECTOR, iboss cybersecurity

In today’s remote work world, ensuring users can quickly and securely connect to any cloud application is critical. On-premises legacy security solutions were not meant to support a remote workforce, which is why many organizations are moving to the cloud for improved user experience and productivity. Join Tim Roddy, Vice President of Product Marketing at iboss, and Stephen Clemons, former CIO at Sacramento Municipal Utility District (SMUD), to learn about the main drivers that led to a Zero Trust migration and the challenges they faced to secure both IT and OT networks.

Thursday, June 09, 2022 / 11:15 AM - 11:45 AM EDT

Zscaler: Preventing Ransomware with a Zero Trust Architecture

Ransomware has become the single greatest concern for CISOs across industries. Attacks rose another 80% this year, driven by RaaS, supply chain attacks, and multi-extortion tactics that make ransomware attacks more accessible and lucrative.

In the face of this threat landscape, zero trust strategies are more critical than ever.

Join the Zscaler’s ThreatLabz team to learn:
-The latest trends in ransomware, based on brand new analysis from ThreatLabz
-Emerging attack tactics and predictions for the coming year
-How to apply zero trust practically to optimize your ransomware defense

Thursday, June 09, 2022 / 11:15 AM - 12:00 PM EDT

Randori: ETSS: Embedding the Attacker’s Perspective into Your Security Program with EASM, moderated by Randori

Join, David “moose” Wolpoff, Co-Founder & CTO at Randori for practical discussion on how organizations are adopting more proactive security practices to stay one step ahead of attackers. Looking at real world examples, Wolpoff will detail the benefits security operations, vulnerability management, risk management, and security leaders have seen from embedding the attacker’s perspective into their daily security workflows and how organizations can leverage Randori’s attack surface management and continuous red teaming solutions to achieve similar results.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 11:15 AM - 12:00 PM EDT

ETSS: Not All Detections Are Equal: How MITRE ATT&CK Framework Can Help Focus Your Program, moderated by Secureworks

Ryan Alban, SECURITY ARCHITECT, Secureworks

Attack detection is a critical pillar of cyber defense, but not all detections are created equal. It takes a combination of deep human expertise, broad experience, and responsible use of analytics to do more than just trigger alerts along known attack vectors. In this session, learn how mapping detections to the MITRE ATT&CK Framework can help. You will learn how to evaluate the efficacy of detections to optimize your cyber defense resources.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 11:15 AM - 12:00 PM EDT

ETSS: Modernizing Cybersecurity with XDR, moderated by IBM

Bob Kalka, VP, IBM Security

XDR can sound a lot like empty promises and unmet expectations. Whether we like it or not, our IT and security landscape is getting more complex, and unfortunately so is the threat landscape. We need to modernize while living with the cost, skills and business execution speed challenges. It should be with automation, workflow and faster and more accurate decision making that will effectively face cyber threats of the future. Join the conversation as we discuss CISOs best practices and challenges for ensuring that their SOC teams have the right tools and support to protect their organizations.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 11:15 AM - 12:00 PM EDT

ETSS: Prioritizing Safety, Resilience & Continuity Over the CIA Triad in Your Operations, moderated by Nozomi

Vivek Ponnada, REGIONAL SALES DIRECTOR, Nozomi Networks

Companies with operational technologies are increasingly targeted by threat actors because they tolerate little to no operational downtime. They have become lucrative targets for financial gain or disruption that may yield a larger impact than your typical data breach – potentially causing physical effects in the real world. In this session, will dive into the required mindset for protecting critical operations, their communications and interactions and how to navigate the conversations about why this is as important to your company’s success as protecting sensitive data

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 11:15 AM - 12:00 PM EDT

ETSS: Leveraging XDR and Identity Security to Turbo-charge Coverage, moderated by Attivo Networks

Grant Moerschel, VP OF PRODUCT MARKETING, SentinelOne

Tom Atkins, AVP of Sales - East, Attivo Networks

Adversaries do their dirty work through malware, exploits, and increasingly with pilfered credentials. It’s not uncommon for attackers to pose as legitimate users and move silently using identity data stolen from endpoints and Active Directory. Given that 100% of successful attacks leverage identity in some way, we can reduce risk by incorporating identity threat detection and response (ITDR) as part of EDR/XDR initiatives. Learn how ITDR is different from Identity and Privilege Access Management and how it complements the prevention, detection, response, and recovery featured in EDR/XDR.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 11:15 AM - 12:00 PM EDT

ETSS: Digital Risk Protection: Best Practices in Dealing with Digital Threats, moderated by BlueVoyant

Ron Feler, GLOBAL HEAD OF THREAT INTEL, BlueVoyant

Gaining visibility necessary to guard against external cyber threats to your business requires ongoing monitoring and mitigation. Without the relevant data sources, including a combination of “data in motion” and “data at rest”, it’s impossible for organizations to protect themselves and their cyber eco-system against brand abuse, fraud campaigns, credential loss, data leakage, & cyber threats to key executives. Join this conversation to learn more about the latest attack vectors and mitigation strategies.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 11:50 AM - 12:40 PM EDT

Showfloor Showdown: Security Service Edge (SSE) Vendor Demo Challenge (Session 2)

Dennis Xu, Sr Director Analyst, Gartner

Richard Bartley, Sr Director Analyst, Gartner

Let's put SSE vendors to the test in a Showfloor Showdown! Security service edge (SSE) is an emerging technology that secures web, cloud services, and private apps from anywhere. Vendors from CASB, SWG, and ZTNA markets are all marching toward this new market using different approaches. Come watch iboss, Lookout, and Palo Alto Networks demonstrate how they address a set of common use cases.

Thursday, June 09, 2022 / 12:00 PM - 12:30 PM EDT

10 Cyber and IT Risk Fundamentals You Must Get Right

Jie Zhang, VP Analyst, Gartner

Security and risk management leaders struggle to mature their cyber and IT risk management practices beyond conducting risk assessments. This session delivers a set of fundamental risk management processes that are essential to manage cyber and IT risk for their organizations.

Thursday, June 09, 2022 / 12:00 PM - 12:30 PM EDT

Positioning Your Solutions in the World of XDR

Dave Messett, Sr Director Analyst, Gartner

One of the hottest buzzwords in the security marketplace in 2022, XDR is the must have solution for all software vendors. But do you really have what it takes? This session will help define XDR, offer up a minimum set of use cases that must be addressable by an XDR solution and provide guidance on optimal integrations to help vendors plan their XDR strategy and roadmap.

Thursday, June 09, 2022 / 12:00 PM - 12:30 PM EDT

Share the Load: How to Turn Your Business Partners Into Advocates

William Candrick, Director Analyst, Gartner

With the rise of business technologists within global business — security leaders find it hard to influence decisions being made, everywhere, all of the time. This session will demonstrate how, using the concept of Cyber Judgement, top performing security teams teach their business partners how to make decisions in a risk-informed manner, and turn them into security advocates.

Thursday, June 09, 2022 / 12:00 PM - 12:30 PM EDT

SIEM: Market Players and Future Trends

Mitchell Schneider, Sr Principal Analyst, Gartner

SIEM technologies have been a staple of the security diet for many years, but have evolved significantly over that time. During this session we will discuss the current market players, some key approaches to the market that are shaping its future direction and key trends that will influence how we consume SIEM in the future.

Thursday, June 09, 2022 / 12:00 PM - 12:30 PM EDT

Technical Insights: Stop Making Bad Decisions, Start Making BAD Decisions

Kevin Matheny, VP Analyst, Gartner

BAD decisions are Best Available Data decisions. This session introduces information-generating and decision-making techniques that architects can use to reduce risk and uncertainty in architecture decisions: Architectural Spikes, Decision Typing, Economic Frameworks, and Lightweight FMEA.

Thursday, June 09, 2022 / 12:00 PM - 12:30 PM EDT

What Is "XDR" and Why Should I Care?

Charlie Winckless, Sr Director Analyst, Gartner

Extended detection and response, or "XDR," is on every security vendor’s marketing these days. But what is XDR and why do you need it? Is it an architecture or a product, and will it replace stuff you already have? This presentation explains what you need to know about XDR and what you should do about it.

Thursday, June 09, 2022 / 12:00 PM - 12:30 PM EDT

Technical Insights: Working From Home Securely — You Need More Than ZTNA

Thomas Lintemuth, VP Analyst, Gartner

Organizations of all types are having to allow work from home, some for the first time. Find out how enterprise controls, cloud controls and the home office controls come together to secure the remote user experience.

Thursday, June 09, 2022 / 12:00 PM - 12:30 PM EDT

The Multigenerational Workforce in Security

Lisa Pierce, VP, Advisory, Gartner

Baby boomers, Gen Xers, millennials and Gen Zers comprise your security function. Do you really understand their different behaviors and expectations? This is a must for security leadership, so that they can create an IT and security culture that leverages strengths and confronts weaknesses to uncover opportunities and overcome threats into our collaborative future. Change starts with people.

Thursday, June 09, 2022 / 12:00 PM - 12:30 PM EDT

Moving From 0 to 1: A Midsize Guide on How to Create a Formal Cybersecurity Program

Paul Furtado, VP Analyst, Gartner

A midsize guide to starting a formal cybersecurity program within your business. This session is tailored for midsize organizations who are starting or have immature security programs. It is a series of pragmatic advice that can be implemented to improve security awareness and a better security posture throughout the business.

Thursday, June 09, 2022 / 12:00 PM - 12:30 PM EDT

What’s Top of Mind for CIOs and CEOs — Impact for SRM Leaders in 2022 and Beyond

Katell Thielemann, VP Analyst, Gartner

Every year, Gartner collect data from thousands of CIOs on what matters most to them.
Join this session to learn:
• What’s most important to them
• How they role is changing
• Implications for security and risk leaders
• What to focus on next as a result

Thursday, June 09, 2022 / 12:00 PM - 02:00 PM EDT

Attendee Lunch

Thursday, June 09, 2022 / 12:00 PM - 02:00 PM EDT

Exhibit Showcase Dessert Reception

Join us for a dessert reception on the Exhibit Showcase where you can engage with peers, Gartner experts, and exhibitors while enjoying delicious treats. Evaluate industry offerings that can move your business forward. Attend a theater session to see technology in action.

Thursday, June 09, 2022 / 12:30 PM - 01:45 PM EDT

CISO Circle Exclusive: Fireside Chat with Alex Stamos

Alex Stamos, Former Chief of Security at Facebook & Professor at Stanford,

Patrick Hevesi, VP Analyst, Gartner

Bernard Woo, Sr Director Analyst, Gartner

Bill Pray, Practice Vice President, Gartner

All CISO Circle members are invited to a Fireside Chat with Guest Keynoter, Alex Stamos.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 12:45 PM - 01:05 PM EDT

Abnormal Security: 182 Vendors, 182,000 Chances for an Attack

Erin Ludert, DATA SCIENTIST, Abnormal Security

The average organization has 182 vendors. If each vendor is comprised of 1,000 employees that means there are 182,000 chances for a cybercriminal using a vendor account to attack your organization. Nearly a quarter of all organizations are targeted with a supply chain email attack each week, with an average cost of $183k per incident. And the risk continues to rise.

Join us to learn:
Why supply chain compromise the biggest threat in the business email compromise landscape?
How does supply chain compromise impact organizations?
What you do to protect your organization from becoming victims?

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 12:45 PM - 01:05 PM EDT

Thales: Stop Hackers From Haunting Your Nightmares

Stan Mesceda, SR. PRODUCT MANAGER, Thales

Data breaches are the most existential threat to the digital world. Over the past year, nearly half of all businesses have seen an increase in cyberattacks with 56% saying they have experienced a data breach. This presentation will focus on the current security landscape, operational threats and share some best practices to help protect and remain in control of sensitive data wherever it resides.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 12:45 PM - 01:05 PM EDT

Contrast Security: Modern DevSecOps and Automation

Rali Kettani, Sales Engineer, Contrast Security

This session will highlight real-world examples of how organizations are leveraging the power of automation within their application security initiatives to release modern software faster and more securely. We will discuss lessons learned and best practices when implementing a robust application security program, as well as how to build trust, remove friction and empower developers and security practitioners. You'll leave this session with a better understanding of how to take more immediate action and full advantage of the digital transformation and application economy.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 01:10 PM - 01:30 PM EDT

Cisco: Understanding the Needs of Cybersecurity: Response, Recovery, and Resiliency

Daniel Desantis, DIRECTOR, AMERICAS, CISO ADVISORY, GSSO, Cisco Systems, Inc.

Bruce Brody, SENIOR CISO ADVISOR, Cisco Systems, Inc.

Join this fireside chat with Daniel DeSantis, CISO Advisor at Cisco Security, and Akash Ganapathi, Director of Solutions Architecture at JupiterOne, as they uncover the new areas that security leaders must address when building a framework for a resilient security program per the NIST cyber resiliency definition. Aggregating field stories from their years as security professionals and conversations with the hundreds of CISOs they have met throughout their careers, Daniel and Akash will share their expertise on bringing a resilient program to life.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 01:10 PM - 01:30 PM EDT

Imperva: APIs - A Security Blind Spot that Needs Protection

Lebin Cheng, HEAD OF API SECURITY, Imperva

The growing prevalence of APIs, presents security teams with an all-too-familiar problem - deployment can outpace security processes and protections, creating a vulnerability they are left to address. In this section, we will discuss how the security team can implement a phased plan to introduce visibility into your APIs, determine which APIs expose sensitive data and finally to build processes around how APIs are managed. In particular, we will discuss best practices, illustrated with real-world use cases, for securing APIs without slowing down the speed of development

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 01:35 PM - 01:55 PM EDT

CyberGRX: Fixing a Broken System: Data Analytics & Third Party Cyber Risk Management

Gary Phipps, VICE PRESIDENT OF RISK SOLUTIONS, CyberGRX Inc.

Vendor risk assessments are no longer the centerpiece of third-party risk management. As digital ecosystems become more diverse and dynamic, so too should how we monitor and collaborate with those critical to our businesses. A new approach to third party cyber risk management using data-rich, actionable insights is needed. This session will discuss:
- How assessments are a piece of the puzzle, not the end game
- How varied, rich data sources are key to portfolio-wide visibility
- How to support compliance efforts while still putting security first

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 01:35 PM - 01:55 PM EDT

Open Systems: An Untold Truth: 5 Key Things You Need to Know About Threat Response

Alex Berger, SR. DIRECTOR OF PRODUCT MARKETING, Open Systems

Our ability to detect threats is only as effective as your ability to decisively respond to those threats. But while the cybersecurity industry has made leaps forward in our ability to detect threat, effectively responding to threats is still a massive challenge.

In this session, we will explore the realities of threat response and discuss the five most critical things that every security leader needs to keep top of mind in order to effectively respond to threats without disrupting your business.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 01:35 PM - 01:55 PM EDT

PKWARE: Solving the Modern Challenges of Managing a Sensitive Data Inventory

Paul Capobianco, SE, PKWARE

Glennon Andrews, REGIONAL SALES DIRECTOR, PK Ware

Today’s most valuable asset—data—is intangible, making it difficult for businesses to know when new data is created, gathered, or destroyed. The push toward remote work exacerbates this. Networks are decentralized and dispersed to support productivity, leaving organizations at a loss on how to manage data. Join this session to discuss the common challenges of modern data inventory processes and top solutions to solve them.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 02:00 PM - 02:20 PM EDT

Magic Quadrant and Critical Capabilities for Unified Endpoint Management

Chris Silva, VP Analyst, Gartner

Unified endpoint management — bringing together enterprise mobile and nonmobile platform management and security — is one of the hottest topics in enterprise IT. The vendor landscape is changing quickly. We present the Magic Quadrant and Critical Capabilities in this session.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 02:00 PM - 02:30 PM EDT

Minimize Risk by Better Knowing and Managing Your Data

Michael Hoeck, Sr Director Analyst, Gartner

Data breach is now more of a reality than a threat which can expose personal and corporate intellectual property. CIOs, CISOs and general counsel are teaming together to improve readiness for this reality. This session will provide insights to actionable and proactive steps to reduce exposure by establishing knowledge of your data to align with access expectations and life cycle management.

Thursday, June 09, 2022 / 02:00 PM - 02:30 PM EDT

Outlook for Privacy, 2022-2023

Bernard Woo, Sr Director Analyst, Gartner

Privacy is profoundly impacting digital transformation priorities and lies at the core as organizations build new engagement models with consumers and relationships with employees. 2022 sits between major developments in Asia-Pacific and Europe in 2021 and the U.S. in 2023. Join this session to learn of these significant evolutions, both from the regulatory as well as technology perspectives

Thursday, June 09, 2022 / 02:00 PM - 02:30 PM EDT

Sorting Through The Pile: How to Prioritize Your Vulnerability Management Efforts

Jon Amato, Sr Director Analyst, Gartner

Those responsible for vulnerability management are undoubtedly familiar with "The Pile" — the often-massive reports produced by a vulnerability assessment tool that tells us what we have to fix. Those reports are undoubtedly useful, but often intimidating due to their sheer size. In this session, we'll learn the best practices for sorting through the pile, identifying what's important stuff and getting what matters fixed first.

Thursday, June 09, 2022 / 02:00 PM - 02:30 PM EDT

Panel: The Future of War is Cyberwar, We're All on the Battlefield

Leigh McMullen, Distinguished VP Analyst, Gartner

Rebecca Lively, Deputy Director, 90th Cyberspace Operations Squadron

Christopher Raney, Deputy Executive Director, Technical Director, Naval Information Warfare Center Pacific

Andrew Walls, Distinguished VP Analyst, Gartner

Katell Thielemann, VP Analyst, Gartner

When warfare happens by remote control, Net Superiority becomes the new Air Superiority, in this session Gartner and industry experts discuss the future of warfare in cyberspace, and how every enterprise is directly on the battlefield.

Thursday, June 09, 2022 / 02:00 PM - 02:30 PM EDT

What Goes Where: A Guide to Security Organization Design

Tom Scholtz, Distinguished VP Analyst, Gartner

There is no such thing as a perfect, universally appropriate model for security organizations. Every enterprise must develop its own model, taking into consideration basic principles, practical realities and the challenges of digital transformation. This session will address the following issues: Trends and challenges in security organization design; Factors that influence security organizations; Best practices and contemporary conceptual design models for security organizations.

Thursday, June 09, 2022 / 02:00 PM - 02:30 PM EDT

Crossfire Debate: Current Threat Landscape and the Shape of the World

Jay Heiser, VP Analyst, Gartner

Nahim Fazal, Director Analyst, Gartner

Pete Shoard, VP Analyst, Gartner

A 3-way crossfire debate on the state of the cybersecurity world. Come see leading Gartner analysts discuss how the current world events are affecting the cyber threat landscape.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 02:00 PM - 02:30 PM EDT

Hyperautomation in Security — Why TSPs Need to Explore and Invest in This Area

Mark Wah, Sr Director Analyst, Gartner

Hyperautomation has been fairly successful in security operations from the product and services perspective. Security services can achieve SaaS margins and security products can broaden integration and coverage. Join Mark Wah as he charts the growth of hyperautomation in security.

Thursday, June 09, 2022 / 02:00 PM - 02:30 PM EDT

Outlook for Organizational Resilience, 2022

Roberta Witty, VP Analyst, Gartner

This session highlights the importance of organizational resilience as a strategic imperative in the wake of the COVID-19 pandemic, the changing threat landscape, and the pace of digital innovation.

Thursday, June 09, 2022 / 02:00 PM - 02:30 PM EDT

Case Study: Security Champions to the Rescue!

Elle Finlayson, Senior Manager Information Security User Success, TechnipFMC

Angelique Grado, VP, Chief Information Security Officer, TechnipFMC

TechnipFMC builds technology for energy projects, systems and services and provides expertise across subsea and surface energy engineering. They develop OT and IOT products that need a very high level of security and risk management, the challenge to get all decentralised product teams across the business on the same level of maturity was the next leap for real improvements in this area. TechnipFMC CISO Angelique Grado decided to use the security champion model to create a master mind group, accelerating the opportunity and will share the brilliant results this has brought about over the last year. This is an example of not just DevSecOps, but getting application and product teams to fully embrace secure by design thinking.

Thursday, June 09, 2022 / 02:00 PM - 02:45 PM EDT

Ask the Expert: Risk-Based Vulnerability Management

Mitchell Schneider, Sr Principal Analyst, Gartner

This session discusses:
- How to do RBVM with process
- How to do RBVM with tools
- Best practices for RBVM

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 02:00 PM - 02:45 PM EDT

Ask the Expert: Best Practices for Moving From Microsoft ConfigMgr to Microsoft Endpoint Manager

Eric Grenier, Director Analyst, Gartner

This session will cover best practices, considerations, and gotchyas when moving device management from Microsoft ConfigMgr (CMT) on-premises to Microsoft Endpoint Manager (UEM) in the cloud. We will even discuss the management of mobile devices (iOS and Android) with MEM using MDM and MAM.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 02:00 PM - 02:45 PM EDT

Roundtable: What to Do with the New Chinese Data Security Law

Jie Zhang, VP Analyst, Gartner

The new data security law in China, effective as of September 1, 2021, has far-reaching impacts. This analyst roundtable offers early clarity in assessing risks and an action path for organizations conducting business in or related to China.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 02:00 PM - 02:45 PM EDT

Roundtable: The Multigenerational Workforce in Security

Lisa Pierce, VP, Advisory, Gartner

Change starts with people. Security teams consist of baby boomers, Gen X's, millennials and Gen Z's but their managers often do not understand their different behaviors and expectations, and so have not created a working environment that taps into various generations' needs and wants. Security leadership must adapt and create an IT and security culture to uncover opportunities and overcome threats into our collaborative future.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 02:00 PM - 03:30 PM EDT

Workshop: The Gamification of Threat Modeling

William Dupre, Sr Director Analyst, Gartner

Threat modeling helps identify weaknesses and vulnerabilities in a system design, aiding in the creation of relevant controls to address risks within a system. Attendees will play a threat modeling game to learn how to identify weaknesses within an application design.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 02:00 PM - 04:00 PM EDT

CISO Circle Research Discussion: The CISO’s Guide to Cyber Risk Quantification (Repeat)

Christopher Mixter, VP, Research, Gartner

CISOs report frustration that the time and effort their teams invest in quantifying cyber risk rarely drives risk owners to take action. In this interactive Research Discussion, exclusively for CISO Circle participants, you’ll network with peers on their cyber risk quantification efforts and discover how to use CRQ to effectively influence business decision making. This session will feature a deep-dive into Verizon’s CRQ practice, which delivers trustworthy, timely, and empowering guidance to risk owners without major investment in new data and skills…and without the need to conduct scenario likelihood calculations.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 02:15 PM - 03:45 PM EDT

CISO Circle Leadership Exchange: Mock Board Presentation - The Three Stages of Reporting Cybersecurity to Your Board

Ash Ahuja, VP, Enterprise IT Leader, Gartner

Paul Proctor, Distinguished VP Analyst, Gartner

Almost 100% of leaders have now reported to their board/executives at least once in the last two years. In some industries, quarterly reports are standard. In others, board members have dedicated cybersecurity committees overseen by board members. Attendees should expect the following:

1) Insights to the Three Stages of Board Reporting At Every Organization
2) A Mock Security Board Presentation by Gartner’s Board Experts.
3) An interactive discussion that highlights new techniques, nuances and dynamics to consider

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 02:45 PM - 03:15 PM EDT

BlackBerry: The Predictive, Holistic and Human Sides of Cybersecurity

Gary Davis, SENIOR DIRECTOR, MARKETING STRATEGY & CO, BlackBerry

As we wake up virtually every day to a new company having been successfully breached and dominating the news cycle or a Zero Day surfacing that seems to touch every facet in our digital lives, is it time to step back and rethink how to address the cybersecurity space through a different lens? In this session you’ll learn that the expansion of the attack surface combined with an increasingly brazen and committed adversary suggest we recondition how we think about the problem that contemplates and implements environments that are predictive, holistic and human.

Thursday, June 09, 2022 / 02:45 PM - 03:15 PM EDT

SecurityScorecard: Automation’s Role in Third-Party Risk Management

Mike Wilkes, CISO, SecurityScorecard

It can be tough deciding how much automation you want to introduce into a particular IT security function. While automation does bring speed and efficiency, companies often like to rely on human judgment for important security decisions. This debate is certainly true for third-party risk management, as companies debate if they want to use automation for things such as risk prioritization, triggering a vendor reassessment, or performance review for an alert. In this session, we will examine the pros and cons of incorporating automation into the various elements of third-party risk management.

Thursday, June 09, 2022 / 02:45 PM - 03:15 PM EDT

Tessian: Navigating the Dark Corners of Social Engineering Attacks

Josh Yavor, CISO, Tessian

Attackers have successfully infiltrated organizations through advanced social engineering techniques that exploit human behavior and vulnerabilities, and lead to some of the worst data breaches in history. And the primary delivery method is email. We'll take you through some of the worst social engineering attacks found by Tessian's Threat Intelligence Team and what you can do to stop them.

Thursday, June 09, 2022 / 02:45 PM - 03:15 PM EDT

VMware: The Convergence of Multi-Cloud, Edge, Remote Work = SASE

Abe Ankumah, ‪Vice President, Product Management - SASE, VMware

The Edge is the next frontier in IT infrastructure allowing workloads to run across multiple locations which are placed close to endpoints producing and consuming data. But swiftly and securely connecting these distributed workloads, together with the multi-cloud and a work-anywhere workforce, can be complex. In this session we will look this evolving infrastructure and how a SASE architecture can connect and protect seamlessly.​

Thursday, June 09, 2022 / 02:45 PM - 03:15 PM EDT

Microsoft: Integrated Security Solution Advantages To Reduce Risks And Jumpstart ZT

Dennis Guzy, DIRECTOR, Microsoft

Matt Call, PRINCIPAL PRODUCT MANAGER, Microsoft Corporation

Dean Halstead, Director, Security, Compliance, Identity, Microsoft

Insider Risk and Remote users are the two key struggles many organizations and agencies are challenged with since many of the solutions are on-premises based. Attend this session to see how a cloud solution can broaden visibility and management of the insider threats, endpoint management and protection, governance, monitor and detect risks across on-premise and the cloud, leverage AI for automated remediation and alerting and provide a best of solution security stack without months or years of integration and/or configuration.

Thursday, June 09, 2022 / 02:45 PM - 03:15 PM EDT

BitSight: Ransomware and Your Supply Chain

Christopher Poulin, PRINCIPAL CONSULTING ENGINEER, BitSight

Ransomware attacks continue to surge. While security professionals have taken steps to improve their programs during these challenging times, many are also concerned about the risk to third party supply chain partners. How can organizations better protect themselves and their supply chain partners? Join BitSight’s Chris Poulin as he shares the latest data-driven insights and best practices.

Thursday, June 09, 2022 / 02:45 PM - 03:15 PM EDT

IBM: Beyond Compliance: Stop Putting Limits on Your Data Security Platform

Wesley Gyure, Data, App and Mobile Security Offering M, IBM

When data protection expectations are limited to governance and compliance, opportunities are missed to uplift your ability to neutralize attacks, deliver better customer privacy, and build a durable platform that’s a force multiplier to your entire cybersecurity program. We will discuss how to evolve from an archeology of tools to a modern data security architecture that accommodates the data life cycle from discovery and classification to activity monitoring, quantum-ready encryption to multi-cloud key management, and infrastructure hardening to actionable data risk insights.

Thursday, June 09, 2022 / 02:45 PM - 03:15 PM EDT

AT&T Cybersecurity: A Modernized Approach to Risk Management and Compliance

Bindu Sundaresan, DIRECTOR, CYBERSECURITY, AT&T

Derrick Johnson, PRINCIPLE ARCHITECT 2, AT&T Cybersecurity

Cyber is ever changing, complex and everywhere. Go faster, be agile, and innovate while keeping the digital trust, managing risk, and being cost effective. With everything as a service being the lasting model, cyber is no different and it is time for us to stretch our thinking on cyber to be ready for what comes next and what comes after that? Talk about embedding cyber in everything we do; it is time to take this model beyond just a trend. In this session you will learn about attributes of a modernized approach to a Risk and Compliance Program and the ability to be proactive.

Thursday, June 09, 2022 / 02:45 PM - 03:15 PM EDT

Netskope: The Business Value of Security Service Edge (SSE)

Arvin Bansal, SR. DIRECTOR, CLOUD SECURITY AND DATA PR, Amerisourcebergen

Michael Ferguson, GLOBAL DIRECTOR, SECURITY TRANSFORMATION, Netskope

SASE, SSE, and Zero Trust -- how can we be sure these terms aren’t just marketing buzzwords, and offer real solutions that are strategically important to our business goals? The reality of 2022 is that people are working from anywhere on any device, we have more digital natives in the workforce every day, company data is everywhere, and security threats are getting more sophisticated. SSE can help with the challenge of security for each of those trends, but only with the right understanding of technology architecture and applicable business value behind it.

Thursday, June 09, 2022 / 02:45 PM - 03:15 PM EDT

BeyondTrust: From Ambition to Reality, 8 Ways PAM Enables Zero Trust

Morey Haber, CSO, BeyondTrust

In this increasingly perimeterless world, organizations must embrace zero trust security principles, such as least privilege, continuous authentication and monitoring, segmentation, and microsegmentation to stay secure, while moving digital transformation forward.

Understanding the definitions, requirements, and barriers to zero trust allows you to forge the best path to optimally securing your environment.

Please join Morey Haber, CSO of BeyondTrust, to discuss What is Zero Trust and the 8 Ways Privileged Access Management Enables Zero Trust.

Thursday, June 09, 2022 / 02:45 PM - 03:30 PM EDT

ETSS: Effective Strategies For Defending Against Ransomware, moderated by Trellix

Brian Brown, ENTERPRISE ARCHITECT, Trellix

For several years, ransomware attacks have dominated the headlines as arguably the most impactful cyber threats. Defending against ransomware requires coordination of visibility, detection engineering and Security Operations Center capability.

In this facilitated session you will have the opportunity to discuss challenges and successes in addressing the ransomware threat landscape.

Discussion topics will include: how to build an architecture for ransomware detection; how to assess the cyber risk of ransomware scenarios; what process considerations are most effective at addressing ransomware.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 02:45 PM - 03:30 PM EDT

ETSS: Ransomware Attack Simulation; Are You Prepared? , moderated by PwC

John Boles, PRINCIPAL, PwC

Matt Gorham, --, PwC

Today’s cyber attackers are highly skilled, well funded, and extremely organized. When reviewing your risk and threat landscape, it is important to understand an attacker's motivation, capability, and intent, as applicable to your organization’s key functions. During this session, we will discuss:
1. How to have a strategic lense for cyber risk
2. Foundational components of a cyber program
3. Strategies for data backup and restoration
Join us for this tabletop simulation to see if you are prepared for a ransomware attack.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 02:45 PM - 03:30 PM EDT

ETSS: Tame the Beast – Lower Mean-Time-to-Detect (& Respond) with an Outcomes-Based Approach, moderated by Exabeam

Gorka Sadowski, CHIEF STRATEGY OFFICER, Exabeam

Mario Dinatale, CISO, Odyssey Group

For many SOC leaders, a high mean-time-to-detect and respond (MTTD, MTTR) measurement signifies a failed mission. Efficiently countering adversarial behavior (internal/external) and restoring the environment to a known, safe state is elusive for these teams. Join Exabeam Chief Strategy Officer, Gorka Sadowski and OdysseyRE CISO, Mario DiNatale, to talk about how adopting an outcomes-based approach can address this common security operations challenge and change the narrative. The discussion will reveal ways to keep pace with attackers, respond more accurately, and improve SOC productivity.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 02:45 PM - 03:30 PM EDT

ETSS: Why Johnny Can't Patch, moderated by TuxCare

Jim Jackson, PRESIDENT & CRO, TuxCare

The simplest, fastest, and most cost-effective strategy to minimize risks and increase security has proven to be applying security updates in a reasonable timeframe. In the open source world, exploits of vulnerabilities are now showing up in the wild days or hours after the vulnerabilities are known. Recent data shows that the average time for exploits to appear is now down to 14 days. And yet, the majority of organizations are still dangerously slow to patch known vulnerabilities. In this session we will explore the most common reasons for the delays, and discuss some potential solutions.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 02:45 PM - 03:30 PM EDT

ETSS: Rapid Incident Response and Recovery: An Intelligence-led Approach, moderated by CrowdStrike

Matthew Harvey, DIRECTOR, INCIDENT RESPONSE, CrowdStrike

In the wake of widespread ransomware attacks across highly distributed victim organizations, adopting a traditional approach to recovering systems from backup images is an inefficient and ineffective strategy that potentially causes significant business disruption, downtime, and financial losses. CrowdStrike discusses an intelligence-led, rapid recovery approach aimed at getting organizations back to business faster, with minimal disruption. We identify key ingredients needed to gain visibility, contain the threat, and recover from the attack with speed and surgical precision.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 02:45 PM - 03:30 PM EDT

ETSS: Threat Intelligence Isn't Enough. Neither is Data Science, moderated by Secureworks

Terrence Mcgraw, EXECUTIVE SECURITY CONSULTANT, Secureworks

We learned hard lessons from the SolarWinds breach, especially what can happen when there is limited threat detection and intelligence. Even today, the same tactics are being used. Learn why relying solely on threat intelligence or data science isn’t enough. The answers are only important when you ask the right questions. Data ponds, lakes, and oceans will drown you in meaningless data unless you know how to truly navigate them, with deep understanding of threat trade craft and modern data science to find what lurks below the surface.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 03:30 PM - 03:50 PM EDT

Magic Quadrant for Web Application and API Protection

John Watts, VP Analyst, Gartner

Gartner published an update to the web application and API protection market last year. This session will cover how to think about solutions and vendors represented in this market.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 03:30 PM - 04:00 PM EDT

Can You Prove Someone’s Identity Online?

Tricia Phillips, Managing Vice President, Gartner

Obtaining confidence in a customer’s or employee's identity is the foundation of identity-first security. IAM leaders must understand the current state-of-the-art, balancing assurance needs with friction in the UX, while orchestrating multiple tools and becoming aware of strategic trends on the horizon.

Thursday, June 09, 2022 / 03:30 PM - 04:00 PM EDT

Developing a Strategy for SASE Adoption to Securely Enable the Anywhere Workforce

Neil MacDonald, Distinguished VP Analyst, Gartner

Enterprises are shifting to hybrid work environments to enable anywhere, anytime access to resources that are located everywhere -- in SaaS, in public cloud IaaS with some workloads in the traditional data center. A SASE strategy enables users, devices and branches zero trust access to resources, regardless of location. This session will lay out a strategic timeframe and roadmap for SASE adoption

Thursday, June 09, 2022 / 03:30 PM - 04:00 PM EDT

DevSecOps: The Future of the SOC Is Automation … Isn’t It?

Pete Shoard, VP Analyst, Gartner

A tour of the core perceptions around automation in the security operations domain, from self-developed capabilities using languages like Python and Java, embedded capabilities is SIEM platforms and case management systems and the likely future of SOAR solutions. During this session, we will explore the common misconceptions, what is realistically achievable and how best to choose the right route to automation.

Thursday, June 09, 2022 / 03:30 PM - 04:00 PM EDT

How to Secure Your Data Using Data Security Platforms?

Michael Hoeck, Sr Director Analyst, Gartner

Vendors are merging data security capabilities into larger platforms to provide enhanced security beyond what each individual component could do alone. This forms a new capability known as “Data Security Platforms (DSP).” Not all vendors have already achieved broad coverage. This session shows the as-is state of DSP and its variants. IT leaders get into a position to judge what platform variant fits their context.

Thursday, June 09, 2022 / 03:30 PM - 04:00 PM EDT

Security Strategy Planning Best Practices

Tom Scholtz, Distinguished VP Analyst, Gartner

Consistent, practical strategic planning is a prerequisite for security and risk management leaders establishing and supporting the credibility of their security programs. This presentation:
- Introduces a generic security strategy planning process
- Shares the unique best practices associated with security strategy planning
- Provides practical advice on communicating the strategy to stakeholders.

Thursday, June 09, 2022 / 03:30 PM - 04:00 PM EDT

How Can Privacy Serve as a Driver for Tackling Data Retention in My Organization?

Bart Willemsen, VP Analyst, Gartner

Organizations have continually hoarded data because it is often considered the "new gold". This habit, though, is about to be confronted with a rude awakening as privacy laws continue to demand the need for minimization throughout the data lifecycle. Join this session to learn how the rapidly evolving privacy landscape can serve as an impetus for initiating culture change around data.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 03:30 PM - 04:00 PM EDT

Case Study: The Future of Cyber Risk Quantification and How it is Trending

Gavin Grounds, Executive Director: Governance, Risk & Compliance, Verizon

Come learn about the Cybersecurity Mesh and how you can start moving to a more predictive security strategy and architecture! See how you can start evolving your existing products into a cohesive predictive architecture to help your organization get ahead of the ongoing attack landscape.

Thursday, June 09, 2022 / 03:30 PM - 04:00 PM EDT

Process Mining — A Game Changer for Business Process Risk Modeling

Marc Kerremans, VP Analyst, Gartner

Security and Risk Management (SRM) leaders should use process mining to assess risk by visualizing the logic of critical business process steps and their linkage to IT system dependencies. The design and effectiveness of risk controls can be significantly enhanced through an understanding of business processes using process mining

Thursday, June 09, 2022 / 03:30 PM - 04:15 PM EDT

Ask the Expert: Implementing CNAPP for IaaS and PaaS Deployments

Richard Bartley, Sr Director Analyst, Gartner

An Ask the Experts session to help clients who are looking to augment their IaaS and PaaS deployments with Cloud Native Application Protection Platform (CNAPP) capabilities. The session will cover what CNAPP capabilities are, what are important fundamental capabilities, and what areas vendors are using to differentiate their tools.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 03:30 PM - 04:15 PM EDT

CISO Circle Exclusive: Roundtable: Are Today’s Security Awareness Capabilities Sufficient?

William Candrick, Director Analyst, Gartner

Matt Chinn, Sr Principal, Research, Gartner

Beth Schumaecker, Managing Vice President, Gartner

A majority of security incidents involve social engineering. This consistent trend suggests current compliance-based approaches to security awareness are insufficient. Join your peers for a discussion on practical ways to manage risk by changing employee behavior. Participants are encouraged to share their experiences.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 03:30 PM - 04:15 PM EDT

Roundtable: CISA Cybersecurity Shared Services Marketplace: What’s Next?

Jim Sheire, Branch Chief at CISA, Cybersecurity and Infrastructure Security Agency

Glenn Schoonover, Leadership Partner, Gartner

This CISA Cybersecurity Quality Service Management Office (QSMO) facilitated roundtable will invite participants to discuss and provide feedback on CISA’s growing marketplace of government and commercial cybersecurity shared services, offered to federal civilian government agencies and other stakeholders to gain efficiencies in addressing critical cybersecurity capability gaps in today’s threat landscape.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 04:00 PM - 04:30 PM EDT

Refreshment Break

Join us for refreshments in a brief break between sessions.

Thursday, June 09, 2022 / 04:05 PM - 04:25 PM EDT

PlexTrac: How to Win Friends & Influence Your Vendor's Product Organization

Landon Reese, VP PRODUCT, PlexTrac

Behind every application and tool your team needs is a product team working hard to figure out how to evolve their product and win more customers. Today's talk is how great product organizations run, and how you can influence them to get what you need.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 04:05 PM - 04:25 PM EDT

Quantinuum: Quantum Cybersecurity: Hype Versus Reality

Duncan Jones, HEAD OF QUANTUM CYBERSECURITY, Quantinuum

Quantum technology will impact every industry during the next decade. In cybersecurity, there are many bold claims made about the promise of quantum technology and the community is understandably sceptical. In this session, we will explore where things truly stand when it comes to quantum computing and its impact on cybersecurity, answering questions such as: what problems can quantum solve and what can’t it solve? When will the technology be mainstream? What are the key challenges facing adoption? And who should be investing early?

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 04:05 PM - 04:25 PM EDT

Cybersixgill: Threat Hunting in Practice - How to Protect Critical Assets

Edan Cohen, CYBER THREAT INTELLIGENCE SPECIALIST, Cybersixgill

In this session, we'll discuss the best practices for performing an effective threat hunt:
- What tools and information you need before you can start planning for threat hunting.
- How to set priorities and build a threat-hunting road map.
- The five steps involved in a threat hunt and how to perform them effectively.
- How you can make the most of the information you gather through threat hunting.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 04:30 PM - 05:15 PM EDT

Guest Keynote: Cybersecurity, Geopolitics, and Information Warfare in the Modern Age

Alex Stamos, Former Chief of Security at Facebook & Professor at Stanford,

Patrick Hevesi, VP Analyst, Gartner

As a cybersecurity executive who has faced down the challenges of securing huge systems and investigating the actions of America's adversaries, Alex Stamos speaks from experience – drawing from his time leading security at Facebook and Yahoo to share today’s geopolitical drivers for information warfare.

Thursday, June 09, 2022 / 05:15 PM - 06:45 PM EDT

Exhibit Showcase Networking Reception

Join us for a networking reception on the Exhibit Showcase where you can engage with your peers, Gartner experts, and exhibitors while enjoying delicious food and beverages. Evaluate industry offerings that can move your business forward. Attend a theater session to see technology in action.

Thursday, June 09, 2022 / 05:30 PM - 05:50 PM EDT

SelecTech: Establishing the Foundations of a Zero Trust Journey

Wesley Smith, CTO, SelecTech, LLC

Organizations are constantly changing, improving, and developing new capabilities to conquer the ever-growing demand of internal and external customers. In the IT world, these constant maneuvers bring new challenges for securing the enterprise and an organization’s intellectual property. Securing the perimeter is not enough, and the need to scale past the “walls” of an organization are at the upmost importance for the Digital Age. SASE, CASB, XDR, ZTNA, AI, ML, SOAR; All these acronyms, what do they mean? How do we achieve the next generation security platform? Where do we start?

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 05:30 PM - 05:50 PM EDT

Torq: How to Build Continuous Education Programs for Your Cybersecurity Team

Alberto Cita, SENIOR SOLUTIONS ENGINEER, Torq

Investment in education and training helps cybersecurity teams respond faster, improve defensive posture, and increase retention of valuable employees. But building an effective education program can be time-consuming, and divert focus from priority one - keeping the organization safe. This session will explore what the right-size training and education opportunities for your team are, and how to use real-world attacks and threats as opportunities to help junior team members enrich their skills.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 05:30 PM - 05:50 PM EDT

Kenna Security: How to Squeeze the Most Risk Reduction from your Vulnerability Management

Bruce Brody, SENIOR CISO ADVISOR, Cisco Systems, Inc.

Daniel Desantis, DIRECTOR, AMERICAS, CISO ADVISORY, GSSO, Cisco Systems, Inc.

The CISA Binding Operational Directive 22-01 tells us:“It is essential to aggressively remediate known exploited vulnerabilities to protect Federal information systems and reduce cyber incidents.” The Cisco Kenna team and the Cyentia Institute continued the research series, Prioritization to Prediction, with an eighth volume focused on the measurement and minimization of exploitability. During our talk, we will explore the results of this latest research and review how different vulnerability prioritization strategies combined with remediation capacity can impact organizational exploitability.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 05:55 PM - 06:15 PM EDT

PwC: Tips for Designing a Cyber Upskilling Program that Actually Works

David Ames, PRINCIPAL, PwC

For most businesses, digital transformation has outpaced their cyber capabilities. The threat landscape is daunting, and more than half of executives say they plan to add full-time cybersecurity staff. Cloud security, security awareness, and real-time threat intelligence capabilities are top priorities. But there are wide coverage gaps. Globally, it was estimated that 3.5 million cybersecurity jobs went unfulfilled in 2021. Join this discussion on effective cyber upskilling and how to assess your current skills baseline, identify gaps and devise plans to grow skills within your business.

Thursday, June 09, 2022 / 05:55 PM - 06:15 PM EDT

SailPoint: Houston, We Have a Problem – Entitlements and Sensitive Data

Jennifer Mitchell, Manager, SaaS Documentation, SailPoint

Much like space debris, sensitive data and entitlements in the cloud are orbiting enterprises at an alarming speed and volume. Like many of the floating objects in space, much of this data is abandoned, forgotten, and dangerous—inherently elevating risk. Taking cues from the global initiative to address the problem of space junk, this talk will provide an identity-based strategy to govern this new frontier of data.

Thursday, June 09, 2022 / 05:55 PM - 06:15 PM EDT

BigID: Data Security in the Blink of an AI

Alan Dayley, Director of Analyst Relations, BigID

Legacy approaches to data security fall short: they’re unable to extend to the breadth and scope of today’s data security challenges - from coverage across the new tech stack to getting actionable insight where you need it. Join this briefing to learn how to apply new ML techniques and data intelligence scalable, efficient, and accurate data security programs.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 06:20 PM - 06:40 PM EDT

OptimEyes: How a $12 Billion Enterprise Models and Reports on Risk with Confidence

Michael Dunn, DIRECTOR OF GRC, Grainger

Paul O'Hagan, Director AI & Analytics Product Manageme, Opentext

Andrew Beagley, CHIEF RISK OFFICER, OptimEyes.ai

This session will follow the journey Grainger is on to leverage an integrated risk modeling solution with advanced visibility and analytics to quantify cybersecurity risk across the enterprise and further inform decision making for strategic business risks and goals.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 06:20 PM - 06:40 PM EDT

Archer: Risk Quantification -- the IRM Game Changer

French Caldwell, CHIEF STRATEGY OFFICER, Archer

Two trends are transforming GRC: the demand for risk intelligence to support decision making, and the democratization of risk. The former we call integrated risk management, which is helping GRC reach an inflection point of business value. The latter means everyone is a risk manager – employees, customers, the public, etc. But not all assess risk in the same way. In this session we will discuss how enterprises with leading edge risk management practices are turning these trends from challenges into opportunity through a focus on risk quantification and critical strategic efforts like ESG.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Thursday, June 09, 2022 / 06:20 PM - 06:40 PM EDT

Schellman: Five Predictions for Cybersecurity Audits & Assessments in 2025 & Beyond

Douglas Barbin, CHIEF GROWTH OFFICER MANAGING PRINCIPAL, Schellman

What does cybersecurity and compliance look like in the future? Its complicated now and only getting worse and technology, no different. In order to be successful in the future, auditors have to take a more innovative approach to keep up with requirements while reducing the burden on their already “over-audited” clients. In this session, Doug Barbin shares five predictions for changes and innovations for audits and assessments, not far off, but in 2025.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Friday, June 10, 2022 / 07:00 AM - 09:00 AM EDT

Attendee Breakfast

Friday, June 10, 2022 / 07:00 AM - 09:00 AM EDT

CISO Circle Breakfast: Closing Thoughts

Bill Pray, Practice Vice President, Gartner

Join us for a conclusion of the CISO Circle as our host recaps highlights and thoughts from our time together.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Friday, June 10, 2022 / 07:00 AM - 12:30 PM EDT

Gartner Zone

Gartner Zone is a way to experience Gartner solutions through product demos, interactive digital experiences showcasing how Gartner tools and insights help address an organization’s mission-critical priorities.

Friday, June 10, 2022 / 07:00 AM - 12:45 PM EDT

Registration & Information

Friday, June 10, 2022 / 09:00 AM - 10:00 AM EDT

Gartner Closing Keynote: Treat Cybersecurity as a Business Investment!

Paul Proctor, Distinguished VP Analyst, Gartner

John McKinley, Founder, Great Falls Ventures

Gartner introduces our cybersecurity value delivery benchmark. Cost and value are the levers that drive every business outcome, except cybersecurity…until now. Measuring and reporting cybersecurity value delivery and establishing a standard of care accrues many benefits and shifts the landscape in cybersecurity investment and board governance. In this keynote, Distinguished Gartner analyst, Paul Proctor, will share how this new standard will incentivize appropriate investments and execution leading to improved protection levels globally.

Friday, June 10, 2022 / 09:45 AM - 12:45 PM EDT

Visions of Trust, sponsored by OneTrust

Stop by the OneTrust Engagement Zone to learn how thousands of companies are building trust with customers and reducing time spent on lengthy questionnaires by creating a Trust Profile and joining the OneTrust Third-Party Risk Exchange. A Trust Profile enables vendors to create a shareable single source of truth to provide customers with secure access to privacy, security, and compliance details, certifications and attestations, and supporting documentation. Attendees who sign up at the booth to create a FREE trust profile at the conference will be entered to win a Meta Quest 2 Virtual Reality System.

Friday, June 10, 2022 / 09:45 AM - 12:45 PM EDT

IBM Sounds of Security, sponsored by IBM

Learn why you need to use the same creativity and collaboration as a composer or musician as you create your security strategy.

Friday, June 10, 2022 / 09:45 AM - 12:45 PM EDT

IDHub Zero to AD in 30min. Blazing fast Identity Management, sponsored by SATH, Inc.

How much do you pay for IT per hour, minute, or seconds? Time isn't only money, it's your barrier to growth, and reacting to changes and threats. Technology brought us groceries in hours and entertainment in seconds. With IDHub, tasks that take hours, are now seconds. Projects that take weeks, happen in minutes. Try it, to believe it. IDHub Zero to AD in 30 Minutes Experience. The fastest, full-featured IDM product to enter your consideration.

Friday, June 10, 2022 / 10:00 AM - 10:30 AM EDT

Refreshment Break

Join us for refreshments in a brief break between sessions.

Friday, June 10, 2022 / 10:15 AM - 11:00 AM EDT

Fireside Chat with Equifax: Evaluating Cyber Risk in the Boardroom

John McKinley, Founder, Great Falls Ventures

Jamil Farshchi, Chief Information Security Officer, Equifax

Paul Proctor, Distinguished VP Analyst, Gartner

Join Equifax Board Member, John McKinley and CISO Jamil Farshchi in a Fireside Chat to discuss how they help their board members better understand cyber risk in a way that's more transparent, measurable, and easier to consume. This chat will be moderated by Gartner VP Distinguished Analyst, Paul Proctor.

Friday, June 10, 2022 / 10:30 AM - 11:00 AM EDT

Ransomware Is Changing — Are You Ready?

Paul Furtado, VP Analyst, Gartner

Ransomware attacks have been morphing. Techniques used by the bad actors are changing. During this presentation, we will provide insight into the new tactics being used by the bad actors not only to access your environment, but what they are doing with your data once exfiltrated. Finally, we will also provide current data on the financial impact of a ransomware attack.

Friday, June 10, 2022 / 10:30 AM - 11:00 AM EDT

Solving the Challenges of Modern Remote Access in the Hybrid World

Chris Silva, VP Analyst, Gartner

This session will cover best practices to enable users' access to corporate resources, for both times of crisis and under normal circumstances. We will examine why always-on VPN is often the wrong choice while determining what is the right one such as ZTNA, CASB, with the evolution to SASE

Friday, June 10, 2022 / 10:30 AM - 11:00 AM EDT

Technical Insights: Dark Data, Data Security's Biggest Miss

Anthony Carpino, Director Analyst, Gartner

Astrophysics teaches that space is taken up by dark matter, little is known about it, but it's everywhere. The same holds true for data. This session covers what dark data is, the value or risk lurking within and what security and risk management technical professionals can do to shed light on it

Friday, June 10, 2022 / 10:30 AM - 11:00 AM EDT

Technical Insights: Mobile Security Strategy 201: Are Your Mobile Devices Secure From the Latest Attacks?

Patrick Hevesi, VP Analyst, Gartner

Come see how secure the latest versions of your mobile OSes and devices are against the current mobile attacks. This session will show which operating systems and devices you need to be using along with third-party solutions to protect your organization. We will demonstrate attacks and also discuss the right EMM/UEM, MTD and other mobile security solutions your should be using today

Friday, June 10, 2022 / 10:30 AM - 11:00 AM EDT

Technology Supply Chain Risk Management — Where Do I Start?

Katell Thielemann, VP Analyst, Gartner

From SolarWinds to Kaseya to government bans on specific providers, supply chain security is an area of increased concerns. This session provides an overview of the technology supply chain risk management landscape, and suggested first steps for each category

Friday, June 10, 2022 / 10:30 AM - 11:00 AM EDT

The Outlook for Human Factors in Security

Tom Scholtz, Distinguished VP Analyst, Gartner

We like to lament that "the users are the weakest link in the cybersecurity chain!" which means that as security and risk management leaders, you must understand the critical impact of the user community on your programs. From basic anti-phishing simulation through more proven communications techniques to sophisticated approaches based on the social science, this presentation provides insight into the latest best practices in the human aspects of security.

Friday, June 10, 2022 / 10:30 AM - 11:15 AM EDT

Roundtable: Cyberattacks Take Down Your IT – Now What?

Roberta Witty, VP Analyst, Gartner

This roundtable will be one where participants share how they are planning to continue business operations while the IT department is busy cleansing and recovering/rebuilding the IT infrastructure after a cyberattack. This session is not about cybersecurity incident response.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Friday, June 10, 2022 / 10:30 AM - 11:15 AM EDT

CISO Circle Ask the Expert: The Roadmap to CISO Effectiveness (Repeat)

Christopher Mixter, VP, Research, Gartner

In the last few years, CISOs have been thrust into the ranks of the c-suite as cybersecurity rises in priority for organizations. CISOs struggle to understand what success now looks like and what they need to do to attain it. As a consequence, 60% admit they rarely disconnect from work; 22% are available to their company 24/7. To what end? It's time for CISOs to take a step back and start making hard choices about how to pursue their value proposition.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Friday, June 10, 2022 / 10:30 AM - 11:15 AM EDT

CISO Circle Exclusive: Roundtable: How to Effectively Manage the Cyber Risks of the Cloud? (Repeat)

Matt Chinn, Sr Principal, Research, Gartner

William Candrick, Director Analyst, Gartner

Beth Schumaecker, Managing Vice President, Gartner

Cloud adoption is widespread, and many organizations are now cloud-first in their technology adoption. Join your peers for a discussion on cloud security challenges and the solutions that have been most effective. Participants are encouraged to share their experiences.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Friday, June 10, 2022 / 10:30 AM - 12:00 PM EDT

Workshop: How to Use Science Fiction Storytelling to Communicate Our Vision of the Future?

Marty Resnick, VP Analyst, Gartner

This workshop explores the storytelling techniques used to develop science fiction prototypes to prepare organizations' responses to disruptions.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Friday, June 10, 2022 / 10:30 AM - 12:00 PM EDT

Workshop: Prepare for Incident Response When "Analytics" Turns "Data Breach"

Bart Willemsen, VP Analyst, Gartner

Incident response is not just for CISOs. Understanding how you deal with data is one thing, but how to coordinate a response when things go wrong? It's a matter for the whole organization. How to understand the sensitivity and potential impact of your actions? Be a board member for one workshop, and use a given scenario to get comfortable with what the board requests in case risk becomes reality.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Friday, June 10, 2022 / 11:15 AM - 11:45 AM EDT

OwnBackup: The CISO’s Guide to Reducing SaaS Data Security Risks

Matthew Hutchison, VICE PRESIDENT OF PRODUCT MARKETING, OwnBackup

Martina Yonushonis, DIRECTOR OF PRODUCT MARKETING, OwnBackup

Mike Sanford, ACCOUNT EXECUTIVE, OwnBackup

Take a proactive approach to fortifying your SaaS environments. Learn how to intuitively assess your risk surface, understand the sensitivity of the data you hold, and identify vulnerabilities across security controls.

Friday, June 10, 2022 / 11:15 AM - 11:45 AM EDT

Diligent: CISOs in the Boardroom – Getting Cyber Risk on the Board’s Agenda

Jason Radgowski, SENIOR DIRECTOR, ADVISORY & CONSULTING S, Diligent

10 years ago, cyber risk wasn't really on the radar of business leaders. Today, concerns about costly data breaches, cyber attacks, and IT resilience have raised interest in IT and cyber risk among boards of directors. But how do you communicate information on cyber risks, threats, and incident response plans to stakeholders who often don’t share the same technical understanding? And without painstaking manual work? We’ll discuss how CISOs can use KPIs and KRIs to communicate IT and cybersecurity risk to the board with executive dashboards to enable proactive, data-driven decision-making.

Friday, June 10, 2022 / 11:15 AM - 11:45 AM EDT

Sophos: CISO Panel – Getting the Most from Your MDR Partner

Nikhil Kalani, CHIEF INFORMATION SECURITY OFFICER, Reynolds and Reynolds

SecOps teams are increasingly using MDR services to extend their in-house capabilities. Gartner estimates that 50% of organizations will use an MDR service by 2025. But how do you effectively integrate an MDR service into your program and what outcomes should you expect?
This session features a panel of security leaders who have built successful co-managed SecOps programs with an MDR partner. Panel participants will share:

• Examples of measurable outcomes to expect from an MDR partner
• Processes for improving mean time to detect/respond
• Guidance for reporting to the C-suite and board

Friday, June 10, 2022 / 11:15 AM - 11:45 AM EDT

Immersive Labs: Optimizing the Workforce for Cyber Crisis Resilience — An Interactive Simulation

Paul Bentham, CHIEF PRODUCT OFFICER, Immersive Labs

As we continue to evolve our corporate defenses, even the best crisis response plans struggle to account for the human element. The performance of your technology might be a known quantity, but what about your human capabilities? This interactive session will test organization-wide decision-making skills using a realistic cyber crisis.

Join this session to:

-Understand the business impact of technical choices & stakeholder management actions
-See real-time data on the effects of decisions on crisis management & response
-Strengthen your organization on both sides for greater resilience

Friday, June 10, 2022 / 11:15 AM - 11:45 AM EDT

Forcepoint: Can A Real Security Platform Please Stand Up?

Dr Nick Lessen, CONSULTANT, Forcepoint

The security industry is at a breaking point. The endless conga line of technologies it’s been using is just doing the same thing over and over—the definition of insanity. Analysts agree: true platforms are the path forward. Join Consulting Engineer Dr. Nicholas Lessen to get the latest insights on what distinguishes “real” platforms and how they’re making security simpler so you can sleep better at night.

Friday, June 10, 2022 / 11:15 AM - 11:45 AM EDT

BlueVoyant: Operationalizing Third-Party Risk Findings to Mitigation: 3PR Redefined

Mark Risoldi, VICE PRESIDENT, STRATEGIC DEVELOPMENT GR, BlueVoyant

The evolution of third-party risk has taken us from self-attestation questionnaires, to security ratings services, & we’re on the cusp of achieving operational efficiencies and true cyber defense. Organizations have realized that supply chains are a favorite attack vector, necessitating the need for continuous visibility across 100% of vendors. Solutions need to include automation & human investigation in order to enable you to prioritize vendor risk. Learn about how combining technology & human investigations may comprise the next step in your evolution to operationalizing third-party risk.

Friday, June 10, 2022 / 11:15 AM - 12:00 PM EDT

ETSS: The Security Skills Shortage: Strategies for Mitigating the Impact, moderated by Panther Labs

Will Lowe, COO, Panther

Security leaders are facing challenges when it comes to hiring, training and retaining security staff. This roundtable discussion will provide an opportunity to discuss this challenge with your peers, and share strategies to help mitigate the impact of the competitive market for security talent.

We’ll explore:
- Transferable skill sets that can help broaden the pool of qualified candidates
- Resources for training and on-going skills development
- Strategies to “do more with less” while maintaining focus on critical outcomes
- Selection criteria for tools to help improve team efficiency

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Friday, June 10, 2022 / 11:15 AM - 12:00 PM EDT

ETSS: What is Attack Surface Management (ASM) v.2.0 and why you need it, moderated by Team Cymru

David Monnier, Team Cymru Fellow, Team Cymru, Inc.

Attack Surface Management is the top priority for 2022. Seen by many as the only method to effectively manage external Digital Business Risks, CISOs are seeking to learn more. As organizations and their supply chains further embrace the cloud, the new normal of remote working expands entry points far beyond the horizon. ASM provides attack surface+vulnerabilities+threats so both the C-suite and security teams gain the vantage points they need.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Friday, June 10, 2022 / 11:15 AM - 12:00 PM EDT

ETSS: Why 1000s of CISOs Get IR Wrong and Damage Consumer Trust, moderated by Kroll

Kelly Bastide, PARTNER, Venable LLP

InfoSec leaders in organizations of all sizes consistently fail to deploy a holistic incident response plan, suffering significant legal, financial and reputational consequences. Why? Though many are now quicker to seek technical investigation assistance, few are equipped to handle the myriad of non-technical decisions and post-incident steps. With insights from 3000+ IR cases handled last year, this roundtable will discuss common mistakes across each stage of an incident, glaring communication issues, effective preparedness steps, and examples of incidents where impact was minimized.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Friday, June 10, 2022 / 11:15 AM - 12:00 PM EDT

ETSS: 1 in 4 CISOs will face a breach. Which side does your board think you’re on?, moderated by Safe Security

We have a language to explain and understand financial risk. What is the language to understand and communicate cyber risk?
What do the board members think about cyber risk management? What are the top questions on their mind? How should the CISOs prepare for this?
We conducted a primary research survey with CISOs and board members of public companies in the US. See the results and how Cyber Risk Quantification & Management (CRQM) can provide real time objective visibility of your cyber risk program.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Friday, June 10, 2022 / 11:15 AM - 12:00 PM EDT

ETSS: Surviving Ransomware: The Advantages of Cyber Recovery Retainers, moderated by Kyndryl

Rhonda Childress, VP, CHIEF INNOVATION OFFICER SECURITY AN, Kyndryl

Cyberattacks are increasingly inevitable. When attacks occur, CISOs may rely on incident response retainers, which are typically not sufficient as they do not often include cyber recovery capabilities. Cyber recovery can often take weeks, companies want to start recoveries immediately and the recoveries often taxes the delivery teams. In this session, Rhonda Childress, Chief Innovation Officer for Security & Resiliency at Kyndryl, who has led recoveries from over a hundred ransomware and other cyber incidents over the past years, leads a discussion on the importance of having a cyber recovery retainer.

Please Note: Based on availability and eligibility you may sign-up for the session via Conference Navigator after you register for this conference.

Friday, June 10, 2022 / 12:00 PM - 12:30 PM EDT

Technical Insights: Adversary-Generated Threat Intelligence

Nahim Fazal, Director Analyst, Gartner

Intelligence created by an adversary through interactions with a deception assets generates real-time IOCs and TTPs that feed directly into better threat detection, threat hunting and threat modelling

Friday, June 10, 2022 / 12:00 PM - 12:30 PM EDT

AppSec 101: The Application Security You Need Now!

William Dupre, Sr Director Analyst, Gartner

The number an complexity of tools and techniques that make up good application security practices can be overwhelming. There are various application security testing tools, threat modeling processes, security requirements, as well as runtime security controls that need to be considered. This session will review the tools and practices that are essential to any application security program.

Friday, June 10, 2022 / 12:00 PM - 12:30 PM EDT

How SASE, XDR and Security Vendor Consolidation Are Shaping Your Security Strategy

Dionisio Zumerle, VP Analyst, Gartner

We discuss findings from a 2022 Gartner survey on organizations that conducted SASE and XDR projects. We discuss what worked and what did not, and how vendor consolidation impacts their decisions and security strategy for these and other security projects.

Friday, June 10, 2022 / 12:00 PM - 12:30 PM EDT

Technical Insights: How to Mature Your Microsoft 365 Identity Management

Paul Rabinovich, Sr Director Analyst, Gartner

Implementing hybrid identity for Microsoft 365 and protecting employee, administrator and partner access can be daunting. This session will guide you through best practices for Microsoft 365 IAM.

Friday, June 10, 2022 / 12:00 PM - 12:30 PM EDT

Technical Insights: Don't Get Burned by the Next Sunburst — How the Network can Detect Supply Chain Attacks

Thomas Lintemuth, VP Analyst, Gartner

Sunburst showed the supply chain can be leveraged to exfiltrate data out of many enterprise environments. Learn how NDR, Segmentation, Deception and other Network controls team up to identity and stop supply chain attacks.

Friday, June 10, 2022 / 12:00 PM - 12:30 PM EDT

The Emerging "Private Sector" of Threat Actors

Chris Silva, VP Analyst, Gartner

The high profile and intractability of ransomware attacks has been a big payday for the organizations behind these attacks. Reporting revenues in the $100s of Millions, todays threat landscape is witnessing a burgeoning "private sector" of threat actors with defense-grade techniques.

Motivated by financial gain, a greater volume and scope of targets means greater "success." Responding requires key investments in endpoint security, backup and recovery, and a mix of services to back up your team before, during and after an attack, something Gartner found only 13% of firms surveyed were able to avoid in 2021.

Friday, June 10, 2022 / 12:00 PM - 12:30 PM EDT

Trends in Midsize Enterprise Security and Risk Management

Patrick Long, Principal Analyst, Gartner

Midsize enterprise (MSE) IT leaders face significant security challenges when trying to deliver IT services with small IT teams (usually fewer than 30 people) and limited IT budgets (usually less than $20 million). Join us for a discussion of the top trends that MSE IT leaders responsible for security and risk management should prioritize to stay current and proactive in protecting the organization and managing risk effectively.

Friday, June 10, 2022 / 12:00 PM - 12:30 PM EDT

Cybersecurity in Times of Conflict

Katell Thielemann, VP Analyst, Gartner

Paul Proctor, Distinguished VP Analyst, Gartner

Just as COVID transitions from pandemic to endemic, the world is now gripped by the reality of hybrid warfare where kinetic actions may be local to the conflict, but cyber can impact anyone, anywhere. Many organizations, particularly ones in critical infrastructure sectors may be impacted either directly or indirectly. This session will cover the most pressing cybersecurity concerns as the situation unfolds and how organizations should build capabilities to deal with future conflicts.

Join us in 2023

Get conference email updates.
Contact Information

All fields are required.

  • Step 2 of 2