Jeffrey Wheatman

Jeffrey Wheatman

VP Analyst
Jeffrey Wheatman is a Research VP in Gartner Research, where Mr. Wheatman regularly advises clients on a wide range of security and IT risk management issues, with a focus on strategy, team building, metrics and reporting, communicating techniques and risk management. As an experienced analyst within Gartner's S&RM team, he works with senior security and risk management leaders to help them identify, assess and treat IT-related risks within their environments.
Read More Read Less
Tuesday, November 03, 2020 10:45 AM|Tuesday, November 03, 2020 11:15 AM
Risk Quantification Is a Fool’s Errand — Don’t Be a Fool

Security and risk leaders want to quantify risk. Our business stakeholders want us to quantify risk. What if it’s actually not possible. Maybe we should stop trying and instead focus on what we can do to talk about risk in a way that business stakeholders actually care about.
1. What do we mean by risk quantification?
2. Why doesn't risk quantification actually work?
3. What can we do instead?

Wednesday, November 04, 2020 01:30 PM|Wednesday, November 04, 2020 02:15 PM
Five Steps to Creating a Simple Business-Aligned Cybersecurity Strategy

Everyone knows how important strategic planning is for success and yet it is an immense challenge … for pretty much everyone. Join us to learn a simple approach that can be used to create a simple story that links security program activities to business goals in a way the drives better decisions.
1. What makes a good strategy?
2. What kind of narratives work?
3. What does a sample strategy look like?

Wednesday, November 04, 2020 04:15 PM|Wednesday, November 04, 2020 04:45 PM
When It Comes to Security Metrics, Context Is More Important Than Content

Useful and actionable security metrics continue to be elusive. Program leaders often share what they have rather than what they should. Maybe we have been going about it the wrong way. Maybe, the problem isn’t what you tell your stakeholders, but rather the way you tell them.
1. What are the biggest challenges in reporting security metrics?
2. Why context is more important than the actual metrics?
3. What can leaders do to provide the proper level of context and drive action?

Meet the experts face to face.