Agenda / By day

Sunday, June 03, 2018 01:30 PM|Sunday, June 03, 2018 07:00 PM
Registration


Sunday, June 03, 2018 03:30 PM|Sunday, June 03, 2018 04:15 PM
Tutorial: How to Evaluate and Operate a CASB
Craig Lawson, Research VP, Gartner
Neil MacDonald, VP Distinguished Analyst, Gartner

CASB is now being deployed by organizations large and small. This session will dig into the features, the leading use cases we see clients successfully using and the requirements needed to make your CASB deployment a successful one.


Sunday, June 03, 2018 03:30 PM|Sunday, June 03, 2018 04:15 PM
Tutorial: Fundamentals of Identity Governance and Administration
Brian Iverson, Research Director, Gartner

Identity governance and administration (IGA) is the largest investment that most IAM programs will make. It is also the highest risk IAM technology to deploy. This tutorial presents a vision for how administering user access is best understood as a quality process, requiring transformation of existing processes to improve the effectiveness of IGA while simplifying deployment of the technology.


Sunday, June 03, 2018 03:30 PM|Sunday, June 03, 2018 04:15 PM
Tutorial: Get Your Security Service Requirements Right
Pete Shoard, Research Director, Gartner

Identifying the core features to call out to a potential MSSP when scoping the need for an outsourced service is critical for a successful engagement. This session will provide practical examples of how to establish effective requirements and use cases before engaging providers. • What are the key service performance metrics to insist on from an MSSP? • How can you define service customization requirements to ensure additional services charges are managed? • How can you align internal processes with the providers' outputs?


Sunday, June 03, 2018 03:30 PM|Sunday, June 03, 2018 04:15 PM
Tutorial: Office 365 Data Protection Deep Dive
Patrick Hevesi, Research Director, Gartner

Come learn how AIP, RMS, DLP and CAS can be leveraged to protect your Office 365 data in OneDrive for Business, SharePoint and Teams online. This session will discuss how all of these solutions can work individually or together to help protect your data in the Office 365 cloud. We will talk about administration, configuration, reporting, forensics and how these features integrate or not. We will also discuss third-party options.


Sunday, June 03, 2018 04:30 PM|Sunday, June 03, 2018 05:15 PM
Tutorial: Using Leading Performance and Risk Indicators to Make the BCM Business Case
Roberta Witty, Research VP, Gartner

Educating business managers on the business value of business continuity management (BCM) is a challenge for many organizations. Often, this challenge arises because business managers don't understand or appreciate the value of availability risk information or their relationship to it. This lack of understanding of how availability risk links to business performance is a leading cause of BCM programs having a great, exciting start, but ending in their long-term demise. In this session, we will discuss the following key issues: 1) What do boards and line-of-business executives want from continuity of operations to maintain corporate performance? 2) How can LPIs and LRIs be used to present a defensible case for the value and effectiveness of BCM to an executive audience? 3) How do you develop an effective BCM LRI catalog?


Sunday, June 03, 2018 04:30 PM|Sunday, June 03, 2018 05:15 PM
Tutorial: Define Your Mobile Application Security Strategy
Dionisio Zumerle, Research Director, Gartner

You are launching a new app for commercial app stores. You need to deploy and manage internal apps to your workforce but also make them available to external contractors. You need to mobilize your legacy apps securely. How do you go about your mobile application security? In this session, we will discuss the best approaches as well as the most interesting technologies to address mobile application security.


Sunday, June 03, 2018 04:30 PM|Sunday, June 03, 2018 05:15 PM
Tutorial: How to Architect Malware Protection
Mario de Boer, Research VP, Gartner

Malware protection requires a careful balance between different technologies across networks and endpoints. Different technologies protect against different types of attacks and apply to different attack phases. This session discusses malware protection components and their effectiveness to protect against less and more sophisticated malware.


Sunday, June 03, 2018 04:30 PM|Sunday, June 03, 2018 05:15 PM
Tutorial: When the Going Gets Tough the Business Blames the CISO
Wam Voster, Research Director, Gartner

As long as business is doing well business leaders are applauded and rewarded, but the moment something bad happens the CISO is blamed for not properly protecting business information. How can security and risk management leaders ensure roles and responsibilities are clear? What can be done to ensure ownership of risk is well defined. How much risk should the CISO actually own?


Sunday, June 03, 2018 06:15 PM|Sunday, June 03, 2018 06:45 PM
Orientation: Getting the Most of Your Summit
Jeffrey Wheatman, Research VP, Gartner
Tatiana Wells, Sr Director, Gartner

Join us as we provide an overview of the Gartner Security & Risk Management Summit in National Harbor. Attending the orientation session is the best way to make the most of your experience, as we share information to help you get the most out of the event.


Monday, June 04, 2018 06:30 AM|Monday, June 04, 2018 07:15 PM
Registration


Monday, June 04, 2018 07:45 AM|Monday, June 04, 2018 08:45 AM
CISO Circle Breakfast: Cyber Range Your Way to Security Skills
Matthew T. Stamper, Research Director, Gartner
Sam Olyaei, Principal Research Analyst, Gartner

Leaders are exploring options to confront the skills shortage. Outsourcing, lowering expectations, increasing budgets, working with universities — while useful in the short to medium term, these will not develop the skill sets that organizations urgently need, especially as they become more digital in their operations and embark on experiments with the technologies of the future. Security and risk management leaders should consider using cyber ranges as an approach to development of necessary security skill sets and competencies.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 07:45 AM|Monday, June 04, 2018 08:45 AM
Attendee Breakfast

Join other attendees for breakfast before the day's sessions


Monday, June 04, 2018 09:00 AM|Monday, June 04, 2018 09:45 AM
Gartner Keynote: Scaling Trust and Resilience – Cut the Noise and Enable Action
Craig Lawson, Research VP, Gartner
Ramon Krikken, Research VP, Gartner
Tricia Phillips, Research Director, Gartner
Khushbu Pratap, Principal Research Analyst, Gartner
Katell Thielemann, Research VP, Gartner

Constant change in the threat landscape and compliance requirements present daily challenges that can feel overwhelming. Scaling security when facing a fast-paced IT innovation landscape involves choices, often at the expense of building trust and resilience. Three key questions drive strong decision making: What's important, what's dangerous and what's real? This session presents scenarios to demonstrate that ruthless prioritization in the answers helps us cut through the noise and enables action that changes our outlook from overwhelmed to empowered.


Monday, June 04, 2018 09:45 AM|Monday, June 04, 2018 10:00 AM
Welcome Remarks


Monday, June 04, 2018 10:00 AM|Monday, June 04, 2018 10:30 AM
Use Multiple Segmentation Approaches to Improve your Security Posture
Luke Simonetti, Sr Director Consulting, Gartner

Insights and trends in several segmentation domains show how and where security and risk leaders can leverage segmentation initiatives and investments in identity, data, network, processing and memory protection strategies. View the potential ways that organizations are influencing their future state designs to account for the changing threat landscape and impacts from malware and other related risks. Identify opportunities for security and risk leaders to make use of the digital revolution that is occurring in their enterprise and operational environments to redesign their approach for limiting the ability and damage current threats present.


Monday, June 04, 2018 10:00 AM|Monday, June 04, 2018 10:30 AM
Networking Break


Monday, June 04, 2018 10:30 AM|Monday, June 04, 2018 11:15 AM
State of Identity and Access Management 2018
Mary Ruddy, Research VP, Gartner

IAM is an important component of an overall security and risk management plan and a key enabler of digital business. Attendees will learn how to evolve their IAM approach given current best practices and industry trends. Key issues are: • What are the architectural trends in IAM? • What drivers and best practices are shaping the evolution of IAM in 2018?


Monday, June 04, 2018 10:30 AM|Monday, June 04, 2018 11:15 AM
State of Risk Management 2018
John A. Wheeler, Research Director, Gartner

Risk management continues to be an area of growing maturity and investment for most organizations, as the risk landscape becomes increasingly complex and interconnected. As a result, new technology solutions are emerging to increase the collaborative nature of risk management to support data-driven decision making, both within and external to an organization. This session explores how integrated risk management (IRM) will help improve risk management practices.


Monday, June 04, 2018 10:30 AM|Monday, June 04, 2018 11:15 AM
The State of Cloud Security 2018
Jay Heiser, Research VP, Gartner

This presentation tells the current story of cloud security, providing an overview of the unique risks of the various forms of public cloud computing, so that the security professional can help the rest of their organization fully understand and address cloud risks. The unique security challenges of IaaS and SaaS are discussed, and viewers are provided with a summary of current- and near-term products and practices that can be used to monitor and control the use of public cloud computing.


Monday, June 04, 2018 10:30 AM|Monday, June 04, 2018 11:15 AM
Securing DevOps Through Developer Security Champions
Mark Horvath, Research Director, Gartner

DevSecOps is about speed and precision, yet security is often seen by DevOps managers as a training burden or blocking issue. However, many developers are interested in expanding their knowledge of security as part of their professional development. Security and risk management leaders should train these developers to lower the rate of critical and high security coding mistakes in production.


Monday, June 04, 2018 10:30 AM|Monday, June 04, 2018 11:15 AM
State of Application Security 2018
Ramon Krikken, Research VP, Gartner

Application security continues to be a significant challenge for many organizations. This session covers the current state of application vulnerabilities and application security programs, as well as the newest developments in application security practices and technologies.


Monday, June 04, 2018 10:30 AM|Monday, June 04, 2018 11:15 AM
State of the Security Markets 2018
Dale Gardner, Research Director, Gartner

Security markets are growing — but tidal shifts in buyer preferences and needs have led to disruption, forcing vendors to adapt how they create, sell and deliver solutions to maintain relevance. We'll examine those forces and their implications, how vendors can best respond, examine selected market segments in depth and deliver a high-level review of investment and M&A activity in the security markets.


Monday, June 04, 2018 10:30 AM|Monday, June 04, 2018 11:15 AM
State of Organizational Resilience 2018
Mark Thomas Jaggers, Research Director, Gartner
Roberta Witty, Research VP, Gartner

This presentation will discuss the current and future state of organizational resilience across multiple management disciplines including business continuity management, information security and more. Using the five layers of culture, people, process and infrastructure, we will address the role of the chief risk/strategy officer and present a framework for developing a business/organizational resilience program in the organization.


Monday, June 04, 2018 10:30 AM|Monday, June 04, 2018 11:15 AM
State of Security Operations, Monitoring and Analytics, 2018
Anton Chuvakin, VP Distinguished Analyst, Gartner
Toby Bussa, Research VP, Gartner

Analytics today spreads to more security technologies, affecting not just threat detection and monitoring, but other operational areas. We are approaching an era where most security tools are security analytics tools that utilize machine learning for many functions. Modern security operations also heavily rely on foundational technologies such as SIEM to accomplish their mission. They struggle with more automation — of both thinking and acting — that promises to relieve humans from the routine tasks, but sometimes adding more work to overworked security teams. This session will address these key issues: (1) What is the role of analytics in security today? (2) What defines best-in-class security operations of 2018? (3) Will AI save us from all the threats?


Monday, June 04, 2018 10:30 AM|Monday, June 04, 2018 11:15 AM
Should You Even Buy a SIEM?
Anton Chuvakin, VP Distinguished Analyst, Gartner
Augusto Barros, Research VP, Gartner

SIEM is a mature security solution and often seen as a mandatory component of a security program. However, many organizations struggle to deploy it, and many are looking for alternatives in new technologies, such as UEBA and NTA, and in new services or delivery formats, such as MDR and SaaS SIEM. This session presents an overview of the main challenges around SIEM deployment and utilization and how this technology is evolving to address them.


Monday, June 04, 2018 10:30 AM|Monday, June 04, 2018 11:15 AM
Leadership Vision for Security and Risk Management, 2018
Tom Scholtz, VP & Gartner Fellow, Gartner

Digital business challenges the conventions of digital risk and security management. Security and risk management leaders must develop a coherent digital security program based on a clear vision and strategy. This presentation will address: What constitutes an effective vision and strategy? What are the elements of a digital security program? What are the drivers shaping strategy in 2018?


Monday, June 04, 2018 11:30 AM|Monday, June 04, 2018 12:00 PM
Best Practices in Developing a Cognitive SOC

As machine learning and cognitive computing start to have a measurable impact on cybersecurity programs, especially in the SOC, several best practices are emerging. This session will present a series of real examples and related insights, along with observations on where the next innovations will come from.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 11:30 AM|Monday, June 04, 2018 12:00 PM
Privilege-Related Risks Lurking in Your Cloud?

Privileged credentials in the cloud are consistently sought by attackers and are exploited in nearly 100% of all breaches. Learn from case studies highlighting stealthy attacks in native cloud, hybrid and CI/CD pipelines. Based on real-world examples, understand how to identify privilege-related risks in the cloud by thinking like an attacker and better protect cloud workloads.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 11:30 AM|Monday, June 04, 2018 12:00 PM
Hunting and Intel on Steroids
Steven Booth, Chief Security Officer, FireEye

Defender vs. Adversary - People finding people. You have technology to detect malware, this is about looking for behavior, artifacts, and TTP’s that indicate a human is doing evil in your environment. After this session, you will be able to use your Intel to detect non-malware, APT 29 techniques, Link phishing campaigns to actors, build predictive defenses, prioritize vulnerabilities/threats based on the actor, not what the press is reporting.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 11:30 AM|Monday, June 04, 2018 12:00 PM
Real World Lessons Learned About Applying AI to Security

Cylance pioneered the use of Artificial Intelligence to prevent cyber-attacks and has learned many lessons along the way. Ryan Permeh, Founder & Chief Scientist will present how AI and the Cylance “prevention first” approach has impacted both the Cylance and customers’ security teams over that last 4 years.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 11:30 AM|Monday, June 04, 2018 12:00 PM
Cisco: Re-imagining Security in the Cloud
Gil Zimmermann, Head of Cloud Security GTM, Cisco

The cloud changes things — security is no exception. As applications and data move to the cloud, organizations need to ensure security stacks extend there too. With branch offices moving towards more direct internet access and SD-WAN network transformation, security must extend to the new cloud edge. Learn how 1) to recognize gaps of traditional security 2) to easily protect users today 3) peers address security for the cloud edge transformation.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 11:30 AM|Monday, June 04, 2018 12:15 PM
Transforming Security through Cloud — How Health Partners Plans Gets It Done
Jason Clark, Chief Strategy Officer, Netskope
Mark Eggleston, VP, CISO and CPO, Health Partners Plans

The cloud is changing how we do business, making work more intuitive, connected, open, and collaborative. That change has also rippled across SaaS, IaaS, and the web, presenting a suite of new security challenges. Most security solutions, however, are still architected to address perimeter-based and on-premises security challenges. In this session, Mark Eggleston, CISO of Health Partners Plans and Jason Clark, Chief Strategy Officer of Netskope, will share industry case studies on how being "data-centric and in the cloud" can drive velocity and scale in your security programs.


Monday, June 04, 2018 11:30 AM|Monday, June 04, 2018 12:15 PM
GDPR: What to Expect from Regulators and How to Prepare
Kabir Barday, CEO, One Trust

Despite May 25th having come and gone, many are still uncertain of what the near- and long-term future holds for GDPR compliance. Will regulators take an aggressive stance, and what types of organizations will be targets of enforcement? In this session, you’ll gain insight from Raytheon and OneTrust privacy experts as they outline what you can expect from regulators and what you can do to prepare.


Monday, June 04, 2018 11:30 AM|Monday, June 04, 2018 12:15 PM
Top Lessons Learned from 12 Months of IR Engagements
Terrence McGraw, VP, Counter Threat Analysis Center, Secureworks

Cybersecurity is a top 5 concern of CEOs, but the question remains “where do we focus our resources for the best impact?” Secureworks incident responders helped hundreds of organizations in 2017, and what they discovered will sharpen your understanding of why companies succeed or fail in a response scenario. Highlights from Secureworks’ newly-published IR Report reveal both threat trends and lessons learned to help you avoid costly mistakes.


Monday, June 04, 2018 11:30 AM|Monday, June 04, 2018 12:15 PM
Digital Transformation: What Enterprise Leaders Need to Know
Michael McLoughlin, Director, Microsoft Corp.

In a competitive global market, enterprises can no longer afford to do everything in-house. Instead, they must focus only on those activities where they can create the most value, and delegate other activities to partners. As a result of this dynamic, cloud computing demands a new framework for trust based on better cybersecurity practices and new privacy laws such as Europe's GDPR.


Monday, June 04, 2018 11:30 AM|Monday, June 04, 2018 12:15 PM
Humans of Security: Industry Practitioners Share InfoSec Learnings
Harish Agastya, VP Enterprise Solutions, Bitdefender
Brian Alexander, Systems Architect, Mentor - A Siemens Business
Lance Harris, CISO, Esurance
Brian Luckey, National Manager, Service Transition, All Covered

Security teams are being tasked with protecting the enterprise from advanced, sophisticated, and, potentially, costly threats. Please join this panel discussion to listen to your peers share insights and lessons learned about their own security journey. Security luminaries from Esurance, an Allstate company, Mentor Graphics, a Siemens Business and All Covered, a Konica Minolta company will share their insights on a range of security management technologies and trends to help you gain practical knowledge and readiness.


Monday, June 04, 2018 11:30 AM|Monday, June 04, 2018 12:15 PM
As IoT Grows, Cybersecurity Falls on Network Admin
Chris Park, Chief Technology Implementation Officer , iboss

IoT is by no means a new concept, but it’s proliferation is only getting started. The problem with this rapid adoption is that many manufacturers only consider cybersecurity an afterthought. As a result, the burden of securing IoT devices falls on network administrators and security teams. In this session we’ll show where to begin in securing your organization’s IoT and data assets in lieu of enforceable security standards.


Monday, June 04, 2018 11:30 AM|Monday, June 04, 2018 12:15 PM
Remove Business Friction with Risk-Adaptive Cybersecurity
Meerah Rajavel, CIO, Forcepoint

Trust is not absolute. The binary choice of blocking all perceived threats or trusting everyone doesn’t work in an anonymous digital world. A better way is to provide automated response to risky behavior and compromised credentials while freeing legitimate users to do their jobs. Learn how risk-adaptive security dynamically protects critical data through situational context and real-time enforcement to restore your Board’s trust in cybersecurity.


Monday, June 04, 2018 11:30 AM|Monday, June 04, 2018 12:15 PM
Using Virtualization & Mobility to get Home Court Advantage

Securing applications and data is an asymmetric battle. Attackers only need to be right once to succeed, while security teams need to be right 100% of the time. For years, security strategies have played the game on the attacker’s terms – reacting to their behavior. It’s time to level the playing field. If used correctly virtualization, cloud and mobility provide a unique opportunity to gain home court advantage. This session will explore how.


Monday, June 04, 2018 11:30 AM|Monday, June 04, 2018 12:15 PM
Cyber Insanity? Doing the Same & Expecting Different Results
Garry Sidaway, SVP of Security Strategy, NTT Security

In an increasingly digitally connected world, organizations must adapt to change. As they embrace new technologies to transform their businesses, they must ensure their cybersecurity strategies scale to support overall business resilience. This session explores how cyber resilience should be an essential part of corporate strategy and embedded within digital transformation initiatives to support an effective business resilient approach.


Monday, June 04, 2018 11:30 AM|Monday, June 04, 2018 12:15 PM
The ABCDE of Cybersecurity

Over the next decade, there will be a substantial shift and change in the compute/usage models by public and private enterprises. At the same time, there are seismic issues afoot in relation to Security and Privacy that will oppose perceived gains and changes in the compute models. To manage through this looming crisis around Automation, Budget, Cloud Generation, Dark Internet and Employee privacy concerns, organizations will be required to enable a substantial security transformation. This transformation will require substantial shifts in operational models and a change in processes that will force organizations to rethink and adapt their execution while requiring them to consolidate, standardize and partner with a smaller set of more able-bodied technology companies that have deep portfolios, and more advantageous enterprise license structures leveraging hybrid models, shared intelligence and common policy infrastructure.


Monday, June 04, 2018 12:15 PM|Monday, June 04, 2018 01:00 PM
Rethinking Cybersecurity for the Digital Transformation Era
Jay Chaudhry, CEO & Chairman, Zscaler, Inc.

Join Zscaler CEO and Founder, Jay Chaudhry for an exclusive lunch and learn in Maryland C. Take the opportunity to discuss trends in enterprise security and learn about steps you can take to securely enable your own organization's cloud transformation.


Monday, June 04, 2018 12:15 PM|Monday, June 04, 2018 01:15 PM
Midsize Enterprise Networking Lunch: Connect and Benchmark With Your Peers
Neil Wynne, Sr Research Analyst, Gartner
Robert Rhame, Research Director, Gartner

Join your peers for a networking lunch where Gartner analysts will poll the room and share the results from recent surveys as catalysts for discussion with other attendees at your table.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 12:15 PM|Monday, June 04, 2018 01:15 PM
CISO Circle Lunch: Amplify Your Persuasion Superpowers
Leigh McMullen, Research VP, Gartner

More than ever CISOs must be masterful persuaders. Our research takes a fresh and entertaining take on the art of persuasion viewed through the lens of modern neuroscience. We assume persuasion is a natural talent, but it's something even people with engineering brains can master, if they know the right tricks. You will leave this session with skills you can use today.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 12:15 PM|Monday, June 04, 2018 01:15 PM
Attendee Lunch


Monday, June 04, 2018 12:15 PM|Monday, June 04, 2018 03:00 PM
Exhibit Showcase

Visit the Exhibit Showcase to evaluate industry offerings that can move your business forward. Engage with your peers in our Networking Hub’s lounge and café. Stick around for the afternoon dessert reception and attend a theater session to see technology in action.


Monday, June 04, 2018 12:15 PM|Monday, June 04, 2018 03:00 PM
Learning Lab

With malware and phishing attacks more prevalent than ever, IT administrators are pressed to find new ways to protect their businesses. During this Learning Lab session, you will learn about Chrome OS & Browser's unique security model to deter against these threats, and how Google protects its own workforce. **Please see pdf attachment for full Learning Lab schedule


Monday, June 04, 2018 12:40 PM|Monday, June 04, 2018 01:05 PM
Next Generation Vendor Risk Management

When automation is brought to vendor risk management, organizations gain three critical attributes that helps them measurably reduce risk: speed, scale, and collaboration. In this presentation, learn how organizations are reaping these benefits by creating “next generation” vendor risk management programs.


Monday, June 04, 2018 12:40 PM|Monday, June 04, 2018 01:05 PM
Secure the Public Cloud with Confidence
Suda Srinivasan, Vice President, Growth, Dome9

How do you establish and maintain a robust security posture as you scale in the public cloud? This is the question that the security and operations teams face as they build out their presence on AWS, Azure and Google Cloud. In this session, find out how you can use Cloud Security Posture Management (CSPM) solutions to get better visibility and control over assets and actively protect against vulnerabilities and attacks at any scale.


Monday, June 04, 2018 01:15 PM|Monday, June 04, 2018 01:30 PM
Choose IT Solutions With Confidence: How to Shortlist and Ask the Right Questions
Ari Bilici, VP, Gartner

With over 80,000 reviews, Gartner Peer Insights can help you create your shortlist and be prepared with better questions during the buying process. Learn about Gartner Peer Insights Customers’ Choice and how this distinction can aid in your decision making.


Monday, June 04, 2018 01:15 PM|Monday, June 04, 2018 01:40 PM
Creating Your NIST Cybersecurity CISO Dashboard
Vivek Shivananda, CEO, Rsam

NIST CSF provides a foundation for orgs to communicate cybersecurity. But, the framework is not prescriptive enough to operationalize and harness existing data. In addition to using NIST CSF as a foundation, it is critical to generate good reporting. This session shows how orgs can leverage NIST CSF & reporting to create meaningful dashboards. The session will highlight examples of key dashboards that CISOs use to communicate to their boards.


Monday, June 04, 2018 01:15 PM|Monday, June 04, 2018 01:40 PM
Automating Security Practices for the DevOps Revolution

Security is at the epicenter of changing business needs, IT infrastructure and development practices. Cloud, containers and DevOps are key elements of this transformation. This session discusses how teams can automate security practices for these modern IT environments. It showcases customers’ examples of navigating this perfect storm by leveraging APIs, CI/CD integrations and building transparent orchestration into DevSecOps processes.


Monday, June 04, 2018 01:15 PM|Monday, June 04, 2018 01:40 PM
CASBs in the Wild: Case Studies in Securing Cloud Apps
Rich Campagna, CMO / Head of Product Management, Bitglass

What do a Fortune 100 pharmaceutical company, one of the largest hospital systems in the US, and a 100k employee manufacturer have in common? All have successfully used CASBs to enable public cloud apps like Office 365 while maintaining security and compliance. In this session, gain actionable advice from their journeys that you can bring to your organization immediately.


Monday, June 04, 2018 01:15 PM|Monday, June 04, 2018 01:40 PM
Cisco: Re-imagining Security in the Cloud
Meghan Diaz, Head of Product Marketing and Insights, Cisco

The cloud changes things — security is no exception. As applications and data move to the cloud, organizations need to ensure security stacks extend there too. With branch offices moving towards more direct internet access and SD-WAN network transformation, security must extend to the new cloud edge. Learn how 1) to recognize gaps of traditional security 2) to easily protect users today 3) peers address security for the cloud edge transformation.


Monday, June 04, 2018 01:50 PM|Monday, June 04, 2018 02:15 PM
Digital Transformation Requires Data Protection On Demand
Todd Moore, SVP, Encryption Products, Gemalto

There is a dramatic shift in cybersecurity taking place! Join us to learn how Gemalto is shaking things up in the security world: - Upcoming cybersecurity/compliance trends and how to prepare - Automate workflow processes, change cost/benefit models - Transform encryption and key management into a click and deploy model - Allow data owners to automate and transparently migrate between cloud providers


Monday, June 04, 2018 01:50 PM|Monday, June 04, 2018 02:15 PM
Cloud Security in the Era of "There's an App for That"
Will Aranha, Sales Engineer, McAfee

For years the CASB market debated whether inline intermediation (proxy) or native integration (API) was more effective for securing cloud services. The debate has been settled and enterprises and analysts alike have chosen native integration via API as the optimal deployment mode for CASB. But, while most CASBs have built robust API integrations to enforce security policies within the world’s most popular SaaS and IaaS systems like O365, Salesforce, AWS, and Azure, there remain thousands of cloud applications, like GitHub, that don’t yet have API integrations with CASBs. In this session, we'll describe why the market chose native integration and discuss a breakthrough that is allowing CASBs to scale out the number of cloud services supported from dozens to thousands. The end result - consistent policy enforcement across all your cloud services in the "there's an app for that" era.


Monday, June 04, 2018 01:50 PM|Monday, June 04, 2018 02:15 PM
Recorded Future: Building Intel Into Your Security Program

Threat Intelligence (TI) delivers the external visibility you need to triage alerts faster, prioritize vulnerabilities effectively, & make better decisions – with confidence. Integrated into your existing security ecosystem, threat intelligence provides the context needed to get more out of the tools you already have. Understand use cases showing how TI can drive results across security operations, vulnerability management, & incident response.


Monday, June 04, 2018 01:50 PM|Monday, June 04, 2018 02:15 PM
Fast, Forward and Focused
Robert Herjavec, Founder & CEO , Herjavec Group

Technology is constantly transforming, creating new possibilities and risks in the business world. Founder & CEO of Herjavec Group, Robert Herjavec, will explore the evolving cyber landscape and explain how to best position your business risks at the Board of Directors level. There is no light at the end of the tunnel when it comes to cyber warfare – so how are we adapting, transforming, scaling business strategies to face this battle head on?


Monday, June 04, 2018 02:00 PM|Monday, June 04, 2018 03:00 PM
Roundtable: How Did You Start Your Organization’s Detection and Response Capabilities?
Anton Chuvakin, VP Distinguished Analyst, Gartner
Augusto Barros, Research VP, Gartner

This roundtable will discuss planning approaches, challenges, pitfalls and the first steps taken in developing threat detection and response capabilities. Participants should bring their experiences on the initial phases of their threat detection and response capabilities. Preregistration is required. Seats are limited.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 02:00 PM|Monday, June 04, 2018 03:00 PM
Roundtable: How Midsize Organizations Should Approach Risk Management
Elizabeth Kim, Sr Research Analyst, Gartner

Join peers from the midmarket to discuss challenges, best practices, and experiences around how they manage risk as risk management becomes ever more complex due to digital business. Preregistration is required. Seats are limited. This session is a good fit for you if your organization has between five and 50 people in IT and an IT budget between $5 million and $30 million. We prequalify attendees for midsize enterprise sessions based on annual revenue between $50 million and $1 billion.”

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 02:00 PM|Monday, June 04, 2018 03:00 PM
Roundtable: Champion Data Management Initiatives to Reduce Risk
Alan Dayley, Research VP, Gartner
Jie Zhang, Research Director, Gartner

Data management no longer needs to focus solely on only one of the main uses cases: risk mitigation, analytics, compliance or cost optimization. In this session, learn what your peers are leveraging across functional data management and information governance initiatives to solve multiple business data concerns. Preregistration is required. Seats are limited.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 02:00 PM|Monday, June 04, 2018 03:00 PM
Roundtable: Best Practices for Successful Cloud Access Security Broker (CASB) Deployments
Neil MacDonald, VP Distinguished Analyst, Gartner

CASB is now being deployed by organizations large and small. What are the features, the successful use cases, and the requirements needed to make your CASB deployment a successful one? Preregistration is required. Seats are limited.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 02:00 PM|Monday, June 04, 2018 03:00 PM
Roundtable: Confidence vs. Competence for Women in IT
Christie Struckman, Research VP, Gartner

It is not competence that separates the sexes, it is confidence. There are differences between men and women both in their levels of confidence and in their display of confidence. Confidence is built through action – if one tries something and has success, that builds confidence which encourages more action, and the cycle continues. So what can leaders do to get that action cycle going to support the women in their organization? This roundtable will start with the following questions: 1) What is your experience with the competence vs confidence paradigm? 2) What does it look like if women are acting more confidently? 3) What can we do to boost women’s confidence? Preregistration is required. Seats are limited.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 02:00 PM|Monday, June 04, 2018 03:00 PM
Roundtable: Overcoming Cybersecurity Staffing and Skill Shortages in Midsize Enterprises
Neil Wynne, Sr Research Analyst, Gartner
Sam Olyaei, Principal Research Analyst, Gartner

Many midsize enterprises are struggling to attract and retain cybersecurity talent. Join us for this peer-driven discussion on how to manage with a small team. How have you successfully overcome these constraints? When is a managed service the answer? What makes the most sense to keep in-house? Preregistration is required. Seats are limited. This session is a good fit for you if your organization has between five and 50 people in IT and an IT budget between $5 million and $30 million. We prequalify attendees for midsize enterprise sessions based on annual revenue between $50 million and $1 billion.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 02:00 PM|Monday, June 04, 2018 03:00 PM
Roundtable: Integrating Security in DevSecOps Toolchain
Mark Horvath, Research Director, Gartner

As DevOps gains popularity for rapid delivery and innovation of new IT-enabled capabilities, concerns about security and compliance increase. Security and risk management leaders must adapt existing security tools, processes and policies to the DevOps toolchain without slowing the development process. Preregistration is required. Seats are limited.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 02:00 PM|Monday, June 04, 2018 03:00 PM
Roundtable: Federal Cloud Security from the Trenches
Katell Thielemann, Research VP, Gartner

Whether you are still developing your cloud strategy or already have lessons learned and best practices to share, this facilitated peer-to-peer discussion brings a small group of industry peers together for targeted discussions and learning. Preregistration is required. Seats are limited.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 02:00 PM|Monday, June 04, 2018 03:00 PM
Roundtable: Managing the Insider Threat
Avivah Litan, VP Distinguished Analyst, Gartner

This user roundtable will include a user-driven discussion on experiences with insider threat detection programs. Some areas we will discuss include; best practices, governance and organization, process, and technology solutions.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 02:15 PM|Monday, June 04, 2018 03:00 PM
How IRM Fits Into a Digital Risk Management Solution Stack
John A. Wheeler, Research Director, Gartner

IRM's key to success is the ability to provide a vertically integrated view of risk, starting with an organization's strategy, through to its business operations and ultimately into the enabling technology assets.This integration can be even more successful when IRM extends into markets such as BI and analytics as well as security orchestration, automation and response (SOAR) in support of digital business transformation. Learn how IRM fits into this digital business risk solution stack.


Monday, June 04, 2018 02:15 PM|Monday, June 04, 2018 03:00 PM
CASB = (UEBA + DLP + AAC + TI + TP + SIEM) for SaaS and IaaS
Patrick Hevesi, Research Director, Gartner
Steve Riley, Research Director, Gartner

Cloud access security broker (CASB) is the new Swiss Army knife for the cloud, come see all the different use cases this new four-letter word will help secure in your cloud services. CASB is to SaaS as the firewall is to corpnet. Come learn how to take advantage of CASBs as your business continues to migrate more services to the cloud. We will discuss the different use cases and best practices on how to deploy CASB.


Monday, June 04, 2018 02:15 PM|Monday, June 04, 2018 03:00 PM
Digital Business KPIs and Risk: Identifying and Then Measuring Value
Paul E. Proctor, VP Distinguished Analyst, Gartner

CIOs and their teams need to be able to articulate the value of digital business in the form of concrete metrics. This session will provide a framework for identifying value areas (e.g., revenue, cost reduction, margin improvement) and then continue with a way of establishing metrics to help executives track the progress and manage the risk of the digital business journey.


Monday, June 04, 2018 02:15 PM|Monday, June 04, 2018 03:00 PM
Navigating the Technology Landscape of Web Application Protection
Michael Isbitski, Research Director, Gartner

Protecting modern web applications requires an appropriate mix of technologies for client-side and server-side components. Microservice design patterns, web API adoption, mobilization and cloud integration increase the complexity further. This session will cover the various protective technologies that are available to organizations and provide recommendations on how to leverage them effectively.


Monday, June 04, 2018 02:15 PM|Monday, June 04, 2018 03:00 PM
What Security & Risk Leaders Need to Know About Blockchain
Jonathan Care, Research Director, Gartner
David Anthony Mahdi, Research Director, Gartner

Organizations are allocating funds for blockchain without defining use cases, putting security and risk management leaders in a bind. You need to support the adoption of blockchain, but manage the risks that result from relatively unproven tools. Come learn: ● How to trust distributed identity. ● How to trust unknown cryptographic service providers on blockchain and distributed ledgers. ● Recognize the can't-happen-don't-care state is more important than we think.


Monday, June 04, 2018 02:15 PM|Monday, June 04, 2018 03:00 PM
Top Trends in Security for 2018
Peter Firstbrook, Research VP, Gartner

This presentation will outline ongoing changes in security operations/policy/organization, technical migrations, shifts in security mindsets, societal changes, and modifications in adversarial tactics that CISOs and their direct reports should monitor. Attendees will learn strategic changes that aren't yet widely recognized but will have broad industry impact and significant potential for disruption. Through 2022, technologies related to these trends will reach a level of maturity that crosses a critical tipping point.


Monday, June 04, 2018 02:15 PM|Monday, June 04, 2018 03:00 PM
The Future of Cybersecurity Tools Is Hyperspecialized Microservices
Gorka Sadowski, Research Director, Gartner

Security is a team sport, no single vendor can solve cybersecurity alone, it requires a full stack of specialized tools. Buying more point solutions leads to more overlaps in some areas of functional coverage, while leaving gapping holes, which is not optimal. The future of cybersecurity tools is in microservices that organizations can easily integrate and plug together. We will look at what is required for this vision to become reality.


Monday, June 04, 2018 02:15 PM|Monday, June 04, 2018 03:00 PM
Understanding End-User Security Buying Behaviors
Deborah Kish, Principal Research Analyst, Gartner
Dale Gardner, Research Director, Gartner

Gartner's T&SP security team conducted a follow-up survey to help gain insight into changes in buyer security spending behaviors. This session presents the findings and year-over-year changes in delivery model preferences and budget increases and what is driving the investment.


Monday, June 04, 2018 02:15 PM|Monday, June 04, 2018 03:00 PM
Everything You Wanted to Know About Incident Response Retainers
Matthew T. Stamper, Research Director, Gartner
Toby Bussa, Research VP, Gartner

Incident response retainers are not all the same. Variations in available options and costs can affect a buyer's decision. This session will cover the common types of IR retainers available to buyers, typical options and variations, and factors to consider to aid buyers in choosing the appropriate retainer to match their requirements.


Monday, June 04, 2018 02:25 PM|Monday, June 04, 2018 02:55 PM
Enterprise Firewalls, CASBs and Secure Web Gateways: Untangling the Feature Snarl
Jon Amato, Research Director, Gartner

Enterprise firewalls, cloud access security brokers and secure web gateways all form important parts of the enterprise perimeter defense. But the common feature sets of these three approaches overlap substantially. In this session, we will address the points of overlap and help you determine when good enough is in fact enough, and when nothing less than best-of-breed functionality will do.


Monday, June 04, 2018 02:25 PM|Monday, June 04, 2018 02:55 PM
Magic Quadrant for Application Security Testing
Ayal Tirosh, Principal Research Analyst, Gartner

Security and risk management leaders should select AST tools and services and embed them in the SDLC as a critical component of an application security program. In this session, we will illustrate the market and main vendors in the application security testing space.


Monday, June 04, 2018 02:25 PM|Monday, June 04, 2018 02:55 PM
The 2018 Magic Quadrant for Endpoint Protection Platforms
Ian McShane, Research Director, Gartner

The EPP MQ is one of the most popular documents on Gartner.com, and clients want to understand what the relative placement really means. This year's lead author, Ian McShane, will take you through the analysis process, the assessment criteria and of course the products themselves. Attendees will get updated information and guidance on how best to use this document when evaluating vendors.


Monday, June 04, 2018 02:25 PM|Monday, June 04, 2018 02:55 PM
Magic Quadrant for Security Awareness Computer-Based Training
Joanna G. Huisman, Research Director, Gartner

Security awareness and education are critical elements of successful security and risk management programs. Learn how security awareness computer-based training tools can help, are they right for you, and who are the vendors you should evaluate.


Monday, June 04, 2018 02:30 PM|Monday, June 04, 2018 03:00 PM
Leveraging Virtualization to Secure Applications and Data

Despite countless products and dollars spent, the rate and cost of breaches is increasing. Current approaches to securing apps and data are broken and new ones are needed. Modern apps are highly distributed and dynamic, which means application security must be equally ubiquitous and agile. Join us to learn how virtualization, cloud, and mobility can be used to make security an intrinsic part of your environment, rather than a bolted-on afterthought.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 02:30 PM|Monday, June 04, 2018 03:00 PM
Security for the Age of Digital Everything
Matthew Chiodi, Head of Cloud Security, Cognizant Technology Solutions
Daniel Smith, AVP Cyber Security, Cognizant

Large, global enterprises are embracing digital transformation, and migrating workloads, applications and data to the cloud. In doing so, we are learning that legacy security approaches are losing relevance and risk is escalating. In this session, Cognizant presents insight from our recent study – Securing the Digital Future – coupled with related customer examples. We will illustrate how businesses can adopt digital advances and deliver optimal business outcomes while securing vital information, maintaining compliance and minimizing disruption.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 02:30 PM|Monday, June 04, 2018 03:00 PM
Elevate Your Security Using New Cyber Defense Strategies

We live in a fully digitized world where hyper connectivity, network evolution and complexity have led to increased attack surface and slow incident response. Adding more security tools that you have to deploy, monitor and manage is not the answer. Leveraging what you already own in your core network services-DNS, DHCP and IPAM to improve security is a smarter approach. They are also the more pervasive services that can improve your security.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 02:30 PM|Monday, June 04, 2018 03:00 PM
Capgemini: Next Generation SOC with Attack Simulation
Ninad Purohit, Go to Market Director - Cybersecurity , Capgemini

Capgemini: Enterprises have already implemented SIEM yet have failed to reach the expected benefits because security threats are evolving so quickly in complexity. Enterprises need a solution that is robust, yet not rigid; that is powerful yet intelligent. The new threat landscape calls for a new generation of SOC that’s flexible enough to evolve with emerging threats to identify and pre-empt sophisticated attacks.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 02:30 PM|Monday, June 04, 2018 03:00 PM
Top 3 Lessons Learned from Verizon’s Cloud Access Security Broker Deployment

The rapid adoption of cloud apps has had a ripple effect on all areas of security. Solutions are needed to provide visibility into cloud app activity, seamlessly enforce DLP policies across on-premises and cloud infrastructure, monitor suspicious account behavior, and prevent malware and APTs from penetrating cloud accounts. This session will share Verizon’s journey tackling cloud security challenges, lessons learned and actionable best practices.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 02:30 PM|Monday, June 04, 2018 03:15 PM
Meetup: Navigating Your Way Through Cloud Security
Peer Open Discussion – No Facilitator, ,

While cloud computing can help organizations realize significant cost savings and enable new business opportunities, from a security perspective, it's not as simple as flipping a switch. What have you learned in your approach to cloud security? What would you advise others when considering a significant move into the cloud? What challenges are you currently facing? Peer Connect Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 02:30 PM|Monday, June 04, 2018 03:15 PM
Meetup: Elevating Security Operations Center (SOC) / SIEM Efforts
Peer Open Discussion – No Facilitator, ,

Share best practices and ideas on security operation center (SOC) and security information and event management (SIEM) initiatives. Peer Connect Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 02:30 PM|Monday, June 04, 2018 03:15 PM
Meetup: Assessing the Security Implications of Blockchain
Peer Open Discussion – No Facilitator, ,

Join us to discuss your thoughts on how private blockchain could fundamentally change business processes by making them more transparent and auditable. What scenarios are you evaluating? What risks/challenges do you see? Peer Connect Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 02:30 PM|Monday, June 04, 2018 04:00 PM
Workshop: Getting Your Message Across
Diane Wilkinson, Senior Partner, The Wow Factor

In this workshop, we look at how you can boost your communication skills and get your message across more effectively. Taking lessons from giants of the IT industry including Steve Jobs, John Chambers and Steve Ballmer, this is a highly interactive session. With video clips, and plenty of exercises, this workshop is hands-on with lots of group participation. How do you communicate the value of your role? How do you get the business to listen to you more? How do you sell the benefits to your customers across the organisation?

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 02:30 PM|Monday, June 04, 2018 04:00 PM
Workshop: So You Want to Report on Digital Business Risk to the Board
Earl Perkins, Research VP, Gartner

Facing your board of directors and describing the risks digital business brings to the organization isn't easy. This workshop explores techniques and approaches organizations can use to describe the digital risks faced, the steps the company is taking to mitigate them, and the metrics that can be used to measure progress.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 03:15 PM|Monday, June 04, 2018 03:45 PM
Proactive Defense & Threat Remediation with Dark Web Intelligence

IReality is a competitor, a nation-state or a hacker group is planning an attack on your company, your partners or your customers right now. But who and how? Learn from fellow CISOs how they utilize dark web monitoring & automated remediation technologies to eliminate the noise, identify & analyze threats targeting their organization and operationalize intelligence to power automated remediation workflows across cross-functional teams.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 03:15 PM|Monday, June 04, 2018 03:45 PM
Resilient Cyber Defense Architecture
Dave Polton, Global Director of Innovation, NTT Security

Your adversaries and subsequent threats to your businesses are growing at an exponential rate, while resources available to your organization are finite. Learn how to unify people, processes and technology in order to be best equipped to defend against the threats specific to you, at pace and budget that is aligned with your business strategy. This session discusses components of a holistic cyber security architecture to deliver the above.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 03:15 PM|Monday, June 04, 2018 03:45 PM
Security Maturity: How Am I Doing? (& how can I do better?)
Hadi Hosn, Director, Secureworks

Leaders are often asked to measure the maturity of their security processes, people & technology against industry frameworks and peer organizations. While the frameworks are exhaustive and detailed, executing them takes significant time and resource. Secureworks’ Maturity Model helps leaders understand where they sit on a maturity scale and what they need to do to improve their security posture.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 03:15 PM|Monday, June 04, 2018 03:45 PM
How to Measure Your Attack Surface and Reduce Cyber Risk
Dave Stuart, Sr. Director of Product Marketing, Tenable

Digital transformation opens up a new world of opportunities, but it also creates a huge gap in the ability to see and manage cyber risks. In this session, you will learn a new way to manage and measure your attack surface to gain insight into and reduce cyber risk. Learn how to prioritize and remediate vulnerabilities and issues more effectively and expand your role from information guardian and technologist to risk strategist and advisor.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 03:15 PM|Monday, June 04, 2018 03:45 PM
Trust No One: Encryption & Identity in a 3rd Party Ecosystem

Managed cloud services come with many benefits. Fundamentally, however, you still have to trust third-party providers. In this session, learn how transparent data encryption and key management eliminates third-party risk, how to use novel encryption applications to gain the benefits of outsourcing, and understand how this approach minimizes your attack exposure.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 03:15 PM|Monday, June 04, 2018 04:00 PM
The 3 Biggest "Secrets" Driving Cybersecurity Forward

Because cybersecurity is at its core a risk management function, there will always be differing views on what 'enough' and 'acceptable' are. However, there are a number of readily observable yet often undiscussible overt gaps in the typical organization today. This session, led by Bob Kalka, a 24-year cybersecurity veteran at IBM, will describe the most dramatic gaps that are influencing where many organizations are evolving towards.


Monday, June 04, 2018 03:15 PM|Monday, June 04, 2018 04:00 PM
The Human Firewall Is on Fire – What Do You Do When the Smoke Clears?
Janet Levesque, Senior Vice President of Systems, Risk a, Mimecast

Many enterprises are focused on prevention and are too busy with day-to-day firefights to look beyond the flames and think about how to recover. Beyond preventing attacks, organizations need to focus on detection and response. It’s no longer a matter of if you’re going to be attacked, but when. Join this session to: • Learn the cutting edge tactics of these digital thieves • Identify and combat these attacks • Learn how to recover, should an attack break through your defenses


Monday, June 04, 2018 03:15 PM|Monday, June 04, 2018 04:00 PM
Google Cloud: Building a Trusted Cloud

Running mission-critical workloads in the cloud requires a high degree of confidence and trust in your cloud provider. How can organizations establish and maintain this trust? In this session, Google Cloud's Michael Aiello will describe the key security capabilities to look for when selecting a cloud provider, and how Google Cloud customers across various industries have deployed these capabilities to protect their most critical assets.


Monday, June 04, 2018 03:15 PM|Monday, June 04, 2018 04:00 PM
Making Orchestration, Automation and Response Work For You
Myke Lyons, Head of Security Strategy, Security BU, ServiceNow

Security Orchestration, Automation, and Response (SOAR) is a way for teams to prioritize alerts and eliminate mundane work, freeing up your team to focus on the most important security issues. Join Myke Lyons, Head of Security Transformation at ServiceNow, and Jason Belford, CISO of University of Virginia, for practical examples of how you can apply SOAR to drastically improve your incident response and vulnerability remediation programs.


Monday, June 04, 2018 03:15 PM|Monday, June 04, 2018 04:00 PM
Innovating with Cybersecurity in Mind: Reshaping Mindset and Striking the Right Balance
Danessa Lambdin, Vice President Cybersecurity, AT&T
Greg Hill, AVP Product Marketing, AT&T

This panel will focus on how to foster innovation and utilize security as a competitive advantage, providing strategies that can be quickly implemented to achieve the overall goal of secure innovation.


Monday, June 04, 2018 03:15 PM|Monday, June 04, 2018 04:00 PM
Machine Learning and the Peak of Inflated Expectations
Tim "TK" Keanini, Distinguished Engineer, Cisco Advanced Threat Solutions Group, Cisco Systems

100% predictive! Advanced threats are no match for AI! Our machine learning detects threats that others cannot! Machine learning sounds great. Like a panacea or silver bullet. Just ask any vendor. Despite the hype, machine learning can actually be useful for information security. What is it? What is it capable of? How should it fit into security? Join us as we debunk hype and learn how machine learning can deliver more effective security.


Monday, June 04, 2018 03:15 PM|Monday, June 04, 2018 04:00 PM
Transform Your SecOps and Advance Your Cyber Defense

Join us to hear how to transform your security operations, security posture and data security using Splunk. Find out how a combination of machine data platform with security analytics, orchestration and automation technology helps: Advance cyber defense, reduce organizational risk using analytics-driven security Respond faster by accelerating incident response Work smarter and reduce staffing and skills challenges


Monday, June 04, 2018 03:15 PM|Monday, June 04, 2018 04:00 PM
Solution Provider Sessions


Monday, June 04, 2018 03:15 PM|Monday, June 04, 2018 04:00 PM
How Leidos is Building a Modern Cyber Workforce

We will review the strategies and actions that we take to overcome these hurdles and increase the effectiveness of the Leidos cyber workforce. We will review the challenges in hiring the right people with the right skills and how we balanced the priority to hire for both. This concept was applied to growing the workforce and to transforming it by engaging non-traditional disciplines into an intelligence focused cyber enterprise.


Monday, June 04, 2018 03:15 PM|Monday, June 04, 2018 04:00 PM
Maximum Impact:Prioritize Threat Protection & Risk Reduction

The most valuable risk management strategies often evolve post-breach. Hear how lessons learned from cyberattacks help prioritize modern infrastructure protection. As the attack surface expands, learn how to eliminate an irreversible network takeover attack; secure third-party access, and cloud and DevOps processes; and protect SaaS administrators and privileged business users.


Monday, June 04, 2018 03:15 PM|Monday, June 04, 2018 04:00 PM
Learning from High-Profile Breaches -- and Stopping the Next
Dmitri Alperovitch, CTO, Crowdstrike

This exclusive session delves into details of some of CrowdStrike’s most eye-opening breach investigations of the past year, and their implications for organizations of all sizes, regardless of their industry or country of origin. Also: New research on “breakout time” – the time from initial intrusion to the first signs of lateral movement that precede a breach – and what defenders must do to respond before adversaries can press their attack.


Monday, June 04, 2018 03:15 PM|Monday, June 04, 2018 04:05 PM
Member Panel: Rise of Next Generation Security Operations Center (NG-SOC)
Kevin Robbins, , Dept. of VA

Since their inception protecting Military Organizations, Federal Agencies, and large IT footprint Organizations, the Security Operations Center has evolved through several phases. The modern SOC has evolved through the G5 SOC (incorporating Threat Intelligence and Analytics) and are transforming into the NextGen SOC (incorporating Cognitive Security). At the same time, Organizations are working to determine the right mix of Managed Services, outsourcing, and demonstrated business value. Come listen to four current SOC Manager practitioners and experts in the field discuss their challenges and visions for the future.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 04:00 PM|Monday, June 04, 2018 04:15 PM
Understanding the Value of Gartner: Cloud Security
Bre Howell, Director, Gartner

Discover how you can leverage Gartner’s wide range of resources on Cloud Security Programs, from market dynamics, strategy research, tools and templates, to vendor insights and implementation guides. This initiative offers insight and best practices to help you align your cloud security development with business requirements, managing the risk across public and private cloud-based systems. Learn how Gartner helps clients address critical questions, such as: • How can organizations create an effective cloud security strategy? • How do we evaluate cloud service provider security and maintain control? • How do we evaluate and operate cloud security access security broker (CASB)?


Monday, June 04, 2018 04:15 PM|Monday, June 04, 2018 05:00 PM
Meetup: Security Best Practices in Manufacturing
Peer Open Discussion – No Facilitator, ,

Take part in an interactive session with fellow manufacturing security professionals on the latest challenges and best approaches to overcome them. Peer Connect Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 04:15 PM|Monday, June 04, 2018 05:00 PM
What Your Board Wants to Know
Rob McMillan, Research Director, Gartner
Khushbu Pratap, Principal Research Analyst, Gartner

It is now common practice for a board of directors to require periodic reporting and event-based updates on the state of IT risk and information security. Risk and security leaders must provide board-relevant and business-aligned content. This presentation discusses what you need to present. Key Issues: • What is the role of the board and what do they care about? • What content do you need to cover? • How should you present this content?


Monday, June 04, 2018 04:15 PM|Monday, June 04, 2018 05:00 PM
Tips to Understand and Better Manage Your Technical Debt
Craig Lawson, Research VP, Gartner

The technical debt security teams have to deal with today is crushing. New technology often has "technical debt" — security issues that require compensating controls. This session will discuss this issue and also what organizations must do, such as: • Understand the technical debt that comes with acquiring a technology/service. • Manage technical debt at acquisition time. • Leverage technical debt management for risk posture improvement.


Monday, June 04, 2018 04:15 PM|Monday, June 04, 2018 05:00 PM
IT Risk Management, Compliance and IT Security Are Not the Same
Evelin Biro, Founder and Principal, Biro Consulting

There is a general misunderstanding of risk management, compliance, and security disciplines. Even though often combined, these disciplines have fundamentally different purposes and approaches to enabling business objectives. To be successful, leaders of these disciplines need to be clear about their specific roles in the organization. Join us to learn the key differences between the disciplines, understand their purposes, how to effectively balance their needs, and how to effectively and efficiently work together.


Monday, June 04, 2018 04:15 PM|Monday, June 04, 2018 05:00 PM
How to Evolve Your Mobile Security Strategy in 2018
Patrick Hevesi, Research Director, Gartner

Mobile attacks continue to surface. Do you have all the right mobile security solutions in place? Come learn how to build a defense in-depth strategy for your ever growing mobile workforce. We will also discuss how UEM, MTD, and Mobile OS/HW security solutions continue to improve.


Monday, June 04, 2018 04:15 PM|Monday, June 04, 2018 05:00 PM
Strategies for Embedding Application Security Testing Into the SDLC
Ayal Tirosh, Principal Research Analyst, Gartner

In this session, we will cover different ways we see organizations fitting and integrating application security testing (AST) into the systems development life cycle (SDLC). What characteristics should we be looking for in AST solutions? How do we balance speed and depth when it comes to testing applications? What practices should we consider leveraging to better embed AST in the SDLC?


Monday, June 04, 2018 04:15 PM|Monday, June 04, 2018 05:00 PM
Fix What Matters: Provide DevOps Teams With Risk-Prioritized Vulnerability Guidance
Dale Gardner, Research Director, Gartner

Security testing, software composition analysis, vulnerability scans, pen testing and other sources of software vulnerability data can quickly overwhelm DevOps teams responsible for ensuring the security and integrity of the apps they deliver. We'll examine emerging approaches that can aid teams in identifying the most critical issues for mitigation, while providing management with a risk-based view of apps.


Monday, June 04, 2018 04:15 PM|Monday, June 04, 2018 05:00 PM
Meetup: Cybersecurity - Increasing Awareness and Communicating from Employee to Board Level
Peer Open Discussion – No Facilitator, ,

This Meetup will discuss practical methods for increasing end user awareness of cyber threats in your organization. What's worked for you? What tools are you using? What are the most effective ways to increase awareness at the associate level and to communicate at the board level? Peer Connect Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 04:15 PM|Monday, June 04, 2018 05:00 PM
How to Ensure Your Cloud Usage Is Reliable
Jay Heiser, Research VP, Gartner

Public cloud computing offers the potential for high levels of continuity but operational reliability cannot be taken for granted. Even the most reliable of cloud services requires some level of customer configuration and ongoing administration to enable the highest levels of processing redundancy and data protection. IaaS and SaaS are conceptually similar, but a successful cloud contingency effort must accommodate their unique differences.


Monday, June 04, 2018 04:15 PM|Monday, June 04, 2018 05:00 PM
Mitigating Digital Business Resilience Risk — Who Should Be Responsible and Accountable?
John P Morency, Research VP, Gartner

For many organizations, digital business services will be supported through a combination of cloud-based applications and internally hosted business data. Sustaining IT service availability, continuity resilience across the underlying hybrid infrastructure is a critical success factor. Outcome-based service levels that support related digital business key performance indicators (KPIs) will be required. This session examines responsibility and accountability alternatives for the delivery of digital business-based outcomes and will use client case study examples to illustrate successful approaches.


Monday, June 04, 2018 04:15 PM|Monday, June 04, 2018 05:00 PM
Meetup: Securing State and Local Governments
Peer Open Discussion – No Facilitator, ,

Discuss successes and failures in encouraging innovation and creativity in state and local government. What has worked? What has not? What are the best techniques to try? Peer Connect Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 04:15 PM|Monday, June 04, 2018 05:00 PM
Midsize Enterprise Security: Challenges and Trends for 2018
Adam Hils, Research Director, Gartner
Neil Wynne, Sr Research Analyst, Gartner
Robert Rhame, Research Director, Gartner

Midsize enterprise (MSE) IT leaders face significant security challenges when trying to deliver IT services with small IT teams (usually fewer than 30 people) and limited IT budgets (usually less than $20 million). Join us for a discussion of the top trends that MSE IT leaders responsible for security and risk management should prioritize to stay current and proactive in protecting the organization and managing risk effectively. This session is a good fit for you if your organization has between five and 50 people in IT and an IT budget between $5 million and $30 million. We prequalify attendees for midsize enterprise sessions based on annual revenue between $50 million and $1 billion.


Monday, June 04, 2018 04:15 PM|Monday, June 04, 2018 05:45 PM
Workshop: Male/Female Partnership in the Era of #MeToo
Rayona Sharpnack, Founder and CEO, Institute for Gender Partnership and the Institute for Women’s Leadership
Roberta Witty, Research VP, Gartner

Women have been talking to women about women’s issues for 100 years, and yet relatively little has changed. Men have been stepping up but are now beginning to lean back for fear of making mistakes. To achieve full gender partnership, we must work together in new and creative ways to create inclusive cultures. It has never been more important for men and women to co-create solutions where all employees can make their full contribution to the success of your business.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 04:30 PM|Monday, June 04, 2018 06:00 PM
Select Program Session & Networking Reception

Join Research Director, Eric Ahlm, for an exclusive Select Program review of how to work with Gartner and master the critical executive-level competencies for business, leadership and how to develop high-performance teams to accelerate your success. Following the presentation, please join us for a networking reception where you can speak with peers and additional Gartner analysts.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Monday, June 04, 2018 05:15 PM|Monday, June 04, 2018 05:45 PM
The 5 Security Roles You Must Plan for in the Digital Era
Sam Olyaei, Principal Research Analyst, Gartner
Matthew T. Stamper, Research Director, Gartner

As organizations digitize, new security competencies and roles will be required to manage the balance between the need to run the business and the need to protect the business. This presentation will highlight five critical roles that security and risk leaders have to plan for to manage the risks arising from digital business initiatives undertaken by their organization.


Monday, June 04, 2018 05:15 PM|Monday, June 04, 2018 05:45 PM
How to Capitalize on Disruptive Blockchain-Based Advertising Platforms
Avivah Litan, VP Distinguished Analyst, Gartner
Deborah Kish, Principal Research Analyst, Gartner

This session will explore vendor opportunities in blockchain based browsers and help them evaluate how to partake in a blockchain market Gartner forecasts to be $3.1 trillion by 2030. Key issues covered in this session: • What are the opportunities in consumer blockchain applications that enable stronger privacy and security? • What are the opportunities for blockchain security in the advertising space?


Monday, June 04, 2018 05:15 PM|Monday, June 04, 2018 05:45 PM
In a Hybrid World, a Single Brand of Firewall Is Still a Best Practice
Adam Hils, Research Director, Gartner

With private cloud, public cloud and SaaS becoming pervasive across enterprises, the relevance of third-party security controls is in question. Infrastructure and application owners ask whether third-party firewalls are necessary to secure business data in these new environments. A single brand of firewall is the best approach to regulating access to — and security within — hybrid networks.


Monday, June 04, 2018 05:15 PM|Monday, June 04, 2018 05:45 PM
The Cloud Compliance Conundrum
Jay Heiser, Research VP, Gartner
Khushbu Pratap, Principal Research Analyst, Gartner

Transition to cloud can unfold a parallel project of managing compliance in a new ecosystem which may be a combination of SaaS, on-premises, and privately hosted workloads. Partner, customer, and supplier connections and application integrations further complicate the implementation of compliance mandates. Learn about resetting goals and redefining the scope of assessments supporting risk management and compliance initiatives.


Monday, June 04, 2018 05:15 PM|Monday, June 04, 2018 05:45 PM
State of Endpoint and Mobile Security, 2018
John Girard, VP Distinguished Analyst, Gartner

Endpoint and mobility use cases continuously transform business processes and challenge established security best practices. Integrity comes down to personal discretion. We provide IT leaders with a path to introduce agility and tolerance into critical infrastructure. Concerns include technology trends, emerging exploits and the sheer enormity of data protection in an interconnected workplace.


Monday, June 04, 2018 05:15 PM|Monday, June 04, 2018 05:45 PM
How to Apply Deception Effectively
Augusto Barros, Research VP, Gartner

As organizations struggle to deal with the evolving threat landscape, there has been a resurgence in interest on deception techniques. Simple honeypots have evolved into distributed deception platforms and existing security solutions have also started to include deception components. This session provides a look at deception as a technique, with insights into when it's applicable, when most effective and how organizations should introduce it into their environments and security practices.


Monday, June 04, 2018 05:15 PM|Monday, June 04, 2018 05:45 PM
What's New in Email Security?
Jonathan Care, Research Director, Gartner
Neil Wynne, Sr Research Analyst, Gartner

Email has been with us for over 40 years. In that time it has become the unstated killer app for B2B. Contracts, purchase orders, invoices are all routinely sent by email. Collaboration of all types - from engineering designs to creative writing, presentation development to party planning, is all done by email. But at its core, email remains the same vulnerable, venerable medium. In this presentation we look at why email is so useful and ubiquitous, and what vulnerabilities exist that can impact the organization. We will take the opportunity to look at what security controls exist, why many still languish unadopted in the enterprise, and what security and risk management leaders can do to stem the tide of phishing, ransomware, spoofing, and outright fraud.


Monday, June 04, 2018 05:15 PM|Monday, June 04, 2018 05:45 PM
Embrace Data Masking for the New Privacy Management Era
Marc-Antoine Meunier, Research Director, Gartner

With GDPR leading a rising tide of privacy regulations, security and risk management leaders should include data masking in their compliance plans. This session will explore old and new data masking use cases to address privacy challenges. 1) How do you reduce exposure in DevOps? 2) How do you limit PII exposure to only authorized processes? 3) How can data masking be used to address data subject rights?


Monday, June 04, 2018 05:15 PM|Monday, June 04, 2018 05:45 PM
When Security Meets Marketing — Who Owns Digital Brand Protection?
Tricia Phillips, Research Director, Gartner
Andrew Walls, Managing VP, Gartner

Many security leaders think their responsibility ends at their perimeter, but the same criminals who are trying to hack into your systems are also exploiting your brand and customers externally through fake social media accounts, malvertizing, phishing sites and more. Who is responsible for protecting your enterprise against the assaults of cyber-criminals outside the assets that you control? Who protects your customers when they think they are interacting with your organization?


Monday, June 04, 2018 05:45 PM|Monday, June 04, 2018 07:30 PM
Exhibit Showcase Networking Reception

Join us for an evening reception where you can engage with your peers, Gartner Analysts, and exhibitors while enjoying delicious desserts and beverages, fun games, raffle drawings and lively entertainment. Attend a theater session to see technology in action and visit the Networking Hub for additional Gartner content.


Monday, June 04, 2018 05:45 PM|Monday, June 04, 2018 07:30 PM
Learning Lab

With malware and phishing attacks more prevalent than ever, IT administrators are pressed to find new ways to protect their businesses. During this Learning Lab session, you will learn about Chrome OS & Browser's unique security model to deter against these threats, and how Google protects its own workforce. **Please see pdf attachment for full Learning Lab schedule


Monday, June 04, 2018 05:55 PM|Monday, June 04, 2018 06:20 PM
Hitachi ID: Additional Session Details Coming Soon

Hitachi ID: Additional Session Details Coming Soon


Monday, June 04, 2018 06:30 PM|Monday, June 04, 2018 06:55 PM
Autonomy and Security in the Mobile-first Workplace

Enabling your organization to keep pace with competitors means you need a mobile strategy that empowers your employees, while simultaneously protecting your organization. Enter Samsung, our heritage makes us the best partner for any business embracing digital transformation. Samsung remains the only Mobility Solution Platform Provider capable of delivering mobile innovation that meets the needs of both employers and employees by breaking down the barriers between security and usability.


Monday, June 04, 2018 06:30 PM|Monday, June 04, 2018 06:55 PM
GDPR, Article 17: The Right of Erasure – Can you Comply?
Uzi Yair, Product Manager, GTB Technologies, Inc.

Perhaps the most demanding requirement of GDPR in regards to personal information storage and privacy is the setting into law Article 17, the right to erasure, otherwise known as, the right to be forgotten. Organizations need the ability to comply with client demands for the right to be forgotten and will require a solution that can accurately locate, classify & erase PII. Join us to learn how to ensure compliance with Article 17 & the EU GDPR


Monday, June 04, 2018 06:30 PM|Monday, June 04, 2018 06:55 PM
It’s 6:30PM – Are Your Clouds at Risk?
Dane Disimino, Product Marketing Manager, Secureworks
Hadi Hosn, Director, Secureworks

Risk management in the cloud is a journey filled with potential missteps at every stage of enterprise maturity. Join this session to see where you fit based on exclusive observations made by Secureworks. Take home our recommendations for fundamental controls including three key principles to manage risks in the cloud.


Monday, June 04, 2018 07:30 PM|Monday, June 04, 2018 10:30 PM
Tanium Networking Reception

Join Tanium for an evening of fun as we sip some ice cold beverages, listen to music, and enjoy the beautiful views of the National Harbor at Pose Ultra Lounge atop of the Gaylord National Resort. The event is open to all conference attendees, just bring your attendee badge to enter!


Tuesday, June 05, 2018 06:45 AM|Tuesday, June 05, 2018 08:15 PM
Registration


Tuesday, June 05, 2018 07:00 AM|Tuesday, June 05, 2018 07:45 AM
Forensics of Incident Response - Preparing for Day One
Robert Herjavec, Founder & CEO , Herjavec Group

Herjavec Group Founder & CEO, Robert Herjavec, will share his views on incident response planning from the perspective of an executive. Leveraging real-world cases across complex infrastructures, Robert will give his recommendations on how organizations can better prepare for the inevitability of a breach, and what needs to happen on day 1 of incident response to get your business back to standard operation.


Tuesday, June 05, 2018 07:00 AM|Tuesday, June 05, 2018 08:00 AM
CISO Circle Breakfast: How Platform Business Might Break Capitalism and Why That's Not a Bad Thing
Leigh McMullen, Research VP, Gartner

Our current view of capitalism is based on industrial age economic ideas, but mega-platforms such as digital giants eBay, Amazon, Uber and Facebook not only challenge our analogue based business models, but even our assumptions of how markets most efficiently allocate resources. For enterprises to survive and thrive in a world of macro and micro-economic upheaval, a deeper look into how these changes might manifest is essential.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 07:00 AM|Tuesday, June 05, 2018 08:00 AM
Attendee Breakfast

Join other attendees for breakfast before the day's sessions


Tuesday, June 05, 2018 07:00 AM|Tuesday, June 05, 2018 08:00 AM
Breakfast Session: Go from Compliance Frameworks to Defense
Yaron Levi, CISO, Blue Cross and Blue Shield of Kansas City

The questions that every security leaders struggles to answer are, “How secure are we?” and “What do I do first?” Unfortunately, many security leaders take the approach of checking the compliance frameworks boxes (NIST, ISO, etc.). While this approach may provide a blanket to cover one’s backside, it is ineffective against real-world adversaries. This session will share a vision for building a security practice that uses a militaristic approach and is based on defense against real adversaries’ tools, techniques and procedures. Attendees will be asked to comment on the proposed approach. Preregistration is required. Seats are limited.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 08:15 AM|Tuesday, June 05, 2018 09:00 AM
Guest Keynote: Sailing the Cyber Sea: The New Realities of 21st Century Security
James Stavridis, Admiral, United States Navy (Retired)

Emerging security concerns will be addressed in the future with a combination of cyber capabilities, unmanned vehicles and drones and special operations forces. In particular, the reach and function of cyber tools will change how we view the world and keep ourselves safe in it. Admiral James Stavridis lays out the future of 21st century security tools that are very untraditional in their reach and application. He describes for audiences how the world of international defense is fundamentally changing before our eyes, and how that will impact business, personal life and the global marketplace.


Tuesday, June 05, 2018 09:00 AM|Tuesday, June 05, 2018 09:30 AM
Networking Break


Tuesday, June 05, 2018 09:00 AM|Tuesday, June 05, 2018 09:30 AM
Building the Industry Standard for Enterprise Software Reviews: Use Gartner Peer Insights to Collect Reviews Efficiently and Use Insights Effectively
Hemant Adhikari, VP, Products, Gartner

Gartner Peer Insights can help you streamline review collection and utilize these reviews to better grow your business. Hear how our reviews and ratings platform can aid in your sales enablement and content marketing and much more.


Tuesday, June 05, 2018 09:15 AM|Tuesday, June 05, 2018 10:45 AM
Workshop: Writing IT Risk and Cybersecurity Service Descriptions With Business-Centric Value Statements
Paul E. Proctor, VP Distinguished Analyst, Gartner

The foundation of a mature security function that can offer defined levels of protection at defined cost is a business-centric service catalog. Writing business-centric-value statements for risk and security is both challenging and informative. This workshop will help you understand exactly what security does for your organization.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 09:15 AM|Tuesday, June 05, 2018 10:45 AM
Workshop: Improve Your Incident Response to an International Data Breach
Bart Willemsen, Research Director, Gartner

Security and risk management leaders must develop strong incident response (IR) capabilities where personally identifiable information (PII) is compromised. This workshop will use a scenario that highlights the impact of cross-border data flows and privacy management to help validate IR capabilities.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 09:15 AM|Tuesday, June 05, 2018 03:15 PM
Exhibit Showcase

Visit the Exhibit Showcase to evaluate industry offerings that can move your business forward. Engage with your peers in our Networking Hub’s lounge and café. Stick around for the afternoon dessert reception and attend a theater session to see technology in action.


Tuesday, June 05, 2018 09:15 AM|Tuesday, June 05, 2018 03:15 PM
Learning Lab

With malware and phishing attacks more prevalent than ever, IT administrators are pressed to find new ways to protect their businesses. During this Learning Lab session, you will learn about Chrome OS & Browser's unique security model to deter against these threats, and how Google protects its own workforce. **Please see pdf attachment for full Learning Lab schedule


Tuesday, June 05, 2018 09:30 AM|Tuesday, June 05, 2018 10:15 AM
How to Use the New Threat Simulation Tools
Anton Chuvakin, VP Distinguished Analyst, Gartner
Augusto Barros, Research VP, Gartner

Threat simulation tools may be the newest tool in your security toolkit. Join us and learn about the novel security tool category — threat simulation tools, and how to use these to test and improve your security. Key issues covered: • What are these tools? • Who needs them? • How can you benefit from them?


Tuesday, June 05, 2018 09:30 AM|Tuesday, June 05, 2018 10:15 AM
State of the Threat Landscape, 2018
Gorka Sadowski, Research Director, Gartner
Pete Shoard, Research Director, Gartner

When it comes to the threat landscape, it can be challenging to predict what's on the horizon. Gartner presents the best predictions on how the threat will change in attacking your enterprise. This session will cover the following areas — the importance of patching, ransomware evolution and state-sponsored attacks.


Tuesday, June 05, 2018 09:30 AM|Tuesday, June 05, 2018 10:15 AM
The State of Network Security in the Cloud Era
Lawrence Orans, Research VP, Gartner

Now that we are in the “cloud era,” network security professionals need to adapt. Enterprises are re-architecting their networks, and will be purchasing more cloud-based security services and fewer network security appliances. In this session, we will highlight best practices that enable a smooth transition to the adoption of cloud-based security services.


Tuesday, June 05, 2018 09:30 AM|Tuesday, June 05, 2018 10:15 AM
Security Architecture for Digital Business — Best Practices
Tom Scholtz, VP & Gartner Fellow, Gartner

Digital business projects don't lend themselves to conventional security architecture practices. Security and risk management must adopt a bimodal approach to security architecture. This presentation will discuss: What is security architecture? What are the best practices for security architecture in digital business?


Tuesday, June 05, 2018 09:30 AM|Tuesday, June 05, 2018 10:15 AM
Meetup: Overcoming Security Challenges at Fortune 500 Companies
Peer Open Discussion – No Facilitator, ,

Join other Fortune 500 peers to share the unique security challenges of very large, multinational enterprises, as well as ideas and proven best practices to overcome them. Peer Connect Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 09:30 AM|Tuesday, June 05, 2018 10:15 AM
The 2018 CIO Agenda: A Security Outlook
Rob McMillan, Research Director, Gartner
Sam Olyaei, Principal Research Analyst, Gartner
F. Christian Byrnes, Managing VP, Gartner

The 2018 CIO Agenda highlights the changing role of the CIO. Security and risk management leaders must understand CIO priorities and adjust strategy and messaging accordingly. Key issues: • What are the main elements of the 2018 CIO agenda? • What are their implications for security and risk management leaders? • What must security and risk management leaders do in response?


Tuesday, June 05, 2018 09:30 AM|Tuesday, June 05, 2018 10:15 AM
Effectively Establish and Operate a Third-Party and Vendor Risk Management Program
Christopher Ambrose, Research VP, Gartner

Vendors and third parties can create significant risks to business operations and performance. This session will provide an overview of the methods to efficiently reduce residual vendor risks. What are the current best practices for assessing, monitoring, remediating or mitigating vendor risks? What emerging practices are improving the value of vendor risk management programs?


Tuesday, June 05, 2018 09:30 AM|Tuesday, June 05, 2018 10:15 AM
Meetup: Key Considerations for Artificial Intelligence
Peer Open Discussion – No Facilitator, ,

What are the implications of artificial intelligence (AI) on security and risk management efforts? What scenarios are you evaluating? What risks/challenges do you see? Join your peers in exploring answers to these questions and others pertaining to AI. Peer Connect Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 09:30 AM|Tuesday, June 05, 2018 10:15 AM
How to Become an MDR Provider
Sid Deshpande, Research Director, Gartner

MDR (managed detection and response) is a new and fast-growing area for MSSPs, but there are new business models and competitors to contend with. This presentation providers aspiring MDR providers with a template for creating an MDR service across the people, process and technology considerations.


Tuesday, June 05, 2018 09:30 AM|Tuesday, June 05, 2018 10:15 AM
10 Principles of a CARTA Approach and Implications for Your Security Organization
Neil MacDonald, VP Distinguished Analyst, Gartner

In 2017, Gartner introduced a strategic approach for information security called Continuous Adaptive Risk and Trust Assessment (CARTA). As a new charter for information security, CARTA embraces the reality of securing a world where our digital business capabilities are accessed anywhere, by anyone from any device and where attackers continue to innovate. This session will explore the significant changes to security organizations and infrastructure required by CARTA.


Tuesday, June 05, 2018 09:30 AM|Tuesday, June 05, 2018 10:15 AM
Meetup: Advancing Security and Risk Management Practices in Healthcare
Peer Open Discussion – No Facilitator, ,

If you have specific concerns that you'd like to address with other security and risk management professionals in the healthcare industry, this is the meetup for you. Peer Connect Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 09:30 AM|Tuesday, June 05, 2018 10:30 AM
Roundtable: What's "Enough" Network Security for Midsize Enterprises?
Adam Hils, Research Director, Gartner

Midsize enterprises are defined as organizations between $50 million and $1 billion in annual revenue and fewer than 1,000 employees. This roundtable discussion focuses on what's enough network security for midsize enterprises. Preregistration is required. Seats are limited.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 09:30 AM|Tuesday, June 05, 2018 10:30 AM
Roundtable: Recovery Tiering Best Practices and Lessons Learned
Roberta Witty, Research VP, Gartner
David Gregory, Research Director, Gartner

This analyst-user roundtable will provide a forum for conference attendees to discuss how they approach recovery tiering for business and IT processes. Preregistration is required. Seats are limited.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 09:30 AM|Tuesday, June 05, 2018 10:30 AM
Roundtable: Security Event Monitoring Options for Midsize Enterprises
David Anthony Mahdi, Research Director, Gartner
Toby Bussa, Research VP, Gartner

Resource-challenged security and risk management leaders at midsize enterprises are increasingly concerned about detecting threats and complying with regulatory mandates. Join us in a peer-driven discussion about selecting the proper technologies and services that will improve security event monitoring capabilities when facing staff and budget constraints. This session is a good fit for you if your organization has between five and 50 people in IT and an IT budget between $5 million and $30 million. We prequalify attendees for midsize enterprise sessions based on annual revenue between $50 million and $1 billion.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 09:30 AM|Tuesday, June 05, 2018 10:30 AM
Roundtable: Plan Your Data Exit Strategy Before You Sign a SaaS Contract
Alan Dayley, Research VP, Gartner

Let's talk about exit strategies. Join us for a lively discussion including real-world examples where data—and, even worse, business capabilities—are held hostage due to poorly defined terms in cloud contracts. Be prepared to share your own experiences for this topic and learn from the analyst four mechanisms to avoid being the next "my data is held hostage with my SaaS provider and I can't afford to extract it" story. Preregistration is required. Seats are limited.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 09:30 AM|Tuesday, June 05, 2018 10:30 AM
Roundtable: How Much Security Is Enough? Security Awareness and Training for Developers
Ayal Tirosh, Principal Research Analyst, Gartner

In this roundtable, discuss with peers how to get the most out of security training for developers. Should the developers be trained in an effort to make them security experts, or should the focus be more narrow? How will I know if training is successful? What have others found successful? Discuss with your peers what you are doing, how it has worked and hear from them on how they've tackled this problem. Preregistration is required. Seats are limited.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 09:30 AM|Tuesday, June 05, 2018 10:30 AM
Roundtable: Security Vendors that Midsize Enterprises Love
Jeremy D'Hoinne, Research VP, Gartner
Neil Wynne, Sr Research Analyst, Gartner

Join this discussion on security vendors that midsize enterprises love. Midsize enterprises are defined as organizations between $50 million and $1 billion in annual revenue and fewer than 1,000 employees. Preregistration is required. Seats are limited. This session is a good fit for you if your organization has between five and 50 people in IT and an IT budget between $5 million and $30 million. We prequalify attendees for midsize enterprise sessions based on annual revenue between $50 million and $1 billion.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 09:30 AM|Tuesday, June 05, 2018 10:30 AM
Roundtable: Find New Accelerated Paths for Federal Cybersecurity Tools and Services Acquisitions
Katell Thielemann, Research VP, Gartner

From Other Transaction Authority (OTA) to CDM (Continuous Diagnostics and Mitigation) acquisition changes to new cybersecurity special item numbers (SINs) on GSA schedules, federal organizations like DIUX or the strategic capabilities office (SCO) are finding new ways to accelerate the federal acquisition of tools and services. Join us for a facilitated peer-to-peer discussion on ideas and best practices. Preregistration is required. Seats are limited.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 09:30 AM|Tuesday, June 05, 2018 10:30 AM
Roundtable: How Can Midsize Enterprises Leverage Microsoft's Security and IAM Capabilities?
Steve Riley, Research Director, Gartner

In line with the trend of Office 365 adoption, a large number of midsize enterprises are considering Microsoft's native security and IAM offerings such as Exchange Online Protection, Advanced Threat Protection, Azure Active Directory, Azure Information Protection and Microsoft Intune. Which of these are you using successfully? What challenges have you encountered? Where have you found the need to supplement or supplant these capabilities with a non-Microsoft product? Join us for a peer-driven discussion to address these and any other questions you may have. Preregistration is required. Seats are limited. Preregistration is required. Seats are limited.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 09:30 AM|Tuesday, June 05, 2018 10:30 AM
Roundtable: Implementing Compliance Management Solutions
Elizabeth Kim, Sr Research Analyst, Gartner

Compliance may be a mature discipline, but Gartner still sees a lot of organizations struggle. Tools can help, but sometimes they make things worse. Come learn what your peers are doing to mature and improve their compliance management programs and how they are leveraging tooling investments to implement continuous improvement. Preregistration is required. Seats are limited.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 09:30 AM|Tuesday, June 05, 2018 10:30 AM
Roundtable: How Blockchain and eIDs Will Affect Governments
Bill Finnerty, Research Director, Gartner
David Anthony Mahdi, Research Director, Gartner

Digital identities for both humans and devices are growing at an exponential rate. What implications does this have on governments and their IAM programs, and how will this impact both government-employee and government-citizen dynamics? How will emerging technologies such as blockchain impact government digital identity? This roundtable kicks off with some common trends in IAM, and focuses on what matters most to governments. Preregistration is required. Seats are limited.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 09:40 AM|Tuesday, June 05, 2018 10:10 AM
Magic Quadrant for Managed Security Services
Kelly M. Kavanagh, Principal Research Analyst, Gartner

This session will review the latest Gartner Magic Quadrant for Managed Security Services (MSS). Attendees will learn about the current market, provider landscape, and adjacent services for this well-established network security services market.


Tuesday, June 05, 2018 09:40 AM|Tuesday, June 05, 2018 10:10 AM
Magic Quadrant for Intrusion Detection and Prevention Systems
Craig Lawson, Research VP, Gartner

This session will review the latest Gartner Magic Quadrant for intrusion detection and prevention systems. Attendees will learn about the current market and valuable use cases for this well established network security technology, as well as hear an overview of the vendor landscape.


Tuesday, June 05, 2018 10:30 AM|Tuesday, June 05, 2018 11:00 AM
Don’t Be Blindsided with the Wrong Incident Response Program
Dave Polton, Global Director of Innovation, NTT Security
Mike Barch, VP Security Services, NTT Data
Sushila Nair, Security Portfolio Senior Director, NTT DATA

Effective Critical Incident Response (CIR) is a fundamental component of minimizing loss & destruction, mitigating weaknesses, and building resilience. In this session, you’ll learn best practices to better detect security incidents, build security threat detection models, and explore available tools for incident investigation and response.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 10:30 AM|Tuesday, June 05, 2018 11:00 AM
A New Definition and Market Reality for Endpoint Protection
Dan Larson, VP of Product Marketing, CrowdStrike

A revised definition of endpoint protection platforms (EPPs) details the challenges faced by organizations in protecting themselves. It outlines changes requiring EPPs to prevent file-based attacks, detect malicious activity and provide investigation and remediation capabilities to respond to dynamic security incidents. This session will focus on the opportunities and realities in deploying endpoint protection aligned to this new vision.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 10:30 AM|Tuesday, June 05, 2018 11:00 AM
Encrypted Traffic Analytics – Findings Over the Last Year
Tim "TK" Keanini, Distinguished Engineer, Cisco Advanced Threat Solutions Group, Cisco Systems

Attackers are now using encrypted traffic to hide malware and evade detection. According to Gartner, by 2019, 70% of all network attacks will use encryption. Cisco's new solution, Encrypted Traffic Analytics, combines advanced machine-learning from Stealthwatch Enterprise with Cisco innovations in network telemetry to help you gain rich insights into the nature of encrypted traffic and stop threats without the need for decryption.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 10:30 AM|Tuesday, June 05, 2018 11:00 AM
Security Maturity: How Am I Doing? (& how can I do better?)
Hadi Hosn, Director, Secureworks

Leaders are often asked to measure the maturity of their security processes, people & technology against industry frameworks and peer organizations. While the frameworks are exhaustive and detailed, executing them takes significant time and resource. Secureworks’ Maturity Model helps leaders understand where they sit on a maturity scale and what they need to do to improve their security posture.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 10:30 AM|Tuesday, June 05, 2018 11:00 AM
Completing the Shared Security Model: Bringing Detection and Response to Cloud Security
Jay Barbour, Director Security Product Management, Masergy

Cloud security prevention controls aren’t sufficient for protecting the tenant-side of the shared security model. While detection and response are core capabilities of Cloud Workload Protection and CASB, continuous monitoring is required to mitigate risk. In this session you will learn how to: 1. Identify weaknesses in your cloud security strategy 2. Reduce SaaS, IaaS, and PaaS risk with fully managed Cloud Workload Protection and CASB functions 3. Implement cloud security best practices demonstrated by real-world use cases

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 10:30 AM|Tuesday, June 05, 2018 11:15 AM
Appetite for Destruction – The Cloud Edition
Raj Samani, Chief Scientist and McAfee Fellow , McAfee

2017 witnessed the introduction of pseudo ransomware, attacks that appeared to be straightforward attempts to extort money from companies in exchange for a decryption key but were in fact designed for destruction, or other nefarious purposes.   Now that we are into a new year, will we witness such attacks in the cloud and if so what will they look like?  This talk considers the evolving threat landscape and how the Cloud now comes under fire.


Tuesday, June 05, 2018 10:30 AM|Tuesday, June 05, 2018 11:15 AM
Build for Speed: Modern Cyber-Service-Oriented Architecture
Adam Vincent, CEO, ThreatConnect

Security programs must respond to the variety of actors, tools, and goals challenging conventional detection, analysis, and response – strengthening arguments for automation. Patrick Opet, Cybersecurity Technology Managing Director, and Ron Ritchey, Chief Security Architect, J.P. Morgan Chase & Co. along with Adam Vincent, CEO of ThreatConnect, will focus on a modern service-enabled stack, positioned for critical security decisions at speed.


Tuesday, June 05, 2018 10:30 AM|Tuesday, June 05, 2018 11:15 AM
The Global Revolution in Email Authentication
Alexander Garcia-Tobar, CEO, VALIMAIL

The global DMARC standard, which underpins email authentication, has grown faster in the last 6 months than the previous 5 years. More than 240,000 domains have attempted DMARC, and the U.S. government has made email authentication mandatory (BOD 18-01) for key agencies. The benefits are expansive, but 70-80% of these implementations fail. Learn the benefits and challenges of implementing email authentication at your organization.


Tuesday, June 05, 2018 10:30 AM|Tuesday, June 05, 2018 11:15 AM
Solution Provider Sessions


Tuesday, June 05, 2018 10:30 AM|Tuesday, June 05, 2018 11:15 AM
Leveraging Identity Management to Achieve Acceptable Losses

When you’re under attack, being able to block intrusions with aggressive and automated identity management makes a huge difference in minimizing your losses and keeping your organization’s name out of the data breach headlines. Based on my years of extensive real-world experience I will cover how to redesign and automate your organization’s identity management to achieve acceptable losses, even while under constant cyberattack.


Tuesday, June 05, 2018 10:30 AM|Tuesday, June 05, 2018 11:15 AM
AWS: Humans and Data Don’t Mix - Best Practices to Secure Your Cloud

When it comes to security, human error far outpaces other causes of failures. The risk of humans touching sensitive data is clear, so how do you get them away from your data while also speeding up time to detection and remediation? Stephen Schmidt, AWS CISO, will share hard-earned lessons around potential opportunities in your security program, along with practical steps to improve the agility of your organization.


Tuesday, June 05, 2018 10:30 AM|Tuesday, June 05, 2018 11:15 AM
Using Cybersecurity Metrics to Enhance Ecosystem Risk Mgmt
Alex Yampoliskiy, CEO, SecurityScorecard
Derek Morford, Business Information Security Officer, Allstate

With breaches prevalent across industries and new regulations filling the cybersecurity landscape, measuring risk across your ecosystem is essential to an effective risk management program. This session will discuss how to develop meaningful security metrics, ways to ensure impactful reporting, and how to drive ecosystem risk management through accountability.


Tuesday, June 05, 2018 10:30 AM|Tuesday, June 05, 2018 11:15 AM
Getting IAM Right – It can be done

Identity and Access Management lies at the core of any effective security strategy, but often getting there is often easier said than done. The influx of complexity, change, and poor execution doom many IAM projects.In this session, our panel of real-world organizations that have achieved the elusive objective of IAM done right will share their secrets. Find out how these organizations were able to succeed where so many others have failed.


Tuesday, June 05, 2018 10:30 AM|Tuesday, June 05, 2018 11:15 AM
Darktrace: AI-Based Autonomous Response - Are Humans Ready?
Nicole Eagan, CEO, Darktrace
Justin Fier, Director for Cyber Intelligence and Analysis , Darktrace
Andrew Tsonchev, Director of Technology, Darktrace

Global ransomware attacks like WannaCry move too quickly for humans to keep up, and even more advanced attacks are on the horizon. AI-based cyber defense can not only detect threats as they emerge but also autonomously respond to attacks in real time. As the shortage of trained cyber analysts worsens, the future of security seems to be automatic. But are humans ready to accept the actions machines would take to neutralize threats?


Tuesday, June 05, 2018 10:30 AM|Tuesday, June 05, 2018 11:15 AM
Security in A DevOps World

Organizations are adopting DevOps to seize market opportunities ahead of the competition. Building information security into this new development pattern is challenging. With real world examples, this session will help you to: -Understand the quality and security shortcomings of existing DevOps processes -Learn how to overcome resistance to integrating security into DevOps -Identify tools to build security into every phase of the DevOps pipeline.


Tuesday, June 05, 2018 10:30 AM|Tuesday, June 05, 2018 11:15 AM
Regaining Visibility and Continuous Security in a Hybrid World

Organizations embracing clouds, elastic workloads, mobile, IoT, and big data must shift security from an afterthought to a core practice of safeguarding data from endpoints to the cloud. Using examples from leading enterprises, this session discusses how to: - reduce the attack surface by regaining visibility across hybrid IT environments - automate processes to build security into DevOps - secure the journey to the cloud from beginning to end


Tuesday, June 05, 2018 10:30 AM|Tuesday, June 05, 2018 11:15 AM
Bromium: Additional Session Details Coming Soon

Bromium: Additional Session Details Coming Soon


Tuesday, June 05, 2018 10:30 AM|Tuesday, June 05, 2018 11:20 AM
Paradigm Shift: Winning in the Age of Cyber

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 11:30 AM|Tuesday, June 05, 2018 12:15 PM
State of Fraud Prevention and Payment Security
Tricia Phillips, Research Director, Gartner
Andrew Walls, Managing VP, Gartner

Fraud prevention leaders have mastered the art of detecting and preventing fraudulent account activity and payment events in many verticals and use cases, but as customers change the way they interact with each other and their expectations of their service providers, banks, retailers, health care teams and governments, the old ways have failed to evolve.


Tuesday, June 05, 2018 11:30 AM|Tuesday, June 05, 2018 12:15 PM
What Will Be the Secure Internet Gateway's Impact on Security?
Lawrence Pingree, Research VP, Gartner

Gartner will explain the SaaS-based secure internet gateway concept, how this future concept will evolve the delivery of cloud and infrastructure and how providers must plan for this evolution in the security markets.


Tuesday, June 05, 2018 11:30 AM|Tuesday, June 05, 2018 12:15 PM
Why You Still Must Detect Advanced Threats on Your Network
Jeremy D'Hoinne, Research VP, Gartner
Lawrence Orans, Research VP, Gartner

Massive use of SaaS and mobile technologies and a growing share of encrypted traffic revive the rumors of the death of the perimeter and network security altogether. Building a strong business case to prioritize network security investments is more difficult, due to increasing competition for budget from cloud and endpoint security solutions. This session will review the latest trends in network-based advanced threat defense, including the latest techniques used for anomaly detection, and a high-level framework to decide if TLS decryption is right for your organization.


Tuesday, June 05, 2018 11:30 AM|Tuesday, June 05, 2018 12:15 PM
Meetup: Assessing the Security Implications of Blockchain
Peer Open Discussion – No Facilitator, ,

Join us to discuss your thoughts on how private blockchain could fundamentally change business processes by making them more transparent and auditable. What scenarios are you evaluating? What risks/challenges do you see? Peer Connect Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 11:30 AM|Tuesday, June 05, 2018 12:15 PM
Top 10 Security Projects for 2018
Neil MacDonald, VP Distinguished Analyst, Gartner

This presentation outlines the top 10 security projects for 2018, based on a number of criteria: The emerging technologies that support the project are not yet mainstream; the project helps deliver against the CARTA (continuous adaptive risk and trust assessment) approach; and the project has high risk reduction versus resources required as compared to alternatives. Attend this session to get ideas and justification for specific 2018 security projects.


Tuesday, June 05, 2018 11:30 AM|Tuesday, June 05, 2018 12:15 PM
Meetup: Navigating Your Way Through Cloud Security
Peer Open Discussion – No Facilitator, ,

While cloud computing can help organizations realize significant cost savings and enable new business opportunities, from a security perspective, it's not as simple as flipping a switch. What have you learned in your approach to cloud security? What would you advise others when considering a significant move into the cloud? What challenges are you currently facing? Peer Connect Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 11:30 AM|Tuesday, June 05, 2018 12:15 PM
GDPR the Day After: 3 Myths and 6 Key Capabilities Discussed
Bart Willemsen, Research Director, Gartner

After ample preparation time in anticipation of the GDPR, Gartner has observed a few misconceptions on privacy as well as a number of key functions for a mature privacy management program. We will address the lessons learned and the necessary capabilities to protect privacy, including the role of security, program ownership, and what the market is, and should be, doing.


Tuesday, June 05, 2018 11:30 AM|Tuesday, June 05, 2018 12:15 PM
Are You a Candidate for a Virtual CISO?
Jeffrey Wheatman, Research VP, Gartner

Gartner has seen an increased interest in virtual CISO offerings from organizations in unregulated industries, with smaller digital business footprints, and small and midsize enterprises. Are you a good candidate for a vCISO? Come find out what you can and should expect from these new service offerings.


Tuesday, June 05, 2018 11:30 AM|Tuesday, June 05, 2018 12:15 PM
The Role of AI in the Future of Authentication?
Justin Taylor, Research Director, Gartner

Authentication, the gateway to trust in a digital system, has experienced a dramatic evolution over the years — from simple usernames and passwords to the current capabilities of biometrics, multifactors, and continuous authentication. What role though does AI (artificial intelligence) play in the future of authentication? In this session, Gartner will explore this question. We will discuss the following key topics: 1) What future considerations will vendors need to plan for? 2) What new capabilities will vendors need to add to their portfolios in order to address the needs of authentication? 3) And, how will AI help vendors and customers alike?


Tuesday, June 05, 2018 11:30 AM|Tuesday, June 05, 2018 12:15 PM
Office 365 Security: All the Acronyms and Third-Party Solutions Explained
Patrick Hevesi, Research Director, Gartner

Every year Microsoft releases new security features for Office 365. Come learn about all the existing and new Office 365 security features built into the different licensing models. We will discuss all the three-letter acronyms (TLAs) of the security features available within O365 as well as the third-party solutions.


Tuesday, June 05, 2018 11:30 AM|Tuesday, June 05, 2018 12:15 PM
Meetup: Strategic Planning Best Practices
Peer Open Discussion – No Facilitator, ,

Connect with fellow leaders on best practices and ideas regarding strategic planning for security and risk management initiatives. Peer Connect Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 11:30 AM|Tuesday, June 05, 2018 12:15 PM
Protect Application Front Ends From Attack and Abuse
Dionisio Zumerle, Research Director, Gartner

Most people think of back-end security when thinking of application security. Much of the intelligence of applications is moving to the front end. JavaScript and browser plugins provide rich functionality and code on the client side. This presentation will highlight the solutions for enterprises to shift their approach to align with this trend. From code obfuscation to anti-tampering controls, from certificate pinning to browser protections, we will present the approaches, tools and vendors that will secure applications front ends.


Tuesday, June 05, 2018 11:30 AM|Tuesday, June 05, 2018 12:15 PM
Managing the Insider Threat — Why Employee Monitoring Is No Longer Taboo
Jonathan Care, Research Director, Gartner

Employee monitoring is one of those topics that most IT leaders don’t like to talk about. Blandishments like “we trust our people” and “we have a culture of openness” are common. Yet, as Mark Twain said, “The difference between a man and a dog is that if you feed a dog and take care of it, it will not bite you.” We examine how employee monitoring contributes not only to prevention and detection of internal malfeasance, but can also be used to safeguard employees and ensure safe working environments.


Tuesday, June 05, 2018 11:40 AM|Tuesday, June 05, 2018 12:10 PM
Magic Quadrant for Security Awareness Computer-Based Training (Repeat)
Joanna G. Huisman, Research Director, Gartner

Security awareness and education are critical elements of successful security and risk management programs. Learn how security awareness computer-based training tools can help, are they right for you, and who are the vendors you should evaluate.


Tuesday, June 05, 2018 11:40 AM|Tuesday, June 05, 2018 12:10 PM
Magic Quadrant for Managed Security Services (Repeat)
Kelly M. Kavanagh, Principal Research Analyst, Gartner

This session will review the latest Gartner Magic Quadrant for Managed Security Services (MSS). Attendees will learn about the current market, provider landscape, and adjacent services for this well-established network security services market.


Tuesday, June 05, 2018 12:15 PM|Tuesday, June 05, 2018 01:00 PM
Securing The Digital Transformation
Jason A. Keenaghan, Director, Offering Management, IAM & Fra, IBM

As organizations evolve to support their digital transformations, they must address key challenges such as: establishing digital trust with their customers, managing a mobile workforce, and protecting their most critical asset - their data. Learn how you can ensure and maintain digital trust during your transformation by: · Managing identities & prevent fraud · Securing the mobile channel · Protecting your data & minimize risk related to privacy


Tuesday, June 05, 2018 12:15 PM|Tuesday, June 05, 2018 01:15 PM
Attendee Lunch


Tuesday, June 05, 2018 12:15 PM|Tuesday, June 05, 2018 01:15 PM
CISO Circle Lunch: Lessons Learned in the Equifax Breach and Other Incidents
Peter Firstbrook, Research VP, Gartner

Come join us for a discussion of four recent high-profile breaches. How did they happen? What was the company response? What worked and what didn't? What should we have learned from the breach?

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 12:45 PM|Tuesday, June 05, 2018 01:10 PM
Security, Risk & Compliance with Data Driven Automation
Nipa Patel, Senior Vice President, Sath Inc

CISOs are expected to make decisions with data points which are disparate and disjointed, lacking a clear view of the organization's security posture. A few pragmatic solutions can help ensure that your operational and strategic decision are backed by accurate and real-time information. The session will address: • Critical security & risk data points • Steps for process and tool implementation • ISMS to provide real-time security data analytics


Tuesday, June 05, 2018 12:45 PM|Tuesday, June 05, 2018 01:10 PM
Why Phishing is Different and More Problematic on Mobile
Aaron Cockerill, Chief Strategy Officer, Lookout

The corporate perimeter is evaporating as the enterprise continues its shift to a mobile-enabled workplace.Endpoints are outside the firewall and freely accessing not just apps and SaaS,but also personal services.Attackers take advantage of the blending of personal and enterprise accounts and the vulnerability of devices outside firewalls to gain access to corporate data via new vectors for phishing attacks including SMS and messaging platforms


Tuesday, June 05, 2018 12:45 PM|Tuesday, June 05, 2018 01:10 PM
Protecting ERP in the Cloud

With Business-Critical Application and ERP vendors, such as SAP & Oracle, reporting double-digit growth in cloud revenue, many organizations are faced with the challenge of planning a migration of their most critical assets. Because these systems are complex, and also house the organization's crown jewels, security is paramount when building a migration plan. Attend to learn best practices to securely migrate these ERP applications to the cloud.


Tuesday, June 05, 2018 12:45 PM|Tuesday, June 05, 2018 01:10 PM
Mobile IAM Empowering Business Continuity Trust Frameworks
James Byrne, CEO, James Byrne

Review a case-study of the US Department of Homeland Security CERRA trust framework with mobile IAM to deliver personalized experiences, communications, IoT integration and analytics. Learn how you can help your organization reduce risk, increase resilience and avoid revenue impacts, while simultaneously enabling B2B / B2G partnerships, interoperability and collaboration.


Tuesday, June 05, 2018 01:20 PM|Tuesday, June 05, 2018 01:45 PM
Uncover Attacks Buried Under an Avalanche of Security Events
Ajay Uggirala, , Imperva

Every day, security systems bombard IT professionals with thousands of events. IT organizations require proper information and analysis capabilities to decisively respond and resolve security events. This session explains how security teams can: Reduce information overload, improves operational efficiency; Use automation to sort and prioritize attacks for easy investigation; Gain a unified and correlated view of all application security events.


Tuesday, June 05, 2018 01:20 PM|Tuesday, June 05, 2018 01:45 PM
Best Practices for Building an Effective Security Awareness Program
Tom Pendergast, Chief Strategist, Security, Privacy, and, MediaPRO

Partnered with two of our most risk aware clients, MediaPRO, and team, will discuss what is required to implement and maintain an effective Security Awareness Program. Focusing on best practices we will cover, what it takes to build a security & risk awareness program and how to maintain the success of that program. This panel will be moderated by Tom Pendergast, MediaPRO’s Chief Strategist of Security, Privacy, Compliance and Product.


Tuesday, June 05, 2018 01:20 PM|Tuesday, June 05, 2018 01:45 PM
From IT to IoT: Bridging the Growing Cybersecurity Divide

With the widespread growth of IOT devices and services, security is a priority. This session will discuss the challenges of implementing security solutions for IoT services for security professionals who are looking at things from an IT viewpoint. Traditional IT security solutions may not be directly applicable to the IoT ecosystem. New IoT specific threats and challenges need to be addressed. Learning Objectives: 1: Learn about the top IoT threats. 2: Discover how to address threats using new design process not old IT process. 3: Understand the security lifecycle differences between IT and IoT.


Tuesday, June 05, 2018 01:20 PM|Tuesday, June 05, 2018 01:45 PM
Cybersecurity Heroes Aren't Born.....They're Made

Phishing has long been a headline threat for infosec teams — but email is just one entry point for cybercriminals. Attendees will learn why it’s important to assess and train their end users about cybersecurity threats beyond email-based social engineering. Hear results from the Wombat Security 2018 Beyond the Phish® Report, and learn about end users’ strengths and weaknesses across 12 cybersecurity topics.


Tuesday, June 05, 2018 01:30 PM|Tuesday, June 05, 2018 02:00 PM
Accelerate and Focus Your Cyber Security Strategy
Bob Smock, VP Consulting, Gartner

Insights and trends show how and where security and risk leaders should focus security-specific initiatives and investments by measuring and correlating the perspectives of existing protection capabilities, the cost of achieving those protection capabilities, and how much risk remains to be managed using the current approach. View the impact of this measurement and correlation across the twelve domains of the Gartner security reference architecture, and see how existing approaches compare to industry peer groups and industry leading practices. Identify opportunities for improving the return on investment for deploying appropriate protection capabilities, improving security maturity, and lowering risk exposure.


Tuesday, June 05, 2018 01:55 PM|Tuesday, June 05, 2018 02:20 PM
Rise of the Machines: Protecting These New Identities
Kevin Bocek, Vice President of Corporate Development and Business Development, Venafi

There are two actors on a network, people & machines. People rely on user names & passwords to identify themselves and gain access to machines. Machines use digital keys & certificates for authentication. But we’re not protecting these growing machine identities. We spend billions each year on user name & password security, but almost none on protecting keys & certificates. Learn about the steps you can take to get these risks under control.


Tuesday, June 05, 2018 01:55 PM|Tuesday, June 05, 2018 02:20 PM
Securing M&A: Deception Powers Nimble, Adaptive Security

When companies undertake M&A or other business changes, attackers smell opportunity. Rapid IT shifts create cracks in the cybersecurity foundation. This session will show how distributed deception enables you to quickly set up the ability to see and remediate exploitable elements in the network, detect attackers quickly, and gather forensics and risk context so that—even amid rapid change—you can protect the business from high-impact attacks.


Tuesday, June 05, 2018 01:55 PM|Tuesday, June 05, 2018 02:20 PM
Person-centric GDPR Data Subject Rights Operationalization
George Chedzhemov, Director of Client Success, BigID

Privacy is all about people. Without knowing whose data you have, it's not possible to protect individuals' privacy. GDPR data subject access rights require companies to put this principle into practice. However, legacy tools cannot determine what personal information belongs to which data subject. A person-centric approach to locating and understanding data is necessary to operationalize data subject rights lifecycle from request to fulfillment.


Tuesday, June 05, 2018 01:55 PM|Tuesday, June 05, 2018 02:20 PM
Designing Risk and Value Metrics Relevant to the Board

The security industry has long worked to elevate cybersecurity and data risk management to the board level and most recognize the importance of security & the risks associated with a data breach. However, data risk management & cybersecurity are like Climate Change, the facts are widely accepted, but language & metrics to communicate impact are elusive. We'll discuss the need for common language & metrics to translate digital risk for the board


Tuesday, June 05, 2018 02:30 PM|Tuesday, June 05, 2018 03:00 PM
Magic Quadrant for Cloud Access Security Brokers
Steve Riley, Research Director, Gartner

By 2020, 60% of large enterprises will use a CASB to govern cloud services, up from less than 10% today. There's a good reason for this expected jump in adoption. Cloud access security brokers have become an essential element of any cloud security strategy, helping organizations govern the use of cloud and protect sensitive data in the cloud. Attend this session to help you align CASB vendors to address specific use-case requirements.


Tuesday, June 05, 2018 02:30 PM|Tuesday, June 05, 2018 03:00 PM
The 2018 Magic Quadrant for Endpoint Protection Platforms (Repeat)
Ian McShane, Research Director, Gartner

The EPP MQ is one of the most popular documents on Gartner.com, and clients want to understand what the relative placement really means. This year's lead author, Ian McShane, will take you through the analysis process, the assessment criteria and of course the products themselves. Attendees will get updated information and guidance on how best to use this document when evaluating vendors.


Tuesday, June 05, 2018 02:30 PM|Tuesday, June 05, 2018 03:00 PM
The Security and Risk Management Issues Your CFO Cares About (Repeat)
Khushbu Pratap, Principal Research Analyst, Gartner

The pressure is growing for senior executives, such as CFOs, to become more engaged in the governance and implications of security and risk management. That's why it is imperative for security and risk management leaders to identify the issues that CFOs care about, which is what this session will cover.


Tuesday, June 05, 2018 02:30 PM|Tuesday, June 05, 2018 03:15 PM
Meetup: Security Best Practices in Manufacturing
Peer Open Discussion – No Facilitator, ,

Take part in an interactive session with fellow manufacturing security professionals on the latest challenges and best approaches to overcome them. Peer Connect Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 02:30 PM|Tuesday, June 05, 2018 03:15 PM
How Automation in Security Can Add Real Value
Eric Ahlm, Research Director, Gartner
Justin Taylor, Research Director, Gartner

Automation in security isn't a new concept, and one could argue that a simple AV product which updates itself is automation. But shifts in market trends are calling for more security solutions to incorporate higher value levels of automation. Buyers who struggle to do threat detection, are strapped for personnel resources and have increased pressure to improve their programs. Successfully applying automation can allow buyers to do more with less. This session discusses this wave of automation in security, what's working today and how to successfully create product value through automation.


Tuesday, June 05, 2018 02:30 PM|Tuesday, June 05, 2018 03:15 PM
How Threat Intelligence Gateways Transform Edge Threat Defense and Network Filtering
Lawrence Pingree, Research VP, Gartner

This session will introduce the concept of a threat intelligence gateway, define it and highlight the benefits that these appliances bring to network defense. Attendees will learn the style of intelligence that moves beyond just threat toward intelligence aware internet filtering. We'll talk through the benefits that some enterprises and security operations centers have seen and we'll cover how security threat intelligence integrations must evolve to make security operations more efficient.


Tuesday, June 05, 2018 02:30 PM|Tuesday, June 05, 2018 03:15 PM
Beyond Detection: 5 Core Security Patterns to Prevent Highly Evasive Threats
Mario de Boer, Research VP, Gartner

Most prevention techniques rely on having seen the attack before, and fail for evasive attacks. Detection techniques rely on reuse of techniques/tactics or anomalous behavior, and fail for highly evasive attacks. This sessions analyses five core security patterns that security architects can use to protect against highly evasive threats, without relying on detection.


Tuesday, June 05, 2018 02:30 PM|Tuesday, June 05, 2018 03:15 PM
How Crypto-Agility and Post-Quantum Cryptography Will Affect Security Projects
Mark Horvath, Research Director, Gartner

While it's still in its early stages, quantum computing will have a big impact on the security community. This session will focus on what do security and risk leaders need to know today about quantum computing and post-quantum cryptography, and how will they impact security projects going forward?


Tuesday, June 05, 2018 02:30 PM|Tuesday, June 05, 2018 03:15 PM
State of Data Security 2018
Brian Lowans, Research Director, Gartner

Security and risk management leaders need to develop security strategies that treat data as a pervasive asset (and liability). New data privacy laws and the continued growth of data breaches are increasing business risks. Data security governance is an emerging risk-based framework that will help plan and orchestrate policies across data security products that are siloed and do not integrate.


Tuesday, June 05, 2018 02:30 PM|Tuesday, June 05, 2018 03:15 PM
Outlook for Security Talent 2018
Matthew T. Stamper, Research Director, Gartner
Sam Olyaei, Principal Research Analyst, Gartner

Security and risk management leaders struggle to hire and retain staff with the right skills, especially in the age of digital business. We discuss the outlook for security talent in digital businesses. What do organizations do to confront this shortage? What can you do to ensure your team's skill sets are developed for a digital world? What does the future of talent look like with technologies such as AI/ML, blockchain, IoT looming?


Tuesday, June 05, 2018 02:30 PM|Tuesday, June 05, 2018 03:15 PM
Meetup: Elevating Security Operations Center (SOC) / SIEM Efforts
Peer Open Discussion – No Facilitator, ,

Share best practices and ideas on security operation center (SOC) and security information and event management (SIEM) initiatives. Peer Connect Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 02:30 PM|Tuesday, June 05, 2018 03:15 PM
Selecting a Risk Assessment Process for Digital Business Needs
Earl Perkins, Research VP, Gartner

Assessing risks well is imperative for organizations moving aggressively to leverage digital business tools and techniques in the safest, most secure and efficient manner possible. This presentation explores the best steps organizations can take to choose the appropriate risk-assessment process for their needs.


Tuesday, June 05, 2018 02:30 PM|Tuesday, June 05, 2018 03:15 PM
Meetup: Securing State and Local Governments
Peer Open Discussion – No Facilitator, ,

Discuss successes and failures in encouraging innovation and creativity in state and local government. What has worked? What has not? What are the best techniques to try? Peer Connect Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 02:30 PM|Tuesday, June 05, 2018 03:15 PM
Cut Through the Hype and Prioritize on Your IoT-OT Security Strategy
Ruggero Contu, Research Director, Gartner

Convergence of IT and OT have led to myriad new and challenging security issues. IT and OT security professionals and CIOs need to plan for these and future challenges. Join us and learn how to best plan and deploy a security strategy that aligns to IoT initiatives and OT-IT convergence.


Tuesday, June 05, 2018 02:30 PM|Tuesday, June 05, 2018 03:15 PM
Navigate the Confusing Vendor Landscape for Data Security and Analytics Offerings
Alan Dayley, Research VP, Gartner

The data security and analytics market is full of vastly differing technology and service claims. ML, AI, NLP, analytics, GDPR compliance, classification, data security risk identification — STOP! Offerings have been over-hyped, leaving organizations frustrated. Key issues covered: • How focusing on D&A basics can eliminate the "noise." • Where to turn for sifting through the confusing vendor and technology landscape. • How to regain control of your data security and analytics initiatives.


Tuesday, June 05, 2018 02:30 PM|Tuesday, June 05, 2018 03:15 PM
Don't Let Bots Steal Your Business, Your Data or Your Job
Jeremy D'Hoinne, Research VP, Gartner
Tricia Phillips, Research Director, Gartner

Bots represent more than half of the traffic to enterprise web applications. While many bots are good for business, malicious bots take down web applications, scrape content and sensitive data, prevent legitimate customers from purchasing goods and services and lay the groundwork for account takeover with credential stuffing attacks. Separating good bots from bad bots, and bots from humans is a critical step to protect your enterprise web, mobile, and IoT applications against fraud and abuse and preserve access to beneficial bots.


Tuesday, June 05, 2018 02:30 PM|Tuesday, June 05, 2018 03:15 PM
7 Reasons More CEOs Will Be Fired Over Cybersecurity Breaches
Paul E. Proctor, VP Distinguished Analyst, Gartner

Using the Senate Testimony of former Equifax CEO Richard Smith, Gartner presents a timeline of events and a current analysis of factors that put senior non-IT executives at risk following a cybersecurity event. Learn how defensibility and corporate culture are key attributes when developing a cybersecurity program that balances the need to protect with the need to run your business.


Tuesday, June 05, 2018 02:30 PM|Tuesday, June 05, 2018 04:00 PM
Workshop: Negotiating for Risk and Security in Vendor Agreements
Christopher Ambrose, Research VP, Gartner

Until fairly recently, vendor risk was about vendor viability, credit-worthiness and reputation. While these things are important, the cybersecurity posture of your vendor ecosystem has become more critical. This workshop will provide best-practice advice on negotiating risk and security into vendor agreements.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 02:30 PM|Tuesday, June 05, 2018 04:00 PM
Workshop: The Myth of the Glass Ceiling — How to Recruit, Retain and Promote for Inclusion and Diversity
Jie Zhang, Research Director, Gartner
Roberta Witty, Research VP, Gartner
Joanna G. Huisman, Research Director, Gartner

Diversity in tech matters—for innovation, for product development, for revenue/profits, for meeting future workforce demands, and for closing economic and wealth gaps. Despite billions of dollars spent in recent years to increase diversity, biases and barriers exist throughout the tech pipeline from K-12 education through the tech workforce and venture capital. This workshop will address how the tech culture drives out talent, resulting in a revolving door for underrepresented groups.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 02:45 PM|Tuesday, June 05, 2018 03:15 PM
A New Definition and Market Reality for Endpoint Protection

A revised definition of endpoint protection platforms (EPPs) details the challenges faced by organizations in protecting themselves. It outlines changes requiring EPPs to prevent file-based attacks, detect malicious activity and provide investigation and remediation capabilities to respond to dynamic security incidents. This session will focus on the opportunities and realities in deploying endpoint protection aligned to this new vision.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 02:45 PM|Tuesday, June 05, 2018 03:15 PM
Security Maturity: How Am I Doing? (& how can I do better?)
Hadi Hosn, Director, Secureworks

Leaders are often asked to measure the maturity of their security processes, people & technology against industry frameworks and peer organizations. While the frameworks are exhaustive and detailed, executing them takes significant time and resource. Secureworks’ Maturity Model helps leaders understand where they sit on a maturity scale and what they need to do to improve their security posture.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 02:45 PM|Tuesday, June 05, 2018 03:15 PM
Best Practices in Developing a Cognitive SOC

As machine learning and cognitive computing start to have a measurable impact on cybersecurity programs, especially in the SOC, several best practices are emerging. This session will present a series of real examples and related insights, along with observations on where the next innovations will come from.'

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 02:45 PM|Tuesday, June 05, 2018 03:15 PM
Best Practices for Network Segmentation
Kevin Skahill, Director, Product Management, Cisco Systems

Now you can provide access to any application--without compromising on security--while gaining awareness of what is hitting your network. See how the Cisco Software-Defined Access (SD-Access) is giving customers insights and a single, highly secure network. SD-Access simplifies delivery of consistent, highly secure, identity-based policy for users and devices across wired and wireless networks.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 02:45 PM|Tuesday, June 05, 2018 03:15 PM
Building Cyber Resilient Architectures
Dave Polton, Global Director of Innovation, NTT Security
John Addeo , Director Security, Dimension Data

As you develop the secure workplace of tomorrow, you need the right architecture. Do you have the right people, processes and technology in place? Learn the top elements of building to ensure a comprehensive cyber strategy with a single point of contact to defend against threats. This session discusses the importance of properly managing risk as part of the resilient architecture in a global infrastructure.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 03:30 PM|Tuesday, June 05, 2018 04:00 PM
Darktrace: An Industrial Immune System
Nicole Eagan, CEO, Darktrace
Andrew Tsonchev, Director of Technology, Darktrace

As IT and OT environments converge and ICS environments face advanced threats, a new approach is required. While total prevention of compromise is untenable, utilizing AI to detect and autonomously respond to emerging attacks within a network is an achievable cyber security goal, whether the threat originated on the corporate network or ICS. Learn how AI is automating advanced threat detection and hear real world examples of OT threats.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 03:30 PM|Tuesday, June 05, 2018 04:00 PM
Where's Your Junk Drawer? Finding Homes for Outdated Systems
Ian Schmertzler, President and CFO, Dispel

Too critical to replace—too old to maintain. Are you dedicating FTEs to keeping unsupported or unpatched systems online because they're too critical to take down? Use virtual software-defined networking to keep your Junk Drawer protected and separate from the rest of your infrastructure. Segment the unsupported, and build a path forward. In this session, learn how to maintain access to unpatchable systems, while keeping them online and safe.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 03:30 PM|Tuesday, June 05, 2018 04:00 PM
Securing Your Data: Don’t Overlook DNS (Adversaries Aren’t)
Andrew Wertkin, Chief Product and Technology Officer, BlueCat Networks

Long dismissed as mere network plumbing, DNS has emerged to combat adversaries using it to quietly bypass security defenses like firewalls, IDSs, and endpoint agents. In this session BlueCat breaks down two known attacks to show how DNS can instead be used to secure sensitive data and critical systems. We also cover how to implement policy control before internal DNS caching, and DNS query monitoring for breach detection and forensic visibility.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 03:30 PM|Tuesday, June 05, 2018 04:00 PM
Top 3 Lessons Learned from Verizon’s Cloud Access Security Broker Deployment

The rapid adoption of cloud apps has had a ripple effect on all areas of security. Solutions are needed to provide visibility into cloud app activity, seamlessly enforce DLP policies across on-premises and cloud infrastructure, monitor suspicious account behavior, and prevent malware and APTs from penetrating cloud accounts. This session will share Verizon’s journey tackling cloud security challenges, lessons learned and actionable best practices.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 03:30 PM|Tuesday, June 05, 2018 04:00 PM
Scaling the Digital Workspace with Intelligence and Security

Digital workspaces can increase productivity by 5X, giving employees simple access to apps and data from the device of their choice. As organizations move towards digital transformation, the digital workspace will continue to evolve beyond the traditional perimeter. New requirements to satisfy security must be met in this new era. Discover how to scale the modern digital workspace with insights, automation, predictive security and management.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Tuesday, June 05, 2018 03:30 PM|Tuesday, June 05, 2018 04:15 PM
The Trouble with Trust

In the era of mobility, cloud, BYOD, and IoT, the hardened network perimeter approach must transform to empower the way modern enterprises work. Frameworks like zero trust networking promise to solve our security problems, but what if zero trust is just transferring trust to something other than the network? Moving from the “authenticate once and you’re in” model to continuous assessment of trust is a new imperative, but is this a zero-sum game?


Tuesday, June 05, 2018 03:30 PM|Tuesday, June 05, 2018 04:15 PM
The Year of the Defender: 2018 Trends in Cyber Security

Cybersecurity dominated the news cycle in 2017: ransomware, global destructive wipers, leaks of spy tools, and more. 2018 is bringing a new trend: there are initial signs of the defenders gaining back the upper hand. In this session Sam Curry, Cybereason Chief Security Officer, will discuss the five latest attack trends and the recent advancements in technology, policy and practices that serve as fruitful ground for this positive switch.


Tuesday, June 05, 2018 03:30 PM|Tuesday, June 05, 2018 04:15 PM
Running a SOC in a Security Company
Simon Gibson, CISO, Gigamon

Running a SOC is not a task for the faint of heart. Running one in a security company is a unique challenge: protecting assets while understanding the existential headache a breach would cause for the brand. In this session, SOC leaders from Gigamon will discuss their approach. They’ll cover their product choices, the role their own products play and how they use automation. They’ll also discuss how they test new tools, avoid expensive upgrades and stop tool sprawl. You’ll get insights you can use to fortify your own security stance.


Tuesday, June 05, 2018 03:30 PM|Tuesday, June 05, 2018 04:15 PM
Rapid7: Additional Session Details Coming Soon

Rapid7: Additional Session Details Coming Soon


Tuesday, June 05, 2018 03:30 PM|Tuesday, June 05, 2018 04:15 PM
Do You Have Control Over Your Unstructured Data?
John Herring, CEO, Fasoo Inc

Unstructured data is hard to get and keep control of. It is highly vulnerable to data breaches, and when poorly managed drains resources and productivity in the workplace. Join Fasoo to learn how to manage unstructured data securely and efficiently. This session will show how to take a holistic approach to enterprise unstructured data through data discovery, classification, security, governance and collaboration.


Tuesday, June 05, 2018 03:30 PM|Tuesday, June 05, 2018 04:15 PM
Capital One: A Journey in Delivering Secure Customer Identity Management
Steve White, Chief Security Officer, ForgeRock
Sean Willeford, Director, Software Engineering, Capital One

In an environment where boundaries are constantly shifting, managing risk and maintaining security while meeting customer expectations is paramount to success. Learn how Capital One is achieving this success through their implementation of digital customer identity and authentication in the cloud. Walk away with lessons learned, keys to success and where security and identity are headed in this interactive presentation.


Tuesday, June 05, 2018 03:30 PM|Tuesday, June 05, 2018 04:15 PM
Intrusion Suppression: Countering Cyber-Insurgency

We are grappling with a cyber-insurgency. Migration to the cloud and mobility have undermined perimeter defense. This session will discuss how cybercriminals and nation states have modernized attacks. Elite hackers from Russia, Iran, and North Korea will be discussed and an assessment on their modus operandi will be provided. Join us to learn how to build a cybersecurity architecture that will suppress cyber intrusions and predict attacks.


Tuesday, June 05, 2018 03:30 PM|Tuesday, June 05, 2018 04:15 PM
F-Secure: We Got 99 Problems But a Breach Ain’t One
Janne Pirttilahti, Vice President, Product Management & Managed Services , F-Secure
Aaron Toren, Global IT Security Operations Center Manager, Euronet Worldwide

With a threat landscape filled with increasingly complex threats, headaches for executives responsible for IT security are growing exponentially. Preventive endpoint protection solutions alone are no longer enough. Find out how the team at Euronet Worldwide, one of the world’s largest provider of electronic payment services, built proactive capabilities that detect and respond to modern cyber-attacks.


Tuesday, June 05, 2018 03:30 PM|Tuesday, June 05, 2018 04:15 PM
Modern Security is Identity-Driven Security

Most breaches involve weak or stolen credentials, and businesses operating in a perimeter-less world, identity becomes the cornerstone of security. Organizations must find a balance between enforcing strong security controls while promoting continued productivity. Join Okta as we make the case for identity-driven security, a framework that keeps your users and data secure without increasing the burden for your admins or end users.


Tuesday, June 05, 2018 03:30 PM|Tuesday, June 05, 2018 04:15 PM
How CISOs Can Avoid Breaches & Improve Cyber-Resilience
Gaurav Banga, CEO and Founder, Balbix

The enterprise attack surface is massive today and continues to grow rapidly. What if you could measure breach likelihood + impact for every device, user and app? Balbix believes you can avoid the majority of breaches by taking a proactive, three-step approach. Learn how avoiding breaches is different than just managing vulnerability, what is needed to proactively avoid breaches, and how you can tangibly impact resilience and compliance.


Tuesday, June 05, 2018 03:30 PM|Tuesday, June 05, 2018 04:15 PM
Solution Provider Sessions


Tuesday, June 05, 2018 04:15 PM|Tuesday, June 05, 2018 04:45 PM
Networking Break


Tuesday, June 05, 2018 04:15 PM|Tuesday, June 05, 2018 04:45 PM
Approaches to Data Security in a Regulated World
Mario de Boer, Research VP, Gartner

Regulations are driving data security like never before. There are a variety of tools available to approach the problem, but selecting the right combination can be difficult. Understand the value of Gartner for Technical Professionals through a number of research examples on protecting data through its lifecycle.


Tuesday, June 05, 2018 04:45 PM|Tuesday, June 05, 2018 05:30 PM
Gartner Keynote: Digital 2025: A Rant Against Solutionism, a Plea for Duality and the Struggle for Success
Frank Buytendijk, VP & Gartner Fellow, Gartner

As an IT leader, your scope has changed. From building back-office and front-office systems, to be in the middle of the digital business. And the next thing is getting clear: the role of your organization in the #digitalsociety. This provocative, fast-paced presentation argues that the Silicon Valley way of creating a better world is short-sighted and misguided. A better understanding of how society works is needed, and every IT leader needs a story here. It is easy to be cynical and "realistic " in today's world, but what we really need is stories of optimism and hope. What will be your story?


Tuesday, June 05, 2018 05:30 PM|Tuesday, June 05, 2018 08:30 PM
Bourbon, Bacon & Bar-B-Que Oh My

Bourbon & Bacon anyone? By popular demand, our Bourbon & Bacon Fest is back again. Join us in Proofpoint’s hospitality suite to taste your favorite bourbons and indulge in smoky, salty, delicious bacon. This is the party you can’t miss.


Tuesday, June 05, 2018 05:30 PM|Tuesday, June 05, 2018 08:30 PM
Microsoft: Additional Hospitality Suite Details Coming Soon

Microsoft: Additional Hospitality Suite Details Coming Soon


Tuesday, June 05, 2018 05:30 PM|Tuesday, June 05, 2018 08:30 PM
Secureworks: Additional Hospitality Suite Details Coming Soon

Secureworks: Additional Hospitality Suite Details Coming Soon


Tuesday, June 05, 2018 05:30 PM|Tuesday, June 05, 2018 08:30 PM
NTT Goes Hollywood!

Come visit our hospitality suite and take a walk on the red carpet, sip some bubbly and play in the celebrity photo booth. Prizes are given away every 15 minutes with a grand prize trip to Hollywood! (or a place of your choice)


Tuesday, June 05, 2018 05:30 PM|Tuesday, June 05, 2018 08:30 PM
NETSKOPE, INC.: Additional Hospitality Suite Details Coming Soon

NETSKOPE, INC.: Additional Hospitality Suite Details Coming Soon


Tuesday, June 05, 2018 05:30 PM|Tuesday, June 05, 2018 08:30 PM
The Challenge

Carbon Black: Additional Hospitality Suite Details Coming Soon


Tuesday, June 05, 2018 05:30 PM|Tuesday, June 05, 2018 08:30 PM
Join Qualys for a Night of Bright Lights in the Big Apple

Stroll through the streets of New York and enjoy a slice of life in the city that never sleeps while taking in the glitz, glamour and thrill of live Broadway theatre and incredible street performances. Sip Q-Manhattans with security experts and colleagues; taste the Big Apple’s authentic local cuisine on every corner. Start spreading the news, we’ll be raffling off a Vespa so you can zip from Times Square to Battery Park in a New York minute.


Tuesday, June 05, 2018 05:30 PM|Tuesday, June 05, 2018 08:30 PM
Bomgar Corporation: Additional Hospitality Suite Details Coming Soon

Bomgar Corporation: Additional Hospitality Suite Details Coming Soon


Tuesday, June 05, 2018 05:30 PM|Tuesday, June 05, 2018 08:30 PM
Forcepoint Derby Hospitality Suite

Spend an exciting evening playing the ponies at the Forcepoint Derby! Our Clubhouse will feature food and beverages as you use the Derby Bucks we provide on your chosen horse among the horses running throughout the evening. All winning bets at our track will be entered to win fabulous prizes. Prize announcements will be held every 15 min and of course, old sport, you must be present to win. We look forward to seeing you in the Winner’s Circle!


Tuesday, June 05, 2018 05:30 PM|Tuesday, June 05, 2018 08:30 PM
Comodo Cybersecurity’s Mission: Possible – Render Threats Useless

Comodo Security Solutions: Additional Hospitality Suite Details Coming Soon


Tuesday, June 05, 2018 05:30 PM|Tuesday, June 05, 2018 08:30 PM
Party Under the Big Top with Cisco Security

Join Cisco Security for an evening of food, drinks, and the opportunity to connect with other Security professionals at the Annual Networking Reception. Cisco Security will also be raffling off a brand new Vespa in a live giveaway.* You must be present to win, so make sure you stay until the very end!


Tuesday, June 05, 2018 06:00 PM|Tuesday, June 05, 2018 07:00 PM
Women in IT Reception


Tuesday, June 05, 2018 06:30 PM|Tuesday, June 05, 2018 08:00 PM
Enterprise IT Leaders Networking Reception

Please join us in our exclusive Enterprise IT Leaders Lounge for a cocktail reception to network with your fellow peers. This is open to Enterprise IT Leaders members and Enterprise Elite prospects.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 06:45 AM|Wednesday, June 06, 2018 06:30 PM
Registration


Wednesday, June 06, 2018 07:00 AM|Wednesday, June 06, 2018 07:45 AM
Juniper Networks: Additional Session Details Coming Soon

Juniper Networks: Additional Session Details Coming Soon


Wednesday, June 06, 2018 07:00 AM|Wednesday, June 06, 2018 08:00 AM
CISO Circle Breakfast: Five Questions on AI That CISOs Should Answer
Jeremy D'Hoinne, Research VP, Gartner
Sam Olyaei, Principal Research Analyst, Gartner

No one can escape the wave of artificial intelligence marketing. The promise of increased security and better automation is appealing to CISOs, but sets the wrong expectations. Being too optimistic about artificial intelligence's impact could hurt the security organization. This session will highlight how artificial intelligence might impact security and risk management, what to expect and how to adapt to the changes.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 07:00 AM|Wednesday, June 06, 2018 08:00 AM
Attendee Breakfast

Join other attendees for breakfast before the day's sessions


Wednesday, June 06, 2018 07:00 AM|Wednesday, June 06, 2018 08:00 AM
Women in IT Breakfast: #MeToo in the IT Workforce
Debra Wheatman, President, Careers Done Write

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 08:15 AM|Wednesday, June 06, 2018 09:15 AM
Guest Keynote: Innovation Lessons We Can Learn From Hackers
Keren Elazari, internationally acclaimed security researcher and author,

Keren Elazari, senior researcher at the Balvatnik Interdisciplinary Cyber Research Center In the information age, data is the new currency and access to it is power. With battle cries such as “information wants to be free,” “hack the planet” and “we are legion” in recent years, hackers have risen to infamy. But can we learn anything about innovation from them? The surprising fact is that hacking can, and often does, improve products. It exposes vulnerabilities, encourages innovations, and demonstrates what is possible and how consumers actually want to use technology. In this keynote, attendees will learn how companies that once fought hackers, can now invite them to innovate – and how more organizations are learning to embrace the creative aspects of hacker culture.


Wednesday, June 06, 2018 09:15 AM|Wednesday, June 06, 2018 09:45 AM
Architect Cloud Security Controls Using Gartner for Technical Professionals
Eric Maiwald, Managing VP, Gartner

Moving data and workloads from the datacenter to the cloud often raises security concerns. There are different approaches for security data in IaaS vs. SaaS environments. See how you can benefit from Gartner for Technical Professionals research in the planning, design and technology selection phases of your cloud project.


Wednesday, June 06, 2018 09:15 AM|Wednesday, June 06, 2018 09:45 AM
Networking Break


Wednesday, June 06, 2018 09:30 AM|Wednesday, June 06, 2018 02:15 PM
Learning Lab

With malware and phishing attacks more prevalent than ever, IT administrators are pressed to find new ways to protect their businesses. During this Learning Lab session, you will learn about Chrome OS & Browser's unique security model to deter against these threats, and how Google protects its own workforce. **Please see pdf attachment for full Learning Lab schedule


Wednesday, June 06, 2018 09:30 AM|Wednesday, June 06, 2018 02:15 PM
Exhibit Showcase

Visit the Exhibit Showcase to evaluate industry offerings that can move your business forward. Engage with your peers in our Networking Hub’s lounge and café. Stick around for the afternoon dessert reception and attend a theater session to see technology in action.


Wednesday, June 06, 2018 09:45 AM|Wednesday, June 06, 2018 10:15 AM
Magic Quadrant for Application Security Testing (Repeat)
Ayal Tirosh, Principal Research Analyst, Gartner

Security and risk management leaders should select AST tools and services and embed them in the SDLC as a critical component of an application security program. In this session, we will illustrate the market and main vendors in the application security testing space.


Wednesday, June 06, 2018 09:45 AM|Wednesday, June 06, 2018 10:15 AM
Magic Quadrant for Intrusion Detection and Prevention Systems (Repeat)
Craig Lawson, Research VP, Gartner

This session will review the latest Gartner Magic Quadrant for intrusion detection and prevention systems. Attendees will learn about the current market and valuable use cases for this well established network security technology, as well as hear an overview of the vendor landscape.


Wednesday, June 06, 2018 09:45 AM|Wednesday, June 06, 2018 10:30 AM
Meetup: Overcoming Security Challenges at Fortune 500 Companies
Peer Open Discussion – No Facilitator, ,

Join other Fortune 500 peers to share the unique security challenges of very large, multinational enterprises, as well as ideas and proven best practices to overcome them. Peer Connect Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 09:45 AM|Wednesday, June 06, 2018 10:30 AM
GRC Era Is Over as Customers Adopt Integrated Risk Management
John A. Wheeler, Research Director, Gartner

To better address the needs of global CEOs and senior executives, end-user organizations are shifting focus away from governance, risk and compliance (GRC) to IRM solutions. IRM goes beyond traditional, compliance-driven GRC technology solutions to provide actionable insights that are aligned with business strategies, not just regulatory mandates. Learn how this market is quickly expanding to meet the new demands of the digital business.


Wednesday, June 06, 2018 09:45 AM|Wednesday, June 06, 2018 10:30 AM
Manage Your Resilience Debt: Always Include Options for Reliability in Digital Infrastructure
Mark Thomas Jaggers, Research Director, Gartner

I&O leaders are under pressure to support business growth, deliver competitive differentiation and minimize ongoing costs. Delivery of nonresilient infrastructure must be carefully scrutinized to avoid negative cost implications in the medium to long-term. This session will explain that resilience needs to be a key part of infrastructure delivery planning, but devising a pragmatic approach is key to ensuring success in a bimodal, cloud-embracing environment.


Wednesday, June 06, 2018 09:45 AM|Wednesday, June 06, 2018 10:30 AM
Pragmatic Steps for a Successful Security Strategy
Rob McMillan, Research Director, Gartner
F. Christian Byrnes, Managing VP, Gartner

CISOs are called on to fill the twin roles of operational expert and strategic planner. Many CISOs struggle when developing a strategy because they have not been exposed to this process. A few pragmatic steps can help ensure that your strategy is useful. This session will address the following: • What are the elements that you must consider? • What pragmatic steps can you take during its development to ensure success? • What safeguards do you need to support successful execution?


Wednesday, June 06, 2018 09:45 AM|Wednesday, June 06, 2018 10:30 AM
How Midsize Enterprises Can Improve Their Detection and Response Capabilities
Kelly M. Kavanagh, Principal Research Analyst, Gartner

Midsize enterprises (MSEs) focus their security budgets on preventative security technologies, leaving them exposed as external threats are increasingly able to get past those controls. This session will help MSE organizations understand the need for detection and response capabilities and how to utilize them through the right combination of people, processes, technologies and services. This session is a good fit for you if your organization has between five and 50 people in IT and an IT budget between $5 million and $30 million. We prequalify attendees for midsize enterprise sessions based on annual revenue between $50 million and $1 billion.”


Wednesday, June 06, 2018 09:45 AM|Wednesday, June 06, 2018 10:30 AM
Alexa, Investigate This Incident
Augusto Barros, Research VP, Gartner

Security orchestration, automation and response (SOAR) tools have been growing in popularity as organizations try to introduce automation in their security operations practices. This session defines this emerging technology and presents emerging deployment and operations practices. Questions covered: • What is SOAR • Do I need it? Who does? • How are organizations using SOAR tools? • What are the best practices in deployment and use of SOAR tools?


Wednesday, June 06, 2018 09:45 AM|Wednesday, June 06, 2018 10:30 AM
Meetup: Cybersecurity - Increasing Awareness and Communicating from Employee to Board Level
Peer Open Discussion – No Facilitator, ,

This Meetup will discuss practical methods for increasing end user awareness of cyber threats in your organization. What's worked for you? What tools are you using? What are the most effective ways to increase awareness at the associate level and to communicate at the board level? Peer Connect Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 09:45 AM|Wednesday, June 06, 2018 10:30 AM
Meetup: Advancing Security and Risk Management Practices in Healthcare
Peer Open Discussion – No Facilitator, ,

If you have specific concerns that you'd like to address with other security and risk management professionals in the healthcare industry, this is the meetup for you. Peer Connect Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 09:45 AM|Wednesday, June 06, 2018 10:30 AM
Strategies and Technologies for Protecting Yourself from the Internet Cesspool
Neil MacDonald, VP Distinguished Analyst, Gartner
Steve Riley, Research Director, Gartner

Almost all successful attacks originate from the public internet. Users who succumb to browser-based attacks and services are at risk from network designs that accept unsolicited connections. Not meant for a complex and interconnected world, traditional browsers and network DMZs are now obsolete. Security leaders can reduce risks using software-defined perimeters, browser isolation and other techniques that isolate users and applications from the internet.


Wednesday, June 06, 2018 09:45 AM|Wednesday, June 06, 2018 10:30 AM
Become a Risk-Aware Organization in the Digital Era
Earl Perkins, Research VP, Gartner

One critical requirement of an organization's risk maturity is an effective organization to manage evolving risks as the organization responds to digital business pressures. This presentation explores the skills, organizational structures and processes needed by an organization to be successful in managing digital risks.


Wednesday, June 06, 2018 09:45 AM|Wednesday, June 06, 2018 10:30 AM
How to Approach Security in an Aligned IT/OT World
Wam Voster, Research Director, Gartner
Saniye Burcu Alaybeyi, Research Director, Gartner

Business requirements drive organizations to connect their IT and OT. This alignment between IT and OT requires organizations to rethink their approach to securing the traditionally separate IT and OT worlds. This session will cover best practices on getting security governance right in an aligned IT/OT world, tips on how to deploy common teams and the role of the digital risk officer.


Wednesday, June 06, 2018 09:45 AM|Wednesday, June 06, 2018 10:30 AM
Windows 10 Security and Implementation Advice
Peter Firstbrook, Research VP, Gartner
Ian McShane, Research Director, Gartner

Windows 10 is getting unprecedented rapid implementation in the enterprise. This session will: • Look at the most significant security improvements in Windows 10. • Compare and contrast optional Windows 10 security features to third-party solutions. • Provide implementation guidance to ensure that the security improvements are getting deployed. • Look a the future of Windows security in the enterprise.


Wednesday, June 06, 2018 09:45 AM|Wednesday, June 06, 2018 11:15 AM
Workshop: Reporting Cybersecurity and IT Risk to the Business (Exclusive for Midsize Enterprise Attendees)
Kevin Kampman, Research Director, Gartner
Neil Wynne, Sr Research Analyst, Gartner
Sam Olyaei, Principal Research Analyst, Gartner

Cybersecurity and IT risk are business imperatives. Developing an effective message that balances the need to protect with the need to run your midsize enterprise is critical to success. Many of the successful concepts are not obvious, and some of what is obvious is actually not advised. This session describes what to do and what not to do. It presents a slide deck to start and guidance to modify the deck for your specific needs. This session is a good fit for you if your organization has between five and 50 people in IT and an IT budget between $5 million and $30 million. We prequalify attendees for midsize enterprise sessions based on annual revenue between $50 million and $1 billion.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 09:45 AM|Wednesday, June 06, 2018 11:15 AM
Workshop: Crisis Communications After a Security Incident
Matthew T. Stamper, Research Director, Gartner
Roberta Witty, Research VP, Gartner
Joanna G. Huisman, Research Director, Gartner

From the likes of WannaCry, Petya and others, cyberattacks are more frequently and more significantly disrupting business operations. This workshop presents crisis communication and coordination best practices so that attendees will gain valuable experience in ensuring a strong crisis communications position.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 10:45 AM|Wednesday, June 06, 2018 11:15 AM
Security Maturity: How Am I Doing? (& how can I do better?)
Hadi Hosn, Director, Secureworks

Leaders are often asked to measure the maturity of their security processes, people & technology against industry frameworks and peer organizations. While the frameworks are exhaustive and detailed, executing them takes significant time and resource. Secureworks’ Maturity Model helps leaders understand where they sit on a maturity scale and what they need to do to improve their security posture.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 10:45 AM|Wednesday, June 06, 2018 11:15 AM
Leverage the Power of Threat Intelligence for Incident Response

As targeted attacks continue to increase in sophistication and volume, incident responders and SOC analysts are overwhelmed with volume of alerts despite the investment in different tools. This session will focus on strategies for bringing together threat intelligence across endpoint, network/cloud, and email gateways with cloud-based threat analytics to identify targeted attacks in earlier stages. This is based on Symantec’s threat intelligence research projects such as Dragonfly (attacks against energy sector).

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 10:45 AM|Wednesday, June 06, 2018 11:15 AM
Best Practices in Developing a Cognitive SOC

As machine learning and cognitive computing start to have a measurable impact on cybersecurity programs, especially in the SOC, several best practices are emerging. This session will present a series of real examples and related insights, along with observations on where the next innovations will come from.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 10:45 AM|Wednesday, June 06, 2018 11:15 AM
Data Security : Creating a “Data Security by Design” Culture

The advent of digitization and analytics has pushed data to the forefront of creating new business opportunities. As data becomes the new fuel for economy, data security is a top concern not only for enterprises and small business, but for everyday consumers as well. Regulations like GDPR provide further mandates to be incorporated into the very fabric of corporate systems and processes and give more power in the hands of the consumer.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 10:45 AM|Wednesday, June 06, 2018 11:15 AM
A New Definition and Market Reality for Endpoint Protection

A revised definition of endpoint protection platforms (EPPs) details the challenges faced by organizations in protecting themselves. It outlines changes requiring EPPs to prevent file-based attacks, detect malicious activity and provide investigation and remediation capabilities to respond to dynamic security incidents. This session will focus on the opportunities and realities in deploying endpoint protection aligned to this new vision.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 10:45 AM|Wednesday, June 06, 2018 11:30 AM
The Who: A People-Centric Approach to Threats and Risk

It’s no secret that modern attackers have pivoted to targeting people. A simple LinkedIn or Google search can tell them all they need to know about who has access to the system or data they target. Join this session to learn how organizations can identify their most attacked users and design better protections for highly targeted users.


Wednesday, June 06, 2018 10:45 AM|Wednesday, June 06, 2018 11:30 AM
Our Office 365 Journey
Robb Wilber, Director, Global Networks and Telecom, Kelly Services
Dan Shelton, Director, Product Management, Zscaler

What happens to your network and security architecture when you roll out Office 365 to thousands of users in more than 20 countries? A lot. Office 365 places bigger demands on your network and your Internet gateway than it has ever had to handle, and there are a lot of ways to get it wrong. This talk will address network and gateway architecture, branch office enablement and branch security.


Wednesday, June 06, 2018 10:45 AM|Wednesday, June 06, 2018 11:30 AM
Don't Forget to Cover Your Assets! Oracle on Data Security
Vipin Samar, Senior Vice President, Database Security, Oracle

Data is the most valuable IT asset, but if not protected can become your biggest liability. Join Oracle to discuss the latest innovations in securing databases both on premises and in the cloud. Learn how preventive and detect/respond controls can secure your Oracle and non-Oracle assets and simultaneously deliver a step-function improvement in your SOC efficiency. And you’ll see how those controls help with EU-GDPR and similar regulations.


Wednesday, June 06, 2018 10:45 AM|Wednesday, June 06, 2018 11:30 AM
CenturyLink: The Art of Securing the Hybrid Network
Chris Richter, VP Global Security Services, CenturyLink

Hybrid networking and SD-WAN have emerged to provide more flexibility and efficiency in networking. You can now access the cloud as easily as you can access private data center applications. This evolution has caused the erosion of the traditional network perimeter and added new security complexities. In this session, we will utilize real use cases to describe how organizations have secured their ecosystem as they transition to hybrid models.


Wednesday, June 06, 2018 10:45 AM|Wednesday, June 06, 2018 11:30 AM
Levers of Human Deception: The Science of Social Engineering
Perry Carpenter, Chief Evangelist and Strategy Officer, Knowbe4

No matter how much security technology we purchase, we still face a fundamental security problem: people. This session will explore the different levers that social engineers and scam artists pull to make us more likely to do their bidding. We'll provide fun and engaging examples of mental manipulation in everyday life: from oily car dealers, to social engineering and online scams. Additionally, we'll look at how to ethically use the principles.


Wednesday, June 06, 2018 10:45 AM|Wednesday, June 06, 2018 11:30 AM
Securing Your Agency’s Environment During IT Modernization

IT is constantly evolving and modernizing your agency’s IT environment makes security even more difficult during the transition. Come listen to Craig Bowman - VP Advanced Solutions, describe the key sticking points for IT Modernization and how to align it to your security strategy, the Modernizing Government Technology Act, and what we can learn from this year’s Data Breach Investigations Report (DBIR).


Wednesday, June 06, 2018 10:45 AM|Wednesday, June 06, 2018 11:30 AM
Alexa – are your APIs secure?
Setu Kulkarni, VP, Product Management, WhiteHat Security
Shivajee Samdarshi, Sr. Vice President, Engineering, WhiteHat Security

As digital assistants and products become commonplace in our homes, we need to seriously consider the security implications. This session will explore these security implications, focusing specifically on the APIs that connect the latest digital phenomena to us through our devices; and on the microservices that are used to build many of today’s most interesting applications.


Wednesday, June 06, 2018 10:45 AM|Wednesday, June 06, 2018 11:30 AM
Mules and Machines: Stealing Big from Banks

Trustwave SpiderLabs has uncovered a new type of cyber-attack targeting the financial industry. Come find out how this “hybrid-style” campaign has resulted in over one billion USD in losses. Featuring a case study on a series of investigations, you will see the most recent pivot in the banking threat landscape and get insights for protecting your organization from these dangerous adversaries.


Wednesday, June 06, 2018 10:45 AM|Wednesday, June 06, 2018 11:30 AM
Real-World Use Cases of AI Empowering Threat Hunting
Matthew Stits, Security Architect , Adobe

Protecting the company brand and intellectual property is a business imperative. AI-based cyberattack detection and response reduces and prioritizes alerts, speeds-up incident response, and identifies threats in real time. Join Vectra CEO Hitesh Sheth and Matthew Stits, Enterprise Security Architect at Adobe, to hear real-world use cases about how AI empowers threat hunters to find hidden threats, reduce attacker dwell-time and prevent loss.


Wednesday, June 06, 2018 10:45 AM|Wednesday, June 06, 2018 11:30 AM
Realizing Near-Zero Security Flaws in Your Software
Nick Percoco, Chief Security Officer, Uptake

Building enterprise software is difficult. Building secure enterprise software is even harder. In a modern, agile, software company, there are dozens of factors that could easily fight against a goal of building secure software. This talk will explore the pitfalls and achievements of attempting to reach "near-zero" security flaws in software products at a fast growing startup.


Wednesday, June 06, 2018 10:45 AM|Wednesday, June 06, 2018 11:30 AM
Solution Provider Sessions


Wednesday, June 06, 2018 10:45 AM|Wednesday, June 06, 2018 11:35 AM
Securing Disruptive Technologies and Digital Disruption
William Varma, , BMO Financial Group

Digital business challenges the traditional approaches to security management. Striking a balance between digital innovation and providing assurance requires an approach that is way beyond being reactive or looking at the next cool thing. Using scare tactics to secure funding for security initiatives has become something of a cliché. Let's change the conversation. Aman Raheja - US CISO of BMO Financial Group has developed a vision for security and risk management that brings objectivity to the InfoSec conversation. This session will present the B-I-C-T framework - a multi-pronged approach for framing the security strategy from the perspective of Business value, Industry benchmarking, Compliance, and Threat management. Can security do something that makes the organization more productive, more agile? Yes, take all four components, put them together in the right order, and you'll have a solid strategy and a wonderful business driver.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 11:30 AM|Wednesday, June 06, 2018 11:45 AM
Understanding the Value of Gartner: Risk Management Program
Bre Howell, Director, Gartner

Discover how you can leverage Gartner’s wide range of resources on Risk Management Programs, from market dynamics, strategy research, tools & templates, to vendor insights and implementation guides. This initiative offers insights and best practices that can help you deliver market-differentiating strategies and practices that can scale with business ambitions.


Wednesday, June 06, 2018 11:45 AM|Wednesday, June 06, 2018 12:15 PM
Why You Must Consider Data Privacy When Building Your IoT Initiative
Bart Willemsen, Research Director, Gartner
David Anthony Mahdi, Research Director, Gartner

IoT devices generate a huge amount of data, which may include sensitive personal data. As regulations and awareness of privacy increase, security leaders require a consistent approach with data security and privacy. What are the concerns with IoT security? What are the legal implications of regional privacy laws such as GDPR? What approaches should be considered when embarking on IoT initiatives?


Wednesday, June 06, 2018 11:45 AM|Wednesday, June 06, 2018 12:15 PM
Impact Appraisal: Technologies Converge to Aid Transparency in Mobile Authentication
John Girard, VP Distinguished Analyst, Gartner

If you are still struggling with getting beyond passwords, better times are coming. The conjunction of increasing online use cases and competition for embedded biometrics in next-generation hardware is propelling opportunities for advanced authentication techniques. This presentation will chart a course for clever, subtle and transparent identity management.


Wednesday, June 06, 2018 11:45 AM|Wednesday, June 06, 2018 12:15 PM
Tips for Selecting the Right Security Analytics Tools for Your SOC
Jeremy D'Hoinne, Research VP, Gartner
Toby Bussa, Research VP, Gartner

When building a security operation center, or trying to improve the visibility over threats, an abundance of new technologies overwhelm security leaders with too many options. This session will highlight the benefits and compare the use cases for the most useful security analytics tools. Technologies covered in this session include: SIEM, network traffic analysis, user behavior analytics, endpoint detection and response, intrusion detection, full packet capture and SOAR.


Wednesday, June 06, 2018 11:45 AM|Wednesday, June 06, 2018 12:15 PM
Enterprise Firewalls, CASBs and Secure Web Gateways: Untangling the Feature Snarl
Jon Amato, Research Director, Gartner

Enterprise firewalls, cloud access security brokers and secure web gateways all form important parts of the enterprise perimeter defense. But the common feature sets of these three approaches overlap substantially. In this session, we will address the points of overlap and help you determine when good enough is in fact enough, and when nothing less than best-of-breed functionality will do.


Wednesday, June 06, 2018 11:45 AM|Wednesday, June 06, 2018 12:15 PM
Leveraging a Security Champion Program to Drive a More Security-Aware Culture
Joanna G. Huisman, Research Director, Gartner

Mobilizing a security champion program gives security and risk management leaders a geographically and organizationally dispersed team of knowledgeable employees whose focus is to reinforce key security messages and enable long-term behavior change, ultimately driving a more security-aware culture. This session will focus on how to: 1) Get executive support for the security champion program by aligning the overall program objectives directly with company objectives. 2) Build a network of champions that is inclusive of all roles and geographies across the enterprise. 3) Present to candidates the role of a champion as a developmental opportunity and integrate it into performance development plans. 4) Allow champions to take creative liberties with the content to better suit their audiences.


Wednesday, June 06, 2018 11:45 AM|Wednesday, June 06, 2018 12:15 PM
Competitive Landscape for Endpoint Security Platforms, 2018
Avivah Litan, VP Distinguished Analyst, Gartner

This session will present leading endpoint security vendors and will examine the features and strategies that make them attractive. Key issues covered: • What are the features of a market leading endpoint security platform that integrates prevention, detection and response into one combined solution? • Who are the leading endpoint security vendors and why does Gartner consider their solutions "market leading"?


Wednesday, June 06, 2018 11:45 AM|Wednesday, June 06, 2018 12:15 PM
Know Your Risk Appetite or Fail at Risk Management!
Jeffrey Wheatman, Research VP, Gartner

Governance is about getting business stakeholders to be accountable for risk decisions. Understanding your organization's risk appetite is at the core of establishing proper accountability for managing risk. The only way to make that work is to understand, or more accurately help them understand, what their appetite for accepting risk is. In other words, how much risk are THEY willing to accept?


Wednesday, June 06, 2018 11:45 AM|Wednesday, June 06, 2018 12:15 PM
Ask a Hacker
Ayal Tirosh, Principal Research Analyst, Gartner
Keren Elazari, internationally acclaimed security researcher and author,
Rob Fuller, Hacker,
Jesse Krembs, Security Practitioner,

Hackers — worst nightmare or potential ally? The term hacker carries a wide range of connotations. In this session, meet a real-world hacker who will answer questions about what it means to be a hacker. Why do they do it? How do they do it? What are some of the best and worst security strategies they've encountered? How do they go about breaking stuff?


Wednesday, June 06, 2018 11:45 AM|Wednesday, June 06, 2018 12:15 PM
Data Classification 101
Marc-Antoine Meunier, Research Director, Gartner

Increasing regulatory and security threats are pushing a lot of security and risk management leaders to start a data classification initiative or revisit a previously unsuccessful one. This session provides a practical approach to implement data classification: 1) What policies and standards do you need? 2) How do you implement data classification successfully? 3) What role do tools play?


Wednesday, June 06, 2018 11:45 AM|Wednesday, June 06, 2018 12:15 PM
Magic Quadrant for Cloud Access Security Brokers (Repeat)
Steve Riley, Research Director, Gartner

By 2020, 60% of large enterprises will use a CASB to govern cloud services, up from less than 10% today. There's a good reason for this expected jump in adoption. Cloud access security brokers have become an essential element of any cloud security strategy, helping organizations govern the use of cloud and protect sensitive data in the cloud. Attend this session to help you align CASB vendors to address specific use-case requirements.


Wednesday, June 06, 2018 11:45 AM|Wednesday, June 06, 2018 12:15 PM
The 2018 Magic Quadrant for Endpoint Protection Platforms (Repeat)
Ian McShane, Research Director, Gartner

The EPP MQ is one of the most popular documents on Gartner.com, and clients want to understand what the relative placement really means. This year's lead author, Ian McShane, will take you through the analysis process, the assessment criteria and of course the products themselves. Attendees will get updated information and guidance on how best to use this document when evaluating vendors.


Wednesday, June 06, 2018 12:15 PM|Wednesday, June 06, 2018 01:00 PM
Harnessing the Power of the Intelligent Security Graph
Sarah Fender, Director of Product Marketing, Microsoft

The Intelligent Security Graph is a unified platform for combatting cyberthreats, powering real-time threat protection for Microsoft products and services. Learn how a new Security API unlocks opportunities to connect and extend the Graph, providing a unified interface for developers to integrate and correlate security alerts from multiple sources, enrich investigations with contextual data, and automate security operations for greater efficiency


Wednesday, June 06, 2018 12:15 PM|Wednesday, June 06, 2018 01:15 PM
Attendee Lunch


Wednesday, June 06, 2018 12:15 PM|Wednesday, June 06, 2018 01:15 PM
CISO Circle Lunch: Maverick — Your Cybersecurity is in the Hands of Emerging Digital Nations!
Matthew T. Stamper, Research Director, Gartner
Sam Olyaei, Principal Research Analyst, Gartner

It is no surprise that the future of cybersecurity is moving toward automation, orchestration and a decentralized security function that rewards "versatilists" and shuns specialists. This is further augmented by the focus on promoting innovative technologies in advanced analytics, blockchain, AI/ML and such. The surprise is where this surge is coming from. Join us in this Maverick session to learn about how you can take advantage of this uprising from nontraditional actors in cybersecurity.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 01:10 PM|Wednesday, June 06, 2018 01:35 PM
Vulnerability Prioritization & Prediction in Practice
Jonathan Cran, Head of Research, Kenna Security

Join Reid Shelton, Senior Director of Information Security at Capital One and Jonathan Cran, Head of Research at Kenna Security for discussion about the challenges of vulnerability management in 2018. Jonathan will detail new research from Kenna on vulnerability remediation strategies and Reid will discuss how vulnerabilities are discovered, prioritized, and ultimately fixed in his environment today.


Wednesday, June 06, 2018 01:10 PM|Wednesday, June 06, 2018 01:35 PM
PKWARE: “Protect Your Data, Sleep Like a Baby”
blair semple, Business Development, PKWARE

Typical approaches to security focus on protecting where data is — instead of data itself. But data is everywhere, and it’s being shared, stored and used inside and outside of the organization’s control. Join Blair Semple, PKWARE’s Sr. Director of Business Development, where he’ll demonstrate a new approach to data security which includes defining and assigning policy and the resulting impact on your data and the lack of impact on your users.


Wednesday, June 06, 2018 01:10 PM|Wednesday, June 06, 2018 01:35 PM
Corelight: Life on Mars. Learning from Extreme Environments
Gregory Bell, CEO, Corelight

Enterprise security is full of daunting challenges, but imagine making it even harder by adding 400 Gbps networks, unmanageable endpoints, thousands of collaborators in dozens of countries, and acutely sensitive data. What security practices and tools would evolve in that kind of environment? For an answer, we can turn to the U.S. National Labs - famous for 100 Nobel Prizes, but also for Bro, the open-source network monitoring platform


Wednesday, June 06, 2018 01:30 PM|Wednesday, June 06, 2018 02:00 PM
Architect the Digital Platform: Build a Vendor Shortlist by Leveraging the Power of Gartner
Richard Cho, GVP, Gartner

As you navigate through the IT buying cycle from business need determination to solution implementation, Gartner presents a range of offerings that can guide you along the way. For the critical step of building a shortlist of vendors that you have deeper conversations with, you can leverage multiple Gartner tools including MQs. Critical Capabilities as well as Gartner’s free reviews and ratings platform Gartner Peer Insights.


Wednesday, June 06, 2018 01:45 PM|Wednesday, June 06, 2018 02:10 PM
Mobile security: what you don’t know can’t hurt you - right?
Michael Covington, Vice President, Product Strategy, Wandera

Mobile is an emerging threat vector. Corporate laptops aren’t allowed into circulation without endpoint protection and network monitoring; yet, mobile devices are allowed to roam free. What organizations lack most is a thorough understanding of how mobile is being used and the controls to enforce company policy. In this talk we will give real-world scenarios that highlight the need for visibility in order to effectively manage a mobile fleet.


Wednesday, June 06, 2018 01:45 PM|Wednesday, June 06, 2018 02:10 PM
Overcoming the Complexities of Implementing Automation

An understaffed security workforce is struggling to protect your evolving enterprise from ever changing cyber threats. Automation could be the answer to hardening your security posture in these shifting sands. However, the task of implementing automation across such a diverse and continuously morphing environment presents a challenge.  In this session, we will discuss best practices to overcome the complexities of implementing automation.


Wednesday, June 06, 2018 02:15 PM|Wednesday, June 06, 2018 02:55 PM
Do the Simple Things Well in Information Security
Craig Lawson, Research VP, Gartner

Good information security hygiene is a must, but many organizations lose focus on getting the basics right, leading to an unjustified level of confidence in risk posture. Join us and learn: • What are the key activities, capabilities and practices for organizations? • What are the activities that you can delay or even skip entirely? • Why doing the basics is more important than ever.


Wednesday, June 06, 2018 02:15 PM|Wednesday, June 06, 2018 03:00 PM
How to Hunt for Security Threats
Anton Chuvakin, VP Distinguished Analyst, Gartner

Threat hunting (TH) is very hot, but very few organizations actually do it. Attend this session to learn the basics of practical hunting and how to start your TH effort. Key issues covered in this session: • What is TH? • How do you incorporate TH into your SOC processes? • How do you develop a basic TH capability? • Where do you get ideas on what to hunt for? • How do you measure TH successes?


Wednesday, June 06, 2018 02:15 PM|Wednesday, June 06, 2018 03:00 PM
Meetup: How to Successfully Approach Threat Hunting
Peer Open Discussion – No Facilitator, ,

Join peers in discussing best practices and ideas in threat hunting. Peer Connect Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 02:15 PM|Wednesday, June 06, 2018 03:00 PM
Manage Security and Fraud Risks in Complex Applications with SOD Controls Monitoring
Brian Iverson, Research Director, Gartner

Only 30% of organizations automating business processes using complex applications for ERP, CRM or EHR have adopted tools for continuous monitoring of risks associated with segregation of duties (SOD) conflicts and access to sensitive information. * What is the nature of occupational fraud and security risks? * How are leading organizations addressing occupational fraud risks? * What does the market look like for tools that help address occupational fraud and security risks?


Wednesday, June 06, 2018 02:15 PM|Wednesday, June 06, 2018 03:00 PM
Network Segmentation in the Modern Data Center
Adam Hils, Research Director, Gartner
Jeremy D'Hoinne, Research VP, Gartner

Security and risk leaders are grappling with how to secure intellectual property and other digital assets in a rapidly-shifting data center. Considering that most networks are still flat, a move to private or public cloud provides opportunity to logically wall off critical assets. This talk examines segmentation decision factors and enumerates best (and worst) segmentation practices.


Wednesday, June 06, 2018 02:15 PM|Wednesday, June 06, 2018 03:00 PM
Wait! What? Someone Spoofed Our Email and We Lost $1M?
Jonathan Care, Research Director, Gartner

Emails get spoofed. Sometimes it's a prank but increasingly it's the vector for fraudulent criminal gangs. Impact can be loss of confidential data, actual financial losses through fraud or blackmail and extortion. Email has remained the dominant B2B communication channel for years and is likely to be so for the foreseeable future. Let's look at how we can fix it — not just for ourselves but for our customers, supply partners and employees.


Wednesday, June 06, 2018 02:15 PM|Wednesday, June 06, 2018 03:00 PM
The Future of IAM
Justin Taylor, Research Director, Gartner

New security threats, the reality of AI, the identity of things (IDoT), are just a few of the many things driving the need for change in the way vendors address business needs for their customers in the identity and access management space. What are the key changes needed to be made by vendors to stay competitive? In this session Gartner will address this very question. We will discuss these key points: 1) What are the market drivers for changes? 2) What is the new IAM experience like for customers? 3) What do vendors need to do to create this new experience?


Wednesday, June 06, 2018 02:15 PM|Wednesday, June 06, 2018 03:00 PM
Crossfire: Analyst Debate on the Future of Privacy
Bart Willemsen, Research Director, Gartner
Brian Iverson, Research Director, Gartner
Brian Lowans, Research Director, Gartner
Frank Buytendijk, VP & Gartner Fellow, Gartner
Paul E. Proctor, VP Distinguished Analyst, Gartner
Richard Hunter, VP & Gartner Fellow, Gartner
Rob McMillan, Research Director, Gartner

Privacy is considered a human right in most jurisdictions of the world. Yet, with multiple privacy laws globally being strengthened, privacy incidents keep happening. Is there an implied business case to ignore it? Is privacy overrated? Is it dead? Are there benefits to "get it right"? In this analyst debate, we intend to explore the benefits and disadvantages of privacy protection in the employment, government, and commercial interaction environment.


Wednesday, June 06, 2018 02:15 PM|Wednesday, June 06, 2018 03:00 PM
Meetup: Let Data Classification Save You from Risk and Compliance Headaches
Peer Open Discussion – No Facilitator, ,

What are the best ways in which your organization can make essential data easy to find and retrieve? Join your peers in this interactive discussion on data classification best practices. Peer Connect Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 02:15 PM|Wednesday, June 06, 2018 03:00 PM
Federal CIO Panel: Bridging the Policy to Reality Chasm — The Great Balancing Act
Katell Thielemann, Research VP, Gartner

From complying with legislation and executive orders to the reality of constant threats and attacks, learn how federal CIOs do it all. This lively panel discussion, featuring federal CIOs, will address challenges, lessons learned and best practices that you can apply to your own world. It will also discuss the future of cybersecurity in federal agencies.


Wednesday, June 06, 2018 02:15 PM|Wednesday, June 06, 2018 03:00 PM
Meetup: Key Considerations for Artificial Intelligence
Peer Open Discussion – No Facilitator, ,

What are the implications of artificial intelligence (AI) on security and risk management efforts? What scenarios are you evaluating? What risks/challenges do you see? Join your peers in exploring answers to these questions and others pertaining to AI. Peer Connect Meetups are interactive and self-facilitated small group discussions that connect peers who share similar challenges or interests. Please make every effort to attend your Meetup as your peers will be looking forward to meeting with you.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 02:15 PM|Wednesday, June 06, 2018 03:00 PM
How to Successfully Apply Analytics to Security Technologies
Eric Ahlm, Research Director, Gartner
Justin Taylor, Research Director, Gartner

It seems commonplace for security products of all types to claim "now with machine learning" or other such claims to using analytics. As a provider, how do you successfully integrate analytics techniques to stand out in this noisy marketplace, and create measurable customer value? This session discusses what analytics methods are most useful, how products or solutions can be improved with analytics and how to go to market using analytics as a competitive differentiation.


Wednesday, June 06, 2018 02:15 PM|Wednesday, June 06, 2018 03:15 PM
Roundtable: Deploying IoT Without Dedicated Security Resources
Robert Rhame, Research Director, Gartner
Saniye Burcu Alaybeyi, Research Director, Gartner

IoT promises rewards that make it an attractive way to positively transform segments of the business, but it also presents a high risk to organizations with only nascent security capabilities. Join us in a peer-driven discussion on how to creatively fill the security tasks and requirements to explore and deliver new IoT initiatives.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 02:15 PM|Wednesday, June 06, 2018 03:15 PM
Roundtable: The Changing Regulatory Environment — What's Next?
Deborah Kish, Principal Research Analyst, Gartner
Lawrence Pingree, Research VP, Gartner

The EU-GDPR now in effect is very much on the mind of end-user organizations. This session aims to generate a conversation between entities to learn best practices and address overall concerns. Preregistration is required. Seats are limited.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 02:15 PM|Wednesday, June 06, 2018 03:15 PM
Roundtable: BCM Program Metrics, KPIs and KRIs
Roberta Witty, Research VP, Gartner
David Gregory, Research Director, Gartner

This analyst-user roundtable with provide a forum for conference attendees to discuss how different organizations develop, use and report on BCM program metrics, KPIs and KRIs. Preregistration is required. Seats are limited.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 02:15 PM|Wednesday, June 06, 2018 03:15 PM
Roundtable: Defending the Enterprise Internet of Things
Jon Amato, Research Director, Gartner

This roundtable will feature a facilitated peer-to-peer discussion on the challenges associated with securing the enterprise against the threats posed by the proliferation of IoT and industrial IoT devices and the ways enterprise security professionals have been successful in implementing security programs around IoT. Preregistration is required. Seats are limited.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 02:15 PM|Wednesday, June 06, 2018 03:15 PM
Roundtable: Network Access Control and New Challenges to Maintain Visibility
Claudio Neiva, Research VP, Gartner

If you've had an audit finding that your infrastructure is not protected because you have no visibility and control of unauthorized devices, you know the importance of responding quickly. Participants in this session will share their best practices for mitigating implementation complexity. We’ll also discuss ground rules for access policy to cover most common use cases. Preregistration is required. Seats are limited.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 02:15 PM|Wednesday, June 06, 2018 03:15 PM
Roundtable: Practical Data Security Options for Midsize Enterprises
Marc-Antoine Meunier, Research Director, Gartner

Midsize enterprises are defined as organizations between $50 million and $1 billion in annual revenue and fewer than 1,000 employees. This roundtable discussion focuses on practical data security options for the midmarket. Preregistration is required. Seats are limited. This session is a good fit for you if your organization has between five and 50 people in IT and an IT budget between $5 million and $30 million. We prequalify attendees for midsize enterprise sessions based on annual revenue between $50 million and $1 billion.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 02:15 PM|Wednesday, June 06, 2018 03:15 PM
Roundtable: All Your SaaS Belong to Us
Jay Heiser, Research VP, Gartner

Participants in this end-user roundtable will compare notes on the best practice for the care and feeding of SaaS. We will discuss shadow IT, integration with identity services, the use of CASB, backup and recovery options. Can policy and planning actually reduce the pain and cost of SaaS, or is the situation permanently out of control? Preregistration is required. Seats are limited.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 02:15 PM|Wednesday, June 06, 2018 03:15 PM
Roundtable: Governments Must Plan Now for Quantum Computing's Impact on Security
Mark Horvath, Research Director, Gartner

Quantum computing is continuing to move forward at a steady pace and its impact will begin to be felt in the application and data security space in the next five years. Government security and risk management leaders will need to plan for changes to cryptography, privacy, data storage and identity management soon or risk being open to sudden failures in the public key infrastructure.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 02:15 PM|Wednesday, June 06, 2018 03:45 PM
Workshop: Experiences From Implementing Mobile Identity
John Girard, VP Distinguished Analyst, Gartner
Rob Smith, Research Director, Gartner

This workshop discusses real-world experiences on solving the challenges associated with identifying users and devices in a mobile landscape. It also discusses the convergence of enterprise mobility management (EMM) and IAM technologies and the implications this poses to an organization. Key Issues: • Do I need to implement mobile identity? • If so, how? • What are the best practices in deploying it?

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 02:15 PM|Wednesday, June 06, 2018 03:45 PM
Workshop: Use a Balanced Scorecard to Demonstrate Security's Value
Jeffrey Wheatman, Research VP, Gartner
Rob McMillan, Research Director, Gartner
Khushbu Pratap, Principal Research Analyst, Gartner

Security metrics are hard to do. A credible security metrics dashboard must inform management about the security posture of the organization in relevant business terms and preferably show how the security team is supporting business outcomes. It is possible to achieve this. Key Issues: • What are the basic building blocks of a balanced scorecard for information security? • How do I go about building one? • What does a sample scorecard look like?

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 02:30 PM|Wednesday, June 06, 2018 03:00 PM
A New Definition and Market Reality for Endpoint Protection

A revised definition of endpoint protection platforms (EPPs) details the challenges faced by organizations in protecting themselves. It outlines changes requiring EPPs to prevent file-based attacks, detect malicious activity and provide investigation and remediation capabilities to respond to dynamic security incidents. This session will focus on the opportunities and realities in deploying endpoint protection aligned to this new vision.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 02:30 PM|Wednesday, June 06, 2018 03:00 PM
Best Practices in Developing a Cognitive SOC

As machine learning and cognitive computing start to have a measurable impact on cybersecurity programs, especially in the SOC, several best practices are emerging. This session will present a series of real examples and related insights, along with observations on where the next innovations will come from.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 02:30 PM|Wednesday, June 06, 2018 03:00 PM
Leverage the Power of Threat Intelligence for Incident Response

As targeted attacks continue to increase in sophistication and volume, incident responders and SOC analysts are overwhelmed with volume of alerts despite the investment in different tools. This session will focus on strategies for bringing together threat intelligence across endpoint, network/cloud, and email gateways with cloud-based threat analytics to identify targeted attacks in earlier stages. This is based on Symantec’s threat intelligence research projects such as Dragonfly (attacks against energy sector).

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 02:30 PM|Wednesday, June 06, 2018 03:00 PM
Resilient Cyber Defense Architecture
Dave Polton, Global Director of Innovation, NTT Security

Your adversaries and subsequent threats to your businesses are growing at an exponential rate, while resources available to your organization are finite. Learn how to unify people, processes and technology in order to be best equipped to defend against the threats specific to you, at pace and budget that is aligned with your business strategy. This session discusses components of a holistic cyber security architecture to deliver the above.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 02:30 PM|Wednesday, June 06, 2018 03:00 PM
Accelerating Incident Analysis with Artificial Intelligence

Cognitive is helping evolve SOCs to next generation SOCs. Join Sirius and IBM Security for a look at the future of artificial intelligence, machine learning, and deep learning relative to security. See working product and how it is being used to augment and drive intelligence/efficiencies beyond the typical SIEM.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 03:15 PM|Wednesday, June 06, 2018 03:45 PM
Protection Against the #1 Threat Vector – Email

Protect your brand and keep your employees email safe with protections to stop advanced email attacks like spoofing and phishing before they can reach employee inboxes.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 03:15 PM|Wednesday, June 06, 2018 03:45 PM
TLS 1.3 and What It Means for Data Center Visibility

On March 21, the IETF approved the TLS 1.3 standard, which requires forward secrecy. This poses a problem for passive monitoring solutions because they will not be able to decrypt the traffic. In this presentation, you'll learn about TLS 1.3's implications for enterprise performance and security monitoring, and about a novel method of decrypting traffic using ephemeral session keys without an inline deployment.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 03:15 PM|Wednesday, June 06, 2018 03:45 PM
How to Secure and Defend using Unified Enterprise Defense
Chris Coryea, Head of Cybersecurity Strategy, Leidos

While most frameworks tell you what to focus on, Unified Enterprise Defense tells you how to align your people, process and technology to achieve cybersecurity success. This presentation will help your organization if it is required to comply with regulations,such as NIST, GDPR, NERC, by building in controls to SECURE and DEFEND by turning monitoring information into intelligence and using that intelligence to drive your security team.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 03:15 PM|Wednesday, June 06, 2018 03:45 PM
Endgame: Upgrade Your Attack Model to Stop Targeted Attacks
Mark Dufresne, VP of Threat Research and Prevention, Endgame

Targeted cyber-attacks have a profound effect on enterprises. To combat these attacks security teams add protections reactively to stop new attacker techniques, after damage and loss. Most endpoint security solutions focus on a single attack vector, such as malware execution. Join Endgame to discuss how security leaders should choose a model with the broadest scope to stop targeted attacks before damage and loss.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 03:15 PM|Wednesday, June 06, 2018 03:45 PM
New Emerging Threat Vectors in the Public Cloud

Security and networking teams are facing threat vectors that are completely new and foreign in the public cloud. Solutions that worked on-premises don’t provide the same protection for applications and data in the cloud. Adding to this complexity, test/dev teams are purchasing compute to build applications, which operate outside of most security and compliance mandates. Join this session to learn how to effectively migrate workloads to the public cloud by understanding the new threat landscape.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 03:15 PM|Wednesday, June 06, 2018 04:00 PM
Securing the Connected Citizen & Digital Transformation
Jonathan Nguyen-Duy, VP Strategic Programs, Fortinet

Digital transformation, expanding networks, ever more sophisticated threats and expanding regulatory compliance requirements are increasing complexity in cybersecurity. This presentation will provided a practical approach using distributed network segmentation and virtualization to secure highly distributed, hyper-connected enterprises – from the IoT edge to hybrid clouds.


Wednesday, June 06, 2018 03:15 PM|Wednesday, June 06, 2018 04:00 PM
CISO to CISO: Instituting Confidence and Securing Funding From Your Board by Using the Right Models and Data
Tony Young, Chief Information Officer, Sophos

Join Sophos CIO, Tony Young to explore the strategies, models, and data that can help you to articulate your IT risk profile to your Board and secure their buy-in to your strategy and funding requests. Getting to the point of joint accountability with your Board is not always straightforward. They need to trust and have confidence in you but often lack the expertise to ask the right questions. This pragmatic session from a seasoned CIO who is on the frontline at a publicly-listed IT security company will help to simplify the complexity and enable a satisfactory outcome to both Board and IT security team.


Wednesday, June 06, 2018 03:15 PM|Wednesday, June 06, 2018 04:00 PM
Solution Provider Sessions


Wednesday, June 06, 2018 03:15 PM|Wednesday, June 06, 2018 04:00 PM
CISO + Hacker Dream Team: How We Win Compliance AND Security
Jay Kaplan, CEO, Synack

From filing taxes to ordering pizza, hackers now help secure our everyday apps. Hacker-powered security has become the new standard for G2000 companies and government agencies who want to stay ahead of the adversary. Are responsible disclosure and bug bounty enough to manage security risk? Hear from a leading CISO and Hacker on how they work together via secure, managed crowdsourced pen testing to achieve both compliance and real security.


Wednesday, June 06, 2018 03:15 PM|Wednesday, June 06, 2018 04:00 PM
Building a Successful Insider Threat Detection Program
Kenneth Johnson, Director, Enterprise Risk and Security, Randstad USA
Robert Keizer, Program Manager, Digital Guardian

Randstad, one of the world’s largest staffing firms, is responsible for protecting their clients’ personally identifiable information, especially from malicious insiders. This session will explain how Randstad was able to develop and deploy a successful insider threat program using DLP. The discussion will also cover the benefits of choosing a managed service program for visualizing data movement and investigating threats.


Wednesday, June 06, 2018 03:15 PM|Wednesday, June 06, 2018 04:00 PM
Advanced Data Correlation Beyond the Tool or 3rd Party Platform
Brian Murphy, President & CEO, Reliaquest
Joe Partlow, CISO, Reliaquest

This talk will focus on both the technical how to and business value of automating and correlating larger subsets of data for security and other departments, focusing on the following main points: roadmap on how to efficiently ingest, parse and filter logs at scale; the advanced use cases possible with this expanded visibility and capability (inside and outside of the security tools); and leveraging security tools more effectively by segmenting actionable vs. non-actionable log events.


Wednesday, June 06, 2018 03:15 PM|Wednesday, June 06, 2018 04:00 PM
Privileged Access Management: A Key Element of Good Security

Securing administrative and other highly privileged account credentials is a foundational element of a robust security regime. In this talk you’ll learn how to bring your security to the next level by implementing a privileged access management strategy from someone who’s already done so.


Wednesday, June 06, 2018 03:15 PM|Wednesday, June 06, 2018 04:00 PM
Top 5 Phishing Reports You Should Be Showing To Your Board

If you are implementing a security awareness program – how do you talk about it with executives? This session will review the top 5 reports that Boards and top executives need to see as you implement a program. They will demonstrate if your plan is working or if changes are needed. These stats about your program will help you plan and secure the gaps between end users and technology while communicating measurable goals.


Wednesday, June 06, 2018 03:15 PM|Wednesday, June 06, 2018 04:00 PM
Leverage the Power of Shared Threat Intelligence for Faster Threat Detection & Response
Russell Spitler, Vice President, Product Strategy, AlienVault

In spite of the recent proliferation of threat intelligence sources, security professionals are still facing many of the same questions: Should we share data openly? What are we exposing ourselves to if we do? What is to be gained through collaboration? Are such sharing initiatives effective for faster detection and response? In this session, attendees will learn how to effectively leverage the power of threat intelligence to detect malicious activity and provide investigation and remediation capabilities to respond to dynamic security incidents. AlienVault will also share data from AlienVault’s Open Threat Exchange that demonstrates the benefits gained by the 80,000 participants who have chosen to share. Be sure to stop by the AlienVault booth #1104, across from Theater C to get a raffle ticket before this session for a chance to win a Nintendo Switch! We will do a live raffle drawing to select a lucky winner during the session!


Wednesday, June 06, 2018 03:15 PM|Wednesday, June 06, 2018 04:00 PM
Stepping Up to GEN V of Cyber Security

We are facing an inflection point in the world of cyber-attacks, Mega-attacks have spread fast to almost every country and every industry possible. Regardless of all our current investments in cyber security , the majority of enterprises have experienced a significant cyber security threat in past 3 years. Are we adopting the right security strategy? Are we using the appropriate generation of technologies to cope with these Mega-attacks?


Wednesday, June 06, 2018 03:15 PM|Wednesday, June 06, 2018 04:00 PM
Turtles, Trust and The Future of Cybersecurity
Brian Vecci, Technical Evangelist, Varonis

Faith in our institutions is collapsing, and GDPR is at the door. What would cybersecurity look like if we started from scratch, right now, in our hybrid, interdependent world? It would focus relentlessly on data. Learn how a data-centric security approach can reduce risk, increase efficiency and re-engineer trust in a society where faith has been shaken by unstoppable breaches.


Wednesday, June 06, 2018 04:15 PM|Wednesday, June 06, 2018 04:45 PM
Deliver Resilient Infrastructure in Hybrid IT Environments
Mark Thomas Jaggers, Research Director, Gartner

In today's increasingly interconnected world, insuring resilient infrastructure extends beyond the core data center. In this session, we will look at key points that have tripped up many companies when unexpected failures have occurred in seemingly innocuous or uncorrelated systems and how Site Reliability Engineering practices can be used to help identify where the next big outage may cascade from.


Wednesday, June 06, 2018 04:15 PM|Wednesday, June 06, 2018 04:45 PM
Digital Transformation Requires Integrated Risk Management
Earl Perkins, Research VP, Gartner

Governance, risk and compliance management served an important purpose in the first decade of the 21st century by focusing organizations on key business concerns that threaten their performance. However, its effectiveness in raising awareness of cross-domain concerns in risk management has not been realized. Integrated risk management attempts to address cross-domain concerns that digital transformation initiatives bring to organizations to ensure safe and secure business.


Wednesday, June 06, 2018 04:15 PM|Wednesday, June 06, 2018 04:45 PM
Dispel Harmful OT Security Myths, Misconceptions and False Beliefs
Saniye Burcu Alaybeyi, Research Director, Gartner
Wam Voster, Research Director, Gartner

The OT infrastructure is undergoing profound and rapid evolution, driven by IoT and increased penetration and dependence on technologies. However, organizational cultures change slower than technologies and infrastructure, while allowing for misconceptions and false beliefs to take root. Misconceptions and false beliefs create a barrier to better security postures. This high energy presentation will analyze the most common and harmful myths and provide actionable recommendations for security and risk management leaders, enabling better organizational security postures.


Wednesday, June 06, 2018 04:15 PM|Wednesday, June 06, 2018 04:45 PM
How to Be a Cloud Security Guru
Steve Riley, Research Director, Gartner

Cloud is not just a synonym for the internet but a whole new way to energize your career. Tired of racking and stacking and patching? Bored with consoles and control panels? Then attend this session. Cloud security upends traditional notions of protecting systems and data. Aspects of cloud security require dabbling in adjacent IT disciplines. Come learn how to develop cloud security skills for yourself and for your organization.


Wednesday, June 06, 2018 04:15 PM|Wednesday, June 06, 2018 04:45 PM
Which Detection Methodology Makes Sense?
Pete Shoard, Research Director, Gartner

This session will break down the difference between techniques and technologies used to build a detection capability. It will also offer guidance on how to align them with your internal processes, while highlighting the most important things to get right. Attend this session and learn: 1) How to look at your overall requirements and align methodologies to certain types of use cases. 2) How to identify the key elements of your environment. Do you have the data? Where should you focus? 3) Should you use an MSSP? What are the reasons that your business should take its newfound requirements and pass them to an MSSP? How do you understand what is most cost-effective?


Wednesday, June 06, 2018 04:15 PM|Wednesday, June 06, 2018 04:45 PM
Encryption and Beyond: Approaches for Secure Computing in Cloud Environments
Ramon Krikken, Research VP, Gartner

With cloud becoming a must-have or can't-avoid for many organizations, security teams are increasingly concerned with advanced attacks and regulatory requirements around data confidentiality and privacy. This session first covers basic encryption and key management in the cloud, and then examines other techniques — including emerging hardware-based approaches — that increase the trustworthiness of cloud-based infrastructure-as-a-service (IaaS).


Wednesday, June 06, 2018 04:15 PM|Wednesday, June 06, 2018 04:45 PM
Outrage or Apathy: Ignore the Emotional Element of Risk Management at Your Peril
Jeffrey Wheatman, Research VP, Gartner

We must quantify our risks! So says everybody. But what if we are wrong? Risk communication has long focused on quantifying financial impacts over poorly-defined scales and time. Years of cognitive research tell us that emotions are frequently at the core of decision making. What is risk sentiment? Do you know how risk sentiment impacts your decision makers? How can SRM leaders leverage risk sentiment to guide better decision making in your environment?


Wednesday, June 06, 2018 04:15 PM|Wednesday, June 06, 2018 04:45 PM
Protecting Your Infrastructure From DDoS Attacks
Claudio Neiva, Research VP, Gartner

If your infrastructure has been taken down by a DDoS attack, you know how painful it can be. In this session, we will analyze strategies for mitigating DDoS attacks and provide guidance for finding a solution and what enterprises and providers alike should be doing to protect themselves from becoming imminent victims.


Wednesday, June 06, 2018 04:15 PM|Wednesday, June 06, 2018 04:45 PM
The Future of Data Security: Convergence of Technology is a Must
Deborah Kish, Principal Research Analyst, Gartner

The data security ecosystem is one of, if not, the largest in security. End users have so many products to choose and no shortage of vendors to choose them from. It may be time to redefine, merge and rebuild. This session aims to reshape how the data security landscape needs to evolve between technologies and existing capabilities.


Wednesday, June 06, 2018 04:15 PM|Wednesday, June 06, 2018 05:45 PM
Workshop: Starting a Security Monitoring, Detection and Response Initiative
Anton Chuvakin, VP Distinguished Analyst, Gartner
Augusto Barros, Research VP, Gartner

We can't prevent all threats, but it doesn't mean people working on security monitoring and operations can't start detecting and responding. But how do you do it without breaking the bank? How should you start with detection and response? This workshop will go through a structured approach to find out: 1) What are the basic processes and tools to get right? 2) How do you succeed with a small team? 3) How do you use third parties gracefully and effectively?

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 04:15 PM|Wednesday, June 06, 2018 05:45 PM
Workshop: How to Build Your Midsize Enterprise Security Strategy
Neil Wynne, Sr Research Analyst, Gartner

Many midsize enterprise IT leaders responsible for security and risk management struggle to understand how to develop their strategy because they have not been exposed to this process. In this workshop, we discuss some of the elements and get you started on your own strategy. This session is a good fit for you if your organization has between five and 50 people in IT and an IT budget between $5 million and $30 million. We prequalify attendees for midsize enterprise sessions based on annual revenue between $50 million and $1 billion.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Wednesday, June 06, 2018 05:00 PM|Wednesday, June 06, 2018 05:30 PM
Finding Your Own Vulnerabilities (Before Attackers & Auditors Do)
Michael Holcomb, Director of Information Security, Fluor

Do you know where all of your cyber security vulnerabilities are? While we can never know where all of our vulnerabilities exist, we as defenders can take the initiative in looking for these vulnerabilities, both within the enterprise as well as on our systems connected directly to the Internet. This presentation provides some considerations for organizations in strengthening, or establishing, their own vulnerability management program and tips on what to do before investing resources in engaging with an outside provider to ensure the most benefit is gained from outside vulnerability assessments and penetration tests.


Wednesday, June 06, 2018 05:00 PM|Wednesday, June 06, 2018 05:30 PM
A Simple Framework for Security Analytics
Gorka Sadowski, Research Director, Gartner

UEBA and NTA are at the peak of inflated expectations in Gartner's Hype Cycle. Why, when and how should an organization use these and security analytics tools? We will present a simple framework based on use cases, analytics and data sources that organizations can use to help them select proper tools for the issues that they are facing.


Wednesday, June 06, 2018 05:00 PM|Wednesday, June 06, 2018 05:30 PM
How to Adapt Application Security Practices for DevOps
Michael Isbitski, Research Director, Gartner

Organizations are regularly adopting agile development methodologies and DevOps initiatives. Application security process and technology best practices are abundant, but not all of them fit in the world of rapid application development and delivery. This session will highlight some of the areas of opportunity for security automation as well as pitfalls that may inhibit application releases.


Wednesday, June 06, 2018 05:00 PM|Wednesday, June 06, 2018 05:30 PM
The Security and Risk Management Issues Your CFO Cares About
Rob McMillan, Research Director, Gartner
Khushbu Pratap, Principal Research Analyst, Gartner

The pressure is growing for senior executives, such as CFOs, to become more engaged in the governance and implications of security and risk management. That's why it is imperative for security and risk management leaders to identify the issues that CFOs care about, which is what this session will cover.


Wednesday, June 06, 2018 05:00 PM|Wednesday, June 06, 2018 05:30 PM
The Wisdom of Crowds: Crowdsourced Security Testing Platform Market Gains Momentum
Dale Gardner, Research Director, Gartner

Offering a broader scope of services — and a much wider range of talent — than traditional penetration testing services, crowdsourced security testing platform vendors are enjoying increased acceptance and market growth. We'll examine why buyers are opting for these programs, what issues might hold back adoption and offer a high-level competitive landscape of principal vendors.


Wednesday, June 06, 2018 05:00 PM|Wednesday, June 06, 2018 05:30 PM
Everything You Need to Know about Deception Technologies
Lawrence Pingree, Research VP, Gartner

This session will provide an update on the latest techniques, tools and process that security practitioners can use to detect attacks and enhance protection at the edge, at the endpoint and address internal threats that have breached the edge of their network perimeters. This session will also cover the reason deception is a key ingredient to a mature security program and why this technology can change the game of defense.


Wednesday, June 06, 2018 05:00 PM|Wednesday, June 06, 2018 05:30 PM
Panel: View From the Field — Women Leaders in Security and Risk Management
Avivah Litan, VP Distinguished Analyst, Gartner
Grace Gair, Security Architect Director, Radian Group
Linda Conrad, Principal, Exelon
Nedra Dickson, Global Supplier Diversity and Sustainability, Accenture

This panel discussion will cover some of the challenges and opportunities facing women in IT today and how to address them. The topics covered include: Women-owned businesses and revenue, and how that extrapolates for salaries and roles of women in corporations; the shortfall of talent in S&RM; to mentor or not; and the practical impacts on women in IT after the #metoo movement. Panelists include: Linda Conrad, Principal for Corporate & Information Security Risk Management at Exelon; Nedra Dickson, Global Supplier Inclusion & Sustainability Lead for Accenture and Grace Gair, Security Architect and Director at Radian Group. This session is open to all attendees. Seats are limited.


Wednesday, June 06, 2018 05:00 PM|Wednesday, June 06, 2018 05:30 PM
How to Securely Conduct Business in a Bring-Your-Own-IT Environment
John Girard, VP Distinguished Analyst, Gartner

It’s not your IT anymore. Whatever you think you know to maintain information security integrity after forfeiting your infrastructure is already obsolete. This presentation will show you ways to adapt to the extreme fragmentation through application of UEM concepts and a spectrum of risk-versus-trust choices.


Wednesday, June 06, 2018 05:00 PM|Wednesday, June 06, 2018 05:30 PM
The Security Risks of Smart Contracts
Kevin Kampman, Research Director, Gartner
Mark Horvath, Research Director, Gartner

New technologies like blockchain and smart contracts are rapidly gaining mainstream acceptance and may fundamentally alter the way business is conducted. Even today, we are placing mission-critical trust (and millions of dollars) into smart contracts. How do security leaders ensure business suitability in the event of an incident? What can we do to avoid some of the pitfalls of new technology?


Wednesday, June 06, 2018 05:00 PM|Wednesday, June 06, 2018 05:30 PM
How Effective and Mature is Your IT DRM Program?
Belinda Wilson, Sr Director Consulting, Gartner

This session will review the components of an IT disaster recovery management program. Assessing maturity for both processes and technologies is required to enable organizations to have effective and successful programs. The six domains that will be discussed include: governance, recovery objectives, recovery strategies & capabilities, plans, exercises, and program management.


Wednesday, June 06, 2018 06:00 PM|Wednesday, June 06, 2018 09:00 PM
VIP Boat Cruise (Invitation Only)

Join Gartner and our sponsors for a night on the Potomac. If you have a ticket for the Boat Cruise, please have the ticket & your badge ready. Shuttle service provided at lobby 5:30pm and boat departs at 6:00pm Please Note: You will need a VIP Badge from one of the participating sponsors in order to board the boat. No exceptions will be made. Participating Sponsors include: BitSight Technologies, Centrify, GuardiCore, Malwarebytes, McAfee, Pluralsight, Recorded Future, Tripwire, Vectra, Venafi


Thursday, June 07, 2018 06:45 AM|Thursday, June 07, 2018 12:30 PM
Registration


Thursday, June 07, 2018 07:00 AM|Thursday, June 07, 2018 08:00 AM
Attendee Breakfast

Join other attendees for breakfast before the day's sessions


Thursday, June 07, 2018 07:00 AM|Thursday, June 07, 2018 08:00 AM
CISO Circle Breakfast: Chart Your Long-Term Security Investments Now
John Girard, VP Distinguished Analyst, Gartner

IT buyers just want to fix today's problem. But it’s time for you to think like an investor, and not get burned over the next technology shift. Learn how to make a strategic security roadmap, using Gartner's hype cycle and other predictors. Consider the long- and short-term behavior of vendors, their influence on your business integrity, and decide when it’s time for new partnerships.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Thursday, June 07, 2018 08:00 AM|Thursday, June 07, 2018 08:45 AM
Gartner Keynote: Digital Business and Culture Clash — Surviving the Revolution
Leigh McMullen, Research VP, Gartner
Paul E. Proctor, VP Distinguished Analyst, Gartner

Gartner research shows that success in the digital business revolution requires material culture changes inside and outside of IT. Organizations are limiting themselves through fear of technology, while the line between technology and business outcomes is disappearing. Non-IT executives treat security like a cost center and do not understand how to accept technology risks. A risk-aware culture must be developed and mature. Come hear about this ground-breaking research that links digital business success to culture and risk.


Thursday, June 07, 2018 08:45 AM|Thursday, June 07, 2018 09:15 AM
Networking Break


Thursday, June 07, 2018 08:45 AM|Thursday, June 07, 2018 09:15 AM
Architect Your Malware Protection Using Gartner for Technical Professionals
Mario de Boer, Research VP, Gartner

IT security project success depends on experience, planning and architecture. See how you can benefit from Gartner’s best practices from technical planning through design and technology selection to project execution based on proven criteria. Understand the value of Gartner for Technical Professionals’ service through research examples on the topic of malware protection.


Thursday, June 07, 2018 09:15 AM|Thursday, June 07, 2018 09:45 AM
Integrating Risk & Identity: Bridging the Gap Between Worry and Action

The frequency of breaches caused by insiders indicates the extent to which enterprises are struggling to secure user access to information and applications within the organization. As organizations have deployed extended & hybrid environments, managing risk & compliance is becoming increasingly complex. So bridging the gap between worry and action is imperative. This session explores how integration of Risk & Identity platforms can enable continuous control monitoring and risk-based IAM to automate insider threat defense & access compliance.

Please Note: based on availability and eligibility you may sign-up for this session via Events Navigator after you register for this event.

Thursday, June 07, 2018 09:15 AM|Thursday, June 07, 2018 10:00 AM
SOC of the Future: Automating Security Operations

Despite the promise of automation in network defense, it’s easy to increase cost while providing little or no advanced capability. Referencing functions common in most operations teams and using real-world case studies, we will illustrate the gains, and the challenges, of automating network defense. Attendees will come away with a sense of how they can reduce cost and add efficiency in their security operations, and some tips on where to start.


Thursday, June 07, 2018 09:15 AM|Thursday, June 07, 2018 10:00 AM
Accelerating Collaborative Incident Response
Matthias Wollnik, Senior Product Manager, Code42

As organizations progress on their digital transformation into the Cloud, they have to shift their information security approach from hoping for perfect prevention to building a continuously adaptive security posture. This presentation will focus on ways to improve coordination and bring unprecedented visibility to IT, legal, and security teams.


Thursday, June 07, 2018 09:15 AM|Thursday, June 07, 2018 10:00 AM
Solution Provider Sessions


Thursday, June 07, 2018 09:15 AM|Thursday, June 07, 2018 10:00 AM
The Art and Science of Information Risk Management

As a Security Solutions Integrator, Optiv brings unique perspective on both the art and science of cyber-security. Join Optiv's J.R. Cunningham as he breaks down the core elements of an information risk management program based on data from hundreds of client assessments. During the session, he will discuss where science and art intersects to create the chemistry of a great security program and why successful programs are still a mixture of both.


Thursday, June 07, 2018 09:15 AM|Thursday, June 07, 2018 10:00 AM
ForeScout: Defense in Depth – Did it Fail?

The concept of deploying multiple layers of security controls throughout IT systems was just the first step—a step that resulted in organizations the world over having a broad portfolio of toolsets, and a false sense of security. In this session, we explore the market dynamics and challenges of layered security, and show how overconfidence can make it easy for cybercriminals. Our aim is to make security easier for you.


Thursday, June 07, 2018 09:15 AM|Thursday, June 07, 2018 10:00 AM
World Map of Malware: The Geography of Hostile Code

Join cyber war expert Dr. Kenneth Geers as he analyzes how geopolitical events affect malware in the world’s hottest cyber attack zones. Learn how cyber defenders benefit from spending more time on strategic cyber defense analysis and get actionable tactical intelligence for cybersecurity specialists. The session draws on data from Comodo Cybersecurity's Threat Intelligence Team’s analysis of 300 million first six months of 2018 malware incidents


Thursday, June 07, 2018 09:15 AM|Thursday, June 07, 2018 10:00 AM
Rethink Security with Zero Trust

81% of hacking-related breaches leverage either stolen, default, or weak passwords. As a result, organizations need to realize that any network, device, user, or application could be compromised. To better protect sensitive resources and data, IT security professionals need to adjust their mindset and adopt a new way of thinking: “Never trust, always verify”. Join us to hear why the path towards Zero Trust Security starts with Next-Gen Access.


Thursday, June 07, 2018 09:15 AM|Thursday, June 07, 2018 10:00 AM
How Sallie Mae Reduced Risk with Smarter Identity Governance

Enterprises are facing increasing pressure to govern access to data and applications more effectively. Regulations including GDPR, are pushing security executives to ensure a secure and compliant environment, while empowering the business and driving efficiency. Jerry Archer, SVP & Chief Security Officer at Sallie Mae Bank will discuss his experience leveraging identity to enforce compliance, automate access, and secure access to files and data.


Thursday, June 07, 2018 09:15 AM|Thursday, June 07, 2018 10:00 AM
The TOP Six Things a CISO Needs to Balance
Tony Anscombe, Global Security Evangelist, ESET

CISO’s are challenged by cybercriminals & their business on a daily basis. The delicate balance of managing risk against revenue, productivity to customer satisfaction & strategic value against cost is like being the conductor of an orchestra. Adding to this complex scenario are cybercriminals, and in some cases nation states, using data and intelligence to launch sophisticated targeted attacks against corporations, governments & infrastructure.


Thursday, June 07, 2018 09:15 AM|Thursday, June 07, 2018 10:00 AM
Clean-sheeting Cybersecurity

Today's cybersecurity landscape is a mess. Task-saturated personnel struggle with aging, increasingly complex and expensive environments based on ideas generated decades ago. The results are punctuated by rising costs, data breaches, significant personnel shortages, "Voodoo" return on investment, and general frustration. We need to rethink and reinvent our approach to protecting information. In this provocative and sometimes irreverent presentation, retired Brigadier General Greg Touhill, former CISO of the US government and current president of the Cyxtera Federal Group, will posit what modern cybersecurity would look like if we started from scratch and how we can pivot today's model to the modern secure future, today.


Thursday, June 07, 2018 09:15 AM|Thursday, June 07, 2018 10:00 AM
How to Create the Resilient Business your CEO Expects

You’re following conventional wisdom. You’ve bought best of breed tools. Your staff is trained on next-generation everything. But your IT still fails because every change causes unintended consequences. You live in fear of the next update, outage, threat or breach stops the business. Is it time to reconsider how these “best practices” are really working? How can you transition from a fragile organization to one that is resilient to disruption?


Thursday, June 07, 2018 10:15 AM|Thursday, June 07, 2018 11:00 AM
Successfully Securing, Governing, Managing, and Analyzing Data All Starts With the Right Classification
Alan Dayley, Research VP, Gartner
Marc-Antoine Meunier, Research Director, Gartner

Most organizations are strewn with myriad epitaphs for failed data security, data governance programs, compliance by tagging — the list never ends. Why? Because the most critical and centralized component is an afterthought. Is classification finally ready for "prime time," including effective ML and AI? What are data hubs and why are they critical for effective classification? How do we make sure that we are not just writing the next grand classification program eulogy?


Thursday, June 07, 2018 10:15 AM|Thursday, June 07, 2018 11:00 AM
If You Thought Securing Your IT Was Difficult, Try Securing Your OT
Saniye Burcu Alaybeyi, Research Director, Gartner
Wam Voster, Research Director, Gartner

The world has seen an increase in security incidents. The use of commercial operating systems in industrial control systems means that OT is now susceptible to the same attacks as in the IT world. What should security and risk management leaders do to develop a coherent strategy to protect not just the organization’s information but also the OT? This presentation will address topics like processes, architecture, and controls.


Thursday, June 07, 2018 10:15 AM|Thursday, June 07, 2018 11:00 AM
Making Application Control Manageable
Jon Amato, Research Director, Gartner

Application control (or whitelisting) technologies have a well-deserved reputation for being difficult to implement and burdensome to manage. Managing reporting, application onboarding, and the exception handling process all contribute to lowering the value of this approach, but it doesn't have to be that way. In this session, we will explore ways to blunt the administrative impact of application whitelisting in your enterprise.


Thursday, June 07, 2018 10:15 AM|Thursday, June 07, 2018 11:00 AM
What Midsize Enterprises Must Know About Managing and Securing Mobile Devices
Dionisio Zumerle, Research Director, Gartner
John Girard, VP Distinguished Analyst, Gartner
Rob Smith, Research Director, Gartner

This session addresses the challenges of managing and securing mobile devices for midsize enterprises (MSEs). Midsize organizations often have similar requirements to large enterprises but the solutions to these problems can be radically different. This session will address the following questions: • What are the differences for MSEs when securing mobile devices? • What can MSEs do to limit risk with less resources? This session is a good fit for you if your organization has between five and 50 people in IT and an IT budget between $5 million and $30 million. We prequalify attendees for midsize enterprise sessions based on annual revenue between $50 million and $1 billion.


Thursday, June 07, 2018 10:15 AM|Thursday, June 07, 2018 11:00 AM
How to Create an IT Resilience Self-Assessment Scorecard
John P Morency, Research VP, Gartner

IT resilience is a frequently used, yet often misunderstood, term. Identifying the relevant management disciplines, scope of deployment, success metrics and compelling business cases are all critical success factors. Experience and lessons learned from ITScore for business continuity and IT disaster recovery, as well as industry best practices, will be leveraged in the presentation of a step-by-step process for creating a viable and sustainable IT resilience program as well as a self-assessment scorecard.


Thursday, June 07, 2018 10:15 AM|Thursday, June 07, 2018 11:00 AM
The Evolution of SIEM Technology
Toby Bussa, Research VP, Gartner

Security information and event management (SIEM) technologies have been around for almost two decades, and have evolved and adapted as use cases and the external landscape have changed over time. SIEM tools are far from dead, but change is happening. This session will cover how SIEM technologies are evolving and what the future of SIEM solutions will look like.


Thursday, June 07, 2018 10:15 AM|Thursday, June 07, 2018 11:00 AM
What to Do in the Face of Advanced Attacks
Jonathan Care, Research Director, Gartner

With the advent of wide-scale attacks on the financial ecosystem and other key industries, today's information security leaders must respond effectively. Attend this session to explore the answers to the following questions: What should information security leaders do? How should they communicate with executive management that a successful attack is not only likely, but inevitable? What key tactics should they implement? How should they energize their team and how should they communicate with their stakeholders?


Thursday, June 07, 2018 10:15 AM|Thursday, June 07, 2018 11:00 AM
Security Strategies and Architecture for Hybrid Data Center Infrastructures
Neil MacDonald, VP Distinguished Analyst, Gartner

Hybrid cloud will be the reality for the vast majority of enterprises for at least the next five years. Rather than create silos of security tools and processes for on premises infrastructure and cloud services, we recommend a strategy for a "single pane of glass" for visibility and control of hybrid cloud infrastructures. This presentation will explore technologies and processes to make this possible including cloud workload protection platforms and security configuration assessments.


Thursday, June 07, 2018 10:15 AM|Thursday, June 07, 2018 11:00 AM
Vendor Landscape for Integrated Risk Management Solutions
Elizabeth Kim, Sr Research Analyst, Gartner

The vendor landscape for integrated risk management (IRM) solution is dynamic. This session will provide an overview of the current state of the IRM solution provider landscape and recommendations on how vendors can deliver differentiation to their solution.


Thursday, June 07, 2018 11:15 AM|Thursday, June 07, 2018 11:45 AM
The Five Use Cases You Should Be Using for IDPS, but Probably Aren't
Craig Lawson, Research VP, Gartner

This session will cover five use cases that people need to be considering for their IDS/IPS, but probably aren't today. These are: Virtual patching, public/hybrid cloud, flat internal networks, UEBA, and retrospective analysis of network traffic. Attendees will learn the pros and cons for addressing these often overlooked use cases. Key issues covered: 1) What are these five use cases? 2) Why they are helpful for a security operations/monitoring program. 3) How are they implemented?


Thursday, June 07, 2018 11:15 AM|Thursday, June 07, 2018 11:45 AM
Don't Make These Five Security Policy Writing Mistakes
Jeffrey Wheatman, Research VP, Gartner
Sam Olyaei, Principal Research Analyst, Gartner

Good security policy is a fundamental component to a sound information security posture, but security and risk management leaders may struggle to write effective policy documents, resulting in inflexible policies that can do more harm than good. What are the five biggest mistakes made? How can you avoid these mistakes and improve your policy by avoiding these common mistakes?


Thursday, June 07, 2018 11:15 AM|Thursday, June 07, 2018 11:45 AM
Blockchain, Is This Stuff Secure? How CISOs Can Evaluate the Security Risks of Blockchain
David Anthony Mahdi, Research Director, Gartner
Jonathan Care, Research Director, Gartner

Blockchain has become a much-hyped technology with a lot of potential. Yet, with cyber threats and data breaches, is this technology secure? As Blockchain starts to impact the world, CISOs must understand the security and privacy implications. This session aims to provide a CISOs with a framework that will help them identify and manage risks related to Blockchain.


Thursday, June 07, 2018 11:15 AM|Thursday, June 07, 2018 11:45 AM
Cloud Providers — The New Competitors in the Security Market
Sid Deshpande, Research Director, Gartner

Tier-1 cloud providers have spent an increasing amount of resources building out security features on their platforms over the past 18 to 24 months. Their direct competition with security vendors in many segments and desire to partner impacts competitive dynamics across the security market. This presentation analyzes the impact of cloud providers becoming security vendors.


Thursday, June 07, 2018 11:15 AM|Thursday, June 07, 2018 11:45 AM
The Emergence of Digital Risk Management
Elizabeth Kim, Sr Research Analyst, Gartner

Digital business transformation has brought about a new set of risks — digital risk. The digital risk management (DRM) solution market has emerged to help organizations integrate the management of risks associated with digital business components, such as cloud, mobile, social, big data, third-party technology, and OT/IoT. This session will provide an overview of the DRM solution market and how organizations should manage digital risks.


Thursday, June 07, 2018 11:15 AM|Thursday, June 07, 2018 11:45 AM
Secure Endpoint Communications When the VPN Is Gone
Jeremy D'Hoinne, Research VP, Gartner
John Girard, VP Distinguished Analyst, Gartner
Rob Smith, Research Director, Gartner

Users seem to be connecting to everything but their enterprise gateway these days and secure communications are in flux. Enterprises have lost integrity and control over endpoint communications. This presentation reviews your options for secure communications when the cloud has turned your network upside down, and considers several forms of mitigation including new uses for CASBs.


Thursday, June 07, 2018 11:15 AM|Thursday, June 07, 2018 11:45 AM
Services Are the Future for Threat Detection and Response
Toby Bussa, Research VP, Gartner

As the external threat landscape becomes more hostile, compliance and regulatory requirements become more common and information security resources become increasingly scarce, organizations will be forced to rely more on service providers to deliver threat detection and incident response capabilities. This session will address issues such as what should you look to outsource and what opportunities are available on the market?


Thursday, June 07, 2018 11:15 AM|Thursday, June 07, 2018 11:45 AM
How to Implement Bot Mitigation for Web Applications and APIs
Ramon Krikken, Research VP, Gartner

Bots are a growing menace to web applications and APIs. Some bots are obviously bad but some are well-intended and yet have a detrimental effect. This sessions covers various types of bots, techniques for identifying them, controls to deal with bad behavior, and the technologies that implement them. Also covered is the overlap of bot mitigation with denial-of-service and attack prevention.


Thursday, June 07, 2018 11:15 AM|Thursday, June 07, 2018 11:45 AM
Monitor User Activity With Data or Prepare for a Breach
Brian Lowans, Research Director, Gartner

Enterprises have had a wake-up call over the last few years as their data assets have been increasingly plundered, with increasing financial liabilities. Users need access to data to do their jobs, but not all data. Data-centric audit and protection tools must be applied to detect potential malicious activity before it results in a breach.


Thursday, June 07, 2018 12:00 PM|Thursday, June 07, 2018 12:30 PM
Navigating the Complexities of the BCM Software Ecosystem
Roberta Witty, Research VP, Gartner
John P Morency, Research VP, Gartner

This session will present a decision framework for selecting your organization's solution set for the BCM software ecosystem. A choice between pure play and suite vendors is dependent upon your current ecosystem and where the gaps are.


Thursday, June 07, 2018 12:00 PM|Thursday, June 07, 2018 12:30 PM
A View from the C-Suite: An MSE Insider Threat Story
Gary Berman, CEO, Cyberman Security

Many mid-sized enterprises (MSEs) don’t think they are attractive targets to hackers because of their size or lack of perceived value of their intellectual property. But this is exactly why they are such good targets. Join this session and learn 1) how one small business experienced cybercrimes perpetrated by its employees, 2) the challenges of dealing with law enforcement regarding cybercrime and 3) lessons learned that can help any MSE security professional.  


Thursday, June 07, 2018 12:00 PM|Thursday, June 07, 2018 12:30 PM
Threat Intelligence: Security Feature or Product?
Ruggero Contu, Research Director, Gartner

Is threat intelligence its own market, or is it just a feature? This session will discuss the dynamics and trends and viability of TI as a stand-alone market, with examples of different go-to-market approaches. Also, it will discuss the relevance of TI within security controls with examples of integrations.


Thursday, June 07, 2018 12:00 PM|Thursday, June 07, 2018 12:30 PM
Adopt a Lean Digital Security Organization to Mitigate the Skills Shortage
Tom Scholtz, VP & Gartner Fellow, Gartner

Ever-increasing cybersecurity threats result in organizations trying to grow their digital security teams. However, this also means that the existing shortage in qualified, experienced security people is increasing. This presentation, based on case studies, will share how taking a "lean" approach to staffing the security team can help alleviate this challenge.


Thursday, June 07, 2018 12:00 PM|Thursday, June 07, 2018 12:30 PM
Bring Some Order to the Chaos of Unstructured Data Security
Marc-Antoine Meunier, Research Director, Gartner

By recognizing the respective roles and cumulative impact of data management and security practices, security and risk management leaders will get more efficient and regain control of their unstructured data within their organization. Attend this session to address these key issues: 1) How do data management and security best practices contribute? 2) How do you enlist data owners in managing access to data? 3) How important is continuous monitoring?


Thursday, June 07, 2018 12:00 PM|Thursday, June 07, 2018 12:30 PM
Focus on API Security Before Your Digital Business Application Gets Abused
Jeremy D'Hoinne, Research VP, Gartner

Digital business opportunities have led to an explosion in new web applications, leveraging the latest progresses in development methodology, scalable architecture, and continuous integration tools. These applications are built on communication APIs that require a different approach to security than the traditional web applications. This session describes available solutions to protect web APIs and suggests a framework to initiate an API security program.


Thursday, June 07, 2018 12:00 PM|Thursday, June 07, 2018 12:30 PM
Technology Solutions and Services to Address Third-Party and Vendor Risks
Christopher Ambrose, Research VP, Gartner

Solutions and services to support vendor risk and security efforts continue to emerge. These solutions include integrated risk management (IRM) and security rating services (SRS). This session will provide an overview of the market and recommendations for their use. What are the emerging services and solutions best suited for vendor risk management?


Thursday, June 07, 2018 12:00 PM|Thursday, June 07, 2018 12:30 PM
Reduce Access Risk and Increase Usability With UEBA
Mary Ruddy, Research VP, Gartner

User and entity behavior analytics (UEBA) based on machine learning is not just a tool for smarter offline analysis. Machine learning can now support real-time automated data-driven access decisions. Organizations are starting to use machine learning tools and techniques to provide intelligent adaptive access management to meet the usability and security demands of modern digital business.


Thursday, June 07, 2018 12:00 PM|Thursday, June 07, 2018 12:30 PM
Take Control of Enterprise Role Management
Brian Iverson, Research Director, Gartner

Intuitive approaches to role management at an enterprise scale lead to the adoption of simplistic models that are usually ineffective and often counterproductive. IAM leaders should use Gartner's two-layer enterprise role framework to organize and scope role management across an entire organization with their IGA solutions. Key issues include: 1) Why is role management so difficult at an enterprise scale? 2) How should IAM leaders be thinking about enterprise role management? 3) What are the essential elements of a two-layer enterprise role management framework?


Start planning your agenda now.