Newsroom

Conference Updates

National Harbor, Md., June 9, 2022

Gartner Security & Risk Management Summit 2022 National Harbor: Day 3 Highlights

We are bringing you news and highlights from the Gartner Security & Risk Management Summit, taking place this week in National Harbor, Maryland. Below is a collection of the key announcements and insights coming out of the conference. You can read the highlights here from Day 1 and Day 2.

On Day 3 from the conference, we are discussing the multigenerational workforce in security, the privacy landscape and best practices for security strategy planning.

Key Announcements

The Multigenerational Workforce in Security

Presented by Lisa Pierce, VP, Advisory, Gartner

The security workforce encompasses many generations: baby boomers, Gen Xers, millennials and Gen Zers. In this session, Lisa Pierce, VP, Advisory, at Gartner explained how to create an IT and security culture that leverages strengths and confronts weaknesses to uncover opportunities and overcome threats. 

Key Takeaways

  • “Generational issues are top of mind for all leaders. The two most significant generational issues are an aging workforce and the integration of new generations - these are as significant as finding solutions to improve talent and finding new hires.”
  • “For the first time in modern history we have more generations in the workforce than we have ever had before and managing this multigenerational workforce brings a set of new challenges.”
  • Gartner recommends using four methods to ensure generational harmony and resilience. 
  • “Security leaders should use the CARE method - Communicate transparently, Actively listen, Relationship first, Empathetic engagement - when working with employees, especially when seeking to change behavior.”
  • Build equitable and personal development plans: “This will ensure that the security team can work more effectively in a collaborative environment, sharing responsibility for results, building camaraderie and morale.”
  • Create reverse-mentoring programs: “Each generation contributes to the professional growth of the other. This helps bridge the generational divide, effectively integrating a multigenerational workforce and more fully leveraging the capabilities of each generation.”
  • Set reasonable new hire expectations and inclusively hire all generations: “Write job descriptions with what is truly needed at that time for that position. Remember that key motivators can vary by generation.”
  • “Most cybersecurity professionals believe that a combination of mentorship, intentional career mapping and technical education can help them progress.” 

Outlook for Privacy, 2022-2023

Presented by Bernard Woo, Senior Director Analyst, Gartner

The security workforce encompasses many generations: baby boomers, Gen Xers, millennials and Gen Zers. In this session, Lisa Pierce, VP, Advisory, at Gartner explained how to create an IT and security culture that leverages strengths and confronts weaknesses to uncover opportunities and overcome threats. 

Key Takeaways

  • “The privacy regulatory landscape is getting more and more complicated, and in the face of such pressures, organizations cannot afford to be simply chasing compliance using checklists. You must evolve and become efficient and effective.”
  • “With an average budget of $2.2 million, the privacy office is unlikely to be able to afford a lot on its own, so privacy leaders must be selective and get other business units on board.”
  • “Identify the key people who help drive your privacy program forward, then figure out key priorities for these stakeholders over the next two to three years and see if you can find one or more capabilities that align with those initiatives.”
  • “Like a timer or some type of fitness tracker, privacy controls are data centric tools that draw insights and enable control at the data level, such as automated data discovery and mapping tools.”
  • “Sometimes called privacy platforms, privacy management tools and are intended to be the central repository for your compliance related documentation. These tools can help conduct risk assessments, document records of processing activities or build reports about the privacy program.”
  • Privacy user experience consists of a suite of capabilities that present and manage notices and policy statements, as well as record consent and preferences provided by customers, and handle subject rights requests submitted.”

Security Strategy Planning Best Practices

Presented by Tom Scholtz, Distinguished VP Analyst, Gartner

Consistent, practical strategic planning is essential for security and risk management leaders to establish and support the credibility of their security programs. In this session, Tom Scholtz, Distinguished VP Analyst at Gartner, shares best practices for security strategy planning and communicating the strategy to stakeholders.

Key Takeaways

  • “A functional security program is the single most important prerequisite for finding the elusive balance between protection and productivity.”
  • “Organizations often struggle to implement a continuously improving information security program that deals effectively with the increasing volatility of business, technology and threat environments. This puts the enterprise at an untenable risk of security incidents.”
  • “A prerequisite for getting business support for the security program is a clear vision that reflects the business, technology and environmental drivers that are unique to the enterprise.”
  • “When communicating to the executive, create a one-page document that highlights the most important components of the security strategy: the vision statement, the risks faced and the plan to address them.”
  • “Appropriate decision rights, adaptive governance, fast risk assessment, dynamic planning, adaptive controls and an agile operating model are all key factors that make a security program agile.”
  • “Your strategy needs to be crystal clear on three elements: Where are we, where are we going and how will we get there?”

Thanks for attending Gartner Security & Risk Management Summit 2022 National Harbor. We hope to see you again next year! 
View coverage from Day 1
View coverage from Day 2

About Gartner

Gartner, Inc. (NYSE: IT) delivers actionable, objective insight to executives and their teams. Our expert guidance and tools enable faster, smarter decisions and stronger performance on an organization’s mission-critical priorities. To learn more, visit gartner.com.

Media Contacts

Latest Releases

Reset

Gartner Data & Analytics Summit 2023 London: Day 3 Highlights

May 24 2023

Gartner Forecasts Worldwide Government IT Spending to Grow 8% in 2023

May 24 2023

Gartner Data & Analytics Summit 2023 London: Day 2 Highlights

May 23 2023

Related Content

Webinar

Don't Own Innovation; Enable It Across the Business

Watch Webinar

Webinar

The 2023 Gartner Top Cybersecurity Predictions

Watch Webinar

Webinar

Gartner Workshop: Create a Robust AI Strategy – From Plan to Action

Watch Webinar