gartner cyber security conference

How our changing world influences our threat exposure3. These sessions are available to end users only; space is limited. Use our 5 step process for aligning your culture to your changing business needs. Ensuring equal but secure access to essential digital services should be a guiding principle of any digital identity initiative, and is possible with the right CIAM tools. Join this session to learn of these significant evolutions, both from the regulatory as well as technology perspectives, Nahim Fazal, VP Analyst, Gartner. Use metrics effectively to understand changes in risk exposure. Why would you speak to them about anything else? SecOps is evolving from securing the businesss systems to securing its business operations as well. And what security, operational, and legal risks do they pose? Join us and form valuable connections with peers and Gartner experts. Organizations have continually hoarded data because it is often considered the "new gold". Participants are encouraged to share their experiences. Mitchell Schneider, Learn what technologies, processes and services will have the biggest impact on how security operations are delivered in 2022. Topics will include workshops, CISO luncheons and additional CISO-exclusive sessions, CIO networking and much more with plenty of time for Q&A. Intelligence created by an adversary through interactions with a deception assets generates real-time IOCs and TTPs that feed directly into better threat detection, threat hunting and threat modelling. Learn how NDR, Segmentation, Deception and other Network controls team up to identity and stop supply chain attacks. The pandemic has once again highlighted the importance of a robust endpoint security capability. Sr Director Analyst, Gartner. Identity is a critical foundation for the security of the systems that support our rapidly expanding virtual world. *Meet one-on-one with Gartner experts for tailored advice to help you achieve your most critical priorities. This talk provides answers to key client questions on microservices architecture. Change starts with people. This track focuses on helping leaders simplify and reframe current product offerings to succeed in changed markets. Build an effective risk management program when investing in digital business. Charlie Winckless, John Collins, Many new digital identity initiatives rely on reliable and persistent access to smart devices, mobile phone numbers and email addresses, which inadvertently discriminate against the digitally disenfranchised. Wednesday, June 08, 2022 / 02:45 PM - 04:45 PM EDT. Tricia Phillips, Thursday, June 09, 2022 / 02:00 PM - 02:20 PM EDT. From basic anti-phishing simulation through more proven communications techniques to sophisticated approaches based on the social science, this presentation provides insight into the latest best practices in the human aspects of security. How do you successfully implement microservices? This session will provide an update on the major themes in IAM to ensure that your IAM decisions in 2022 will support the strategy of the future. Have you read a Gartner research on Microsoft 365 Security and have questions to ask? This session will highlight what is important to buyers, what are the strategic capabilities needed, what is easy that you should do right away and what is hard that you should really do anyway. Migrating resources to IaaS tenants opens up questions on how to provide network security. Gartner Terms of Use In this workshop, we will work through a series of live ransomware-specific tabletop exercises, and help you be the dungeon master your organization needs, Thursday, June 09, 2022 / 11:50 AM - 12:40 PM EDT. The network firewall market faces the challenge of fulfilling multiple use cases and overlapping requirements because of the growth of hybrid environments. Cloud-native applications are not inherently insecure, but are being deployed insecurely, driven by developers and a need for agility in service development and deployment. Director Analyst, Gartner. Gain insight into the increasingly complex market for security and risk management technologies and services. Do you really understand their different behaviors and expectations? Join us and form valuable connections with peers and Gartner experts. This session will help define XDR, offer up a minimum set of use cases that must be addressable by an XDR solution and provide guidance on optimal integrations to help vendors plan their XDR strategy and roadmap. Join Mark Wah as he charts the growth of hyperautomation in security. We present the Magic Quadrant and Critical Capabilities in this session. *Preregistration is required. This session will show which operating systems and devices you need to be using along with third-party solutions to protect your organization. Wednesday, June 08, 2022 / 10:30 AM - 12:00 PM EDT. Participate in this roundtable to discuss the associated challenges and exchange ideas about how to successfully overcome them. Topics will include the NIST architectures for zero trust as well as technologies and vendors providing solutions. This session will discuss the reference architecture and dive deep into how to build the cybersecurity mesh architecture (CSMA). Is it an architecture or a product, and will it replace stuff you already have? Explore how TSPs can enter this market or partner to capitalize on MDR's growth. How do we determine what is threat intelligence for us? Friday, June 10, 2022 / 09:00 AM - 10:00 AM EDT, John McKinley, This presentation will pragmatically explore zero trust and zero trust networking and extend these concepts to operating systems, applications, users and data. Privacy Policy. Come learn how to sort through the noise in the market. *Topic-driven sessions provide a more intimate discussion forum, featuring one Gartner expert and end-user peers posing questions. This track gives you practical guidance on how to manage security teams, and stakeholders, through the evolving threat landscape. This session will help you evaluate your current AI investments, identify potential gaps and vulnerabilities and guide you to wisely invest for the future. This session will feature a deep-dive into Verizons CRQ practice, which delivers trustworthy, timely, and empowering guidance to risk owners without major investment in new data and skillsand without the need to conduct scenario likelihood calculations. When warfare happens by remote control, Net Superiority becomes the new Air Superiority, in this session Gartner and industry experts discuss the future of warfare in cyberspace, and how every enterprise is directly on the battlefield. Your leaders are telling you they want microservices, your vendors are promising to deliver microservices, your developers want to create microservices. In this session, we'll examine the various changes you should consider, along with the tools that can help in getting control. Although basic firewall features have become commodities, specialization in new firewall use cases such as FWaaS, cloud firewalls and OT firewalls is differentiating vendors. Come see leading Gartner analysts discuss how the current world events are affecting the cyber threat landscape. Vendors are merging data security capabilities into larger platforms to provide enhanced security beyond what each individual component could do alone. TechnipFMC CISO Angelique Grado decided to use the security champion model to create a master mind group, accelerating the opportunity and will share the brilliant results this has brought about over the last year. We like to lament that "the users are the weakest link in the cybersecurity chain!" Zero-trust strategies for network security have gained notable popularity in recent years. In this battle featuring 42Crunch, Noname Security, and Salt Security each vendor will get time to show how they would address a set of common use cases. Principal, Advisory, Gartner. Threat modeling helps identify weaknesses and vulnerabilities in a system design, aiding in the creation of relevant controls to address risks within a system. Obtaining confidence in a customers or employee's identity is the foundation of identity-first security. Join us for a conclusion of the CISO Circle as our host recaps highlights and thoughts from our time together. Security is seen as an obstruction to cloud adoption; this will show you how to enable without losing protection, This session will discuss the evolution of Office 365 into Microsoft 365 and the security, identity and compliance features that all organizations must implement. The presentation will define Threat Intelligence and its current adoption, provide examples of use cases and give some guidance on valuable approaches to follow to operationalize it. Thursday, June 09, 2022 / 10:30 AM - 11:15 AM EDT. Endpoint now covers a wide variety of devices, and organisations invest heavily in trying to secure them. Alex Stamos, Sr Director, Research, Gartner. With employees using all sorts of instant messaging tools, from WhatsApp to texting, enterprises are finding challenging to protect enterprise data. Sunburst showed the supply chain can be leveraged to exfiltrate data out of many enterprise environments. Cost and value are the levers that drive every business outcome, except cybersecurityuntil now. Thursday, June 09, 2022 / 02:00 PM - 03:30 PM EDT. Reporting revenues in the $100s of Millions, todays threat landscape is witnessing a burgeoning "private sector" of threat actors with defense-grade techniques. Lisa Pierce, Security and risk management leaders struggle to mature their cyber and IT risk management practices beyond conducting risk assessments. With Gen Z workers starting to enter into the workforce, cybersecurity leaders are confronted with managing the expectations of four different generations - within their teams and the greater organization culture. This session will (1) debrief the three pillars in cyber risk management (2) summarize top risk projects for cybersecurity leaders with 'project cards' and (3) offer guidance on shortlisting projects. Who are the new stakeholders in cloud-native security operations? Security and risk management (SRM) leaders must develop a coherent program based on a clear vision and strategy. Overcome the barriers of organizational culture, resources and talent to grow and scale your digital initiatives. and Cybersecurity 2032: Accelerating the Evolution of Cybersecurity, Technical Insights: 5 Steps to Start the Zero Trust Journey, The State of Network Security in the Hybrid Work Era. Cloud-native security operations will evolve toward a federated shared responsibility model with shifting centers of gravity and ownership. Sr Director Analyst, Gartner. Attendees should expect the following: 1) Insights to the Three Stages of Board Reporting At Every Organization2) A Mock Security Board Presentation by Gartners Board Experts. Director, Advisory, Gartner. Christie Struckman, Deepti Gopal, This CISO Circle session will offer actionable insights for personal effectiveness and a beginner-friendly guided mindfulness practice. Director, Advisory, Gartner. As organizations are transforming how they work, security and risk management leaders should gain baseline knowledge on:1. VP Analyst, Gartner, Security and Risk Management (SRM) leaders should use process mining to assess risk by visualizing the logic of critical business process steps and their linkage to IT system dependencies. Which ones are in your software? CISOs keep generating detailed charts, dump them into 50-page decks and throw them at their executives, hoping that anyone knows what they are talking about or cares. This session presents practical steps toward designing the right set of native and vendor layered cloud security components for your organization, Cloud security remains a challenge; we have to protect data when it is out of our control. Sr Director Analyst, Gartner. Dionisio Zumerle, This session will highlight the forces that shape network security, threats that need to be addressed, and how to think about zero trust and SASE as part of an overall network security strategy. Elizabeth Kim, Director Analyst, Gartner. How are your direct and indirect competitors using AI today and what should you expect in the future? With board-level interest at an all time high, leaders must be able to leverage principles of expected value and deterrence to provide assurance and value to the business. Andrew Bales, Change those attributes to adapt to your changing ways of working, and maintain what makes your organization unique. But what is XDR and why do you need it? Thursday, June 09, 2022 / 10:30 AM - 11:00 AM EDT, Paul Proctor, This session will cover how to think about solutions and vendors represented in this new market. Best speakers, brightest minds and the latest big ideas. Spanning the cycle from developers to customers, todays leaders face a wide, diverse array of both risks and ways to manage, mitigate and respond to them. This session is tailored for midsize organizations who are starting or have immature security programs. VP Analyst, Gartner, Thomas Lintemuth, Many security products advertise the use of AI, but what is important to the buyers? ", and "when should I establish this CFC?" Wednesday, June 08, 2022 / 02:45 PM - 03:05 PM EDT, Chris Silva, This session covers current trends and emerging topics specific to data security. Here is a spoiler, you don't need a third party to do it for you as long as you have some necessary tools and capable personnel. Let's put SSE vendors to the test in a Showfloor Showdown! Sessions provide advice on architecting, implementing and operating security controls for the hybrid enterprise. This session provides an overview of the technology supply chain risk management landscape, and suggested first steps for each category. Bring your questions ranging from business process best practices, to implementation and rollout guidance. Ask the Expert all you want to know in this area. Data security is a top priority. VP, Chief Information Security Officer, TechnipFMC. Every enterprise must develop its own model, taking into consideration basic principles, practical realities and the challenges of digital transformation. In this session, attendees will learn how to assess their program of ransomware defense and quickly close the gaps that attackers will use to make your organization the next name on their list of victims, Security service edge (SSE) is an emerging market that consolidates CASB, SWG, and ZTNA. Founder, Great Falls Ventures. Attendees built new relationships, broadened their perspectives and uncovered ways to solve problems alongside other security & risk leaders. Mark Wah, Using data as the focus of security governance and architecture roadmaps is critical for any risk management program. Privacy enhancing computation has emerged as a leading trend across multiple domains. John Watts, These sessions provide practical, real-world guidance on achieving a more secure software development life cycle and data management program. Wednesday, June 08, 2022 / 10:30 AM - 11:15 AM EDT, Pete Shoard, Exchange ideas and experiences with others in similar roles or from similar organizations. *Preregistration is required. Identity-first security has emerged as a theme in many major security initiatives and policies. Tuesday, June 07, 2022 / 03:00 PM - 03:45 PM EDT, Paul Rabinovich, We will examine why always-on VPN is often the wrong choice while determining what is the right one such as ZTNA, CASB, with the evolution to SASE, Friday, June 10, 2022 / 12:00 PM - 12:30 PM EDT. Data breach is now more of a reality than a threat which can expose personal and corporate intellectual property. Balance the imperative to rapidly modernize applications with the requirement to protect them. This workshop explores the storytelling techniques used to develop science fiction prototypes to prepare organizations' responses to disruptions. Security and risk management leaders are often treated as scapegoats in cases of breach. This consistent trend suggests current compliance-based approaches to security awareness are insufficient. This presentation explains what you need to know about XDR and what you should do about it. Leaders can break habits by confronting behaviors and providing support for everyone in their organization. Enterprises are shifting to hybrid work environments to enable anywhere, anytime access to resources that are located everywhere -- in SaaS, in public cloud IaaS with some workloads in the traditional data center. Sometimes you need to get a sense of things ahead of your formal presentations to the Executive or the Board. Organizations are building application access with Zero Trust principles. Lean in and engage This presentation will focus on providing guidance on building an effective insider risk program. Director Analyst, Gartner. These popular meetings offer you the undivided attention of a Gartner expert who will listen and guide you on the matters most critical to your success. Gartner Terms of Use VP Analyst, Gartner. In this workshop, attendees will learn how to move from tuning and integrating tools to truly extracting value from them, and build a best-in-class cybersecurity tool portfolio dashboard to guide future investments. Is there a single solution to solve all my security needs? Technology and service providers (T&SP) must embrace the change and adapt capabilities needed to enable new stakeholders. In others, board members have dedicated cybersecurity committees overseen by board members. and Friday, June 10, 2022 / 07:00 AM - 09:00 AM EDT. We will demonstrate attacks and also discuss the right EMM/UEM, MTD and other mobile security solutions your should be using today, Astrophysics teaches that space is taken up by dark matter, little is known about it, but it's everywhere. Where should you use it, and where should you not? This workshop is exclusive to CISO Circle attendees. What if they suddenly announce a profound change in policy, like WhatsApp did for sharing data with Facebook? VP, Enterprise IT Leader, Gartner. With so much changing in both where, how and with whom work gets done, our organizations culture needs to adapt accordingly. What are the unique control challenges of SaaS and how can they be addressed? CIOs, CISOs and general counsel are teaming together to improve readiness for this reality. Cloud security remains a top priority. Changes in the threat landscape and ineffectiveness of current security architectures have created significant interest in zero trust security architectures. Jie Zhang, Respond to the challenges of securing sensitive data while expanding the use of cloud services. VP Analyst, Gartner. To what end? This presentation will compile the top predictions prepared by our cybersecurity experts for the year 2022-2023. Ransomware is a threat that requires a whole-business approach to defend against and the diversity of tools, techniques, and processes that enterprise security professionals can bring to bear to protect against ransomware can be intimidating. A tour of the core perceptions around automation in the security operations domain, from self-developed capabilities using languages like Python and Java, embedded capabilities is SIEM platforms and case management systems and the likely future of SOAR solutions. CISOs report frustration that the time and effort their teams invest in quantifying cyber risk rarely drives risk owners to take action. This session will guide you through best practices for Microsoft 365 IAM. Security product leaders must transform their offerings to be relevant in a new world and culture, rethink strategies and anticipate new buyer needs. This is an example of not just DevSecOps, but getting application and product teams to fully embrace secure by design thinking. End users only, come prepared with questions. At Gartner Security & Risk Management Summit, attended had the opportunity to connect with Gartner experts and industry-leading CISOs, security leaders and risk executives. Gartner Terms of Use Join us at breakfast for an interactive panel discussion to help CISOs drive change. VP Analyst, Gartner. This session introduces information-generating and decision-making techniques that architects can use to reduce risk and uncertainty in architecture decisions: Architectural Spikes, Decision Typing, Economic Frameworks, and Lightweight FMEA. Wednesday, June 08, 2022 / 07:30 AM - 08:30 AM EDT, Ash Ahuja, A 3-way crossfire debate on the state of the cybersecurity world. - How can I use metrics to drive governance? Lean back and listen We will discuss the tools, tactics and techniques to balance the needs of the business with user's privacy. Wednesday, June 08, 2022 / 10:30 AM - 11:30 AM EDT, Dawn Hubbard, Security leadership must adapt and create an IT and security culture to uncover opportunities and overcome threats into our collaborative future. This session shows the as-is state of DSP and its variants. We discuss findings from a 2022 Gartner survey on organizations that conducted SASE and XDR projects. Prioritize what to accelerate, unlock resources for digital investments, make meaningful cultural changes and so much more. Deputy Director, 90th Cyberspace Operations Squadron, Christopher Raney, Zero Trust is more than a marketing term once you see through all the marketing. Join this discussion on security vendors that midsize enterprises love. As the role evolves, CISOs must adapt to ensure that the organization can balance risk decisions with business goals. Sr Director Analyst, Gartner. Patrick Hevesi, Marc Kerremans, Security and risk management leaders should monitor these trends to be successful in the digital era especially as most recognize that global change could potentially be one crisis away. We will discuss the key strengths and weaknesses of CASB vs. SWG vendors as they march into SSE, and which type best suits your needs, Anthony Carpino, This session walks through the steps you should be taking to turn your SLDC into an effective mechanism for securing applications, without breaking the bank. Anyone in security can benefit from a greater awareness of diversity, equity and inclusion (DEI) efforts, but it is increasingly a mandatory skill set for leaders. This keynote will deliver a repeatable methodology, grounded in sci-fi prototyping, that will allow you to identify the threats, vulnerabilities, and risks that organizations will face and develop the tools to fight them. VP Analyst, Gartner. Extended detection and response, or "XDR," is on every security vendors marketing these days. These sessions provide practical, real-world guidance on achieving a more secure software development life cycle and data management program. Sr Director Analyst, Gartner. Some MDR providers are growing at high double digits and even triple digits. In this roundtable we will compare approaches and learn from each other about what works and what does not when it comes to instant messaging and mobile apps. This session will help security and risk management technical professionals consider the cost of risk mitigation that comes from an effective DLP strategy versus the potential loss without it. Be a board member for one workshop, and use a given scenario to get comfortable with what the board requests in case risk becomes reality. Attendees had access to over 150 sessions of the latest Gartner research specifically designed to help security and risk management leaders meet the demands of the future. Assess and transform security programs to become digital business enablers. During this presentation, we will provide insight into the new tactics being used by the bad actors not only to access your environment, but what they are doing with your data once exfiltrated. Sr Director Analyst, Gartner. In this keynote, Distinguished Gartner analyst, Paul Proctor, will share how this new standard will incentivize appropriate investments and execution leading to improved protection levels globally. Managing Vice President, Gartner. Come watch iboss, Lookout, and Palo Alto Networks demonstrate how they address a set of common use cases. Leading organizations are simplifying the complexity for understaffed and overwhelmed teams. Develop new best practices to secure new enterprise network edges. This track provides strategy and tactics to help you plan. There are millions of open-source software projects in the world. Thursday, June 09, 2022 / 02:00 PM - 04:00 PM EDT, Thursday, June 09, 2022 / 02:15 PM - 03:45 PM EDT, Almost 100% of leaders have now reported to their board/executives at least once in the last two years. XDR, or Extended Detection and Response, is an extension of other technologies used for security monitoring and response, taking the analytics concepts used in tools like EDR and SIEM to a broader set of enterprise security tools. These key topics kickstarted conversations around priorities and initiatives so that attendees could tackle what was most important to them. And we are working on benchmarks for each.- What cybersecurity metrics should I measure? An exploratory session to discuss SOC requirements for detection and response capabilities, helping attendees identify the scenarios where a SIEM would be an appropriate choice and where more recent developments in the operations space fit with the introduction of concepts such as XDR. At Gartner Security & Risk Management Summit, attended had the opportunity to connect with Gartner experts and industry-leading CISOs, security leaders and risk executives. Organizations struggle to keep the business as the focus of their data security program. Establish key metrics and indicators to measure effectiveness of security programs. The CISO Circle provides targeted content, workshops and networking opportunities. Among many new areas in security that are emerging, which ones should you focus on? Director Analyst, Gartner. How is cloud adoption impacting security operations? Thursday, June 09, 2022 / 12:30 PM - 01:45 PM EDT. The vendor landscape is changing quickly. Gartner has developed and vetted a prioritized list of metrics to describe the value of your cybersecurity program to satisfy the most challenging audiences including your board, CFO, COO, customers, partners and regulators. Friday, June 10, 2022 / 10:15 AM - 11:00 AM EDT, Jamil Farshchi, An inclusive environment requires equal treatment of everyone. Do you buy SSE from CASB vendors or SWG vendors? Gartner has observed a new approach to detecting and mitigating Insider Risk. Some mobile applications are leaky or privacy-invasive and most of them do not allow the enterprise to monitor that there is no leakage of sensitive data. Hybrid work and cloud/everything as a service have reframed security around a zero-trust identity and API security. Distinguished VP Analyst, Gartner. Detecting and stopping attacks and compromises against AI requires new techniques. VP, Research, Gartner. Do you have a specific question related to securing your Microsoft 365 environment you want to ask an analyst? Join your peers for a discussion on practical ways to manage risk by changing employee behavior. Sr Director Analyst, Gartner. Microsoft offers wide range of data security capabilities yet clients struggle to identify which capability is provided with which license and whether Microsoft's native capabilities will meet their organization's requirements. All CISO Circle members are invited to a Fireside Chat with Guest Keynoter, Alex Stamos. Getting control and managing a myriad of risks requires information, process changed, and automated tools to spot and help remediate problems. Gartner published an update to the web application and API protection market last year. The CISO Circle provides targeted content, workshops and networking opportunities. Many organizations, particularly ones in critical infrastructure sectors may be impacted either directly or indirectly. This session will demonstrate how, using the concept of Cyber Judgement, top performing security teams teach their business partners how to make decisions in a risk-informed manner, and turn them into security advocates. However, organizations need to avoid "silver bullet" thinking and build strategies based on their desired business outcome.