Agenda
Tuesday, 26 September, 2023 / 09:30 AM - 10:15 AM BST
Christopher Mixter, VP, Advisory, Gartner
Jie Zhang, VP Analyst, Gartner
Cybersecurity can generate massive value for our enterprises, but only if we have the courage to challenge the lies that we as cybersecurity professionals tell ourselves. Our self-deceptions lock us into obsolete principles and practices that prevent us from truly aligning with our executive partners and enabling our organizations. This keynote will unpack the biggest lies we must defeat, highlighting the decisions and practical steps cybersecurity leaders must take to deliver the success they deserve.
Tuesday, 26 September, 2023 / 11:00 AM - 11:30 AM BST
Tom Scholtz, Distinguished VP Analyst, Gartner
CISOs are key enablers of digital business and are accountable for helping the enterprise balance the associated risks and benefits. This leadership vision will help CISOs in their planning for 2023-2024 and in presentations to leadership, peers and teams.
Tuesday, 26 September, 2023 / 12:30 PM - 01:00 PM BST
Sagar Patel, Director, Advisory, Gartner
Most CISOs face common challenges as leaders, especially if they are new or taking on the role from another part of the organization. However, Gartner has three key tools which can help a CISO with everything from understanding gaps in their organization to being a more effective leader. Diagnostics tools such as IT Score for SRM, CCA, and ODM Metrics will help CISOs to evaluate and benchmark their current cybersecurity programs and build tangible metrics to measure programs.
Tuesday, 26 September, 2023 / 02:30 PM - 03:00 PM BST
Every year, Gartner collects data from thousands of CIOs and CEOs on what matters most to them. Join this session to learn what’s most important to CIOs and CEOs; how their role is changing; the implications for security and risk leaders; and what to focus on next.
Tuesday, 26 September, 2023 / 02:30 PM - 03:15 PM BST
Paul Furtado, VP Analyst, Gartner
Learn from your peers about how they are currently addressing cybersecurity talent challenges. This session is designed for midsize enterprises or organizations between $50 million and $1 billion in revenue.
Tuesday, 26 September, 2023 / 02:30 PM - 03:15 PM BST
LJ Justice, Sr Principal, Research, Gartner
Inclusive leadership also means that leaders commit to ensuring all team members are treated equitably, feel a sense of belonging and value, and have the resources and support they need to achieve their full potential. This roundtable will explore the experiences of LGBTQ+ identifying security leaders and how their allies can act as supportive leaders and allies to the LGBTQ+ community.
Tuesday, 26 September, 2023 / 04:15 PM - 04:45 PM BST
Jie Zhang, VP Analyst, Gartner
Challenging global economic conditions continue to see the digital business evolve. CISOs must identify and execute a mix of new methods and other smart tactics to continuously adjust to business demand and demonstrate the cybersecurity team’s role and criticality as an enabler of the organization’s digital ambitions. Join this session to know tactics CISOs use to shorten the runway to program effectiveness and deliver business value.
Tuesday, 26 September, 2023 / 05:00 PM - 05:30 PM BST
Arthur Sivanathan, Sr Director, Advisory, Gartner
Resilience is a goal of every organization and what we consider to be a strategic imperative in today’s complex and turbulent world. But you know when resilience efforts miss the mark or just aren’t there. In this session we will examine four issues: Why is resilience a strategic imperative? How is resilience defined differently? How is the resilience landscape changing? How does an organization achieve operational resilience?
Tuesday, 26 September, 2023 / 05:00 PM - 05:45 PM BST
Despite encouraging progress towards greater female representation in IT, the gender gap remains concerningly steep for women who want to enter this industry and for allies who want to foster greater diversity in their teams. This roundtable facilitates the discussion for all digital workplace leaders, male or female, who wish to share and/or learn from their peers how they have encouraged and succeeded in promoting female talent in IT.
Wednesday, 27 September, 2023 / 10:30 AM - 11:00 AM BST
Jie Zhang, VP Analyst, Gartner
Managers can make or break your DEI strategy. They play a critical role in supporting workforce diversity, building inclusion in their teams, and contributing to a truly equitable organization. However, few managers truly excel at this important role. Join this session to learn what the best managers are doing differently to help translate your organization's DEI strategy into real outcomes.
Wednesday, 27 September, 2023 / 10:30 AM - 12:00 PM BST
Leigh McMullen, Distinguished VP Analyst, Gartner
The NIST CSF is missing a key aspect of cybersecurity. NIST establishes five functions: identify, protect, detect, respond and recover. But what if we can also deter? Join this workshop to discuss how cyberdeterrence can stop attacks before they even begin. We will discuss deterrence strategies, facilitate peer sharing and strategize on actionable steps to take when you return to your offices.
Wednesday, 27 September, 2023 / 12:00 PM - 12:30 PM BST
LJ Justice, Sr Principal, Research, Gartner
Everyone can contribute to improved diversity, equity and inclusion by acting as an ally to people in marginalized or underrepresented groups. However, we might miss many opportunities because we are unsure exactly what to do or afraid our actions might make things worse. In this session, we will learn how to overcome fear and embrace mistakes to be better allies and build allyship skills and confidence in others.
Wednesday, 27 September, 2023 / 02:00 PM - 02:30 PM BST
Tom Scholtz, Distinguished VP Analyst, Gartner
The human element is the most prominent contributor to data breaches. Legacy approaches delivering curriculum-based, awareness-centric programs are no longer effective. CIOs and CISOs must look beyond merely raising 'security awareness' and embed a contextually-appropriate security culture in their organization. Join this session to learn how to build and deliver an effective security behavior and culture change program.
Wednesday, 27 September, 2023 / 03:30 PM - 04:00 PM BST
Christopher Mixter, VP, Advisory, Gartner
Past the immediate implications of the current health and economic crisis, organizations are ill-prepared to confront the impact of rising interest rates and supply chain issues on their security functions. As economic uncertainty settles in and working environments become difficult, leaders must create a cost optimization plan to aid their organizations. This session will equip leaders to make a decision on where the balance between running the business and protecting the business shall be.
Wednesday, 27 September, 2023 / 03:30 PM - 04:15 PM BST
Wam Voster, VP Analyst, Gartner
One of the key challenges Gartner speaks to its clients about is how to engage effectively with your board to help ensure they receive the information needed to support risk-informed cybersecurity decision making. We often see board reports that are either too tactical or don’t provide the actionable insights the board needs to help support the CISO’s agenda. Join this Ask the Analyst session to hear how you can deliver the cybersecurity reporting that delivers upon this objective.
Wednesday, 27 September, 2023 / 04:45 PM - 05:30 PM BST
Frank Buytendijk, Distinguished VP Analyst, Gartner
What political, economic, social and other trends will influence the business the most? Which disruptions are around the corner that one wouldn't necessarily be planning for? In this energetic, entertaining keynote, we go through the most important trends and disruptions to be ready for, and how you can prepare for them.
Thursday, 28 September, 2023 / 10:30 AM - 11:00 AM BST
Frank Buytendijk, Distinguished VP Analyst, Gartner
In Gartner Futures Lab, we tackle cross-industry, cross-regional futuristic topics. This time we look beyond today's reality of digital transformation, and examine what's next. It's an autonomous business! What would that mean for security and risk, and your role? What potential impacts could autonomous businesses have on your industry? What would be different scenarios on how autonomous businesses would even work?
Thursday, 28 September, 2023 / 10:30 AM - 11:00 AM BST
Dennis Xu, Sr Director Analyst, Gartner
Advances in generative artificial intelligence (AI) like OpenAI's ChatGPT are causing organizations and teams to rethink how they approach staffing, training, operations and threat detection. This presentation will help practitioners and managers alike understand what is possible and what is hype.
Thursday, 28 September, 2023 / 10:30 AM - 11:15 AM BST
Paul Furtado, VP Analyst, Gartner
Midsize enterprises face the same security challenges as their large enterprise counterparts. However, they have to deal with these threats with less headcount and less budget. Attendees will be able to ask Gartner experts questions about how to "right size" their security program for their organization under these operating constraints.
Thursday, 28 September, 2023 / 12:00 PM - 12:30 PM BST
Wam Voster, VP Analyst, Gartner
Every year, Gartner produces impactful predictions across all practices. This presentation will compile the top predictions prepared by our cybersecurity experts. Security and risk management leaders should monitor these trends to be successful in the digital era, especially as most recognize that global change could potentially be one crisis away.
Thursday, 28 September, 2023 / 02:45 PM - 03:15 PM BST
Leigh McMullen, Distinguished VP Analyst, Gartner
We like to lament that "the users are the weakest link in the cybersecurity chain," which means that as security and risk management leaders, you must understand the critical impact of the user community on your programs. From basic anti-phishing simulation through more proven communications techniques to sophisticated approaches based on social science, this presentation provides insight into the latest best practices in the human aspects of security.
Thursday, 28 September, 2023 / 03:30 PM - 04:00 PM BST
Tom Scholtz, Distinguished VP Analyst, Gartner
CISOs are losing control as business leaders embrace digitalization, implying a shift in risk landscapes and risk appetites. Based on new primary research, this presentation will share the strategies and practices that CISOs are adopting in reaction to these seismic shifts.
Tuesday, 26 September, 2023 / 11:00 AM - 11:30 AM BST
Jeremy D'Hoinne, VP Analyst, Gartner
The threat landscape is a moving target. Attack campaigns might hit multiple organizations, but each enterprise should analyze its own threat landscape. Security and risk management leaders should gain baseline knowledge on optimizing prediction and prevention; knowing when detection is required; and preparing to respond when things go wrong.
Tuesday, 26 September, 2023 / 11:00 AM - 12:30 PM BST
Paul Furtado, VP Analyst, Gartner
Ransomware, unlike other security events, puts your organization on a countdown timer. Delays in decision-making and response can significantly increase the risk to the business. In addition to your incident-response plan, your organization needs a specific ransomware playbook. In this workshop, we will provide you with the tools and techniques needed to create a playbook specific to your organization.
Tuesday, 26 September, 2023 / 12:30 PM - 01:00 PM BST
Bart Willemsen, VP Analyst, Gartner
Society is digitalizing at unprecedented speed, and the nature of our interactions has changed fundamentally. What does this mean for privacy and corporate ethics? This session helps to understand why privacy is contextual, how overzealous data harvesting may harm your organization's performance, why sometimes less is more, and the areas to challenge your colleagues on to ensure successful customer relationships.
Tuesday, 26 September, 2023 / 12:30 PM - 01:00 PM BST
Thomas Lintemuth, VP Analyst, Gartner
The public cloud continues to grow in significance, yet it raises significant questions about cybersecurity risk and service resilience. This presentation provides a simple model that can be used to explain cloud and SaaS risks to executive audiences, including the board of directors, helping them understand the benefits, and challenges, inherent in cloud risk management.
Tuesday, 26 September, 2023 / 02:30 PM - 03:00 PM BST
Paul Proctor, Distinguished VP Analyst, Gartner
Gartner research shows that 88% of boards now regard cybersecurity as a business risk, rather than a technology risk. However, decision-makers struggle to implement business-led cybersecurity investments. They often conflate cybersecurity spending with protection and ask, “How much should we spend on cybersecurity?”
Tuesday, 26 September, 2023 / 04:15 PM - 04:45 PM BST
Wam Voster, VP Analyst, Gartner
CPS are becoming more prevalent in organizations across the board, whether as a result of OT/IT convergence or the deployment of new connect assets. What security implications do they have? What best practices are emerging? What does the future portend?
Tuesday, 26 September, 2023 / 05:00 PM - 05:35 PM BST
Bart Willemsen, VP Analyst, Gartner
AI teams are perceiving risk differently than security teams. Especially given upcoming regulations and guidelines across the globe, things to not overlook include data and model drift, uncontrolled bias and privacy and security concerns specific to AI model training and deployment. This session will explain Gartner's AI trust, risk and security management (TRiSM) market guide and how to coordinate AI issues collaboratively and consistently.
Wednesday, 27 September, 2023 / 10:30 AM - 11:00 AM BST
Tom Scholtz, Distinguished VP Analyst, Gartner
Many cybersecurity risk management efforts fail. Certain pitfalls and misconceptions can result in failure to engage, or can even produce animosity among business and IT colleagues. This presentation will highlight these pitfalls and share proven practices to avoid them.
Wednesday, 27 September, 2023 / 10:30 AM - 11:15 AM BST
Bart Willemsen, VP Analyst, Gartner
As any security practitioner knows, it is better and less costly to bake in controls rather than retrofit them. The same goes for privacy. Join this session to ask your questions about the growing practice of privacy engineering and how it can help your organization embed privacy considerations early in the design phases of processes and applications.
Wednesday, 27 September, 2023 / 12:00 PM - 12:30 PM BST
Paul Proctor, Distinguished VP Analyst, Gartner
The metrics establish a baseline for peer comparison that is very useful for guiding cybersecurity investments and board oversight. Gartner has defined 16 protection-level outcomes that create a foundation for effective collaboration with boards of directors, CIOs and CFOs. These metrics serve as value levers to manage business-led cybersecurity investments. See early insights from the first-generation benchmark and get a preview of the second generation.
Wednesday, 27 September, 2023 / 12:00 PM - 12:45 PM BST
Lisa Neubauer, Sr Director, Advisory, Gartner
Conducting tabletop exercises is a growing practice for resilience. This session allows conference participants to share their experiences.
Wednesday, 27 September, 2023 / 02:00 PM - 02:30 PM BST
Joanne Spencer, VP Analyst, Gartner
CISOs loose enough sleep twitching in the night over their internal cybersecurity defences, let alone the third-parties beyond their control. This session will review the tools, exchanges, marketplaces and subscriptions that organizations are using to assess and monitor their third parties to avoid delirium and reduce risk exposure.
Wednesday, 27 September, 2023 / 03:30 PM - 04:00 PM BST
Bart Willemsen, VP Analyst, Gartner
Privacy has been the biggest catalyst for change in data governance over the past five years. This session will dive into the top trends in privacy, the to-be-prioritized technologies and separate hype from substance. Come and get updated on the necessities of a privacy program and what you should pay attention to between today and the subsequent 12 months.
Thursday, 28 September, 2023 / 02:45 PM - 03:15 PM BST
Cybersecurity risk management is a key investment area of interest for organizations. But for security and risk management leaders, it is an on-going challenge to continuously assess the increasing scope of risks as well as mitigate the ones that can maximize protection and innovation to the business. This session offers an overview of the state of art as well as what the future will hold in cyber-risk management.
Thursday, 28 September, 2023 / 02:45 PM - 03:30 PM BST
Jie Zhang, VP Analyst, Gartner
Many global trends apply to China. However, as a more unique regional market, some of the conditions such as security practices, organization structures, technology evolution and regulatory requirements modify or form new trends. Join this session to ask questions about these issues
Thursday, 28 September, 2023 / 03:30 PM - 04:00 PM BST
Arthur Sivanathan, Sr Director, Advisory, Gartner
The BIA is the center of the universe of resilience. This session will detail the 12 steps required for how a good BIA should be done.
Tuesday, 26 September, 2023 / 11:00 AM - 11:30 AM BST
John Watts, VP Analyst, Gartner
Gartner's Magic Quadrant for Security Service Edge (SSE) covers the cloud-delivered security services for securing the web, cloud services and private applications. This session will cover how to think about solutions and vendors represented in this market.
Tuesday, 26 September, 2023 / 11:00 AM - 11:30 AM BST
Richard Bartley, VP Analyst, Gartner
Cloud security remains a top priority. This presentation summarizes the problems, recommended processes and emerging and evolving product types to address three key issues:
- What are the unique risks associated with public cloud service providers?
- What are the unique security challenges of IaaS and PaaS and how can they be mitigated?
- What are the unique control challenges of SaaS and how can they be addressed?
Tuesday, 26 September, 2023 / 12:30 PM - 01:00 PM BST
Eric Grenier, Director Analyst, Gartner
Endpoint security has long been a foundational security control, a must-have toolset that no enterprise security program can do without. But the role of endpoint security continues to evolve, covering an expanding portfolio of tools, techniques and devices. In this session, we will explore the current "state of the art" of endpoint and mobile security, and look to the future of how we can expect this crucial technology to evolve.
Tuesday, 26 September, 2023 / 12:30 PM - 01:15 PM BST
Charlie Winckless, Sr Director Analyst, Gartner
The Security Service Edge provides a method of effectively securing user to application traffic, regardless of the location of either user OR application. This session will provide an opportunity to ask specific questions about the technologies, processes, and how to effectively adopt this for your organization.
Tuesday, 26 September, 2023 / 02:30 PM - 03:00 PM BST
John Watts, VP Analyst, Gartner
Users, devices, applications and data are everywhere and so are networks. As organizations rapidly expand their footprint and support a hybrid workforce, how does network security evolve to keep up? Security and risk management leaders must understand the current trends in network security and make business-aligned, risk-focused decisions on where best to use network security today.
Tuesday, 26 September, 2023 / 04:15 PM - 04:45 PM BST
A number of consolidation trends, such as SASE and XDR, and also CNAPP and DSP, are beneficial to reduce enterprise security complexity. We discuss recent findings and how to successfully run consolidation projects.
Tuesday, 26 September, 2023 / 04:15 PM - 05:00 PM BST
Thomas Lintemuth, VP Analyst, Gartner
Remote access, whether for the full-time or hybrid work environment, is top of mind for many network and security engineers. Does it matter if one sticks with VPN? Should an organization move to ZTNA? What may be some considerations organizations should consider? Join this session to get answers to such questions.
Tuesday, 26 September, 2023 / 04:15 PM - 05:00 PM BST
Charlie Winckless, Sr Director Analyst, Gartner
Where are you in your zero-trust journey? Zero trust often feels vague and something that is full of promise with few concrete implementations. However, organizations are finding success in reducing risk with zero trust. Discuss with your peers the zero-trust strategy and implementation and the challenges faced in real-world implementations.
Tuesday, 26 September, 2023 / 05:00 PM - 05:30 PM BST
Dave Messett, Sr Director Analyst, Gartner
Security product misconfigurations can increase the attack surface, hinder operations effectiveness or even cause security breaches. But consistently identifying and managing misconfigurations and configuration drift is a challenging task. This presentation describes how to apply Gartner's five-step process to achieve security configuration excellence.
Tuesday, 26 September, 2023 / 05:00 PM - 05:30 PM BST
David Collinson, Sr Director Analyst, Gartner
Digital identity requirements and importance are growing, as organizations are migrating their infrastructure and apps to the cloud. Enterprises anticipate innovations to enable continuous, dynamic and intelligent IAM controls, while bracing for emerging decentralized identity impact and potential Web 3 business model disruption. This session discusses key trends and IAM outlook in the coming years.
Tuesday, 26 September, 2023 / 05:00 PM - 05:45 PM BST
Jeremy D'Hoinne, VP Analyst, Gartner
The future of work is hybrid, but most remote access architecture today is caught between a rock and a hard place — scale up the historical approach, or experiment with more recent solutions even if nobody knows what their application architecture will look like in a few years. In this session, a Gartner Expert will answer questions on remote access best practices for a hybrid workforce.
Wednesday, 27 September, 2023 / 10:30 AM - 11:00 AM BST
Thomas Lintemuth, VP Analyst, Gartner
Jeremy D'Hoinne, VP Analyst, Gartner
John Watts, VP Analyst, Gartner
Gartner receives thousands of inquiries on zero trust every year. Some believe the debate is settled and zero trust is the only way to do security. However, the subject is far from settled. Is Zero Trust real or just a marketing term? Is it achievable? Is cloud native required? How mature does my identity program need to be to achieve a zero trust posture?
Wednesday, 27 September, 2023 / 10:30 AM - 11:00 AM BST
Wam Voster, VP Analyst, Gartner
The market for security products for operational technology and other cyber-physical systems (CPS) is evolving rapidly. New vendors enter the scene, and mergers and acquisitions are abundant. How can security and risk management leaders evaluate and compare CPS protection platforms to select the product that best fits their situation?
Wednesday, 27 September, 2023 / 12:00 PM - 12:30 PM BST
Charlie Winckless, Sr Director Analyst, Gartner
Cloud security remains a challenge; we have to protect data when it is out of our control. This session will address the emerging trends in cloud security, what they bring to your organization and how to use them most effectively. Security is seen as an obstruction to cloud adoption; this will show you how to enable without losing protection.
Wednesday, 27 September, 2023 / 02:00 PM - 02:30 PM BST
Jon Amato, Sr Director Analyst, Gartner
Come learn the future of cyber warfare and how to realize your cybersecurity mesh. This session will focus on how future technologies will play into building your security defense in depth architecture to get ahead of the most advanced attacks. We will look at how AI, augmented reality and blockchain can factor into your cybersecurity mesh architecture of the future.
Wednesday, 27 September, 2023 / 02:00 PM - 02:45 PM BST
With employees using all sorts of instant messaging tools, from WhatsApp to texting, enterprises are finding it challenging to protect enterprise data. Some mobile applications are leaky or privacy-invasive and most of them do not allow the enterprise to monitor that there is no leakage of sensitive data. In this roundtable, we will compare approaches and learn about what works and what does not when it comes to instant messaging and mobile apps.
Wednesday, 27 September, 2023 / 02:00 PM - 03:30 PM BST
Paul Furtado, VP Analyst, Gartner
Paul Proctor, Distinguished VP Analyst, Gartner
Choose your investment in ransomware readiness carefully. The executive-level trade-off for poor investment results in a terrible position to negotiate with the criminals, business cost to downtime will be greater, and lack of defensibility with key stakeholders like customers, shareholders and regulators.
Wednesday, 27 September, 2023 / 03:30 PM - 04:00 PM BST
David Collinson, Sr Director Analyst, Gartner
While segregation of duty controls is key to preventing fraud, they can also be used very effectively in the security arena.
This session will explore the changing scope and supporting technologies to prevent toxic combinations from impacting your organization financially but perhaps more importantly also from a security perspective.
Thursday, 28 September, 2023 / 10:30 AM - 11:00 AM BST
John Watts, VP Analyst, Gartner
Zero trust is moving away from excessive marketing hype. Many organizations have set zero trust as a strategy for their organizations, but are looking at the reality of implementing zero trust at scale for their organization. This session highlights three key predications for zero trust and what you can do to prepare for the future.
Thursday, 28 September, 2023 / 10:30 AM - 11:15 AM BST
Thomas Lintemuth, VP Analyst, Gartner
A common question is where NDR fits in the XDR landscape. Many companies have been very successful with EDR deployments. Will NDR add real value to a well-deployed EDR? Attendees will learn why NDR has a solid place in their risk mitigation controls.
Thursday, 28 September, 2023 / 12:00 PM - 12:30 PM BST
John Watts, VP Analyst, Gartner
Remote access practices have changed a lot in the last few years. Unfortunately, this won't be sufficient and security leaders need to develop a five-year roadmap to enable secure access for the future of work.
This presentation will provide insights on:
1. The key lessons we learned about how to implement remote access
2. The impact of "Future of work" strategies on security
3. How to design for the long-term
Thursday, 28 September, 2023 / 12:00 PM - 12:45 PM BST
Charlie Winckless, Sr Director Analyst, Gartner
Zero trust has continued to be one of the biggest security buzzwords of this decade (especially after being featured in the executive order from May 2021), frequently used in all areas to simply mean "better security." This session will let you ask your questions to understand what "zero trust" actually means, what you need to start on a zero trust journey, and learn about practical approaches.
Thursday, 28 September, 2023 / 02:45 PM - 03:15 PM BST
Security and privacy can effectively co-exist on personal devices to a degree never before possible, but privacy implications remain. This session explores effective security controls and their implications for security and privacy. Modern organizations are increasingly demanding a mix of options when it comes to BYOD, this session will outline the ideal mix of technology, user education and privacy considerations for each.
Thursday, 28 September, 2023 / 03:30 PM - 04:00 PM BST
David Collinson, Sr Director Analyst, Gartner
Attackers have methods to compromise identity infrastructure. Traditional IAM tools cannot take the necessary actions when they are compromised. This session focuses on how identity threat detection and response (ITDR) tools can close this gap.
Thursday, 28 September, 2023 / 03:30 PM - 04:00 PM BST
Dennis Xu, Sr Director Analyst, Gartner
Posture management in the cloud is increasingly critical, but the range of flavors can be bewildering, especially as these products merge and combine. This session will provide an overview of common security posture management platforms, their capabilities and when they should best be applied.
Tuesday, 26 September, 2023 / 11:00 AM - 11:30 AM BST
William Dupre, Sr Director Analyst, Gartner
Application security continues to evolve, with DevSecOps and API security coming into maturity. However, organizations must also look to secure their software supply chain and cloud-native deployments effectively. This session will explore this evolving landscape and provide organizations with the insights they need to consider for 2023 and beyond.
Tuesday, 26 September, 2023 / 11:00 AM - 11:45 AM BST
Brian Lowans, Sr Director Analyst, Gartner
This session offers anything you want to know about data classification: from policies to processes to technology; and across privacy, regulatory requirements, and intellectual property protection use cases.
Tuesday, 26 September, 2023 / 04:15 PM - 04:45 PM BST
Dale Gardner, Sr Director Analyst, Gartner
As development teams take on more day-to-day security responsibilities, application security teams can begin to shift to a risk management approach to manage AppSec programs. In this session, we’ll discuss:
- What is ASPM?
- What to consider when evaluating and implementing tools
- Organizational impacts
Wednesday, 27 September, 2023 / 12:00 PM - 12:30 PM BST
Brian Lowans, Sr Director Analyst, Gartner
Data security is a top priority. This session covers current trends and emerging topics specific to data security. How organizations handle and consume data continues to rapidly evolve. Databases and cloud applications introduce rapidly evolving threats with countermeasures following slowly. Planning to use data as the focus of security governance and security architecture roadmaps is critical for any security and risk management program.
Wednesday, 27 September, 2023 / 02:00 PM - 02:30 PM BST
William Dupre, Sr Director Analyst, Gartner
We do a poor job at API security. To do better requires a comprehensive approach to protecting APIs. Organizations must not only apply technical solutions to API security, they must change processes and culture. This session will explore how to protect APIs using the five dimensions organizations must consider.
Wednesday, 27 September, 2023 / 03:30 PM - 04:00 PM BST
Dale Gardner, Sr Director Analyst, Gartner
Procurement and vendor risk management teams are increasingly turning to security and risk management leaders for guidance on how best to protect themselves from software supply chain risks. In this presentation, you’ll learn:
-What is a software supply chain attack?
- What sources of information are available to evaluate risk?
- Putting it all together
Thursday, 28 September, 2023 / 10:30 AM - 11:00 AM BST
Dale Gardner, Sr Director Analyst, Gartner
Pervasive, high-profile, high-impact software supply chain attacks — along with increased scrutiny and mandates from regulatory officials — have vaulted software supply chain issues to the top of security and risk management leaders' lists of concerns. In this session, you’ll learn:
-How to establish foundational risk management principles
-The optimal methods to set up security and development teams for success
-How to defend yourself from supply chain attacks.
Thursday, 28 September, 2023 / 12:00 PM - 12:30 PM BST
Bart Willemsen, VP Analyst, Gartner
Detecting and stopping compromises against AI requires new techniques and organizational structures. Malicious attacks or benign AI compromises lead to different types of organizational harm and loss — financial, reputational theft intellectual property, or compromise of sensitive data to name a few. New tools and organizations are needed to mitigate their harm. Gartner presents a framework for managing AI trust, risk and security.
Thursday, 28 September, 2023 / 02:45 PM - 03:15 PM BST
Brian Lowans, Sr Director Analyst, Gartner
This is a rapidly evolving market with capabilities to find and identify data across cloud service platforms that could have significant impacts on how you achieve data security and privacy risk assessments. This session will explore the pros and cons of evolving product capabilities.
Tuesday, 26 September, 2023 / 11:00 AM - 11:30 AM BST
Mitchell Schneider, Sr Principal Analyst, Gartner
Security operations are undergoing a transformative change when our security is planned and delivered. Do you really need to centralize data for security? Is there a single solution to solve all my security needs? How do we determine what is threat intelligence for us? Learn what technologies, processes and services will have the biggest impact on how security operations are delivered in 2023.
Tuesday, 26 September, 2023 / 12:30 PM - 01:00 PM BST
Pete Shoard, VP Analyst, Gartner
This session will address the changes in the SIEM market, the progression toward SaaS platforms, the impact of consolidated solutions such as XDR and the desire for a solution that is able to detect, investigate and respond to threats in an integrated capability that can be effectively used in line with modern infrastructure and modern SOC processes.
Tuesday, 26 September, 2023 / 02:30 PM - 03:00 PM BST
Jeremy D'Hoinne, VP Analyst, Gartner
CISOs and their teams have way too many dashboards, suffer from years of diagnostic fatigue and see their attack surface expanding continuously.
This session analyses how organizations can modernize red teaming and blue teaming with new options available to them. Cybersecurity validation techniques result in more actionable outcomes from your exposure management efforts.
Tuesday, 26 September, 2023 / 05:00 PM - 05:30 PM BST
Mitchell Schneider, Sr Principal Analyst, Gartner
As organizations update their IT and security for modern work, they now have to manage a growing attack surface due to their technological environments becoming increasingly complex and dispersed. New technologies and business initiatives, such as SaaS and supply chain pose new threats. Organizations need to invest in a better understanding of the continuous expansion of their attack surface.
Wednesday, 27 September, 2023 / 10:30 AM - 11:00 AM BST
Mitchell Schneider, Sr Principal Analyst, Gartner
Deciding when to make investments in tools, and selecting the right ones, for the modern SOC is challenging for many organizations. Are there tools that can serve multiple purposes, or is creating robust processes the answer? Security and risk management leaders responsible for security operations can use this session to serve as recommendations to discuss this common security operation center challenge.
Wednesday, 27 September, 2023 / 12:00 PM - 12:45 PM BST
Sagar Patel, Director, Advisory, Gartner
Cybersecurity is a complex, always-changing world. Between all the new tools, capabilities and procedures, there are always shortcuts, quick fixes, and on-the-fly assumptions. Are you aware of how some of those practices could impact your operations?
Wednesday, 27 September, 2023 / 02:00 PM - 02:45 PM BST
Pete Shoard, VP Analyst, Gartner
A session that answers the question of how to develop common metrics used to measure SOC capabilities and how to improve these internally using tools and more granular processes. We will spend time identifying the most useful metrics for SOC teams and senior leaders as well as highlighting those that provide little or no value to the organization.
Wednesday, 27 September, 2023 / 03:30 PM - 04:00 PM BST
Sagar Patel, Director, Advisory, Gartner
This session highlights the latest concepts and insights for a modern SOC, its capability and benefits. We'll provide key information on the challenges of operating a good SecOps capability, how it fulfills critical tasks helping businesses to identify security concerns, respond rapidly and help report/communicate effectively.
Thursday, 28 September, 2023 / 10:30 AM - 11:00 AM BST
Paul Proctor, Distinguished VP Analyst, Gartner
Pete Shoard, VP Analyst, Gartner
Security operation centers (SOC) are the tip of the detection and response spear. Guiding SecOps investment with outcome-driven metrics (ODM) will sharpen time to contain, time to remediate and efficiency. ODMs are easily linked back to broader cyber program outcomes and investments to create a roadmap for SecOps business value. We will share a list of ODMs and an outcome-based approach to SecOps investment.
Thursday, 28 September, 2023 / 10:30 AM - 12:00 PM BST
Tabletop game about sorting different events that can happen during a security incident. Each player will receive five cards and should place them in the Incident Timeline during their turn, If you're right you got rid of one card, if not, draw another card, the first one that successfully places all the cards win.
Thursday, 28 September, 2023 / 12:00 PM - 12:30 PM BST
Jeremy D'Hoinne, VP Analyst, Gartner
Threat exposure management is a required evolution for CISO and security leaders' approach to managing their readiness against unpredictable threats. This session will provide insights into this important and quickly evolving area, including the impact of new business practices and threats on your security exposure and the state and evolution of threat exposure management.
Thursday, 28 September, 2023 / 02:45 PM - 03:30 PM BST
Dave Messett, Sr Director Analyst, Gartner
Detection and response is something we must encompass in our security infrastructure. But, should you be deploying a SIEM or an XDR solution? Will one of these markets die, defeated by the other? And what happens if you invest in the wrong one? This session will give attendees a forum to ask some questions about XDR and SIEM, how they differ, and how they should choose their future path.
Tuesday, 26 September, 2023 / 11:00 AM - 11:30 AM BST
Dale Gardner, Sr Director Analyst, Gartner
Organizations are looking for ways to add application security practices to their agile and DevOps processes. In this session, we will discuss ways to determine your starting point and how you can achieve some early wins on your path to a DevSecOps model that fits your organization.
Tuesday, 26 September, 2023 / 12:30 PM - 01:00 PM BST
Security architects must adapt, enhance and learn new skills to envisage and implement cloud security architecture. The session will show how to build a new discipline around cloud security architecture in your organization. It will also show how you can build the necessary skills and disciplines to become an effective cloud security architect.
Tuesday, 26 September, 2023 / 02:30 PM - 03:00 PM BST
Dennis Xu, Sr Director Analyst, Gartner
Security service edge (SSE) is an emerging market that consolidates CASB, SWG, and ZTNA. We will walk through the key capabilities of SSE and how it helps you to secure outbound web and SaaS access, protect your sanctioned SaaS apps, and provides secure remote access to private applications.
Tuesday, 26 September, 2023 / 02:30 PM - 04:00 PM BST
Jon Amato, Sr Director Analyst, Gartner
Ransomware is a unique threat and demands a distinctive incident response plan. Tabletop exercises, or "role-playing games for security professionals," are one of the best ways of creating those plans. In this workshop, we will work through a series of live ransomware-specific tabletop exercises and help you be the dungeon master your organization needs.
Tuesday, 26 September, 2023 / 04:15 PM - 04:45 PM BST
William Dupre, Sr Director Analyst, Gartner
Threat modeling is of vital importance to the organization, even beyond the field of application security. Marshaling the necessary defenses against cyberattacks requires the methods and discipline of the modeling process. This session will review how organizations can take a systematic approach to model threats against a variety of systems and assets.
Wednesday, 27 September, 2023 / 10:30 AM - 11:15 AM BST
William Dupre, Sr Director Analyst, Gartner
API exploits are an attack vector of choice for malicious actors. In this interactive session, a Gartner analyst will answer your questions on the best ways to secure the growing API landscape.
Wednesday, 27 September, 2023 / 12:00 PM - 12:30 PM BST
Eric Grenier, Director Analyst, Gartner
This session will cover the top 10 things clients need to know before implementing Microsoft Defender for Endpoint. We will do a deep dive on highlights and great use cases, as well as a discussion on areas of concern and use cases that are not ideal.
Wednesday, 27 September, 2023 / 03:30 PM - 04:15 PM BST
Eric Grenier, Director Analyst, Gartner
Device security begins with configuration management. This session will cover best practices, considerations and gotchas when moving device management from on-premises to modern device management (UEM) in the cloud. What are the advantages and disadvantages of moving to cloud management for your devices? We will also discuss the management of mobile devices (iOS and Android) with UEM using MDM and MAM.
Thursday, 28 September, 2023 / 12:00 PM - 12:45 PM BST
Eric Grenier, Director Analyst, Gartner
Vendor consolidation has become a trend in all areas of IT. In this roundtable, attendees can participate in a peer-to-peer discussion on whether vendor consolidation makes sense for their organization's security stack, and share their experiences with others on the pros and cons to consolidation, as well as best practices and considerations.
Thursday, 28 September, 2023 / 02:45 PM - 03:15 PM BST
Richard Bartley, VP Analyst, Gartner
Cloud-native application protection platforms (CNAPP) bring together multiple cloud security capabilities to provide multiple layers of protection. Understand the range of security use cases that CNAPP can provide. Learn what CNAPP capabilities are available, which of them are foundational like workload protection (CWPP) and posture management (CSPM) and what innovations vendors offer to differentiate.
Thursday, 28 September, 2023 / 03:30 PM - 04:00 PM BST
SaaS security is not as straightforward as you think. Not all SaaS apps are created the same. What happens if the SaaS app went down and you do not have a BCP plan? Are you validating if the SSE vendors are delivering what they promise to secure your SaaS? We will discuss the top 10 SaaS security gotchas and how to mitigate these associated risks.
Tuesday, 26 September, 2023 / 08:30 AM - 09:00 AM BST
Leigh McMullen, Distinguished VP Analyst, Gartner
This session, exclusive to CISO Circle attendees, will give you an overview of the sessions that comprise the program, enabling you to select the sessions that are best suited to you. The CISO Circle is designed to be highly interactive, giving you an opportunity to network and share best practices and experiences with your peers. This session will kickstart that process, enabling you to connect with your fellow CISO Circle members and prepare for these conversations during the Summit.
Tuesday, 26 September, 2023 / 11:00 AM - 12:30 PM BST
Lisa Neubauer, Sr Director, Advisory, Gartner
Cybersecurity is common agenda item for boards of directors across all industries, with 88% of respondents to the 2022 Gartner “View from the Board of Directors Survey” now regarding cybersecurity as a business risk and not a technology risk. As a result of this, cybersecurity leaders are up against a variety of different edicts, trends and issues as they continue to master their craft in building and evolving a cybersecurity-conscious board. This session will discuss the biggest cybersecurity board reporting dynamics today, their implications to leaders, and ways to effectively incorporate these into their current board reporting.
Tuesday, 26 September, 2023 / 01:00 PM - 02:00 PM BST
Christopher Mixter, VP, Advisory, Gartner
Join Schlumberger's Simon Tong and Gartner's Chris Mixter for a highly interactive discussion of Schlumberger's QPExpress program, which enables delivery teams self-certify applications and define release frequency, provided they embed recommended security tools and take charge of vulnerability remediation.
Tuesday, 26 September, 2023 / 02:30 PM - 04:00 PM BST
Lisa Neubauer, Sr Director, Advisory, Gartner
Leigh McMullen, Distinguished VP Analyst, Gartner
Cybersecurity professionals work in high-stress, high-burnout environments. CISOs are on 24/7 and have short tenures compared to the rest of the C-suite. Their teams, stretched thin due to talent shortages and never-ending threats, suffer from chronic exhaustion. This workshop will offer practical techniques - rooted in mindfulness - to alleviate anxiety, stress, and fatigue, skills critical to flourishing at work and in life.
Wednesday, 27 September, 2023 / 10:30 AM - 12:00 PM BST
Arthur Sivanathan, Sr Director, Advisory, Gartner
Sixty-six percent of CISOs ranked the ability to benchmark their security controls as critical to addressing their challenges. But accomplishing this can be costly and time-consuming. This session will detail how the Gartner Cybersecurity Controls Assessment allows you to benchmark the current state of security controls against your peers, get a baseline for tracking improvements and learn to prioritize controls for greater investment.
Wednesday, 27 September, 2023 / 02:00 PM - 03:30 PM BST
Leigh McMullen, Distinguished VP Analyst, Gartner
CISOs need to do focus on sales every day. Getting your board, stakeholders, allies in IT and even your own people with your agenda, is much easier if we employ the right tools. In this workshop, we'll take a hands on approach as we work a common case and learn the best way to position our agenda.
Thursday, 28 September, 2023 / 10:30 AM - 12:00 PM BST
Lisa Neubauer, Sr Director, Advisory, Gartner
Arthur Sivanathan, Sr Director, Advisory, Gartner
This interactive "gamified" workshop is designed to actively involve senior leaders, board members and business stakeholders to boost their awareness of cybersecurity by flipping their perspectives and looking through the lens of the attacker. This workshop also provides an approach to identifying potential gaps and the actions required to bolster the security efforts of the enterprise.