gartner cyber security conferencequality sterling silver necklaces

This session will cover best practices, considerations, and gotchyas when moving device management from Microsoft ConfigMgr (CMT) on-premises to Microsoft Endpoint Manager (UEM) in the cloud. These sessions provided the inspiration and actionable insight to transform the most critical priorities into business results. Wednesday, June 08, 2022 / 10:30 AM - 12:00 PM EDT. During this presentation, we will provide insight into the new tactics being used by the bad actors not only to access your environment, but what they are doing with your data once exfiltrated. Faced with a fragmented, interdependent world, cybersecurity leaders have less control over decisions around cyber risk than ever before. Distinguished VP Analyst, Gartner. The new data security law in China, effective as of September 1, 2021, has far-reaching impacts. Tuesday, June 07, 2022 / 03:00 PM - 03:30 PM EDT, Jay Heiser, 2022Gartner, Inc. and/or its affiliates. Detecting and stopping attacks and compromises against AI requires new techniques. Bring your questions ranging from business process best practices, to implementation and rollout guidance. Keep pace with the changing technology application landscape and evolving data protection regulations. Your leaders are telling you they want microservices, your vendors are promising to deliver microservices, your developers want to create microservices. Thursday, June 09, 2022 / 03:30 PM - 04:00 PM EDT. What if they suddenly announce a profound change in policy, like WhatsApp did for sharing data with Facebook? Security product leaders must transform their offerings to be relevant in a new world and culture, rethink strategies and anticipate new buyer needs. Lean back and listen among others! Motivated by financial gain, a greater volume and scope of targets means greater "success." This session highlights the importance of organizational resilience as a strategic imperative in the wake of the COVID-19 pandemic, the changing threat landscape, and the pace of digital innovation. This track helps you frame your DEI efforts with a security lens and assists you in your efforts to reduce intentional and unintentional bias. New collar workers individuals who develop the technical and soft skills needed to work in tech jobs through nontraditional education paths are handmade for midsize enterprises and tactical roles. Join this discussion on security vendors that midsize enterprises love. Extended detection and response, or "XDR," is on every security vendors marketing these days. CISOs report frustration that the time and effort their teams invest in quantifying cyber risk rarely drives risk owners to take action. Security services can achieve SaaS margins and security products can broaden integration and coverage. TechnipFMC CISO Angelique Grado decided to use the security champion model to create a master mind group, accelerating the opportunity and will share the brilliant results this has brought about over the last year. The bewildering array of cloud security patterns can make common approaches to cloud security daunting. Successfully communicate security risks, challenges and opportunities to senior executives. Whether they are born of OT/IT convergence or from IoT, IIoT, or Smart "X" efforts, CPS are everywhere and mandate different approaches to security than IT systems.What are the top 10 must-dos to protect them. Join Mark Wah as he charts the growth of hyperautomation in security. We discuss what worked and what did not, and how vendor consolidation impacts their decisions and security strategy for these and other security projects. VP Analyst, Gartner. Obtaining confidence in a customers or employee's identity is the foundation of identity-first security. Security and risk management leaders should monitor these trends to be successful in the digital era especially as most recognize that global change could potentially be one crisis away. Attendees will be able to submit questions and feedback from their own zero trust journeys. Who are the new stakeholders in cloud-native security operations? Friday, June 10, 2022 / 10:15 AM - 11:00 AM EDT, Jamil Farshchi, This presentation helps security and risk management leaders select the right mix of solutions and vendors for their BCM needs. Cloud security remains a top priority. In others, board members have dedicated cybersecurity committees overseen by board members. This session will address the following issues: Trends and challenges in security organization design; Factors that influence security organizations; Best practices and contemporary conceptual design models for security organizations. This session will feature multiple Gartner analysts covering zero trust arguing for and against the zero trust security paradigm. This session discusses: - How to do RBVM with process- How to do RBVM with tools- Best practices for RBVM. Balance the imperative to rapidly modernize applications with the requirement to protect them. This session presents security and risk management technical professionals with guidance on when the appropriate option would be an incumbent firewall vendor versus a cloud-native firewall. Join this session to learn how the rapidly evolving privacy landscape can serve as an impetus for initiating culture change around data. Which ones are in your software? Evolve your risk management practices to stay on top of emerging and enterprise risks. Check in to make sure you are current on network security offerings and how they complement each other, but stay to see how they are evolving and what new technologies will transform your current processes over the next few years. Measuring the effectiveness of a security behaviour and culture change program (SBCP) can be tricky. It's time for CISOs to take a step back and start making hard choices about how to pursue their value proposition. VP, Enterprise IT Leader, Gartner. Christopher Mixter, The network firewall market faces the challenge of fulfilling multiple use cases and overlapping requirements because of the growth of hybrid environments. Some MDR providers are growing at high double digits and even triple digits. Principal Analyst, Gartner. Come see how secure the latest versions of your mobile OSes and devices are against the current mobile attacks. Threat modeling helps identify weaknesses and vulnerabilities in a system design, aiding in the creation of relevant controls to address risks within a system. Gartner Security & Risk Management Summit. VP Analyst, Gartner. At the conference, the top 5 sessions that security & risk leaders attended were: We hope you enjoyed the 2022Gartner Security & Risk Management Summit! Enable a tighter alignment between security and business. Cost and value are the levers that drive every business outcome, except cybersecurityuntil now. Tuesday, June 07, 2022 / 03:00 PM - 04:30 PM EDT, Aaron Harrison, These sessions provide practical, real-world guidance on achieving a more secure software development life cycle and data management program. In this session we will discuss what XDR is, how your organization might benefit from using it, and whether XDR matters to you. Establish key metrics and indicators to measure effectiveness of security programs. Charlie Winckless, This presentation will focus on providing guidance on building an effective insider risk program. 2022 introduces new ways of working in cyber risk management -- a foundation built on adaptive governance, value generation, and cyber risk management. Exchange ideas and experiences with others in similar roles or from similar organizations. Come watch Netskope, Skyhigh Security, and Zscaler to demonstrate how they address a set of common use cases. Finally, we will discuss the vendor landscape from larger security vendors with full stacks to open source/distributed CSM solutions, How do you decide on which cloud security controls to deploy? Anyone in security can benefit from a greater awareness of diversity, equity and inclusion (DEI) efforts, but it is increasingly a mandatory skill set for leaders. Share stories about successful security practices that enable process maturity and the move to DevSecOps, Attackers are targeting software development systems, open-source artifacts and DevOps pipelines to compromise software supply chains. Sr Director Analyst, Gartner. Wednesday, June 08, 2022 / 10:30 AM - 11:30 AM EDT, Dawn Hubbard, To some, zero trust is the best path forward for information security requiring a complete rethinking of security architectures. The goal is to extract the maximum value while maintaining a defensible posture and keeping privacy risk at bay. This session shows the as-is state of DSP and its variants. It's a matter for the whole organization. This track gives you practical guidance on how to manage security teams, and stakeholders, through the evolving threat landscape. But, what is microservices architecture? Friday, June 10, 2022 / 10:30 AM - 12:00 PM EDT. Emerging risks and top security trends are driving innovation in security and risk management. Security service edge (SSE) is an emerging technology that secures web, cloud services, and private apps from anywhere. No matter where you are on your digital business acceleration journey, were here to help you get to your destination faster with confidence. These sessions provide practical, real-world guidance on achieving a more secure software development life cycle and data management program. The high profile and intractability of ransomware attacks has been a big payday for the organizations behind these attacks. Privacy enhancing computation has emerged as a leading trend across multiple domains. Sr Director Analyst, Gartner. Balance real-world risks with business drivers such as speed, agility, flexibility and performance. With cloud-native applications, the lines between infrastructure and applications are increasingly blurry, while with DevOps, development and operations are also increasingly overlapping. A majority of security incidents involve social engineering. This track provides pragmatic advice on overcoming the resource obstacles and applying the right level of protection and risk management. Zero-trust strategies for network security have gained notable popularity in recent years. Emerging startups with potentially disruptive products and services will showcase their innovations to an audience of executives and a panel made up of Gartner Analysts. Midsize organizations face the same threats and manage the same vulnerabilities as large ones, but with limited people, budget and time. Network with experts and peers Managing Vice President, Gartner. This session will offer guidance on each of the data security feature of Microsoft like Microsoft AIP, DLP and RMS the Microsoft plus approach and best practices to implement it, Organizations are looking for strategies that can be used to integrate application security into agile and DevOps processes. Each track has a particular area of focus to help you deliver on what matters most to you and your organization. Join this session to identify eight observable things that signal your SBCP is on the right path and helping to reduce human-born cyber risks in your organization. Use metrics effectively to understand changes in risk exposure. But do you really have what it takes? Midsize enterprise (MSE) IT leaders face significant security challenges when trying to deliver IT services with small IT teams (usually fewer than 30 people) and limited IT budgets (usually less than $20 million). This session will explore high-impact emerging technologies in security and risk management. Attendees will play a threat modeling game to learn how to identify weaknesses within an application design. Participants are encouraged to share their experiences. Thursday, June 09, 2022 / 03:30 PM - 03:50 PM EDT. And we are working on benchmarks for each.- What cybersecurity metrics should I measure? The CISO Circle provides targeted content, workshops and networking opportunities. A midsize guide to starting a formal cybersecurity program within your business. Cybersecurity is constantly evolving, but with it comes more complexity, which possibly gives malicious actors the advantage. Join this session to learn of these significant evolutions, both from the regulatory as well as technology perspectives, Nahim Fazal, Wednesday, June 08, 2022 / 10:30 AM - 11:15 AM EDT, Pete Shoard, We will examine why always-on VPN is often the wrong choice while determining what is the right one such as ZTNA, CASB, with the evolution to SASE, Friday, June 10, 2022 / 12:00 PM - 12:30 PM EDT. This presentation will address:-What are the major trends affecting the security and risk management leader?-What are the top challenges affecting the security and risk management leader?-What actions and best practices should the security and risk management leader initiate? Join us for an exclusive townhall session with VP, Distinguished Analyst Leigh McMullen as he shares Gartners latest research proposals on pricing and quantifying cyber risk. Sr Director Analyst, Gartner. VP Analyst, Gartner. Thursday, June 09, 2022 / 02:00 PM - 02:45 PM EDT. - How can I use metrics to drive governance? Recommendations will also be made on how to present the program effectively to leadership and end users. As a consequence, 60% admit they rarely disconnect from work; 22% are available to their company 24/7. A tour of the core perceptions around automation in the security operations domain, from self-developed capabilities using languages like Python and Java, embedded capabilities is SIEM platforms and case management systems and the likely future of SOAR solutions. With board-level interest at an all time high, leaders must be able to leverage principles of expected value and deterrence to provide assurance and value to the business. Security service edge (SSE) is an emerging technology that secures web, cloud services, and private apps from anywhere. Thursday, June 09, 2022 / 12:30 PM - 01:45 PM EDT. In some industries, quarterly reports are standard. We like to lament that "the users are the weakest link in the cybersecurity chain!" Anyone in security can benefit from a greater awareness of diversity, equity and inclusion (DEI) efforts, but it is increasingly a mandatory skill set for leaders. Vendors are merging data security capabilities into larger platforms to provide enhanced security beyond what each individual component could do alone. Principal Analyst, Gartner. If you missed it, be sure to explore what was covered at the conference. VP Analyst, Gartner. 2022 sits between major developments in Asia-Pacific and Europe in 2021 and the U.S. in 2023. SIEM technologies have been a staple of the security diet for many years, but have evolved significantly over that time. And what security, operational, and legal risks do they pose? Leigh McMullen, Attendees will also get a chance to shape the future of this research with their own experiences and practical implementations. These trends have the potential to transform the security ecosystem and will accelerate their adoption over the next one to three years. These popular meetings offer you the undivided attention of a Gartner expert who will listen and guide you on the matters most critical to your success. In this session, attendees will learn how to assess their program of ransomware defense and quickly close the gaps that attackers will use to make your organization the next name on their list of victims, Security service edge (SSE) is an emerging market that consolidates CASB, SWG, and ZTNA. Distinguished VP Analyst, Gartner, Katell Thielemann, Sr Director Analyst, Gartner. How do we determine what is threat intelligence for us? The number an complexity of tools and techniques that make up good application security practices can be overwhelming. Christopher Ambrose, Lisa Pierce, This chat will be moderated by Gartner VP Distinguished Analyst, Paul Proctor. Security vendors everywhere are scrambling to align with buyers need for security in the cloud, from the cloud and for the cloud, but where do you start? This session will focus on how future technologies will play into build your security defense in depth architecture to get ahead of the most advanced attacks. In this session, well provide specific insights and guidance on how to shift programs to a more proactive, risk-based foundation better adapted to modern application development efforts and greater AppSec success. Bernard Woo, VP Analyst, Gartner. Elizabeth Kim, They develop OT and IOT products that need a very high level of security and risk management, the challenge to get all decentralised product teams across the business on the same level of maturity was the next leap for real improvements in this area. Using data from a recent Gartner survey, this session will present recommendations to arrange people, process and technologies to protect application assets without slowing down the CI/CD pipeline. This session will shed light on the leadership traits that aide in a successful and balanced approach between the demands of the business and the effectiveness of the leader. Cybersecurity organizations operate an average of 16 different cybersecurity tools, and the industry spends upward of $65B annually in this spaceyet most cybersecurity leaders see duplicative capability and gaping holes, not true coverage of enterprise exposures. Hyperautomation has been fairly successful in security operations from the product and services perspective. Christie Struckman, Change starts with people. Develop new best practices to secure new enterprise network edges. This consistent trend suggests current compliance-based approaches to security awareness are insufficient. One of the hottest buzzwords in the security marketplace in 2022, XDR is the must have solution for all software vendors. At Gartner Security & Risk Management Summit, attended had the opportunity to connect with Gartner experts and industry-leading CISOs, security leaders and risk executives. Gartner one-on-one meetings. Change those attributes to adapt to your changing ways of working, and maintain what makes your organization unique. Patrick Long, Early detection and nudge-based intervention prove more cost effective than the traditional "detect, deter, destroy" model beloved by legacy security leaders. This roundtable will be one where participants share how they are planning to continue business operations while the IT department is busy cleansing and recovering/rebuilding the IT infrastructure after a cyberattack. Rebecca Lively, In the last few years, CISOs have been thrust into the ranks of the c-suite as cybersecurity rises in priority for organizations. Security and risk management (SRM) leaders must develop a coherent program based on a clear vision and strategy. How do you successfully implement microservices? Implementing hybrid identity for Microsoft 365 and protecting employee, administrator and partner access can be daunting. There are various application security testing tools, threat modeling processes, security requirements, as well as runtime security controls that need to be considered. The session will cover what CNAPP capabilities are, what are important fundamental capabilities, and what areas vendors are using to differentiate their tools. Databases and cloud applications introduce rapidly evolving threats with countermeasures following slowly. With the rise of business technologists within global business security leaders find it hard to influence decisions being made, everywhere, all of the time. Learn how to fix this paradox by cocreating security standards, teaching secure coding practices, and automating security scans inside the Developers native environment. We discuss how securing the endpoint needs to go beyond protecting the individual endpoint, to protect the diverse range of endpoints that make up an organisation. Microsoft offers wide range of data security capabilities yet clients struggle to identify which capability is provided with which license and whether Microsoft's native capabilities will meet their organization's requirements. This session will help define XDR, offer up a minimum set of use cases that must be addressable by an XDR solution and provide guidance on optimal integrations to help vendors plan their XDR strategy and roadmap. Join Equifax Board Member, John McKinley and CISO Jamil Farshchi in a Fireside Chat to discuss how they help their board members better understand cyber risk in a way that's more transparent, measurable, and easier to consume. CISOs work in high stress, high burnout environments. This is a must for security leadership, so that they can create an IT and security culture that leverages strengths and confronts weaknesses to uncover opportunities and overcome threats into our collaborative future. VP Analyst, Gartner, Thomas Lintemuth, VP Analyst, Gartner. But far too many organizations do not have mechanisms in place to protect, secure and monitor APIs. Ransomware is a unique threat, and demands a unique incident response plan. Come meet and mingle with your peers in this welcome reception. Some mobile applications are leaky or privacy-invasive and most of them do not allow the enterprise to monitor that there is no leakage of sensitive data. Do you buy SSE from CASB vendors or SWG vendors? Many security products advertise the use of AI, but what is important to the buyers? These key topics kickstarted conversations around priorities and initiatives so that attendees could tackle what was most important to them. As organizations are transforming how they work, security and risk management leaders should gain baseline knowledge on:1. We will discuss five key items you need to know for zero trust to work for your organization, Richard Bartley, Overcome the barriers of organizational culture, resources and talent to grow and scale your digital initiatives. Dionisio Zumerle, This track focuses on helping leaders simplify and reframe current product offerings to succeed in changed markets. Exchange ideas and experiences with others in similar roles or from similar organizations. To what end? This presentation summarizes the problems, recommended processes and new product types to address three key issues: What are the unique risks associated with public cloud service providers, and how can they be controlled? Midsize organizations face the same threats and manage the same vulnerabilities as large ones, but with limited people, budget and time. We will discuss the tools, tactics and techniques to balance the needs of the business with user's privacy. Sr Director Analyst, Gartner. Due to new challenges and lack of agility in program management, cybersecurity leaders struggle to mature their cyber and IT risk management practices beyond conducting assessments. With so much changing in both where, how and with whom work gets done, our organizations culture needs to adapt accordingly. This session provides an overview of the technology supply chain risk management landscape, and suggested first steps for each category. By clicking the "Sign up Now" button, you are agreeing to the Our unbiased Gartner experts help you advance your most critical priorities through industry-leading insights, guidance and tools. This track provides strategy and tactics to help you plan. So, what will it be like in the future? VP Analyst, Gartner, Security and Risk Management (SRM) leaders should use process mining to assess risk by visualizing the logic of critical business process steps and their linkage to IT system dependencies.