Agenda
Monday, 26 February, 2024 / 09:30 AM - 10:15 AM IST
Richard Addiscott, Sr Director Analyst, Gartner
Oscar Isaka, Sr Director Analyst, Gartner
Cybersecurity can generate massive value for our enterprises, but only if we have the courage to challenge the myths that we as cybersecurity professionals tell ourselves. Our self-deceptions lock us into obsolete principles and practices that prevent us from truly aligning with our executive partners and enabling our organizations. This keynote will unpack the biggest myths we must defeat, highlighting the decisions and practical steps cybersecurity leaders must take to deliver the success they deserve.
Monday, 26 February, 2024 / 02:30 PM - 03:00 PM IST
Oscar Isaka, Sr Director Analyst, Gartner
CISOs are losing control as business leaders embrace digitalization, implying a shift in risk landscapes and risk appetites. Based on new primary research, this presentation will share the strategies and practices that CISOs are adopting in reaction to these seismic shifts.
Tuesday, 27 February, 2024 / 12:00 PM - 12:30 PM IST
Victoria Cason, Principal Analyst, Gartner
Challenging global economic conditions continue to see the digital business evolve. CISOs must identify and execute a mix of new methods and other smart tactics to continuously adjust to business demand and demonstrate the cybersecurity team’s role and criticality as an enabler of the organization’s digital ambitions. Join this session to know tactics CISOs use to shorten the runway to program effectiveness and deliver business value.
Tuesday, 27 February, 2024 / 02:00 PM - 02:30 PM IST
John Watts, VP Analyst, Gartner
The threat landscape is a moving target. Attack campaigns might hit multiple organizations, but each enterprise should analyze its own threat landscape. Security and risk management leaders should gain baseline knowledge on optimizing prediction and prevention; knowing when detection is required; and preparing to respond when things go wrong.
Monday, 26 February, 2024 / 11:00 AM - 11:45 AM IST
Tisha Bhambry, Director Analyst, Gartner
As any security practitioner knows, it is better and less costly to bake in controls rather than retrofit them. The same goes for privacy. Join this session to ask your questions about the growing practice of privacy engineering and how it can help your organization embed privacy considerations early in the design phases of processes and applications.
Monday, 26 February, 2024 / 12:30 PM - 01:00 PM IST
Franz Hinner, Sr Director Analyst, Gartner
As Cybersecurity criminals continue to become better organized, Security Leaders need to follow best practices to minimize the impact to their business. This session will cover the Top 7 critical items that all security and risk management leaders should leverage before an event.
Monday, 26 February, 2024 / 02:30 PM - 03:00 PM IST
Ruggero Contu, Sr Director Analyst, Gartner
The market for security products for operational technology and other cyber-physical systems (CPS) is evolving rapidly. New vendors enter the scene, and mergers and acquisitions are abundant. How can security and risk management leaders evaluate and compare CPS protection platforms to select the product that best fits their situation?
Monday, 26 February, 2024 / 04:00 PM - 04:30 PM IST
Tisha Bhambry, Director Analyst, Gartner
Continuous controls monitoring (CCM) allows high-frequency and automated management of controls to validate the effectiveness of controls designed to mitigate risk. This session clarifies the most important five things to use CCM for extending automation capabilities, processes and risk culture.
Monday, 26 February, 2024 / 04:00 PM - 04:30 PM IST
Abhyuday Data, Director Analyst, Gartner
Digital identity requirements and importance are growing as organizations migrate their infrastructure and apps to the cloud. Enterprises anticipate innovations to enable continuous, dynamic and intelligent IAM controls while bracing for emerging decentralized identity impact and potential Web3 business model disruption. This session discusses key trends and the IAM outlook in the coming years.
Tuesday, 27 February, 2024 / 10:30 AM - 11:00 AM IST
Paul Furtado, VP Analyst, Gartner
Risk appetite fails when expressed in fuzzy, imprecise terms. Repositioning risk appetite in the context of investment and value delivery creates a measurable scale of risk that powers a new type of governance. Concrete assertions of risk appetite make executive decisions binding.
Tuesday, 27 February, 2024 / 10:30 AM - 11:00 AM IST
Sam Olyaei, VP, Team Manager, Gartner
Third-party risk management is a very broad and potentially complex topic. This session will discuss principles that security and risk management leaders must adopt for more effective management of third-party risk and the common pitfalls to watch out for.
Tuesday, 27 February, 2024 / 10:30 AM - 12:00 PM IST
Victoria Cason, Principal Analyst, Gartner
Sixty-six percent of CISOs ranked the ability to benchmark their security controls as critical to addressing their challenges. But accomplishing this can be costly and time-consuming. This session will detail how the Gartner Cybersecurity Controls Assessment allows you to benchmark the current state of security controls against your peers, get a baseline for tracking improvements and learn to prioritize controls for greater investment.
Tuesday, 27 February, 2024 / 12:00 PM - 12:30 PM IST
Abhyuday Data, Director Analyst, Gartner
Leaders responsible for IAM generally focus on the technical benefits of an IAM solution rather than its impact on the organization's goals and objectives. They are unaccustomed to recognizing and accommodating the influence IAM has on business outcomes or associating IAM with environmental, organizational or social change. These skills are critical to an initiative with IAM's scope and breadth.
Tuesday, 27 February, 2024 / 02:00 PM - 02:45 PM IST
Steve Santos, Sr Director Analyst, Gartner
Join this ask the expert session to get answers to key questions around risk-based vulnerability management. This session will offer answers to questions such as:
- How to do RBVM with process
- How to do RBVM with tools
- Best practices for RBVM
Tuesday, 27 February, 2024 / 03:45 PM - 04:15 PM IST
Dale Gardner, Sr Director Analyst, Gartner
AI teams are perceiving risk differently than security teams. Especially given upcoming regulations and guidelines across the globe, things to not overlook include data and model drift, uncontrolled bias and privacy and security concerns specific to AI model training and deployment. This session will explain Gartner's AI trust, risk and security management (TRiSM) market guide and how to coordinate AI issues collaboratively and consistently.
Tuesday, 27 February, 2024 / 03:45 PM - 04:30 PM IST
Security and risk leaders struggle to effectively assess third-party (including IT vendor) security and risk, leading to unknown risks or security breaches. This roundtable provides you with the opportunity to participate in a facilitated discussion with your peers regarding the most effective assessment practices used today.
Tuesday, 27 February, 2024 / 04:30 PM - 05:00 PM IST
Ruggero Contu, Sr Director Analyst, Gartner
This session will explore key cybersecurity trends and technologies for vendors and technology service providers in information security. For each category explored, we'll provide context for the sizing of the opportunity. customer adoption interest and potential disruptions to existing markets. Examples of technology categories that will be explored include SASE, SSE, Zero Trust, etc.
Tuesday, 27 February, 2024 / 04:30 PM - 05:00 PM IST
Tisha Bhambry, Director Analyst, Gartner
Cyber risk management is a key investment area of interest for organizations. But for security and risk management leaders, it is an on-going challenge to continuously assess the increasing scope of risks as well as mitigate the ones that can maximize protection and innovation to the business. This session offers an overview of the state of art as well as what the future will hold in cyber-risk management.
Monday, 26 February, 2024 / 11:00 AM - 11:30 AM IST
John Watts, VP Analyst, Gartner
Zero trust is moving away from excessive marketing hype. Many organizations have set zero trust as a strategy for their organizations, but are looking at the reality of implementing zero trust at scale for their organization. This session highlights three key predications for zero trust and what you can do to prepare for the future.
Monday, 26 February, 2024 / 11:00 AM - 11:30 AM IST
Charlie Winckless, Sr Director Analyst, Gartner
Cloud security remains a top priority. This presentation summarizes the problems, recommended processes and emerging and evolving product types to address three key issues:
- What are the unique risks associated with public cloud service providers?
- What are the unique security challenges of IaaS and PaaS and how can they be mitigated?
- What are the unique control challenges of SaaS and how can they be addressed?
Monday, 26 February, 2024 / 11:00 AM - 11:30 AM IST
Richard Bartley, VP Analyst, Gartner
This session will discuss the reference architecture and dive deep into how to build the cybersecurity mesh architecture (CSMA). We will discuss the evolution of best of breed to the new CSMA, along with pros and cons of each approach. Finally, we will discuss the vendor landscape from larger security vendors with full stacks to open source or distributed CSM solutions.
Monday, 26 February, 2024 / 12:30 PM - 01:00 PM IST
Thomas Lintemuth, VP Analyst, Gartner
Users, devices, applications and data are everywhere and so are networks. As organizations rapidly expand their footprint and support a hybrid workforce, how does network security evolve to keep up? Security and risk management leaders must understand the current trends in network security and make business-aligned, risk-focused decisions on where best to use network security today.
Monday, 26 February, 2024 / 02:30 PM - 03:15 PM IST
John Watts, VP Analyst, Gartner
The future of work is hybrid, but most remote access architecture today is caught between a rock and a hard place — scale up the historical approach, or experiment with more recent solutions even if nobody knows what their application architecture will look like in a few years. In this session, a Gartner Expert will answer questions on remote access best practices for a hybrid workforce.
Monday, 26 February, 2024 / 04:00 PM - 04:45 PM IST
Thomas Lintemuth, VP Analyst, Gartner
Remote access, whether for the full-time or hybrid work environment, is top of mind for many network and security engineers. Does it matter if one sticks with VPN? Should an organization move to ZTNA? What may be some considerations organizations should consider? Join this session to get answers to such questions.
Tuesday, 27 February, 2024 / 10:30 AM - 11:00 AM IST
Richard Bartley, VP Analyst, Gartner
Cloud security remains a challenge; we have to protect data when it is out of our control. This session will address the emerging trends in cloud security, what they bring to your organization and how to use them most effectively. Security is seen as an obstruction to cloud adoption; this will show you how to enable without losing protection.
Tuesday, 27 February, 2024 / 12:00 PM - 12:30 PM IST
Charlie Winckless, Sr Director Analyst, Gartner
Cloud native applications live at the nexus of microservices-architected applications built on Linux containers using DevSecOps deployed onto programmatic cloud infrastructure and managed with an immutable infrastructure mindset. Securing cloud native applications requires new approaches for securing the entire lifecycle of the application. This session will provide specific guidance, tools and vendors to secure cloud native applications.
Tuesday, 27 February, 2024 / 02:00 PM - 02:30 PM IST
Franz Hinner, Sr Director Analyst, Gartner
Endpoint security has long been a foundational security control, a must-have toolset that no enterprise security program can do without. But the role of endpoint security continues to evolve, covering an expanding portfolio of tools, techniques and devices. In this session, we will explore the current "state of the art" of endpoint and mobile security, and look to the future of how we can expect this crucial technology to evolve.
Tuesday, 27 February, 2024 / 02:00 PM - 02:30 PM IST
Thomas Lintemuth, VP Analyst, Gartner
Security service edge (SSE) is an emerging market that consolidates CASB, SWG, and ZTNA. We will walk through the key capabilities of SSE and how it helps you to secure outbound web and SaaS access, protect your sanctioned SaaS apps, and provides secure remote access to private applications.
Monday, 26 February, 2024 / 11:00 AM - 12:30 PM IST
Dale Gardner, Sr Director Analyst, Gartner
Dedicated application security resources typically come at a premium, so organizations must seek to scale by using security champions within respective development teams. Attendees at this workshop will put together a plan to build out a security champions program.
Monday, 26 February, 2024 / 12:30 PM - 01:00 PM IST
Manjunath Bhat, VP Analyst, Gartner
Application security continues to evolve, with DevSecOps and API security coming into maturity. However, organizations must also look to secure their software supply chain and cloud-native deployments effectively. This session will explore this evolving landscape and provide organizations with the insights they need to consider for 2023 and beyond.
Monday, 26 February, 2024 / 02:30 PM - 03:00 PM IST
Chat GPT has made an impressive debut, developing clever, easy-to-understand explanations for complex subject matter. However, security problems don't lend themselves to easy explanations. While there is a lot of potential benefit in using AI for things like security-oriented paired programming, is it really possible to get high-quality answers using AI assistants?
Monday, 26 February, 2024 / 04:00 PM - 04:30 PM IST
Dale Gardner, Sr Director Analyst, Gartner
As development teams take on more day-to-day security responsibilities, application security teams can begin to shift to a risk management approach to manage AppSec programs. In this session, we’ll discuss:
- What is ASPM?
- What to consider when evaluating and implementing tools
- Organizational impacts
Tuesday, 27 February, 2024 / 10:30 AM - 11:00 AM IST
Manjunath Bhat, VP Analyst, Gartner
Generative AI coding assistants are poised to fundamentally alter the way software engineers build applications. However, security and compliance risks can hinder their legitimate use and create the need for new compensating controls. This session will cover 5 ways to mitigate the risks associated with AI coding assistants.
Tuesday, 27 February, 2024 / 10:30 AM - 11:15 AM IST
Ravisha Chugh, Sr Principal Analyst, Gartner
This session offers anything you want to know about data classification: from policies to processes to technology; and across privacy, regulatory requirements, and intellectual property protection use cases.
Tuesday, 27 February, 2024 / 02:00 PM - 02:45 PM IST
Manjunath Bhat, VP Analyst, Gartner
Want to turn DevOps into DevSecOps? This roundtable engages developers, program managers and security personnel to share the best (and worst) practices they have tried with their team.
Tuesday, 27 February, 2024 / 03:45 PM - 04:15 PM IST
Ravisha Chugh, Sr Principal Analyst, Gartner
Data security is a top priority. This session covers current trends and emerging topics specific to data security. How organizations handle and consume data continues to rapidly evolve. Databases and cloud applications introduce rapidly evolving threats with countermeasures following slowly. Planning to use data as the focus of security governance and security architecture roadmaps is critical for any security and risk management program.
Monday, 26 February, 2024 / 11:00 AM - 11:30 AM IST
Steve Santos, Sr Director Analyst, Gartner
Modern SOCs require proactive and automated capabilities, such as threat hunting, prioritized threat intelligence and automated response. This session will describe modern SOC core capabilities, and guide SRM leaders on how to evaluate whether their current SOC has established those capabilities and processes.
Monday, 26 February, 2024 / 12:30 PM - 01:15 PM IST
Pete Shoard, VP Analyst, Gartner
A session that answers the question of how to develop common metrics used to measure SOC capabilities and how to improve these internally using tools and more granular processes. We will spend time identifying the most useful metrics for SOC teams and senior leaders as well as highlighting those that provide little or no value to the organization.
Monday, 26 February, 2024 / 04:00 PM - 04:30 PM IST
Pete Shoard, VP Analyst, Gartner
Security operations are undergoing a transformative change when our security is planned and delivered. Do you really need to centralize data for security? Is there a single solution to solve all my security needs? How do we determine what is threat intelligence for us? Learn what technologies, processes and services will have the biggest impact on how security operations are delivered in 2023.
Tuesday, 27 February, 2024 / 02:00 PM - 02:30 PM IST
Advances in generative artificial intelligence (AI) like OpenAI's ChatGPT are causing organizations and teams to rethink how they approach staffing, training, operations and threat detection. This presentation will help practitioners and managers alike understand what is possible and what is hype.
Tuesday, 27 February, 2024 / 03:45 PM - 04:15 PM IST
Steve Santos, Sr Director Analyst, Gartner
This session will address the changes in the SIEM market, the progression toward SaaS platforms, the impact of consolidated solutions such as XDR and the desire for a solution that is able to detect, investigate and respond to threats in an integrated capability that can be effectively used in line with modern infrastructure and modern SOC processes.
Tuesday, 27 February, 2024 / 04:30 PM - 05:00 PM IST
Pete Shoard, VP Analyst, Gartner
As organizations update their IT and security for modern work, they now have to manage a growing attack surface due to their technological environments becoming increasingly complex and dispersed. New technologies and business initiatives, such as SaaS and supply chain pose new threats. Organizations need to invest in a better understanding of the continuous expansion of their attack surface.