gartner security & risk management summit 2014 · 2019-04-04 · now in its 3rd year, gartner...
Post on 04-Jun-2020
7 Views
Preview:
TRANSCRIPT
Visit gartner.com/ap/security for updates and to register! 1
Gartner Security & Risk Management Summit 201425 – 26 August | Hilton Sydney, Australia | gartner.com/ap/security
Hot topics
People-Centric Security
Governance Risk and Compliance
Cloud Computing and Security
Mobility and Security
Identity and Access Management
Smart Risk — Balancing Security and Opportunity
table of contents
From the desk of Rob McMillan, summit chair
Define and achieve effective security and risk management programs to improve enterprise performance
Successful security and risk leaders must learn to make smart decisions to captivate enterprise leaders and employees at all levels, and to instill the values of security risk mitigation to cultivate the pursuit of greater business opportunities.
Now in its 3rd year, Gartner Security & Risk Management Summit 2014, 25-26 August in Sydney, Australia, provides you with the latest strategies and best practices for maintaining an effective balance between risk and opportunity to mitigate security threats, so you can achieve faster business processes and improved enterprise performance.
Vet your strategy against your peers, identify areas for improvement, learn from new case studies and return to the office with a focused vision to advance your security and risk management programs. You’ll learn how to strike a workable balance between security and business, assess associated risks, communicate the parameters of that balance to business leaders and guide user behavior.
Join Gartner and your peers to gain the knowledge you’ll need to combat today’s threats and those that may exist several years from now, as well as the tools and the new technologies that are transforming the business.
Smart Risk — Balancing Security and Opportunity
3 Tracks
4 Agenda at a glance
5 Summit features
6 See who’s attending
7 Solution showcase and Build your agenda
8 Registration and pricing
Rob McMillanResearch Director and Summit Chair, Gartner Research
Tatiana Wells Senior Director, Program Management, Gartner Events
Visit gartner.com/ap/security for updates and to register! 3
Why attend
Who should attend
• ResetyourITsecurityandriskstrategyfor success
• StayrelevantasITsecurityandriskareredefined
•Mitigatetherisksinthenewdigitalage
• CraftstrategyforemergingBYODandmobile threats
• Establishnecessarycloudsecuritymeasures
• Learnhowtobalancesecurity,operational and business needs
Business and IT professionals involved in enterprise-wide security, risk management or business continuity:
• ChiefInformationSecurityOfficers(CISO)
• ChiefSecurityOfficers
• ChiefRiskOfficers(CRO)
• ChiefPrivacyOfficers
• VPs,DirectorsandManagersofITSecurity
• SecurityRiskManager/RiskManager
• ComplianceManager/FraudManager
• InformationRiskandInformationSecurity Managers
EarnCPECreditsAttending the Summit helps you advance your continuing professional education (CPE).RegisteredparticipantsareeligibletoearnCPEcreditstoward(ISC)2andISACA,programs.Learnmoreatgartner.com/ap/security.
ThreeCompleteProgramsFocusingonYourRole
A chief information security officer (ciso) programChiefInformationSecurityOfficers(CISO’s)mustfindandmaintainatrickybalance between protection and productivity. The challenge is exacerbated by ongoing volatility in enterprises’ businesses, technology and threat environments.Thisyear’sCISOprogramexploresthekeycapabilities,strategies and tactics that are essential for the contemporary security leader.
B Risk Management and compliance program Risk management continues to be a work in progress. As organizations revisit their risk management approaches, many are discovering not only a lack of focus on the key risks, but also a lack of understanding of how key risks can impact corporate performance. This year’s sessions will explore new strategies and real-world scenarios that will provide a blueprint for reconstructing risk management and compliance programs.
c it security programAs organizations accelerate adoption of new platforms in the digital age, bad actors develop methods to exploit these emerging platforms. Security programs must rapidly mature in the breadth and effectiveness of techniques and technologies to maintain appropriate levels of security for applications, data and infrastructure regardless of location. This year’s sessions provide advice for effective security management as well as insights into security technology selection and management.
FourAreasFocusingonYourKeyInitiatives
1 successful cloud ManagementGartner clients tell us that the number one obstacle to adopting cloud computing is security. However, an automatic “No” from the security team is not the answer. As organizations explore the benefits of cloud computing, security professionals must be prepared to highlight the risks and the costs of mitigating these risks.
2 Mobility and securityMobiledevicespresentahostofnewsecurityissues,withtheBYODphenomenon presenting the greatest challenge. IT organizations must adapt to this rapidly changing environment and implement new policies and new technologies to mitigate the risks of the mobile workplace. This track will help you navigate the mobile environment over a three-year horizon.
3 identity and Access ManagementAs business and organizations mature, they must manage volatile and rapid change, establish effective formal governance, and provide accountability through transparency. IAM can enable these evolutionary steps, but must itself evolve. It’s time for your IAM program to grow up and display the right foundation, architecture, governance, and organization for delivering real value. The IAM track features presentations on current best practices and the latest issues and trends.
4 technical insights: security ArchitectureTaking an architectural perspective to security technology and processes is critical to achieving a sustainable, flexible, and effective security program. These sessions explore the architectural and operational considerations for protecting information, building secure applications, understanding threats, logging and monitoring activity, and managing risk associated with new devices and service hosting models.
4 Gartner security & Risk Management summit 2014
Agenda at a glance
07:30 – 18:30 Registration
08:30 – 09:15 Tutorial: Top Security Trends and Takeaways for 2014 and 2015 Christian Byrnes
Tutorial:HowtoUsePaceLayeringtoCreateaGRC Application Strategy John Wheeler
Tutorial: IAM for the Masses Felix Gaehtgens
09:30 – 10:15 Gartner opening Keynote: smart Risk — Balancing security and opportunity John Girard, Paul Proctor and Andrew Walls
10:15 – 10:30 Welcome to the Gartner security & Risk Management summit 2014 Rob McMillan
10:30 – 11:00 IndustryPanelDiscussion
11:00 – 11:30 Refreshment Break in the Solution Showcase
tRAcK A
chief information security officer (ciso) program
tRAcK B
Risk Management and compliance program
tRAcK c
it security program
WoRKsHops
interactive sessions
RounDtABles
Ask the Analyst RoundtablesAnalyst-user Roundtables
11:30 – 12:00 TothePoint:DevelopingtheKeyCompetenciesof the Contemprary Security Team Tom Scholtz
To the Point: How to Achieve Success with Cyber Risk Assessment and Analysis Anne Robins
TothePoint:TheFiveStylesofAdvancedThreatDefense Craig Lawson
11:30 – 13:00 Workshop: Shall we take Privacy Seriously? Moderator: Carsten Casper
Ask the Analyst: Security Threat Intelligence Services — the What, the Who, the Why and the How Moderator: Rob McMillan
12:15 – 13:00 Case Study: Check website for updates When Will We Reach "Peak Threat", And What DoWeDoAfter? Paul Proctor
Architecting a New Approach for Continous Advanced Threat Protection Craig Lawson
Analyst-User Roundtable: Horror Stories — Why IAMProgramsFail Moderator: Felix Gaehtgens
13:00 – 14:15 LunchintheSolutionShowcase
14:15 – 15:00 Aligning Information Security and Information Management—GovernanceistheKey Tom Scholtz
Case Study: Check website for updates ApplicationandDataSecurityRoadmap Adam Hils
14:15 – 15:45 Workshop: WhatDoYouBuyfortheUserWhoHas(Accessto)Everything? Moderator: Felix Gaehtgens
Analyst-User Roundtable: Risk Awareness of OperationalTechnologies Moderator: Kristian Steenstrup
15:15 – 15:45 Solution Provider Sessions
15:45 – 16:15 Refreshment Break in the Solution Showcase
16:15 – 16:45 To the Point: People-Centric Security — Case Studies Tom Scholtz
TothePoint:UsingOrganizationalChangetoMitigateOperationalTechnologyRisk Kristian Steenstrup
To the Point: How to Securely Adopt Public Cloud Computing Adam Hils
Ask the Analyst: Managed Security Services in APAC Moderator: Andrew Walls
Ask the Analyst: Check website for updates
17:00 – 17:45 Mastermind Keynote interview Check website for updates
17:45 – 19:15 Networking Reception in the Solution Showcase
07:30 – 16:45 Registration
07:30 – 08:30 IndustryBreakfast—FinancialServices: TheDarkSideofDigitilization John Wheeler
Industry Breakfast — Government: The Myths of Authentication Anne Robins
IndustryBreakfast—OperationalTechnologySecurity for Manufacturing Automation and Control Earl Perkins
08:30 – 09:15 Why Your Policy is Broken and How You Can FixIt Rob McMillan
GRC—GoodConcept.FixingTerribleExecution Paul Proctor
HowBringYourOwnisShapingMobileSecurity John Girard
08:30 – 10:00 Workshop: Selecting Your IT Risk Assessment Methods and Tools Moderator: Chris Byrnes
Analyst-User Roundtable: Security Training — WhatWorks,WhatDoesn'tWork Moderator: Andrew Walls
09:30 – 10:00 Solution Provider Sessions
10:00 – 10:30 Refreshment Break in the Solution Showcase
10:30 – 11:15 MuchAdoaboutNothing—ITSecurityandOTSecurityAren'tthatDifferent Earl Perkins
The Gartner Business Risk Model Paul Proctor Case Study: Check website for updates 10:30 – 12:00 Workshop: GotMetricsButNobodyListens?TransformThem! Moderator: Rob McMillan
Analyst-User Roundtable: People-Centric Security Moderator: Tom Scholtz
11:30 – 12:00 Solution Provider Sessions
12:00 – 13:15 LunchintheSolutionShowcase
13:15 – 13:45 To the Point: Building a Secure User Andrew Walls
To the Point: Now is the Time to Put Your Privacy Program Right Carsten Casper
To the Point: Securing Cloud Services Anne Robins
AsktheAnalyst:ImplementingDLP— WhatWorks,WhatDoesn'tWork Moderator: Rob McMillan
Ask the Analyst: Securing Cloud Computing Moderator: Adam Hils
14:00 – 14:45 Understanding the Spectrum of Metrics and Reporting Christian Byrnes
PracticalInsightonEmbeddingRiskManagementinTechnologyOperations John Wheeler
Case Study: Check website for updates Analyst-User Roundtable: Cyberinsurance — AGreatIdeaButWithaFewChallenges Moderator: Paul Proctor
Analyst-UserRoundtable:What'sNewintheWorldofPrivacyLawsandPractices? Moderator: Carsten Casper
14:45 – 15:15 Refreshment Break in the Solution Showcase
15:15 – 16:00 Guest Keynote: Your personal Brand, Your Reputation, Your opportunity Sue Currie, Leading Personal Branding Expert
16:00 – 16:45 Gartner closing Keynote: the ciso Agenda for 2014/5 Christian Byrnes
16:45 – 17:00 Closing Remarks Rob McMillan
Mon
day
25 A
UG
US
T 20
14Tu
esda
y26
AU
GU
ST
2014
Visit gartner.com/ap/security for updates and to register! 5
07:30 – 18:30 Registration
08:30 – 09:15 Tutorial: Top Security Trends and Takeaways for 2014 and 2015 Christian Byrnes
Tutorial:HowtoUsePaceLayeringtoCreateaGRC Application Strategy John Wheeler
Tutorial: IAM for the Masses Felix Gaehtgens
09:30 – 10:15 Gartner opening Keynote: smart Risk — Balancing security and opportunity John Girard, Paul Proctor and Andrew Walls
10:15 – 10:30 Welcome to the Gartner security & Risk Management summit 2014 Rob McMillan
10:30 – 11:00 IndustryPanelDiscussion
11:00 – 11:30 Refreshment Break in the Solution Showcase
tRAcK A
chief information security officer (ciso) program
tRAcK B
Risk Management and compliance program
tRAcK c
it security program
WoRKsHops
interactive sessions
RounDtABles
Ask the Analyst RoundtablesAnalyst-user Roundtables
11:30 – 12:00 TothePoint:DevelopingtheKeyCompetenciesof the Contemprary Security Team Tom Scholtz
To the Point: How to Achieve Success with Cyber Risk Assessment and Analysis Anne Robins
TothePoint:TheFiveStylesofAdvancedThreatDefense Craig Lawson
11:30 – 13:00 Workshop: Shall we take Privacy Seriously? Moderator: Carsten Casper
Ask the Analyst: Security Threat Intelligence Services — the What, the Who, the Why and the How Moderator: Rob McMillan
12:15 – 13:00 Case Study: Check website for updates When Will We Reach "Peak Threat", And What DoWeDoAfter? Paul Proctor
Architecting a New Approach for Continous Advanced Threat Protection Craig Lawson
Analyst-User Roundtable: Horror Stories — Why IAMProgramsFail Moderator: Felix Gaehtgens
13:00 – 14:15 LunchintheSolutionShowcase
14:15 – 15:00 Aligning Information Security and Information Management—GovernanceistheKey Tom Scholtz
Case Study: Check website for updates ApplicationandDataSecurityRoadmap Adam Hils
14:15 – 15:45 Workshop: WhatDoYouBuyfortheUserWhoHas(Accessto)Everything? Moderator: Felix Gaehtgens
Analyst-User Roundtable: Risk Awareness of OperationalTechnologies Moderator: Kristian Steenstrup
15:15 – 15:45 Solution Provider Sessions
15:45 – 16:15 Refreshment Break in the Solution Showcase
16:15 – 16:45 To the Point: People-Centric Security — Case Studies Tom Scholtz
TothePoint:UsingOrganizationalChangetoMitigateOperationalTechnologyRisk Kristian Steenstrup
To the Point: How to Securely Adopt Public Cloud Computing Adam Hils
Ask the Analyst: Managed Security Services in APAC Moderator: Andrew Walls
Ask the Analyst: Check website for updates
17:00 – 17:45 Mastermind Keynote interview Check website for updates
17:45 – 19:15 Networking Reception in the Solution Showcase
07:30 – 16:45 Registration
07:30 – 08:30 IndustryBreakfast—FinancialServices: TheDarkSideofDigitilization John Wheeler
Industry Breakfast — Government: The Myths of Authentication Anne Robins
IndustryBreakfast—OperationalTechnologySecurity for Manufacturing Automation and Control Earl Perkins
08:30 – 09:15 Why Your Policy is Broken and How You Can FixIt Rob McMillan
GRC—GoodConcept.FixingTerribleExecution Paul Proctor
HowBringYourOwnisShapingMobileSecurity John Girard
08:30 – 10:00 Workshop: Selecting Your IT Risk Assessment Methods and Tools Moderator: Chris Byrnes
Analyst-User Roundtable: Security Training — WhatWorks,WhatDoesn'tWork Moderator: Andrew Walls
09:30 – 10:00 Solution Provider Sessions
10:00 – 10:30 Refreshment Break in the Solution Showcase
10:30 – 11:15 MuchAdoaboutNothing—ITSecurityandOTSecurityAren'tthatDifferent Earl Perkins
The Gartner Business Risk Model Paul Proctor Case Study: Check website for updates 10:30 – 12:00 Workshop: GotMetricsButNobodyListens?TransformThem! Moderator: Rob McMillan
Analyst-User Roundtable: People-Centric Security Moderator: Tom Scholtz
11:30 – 12:00 Solution Provider Sessions
12:00 – 13:15 LunchintheSolutionShowcase
13:15 – 13:45 To the Point: Building a Secure User Andrew Walls
To the Point: Now is the Time to Put Your Privacy Program Right Carsten Casper
To the Point: Securing Cloud Services Anne Robins
AsktheAnalyst:ImplementingDLP— WhatWorks,WhatDoesn'tWork Moderator: Rob McMillan
Ask the Analyst: Securing Cloud Computing Moderator: Adam Hils
14:00 – 14:45 Understanding the Spectrum of Metrics and Reporting Christian Byrnes
PracticalInsightonEmbeddingRiskManagementinTechnologyOperations John Wheeler
Case Study: Check website for updates Analyst-User Roundtable: Cyberinsurance — AGreatIdeaButWithaFewChallenges Moderator: Paul Proctor
Analyst-UserRoundtable:What'sNewintheWorldofPrivacyLawsandPractices? Moderator: Carsten Casper
14:45 – 15:15 Refreshment Break in the Solution Showcase
15:15 – 16:00 Guest Keynote: Your personal Brand, Your Reputation, Your opportunity Sue Currie, Leading Personal Branding Expert
16:00 – 16:45 Gartner closing Keynote: the ciso Agenda for 2014/5 Christian Byrnes
16:45 – 17:00 Closing Remarks Rob McMillan
Age
nda
corr
ect a
s of
7 J
uly
2014
. Ses
sion
s su
bje
ct to
cha
nge.
summit features
end-user case studiesGartner-invited end-users reveal their personal challenges, issues and lessons learned.
track sessionsPresented by Gartner analysts, invited guest speakers and industry presenters, these sessions focus on the issues that matter most to you and provide real-world information that will help you make better decisions and drive successful results.
“to the point” sessionsSometimes you just want to hear the “Top 5 Things You Want to Know” about a trend, a technology or an approach. Gartner analysts provide top concepts, key trends or a quick overview of a particular topic, in a condensed format.
WorkshopsPresented by Gartner or guest experts, these workshops provide an opportunity to drill down on specific “how to” topics in an extended, small group session. The courses are designed for an intimate and interactive learning experience. Reserved for end-users only.
Analyst-user roundtablesJoin us for a hosted peer group discussion with your end-user peers, along with a Gartner analyst lending his or her expertise to assist you. These should not be missed!
Ask the analystAlongside the traditional Gartner analyst-user roundtables where you can speak to your peers in a moderated environment, there will also be a series of Q&A roundtables in which you can question the analyst directly and learn from the questions posed by your peers.
tutorial sessionsThese presentations are focused on layering the foundations for attendees’ understanding of a topic, trend or technology with basic 101 “building block” definitions and analysis.
technical insights — neWLooking for the in-depth technical view? We’ve got it covered with Technical Insights sessions, presented by Gartner for Technical Professionals analysts. Focused on execution, these sessions offer how-to guidance on assessing new technologies at the technical level, developing architecture and design, evaluating products, creating an implementation strategy and managing overall project execution.
At the Summit, please refer to the agenda in the event guide provided,
for the most up to date session and location information.
6 Gartner security & Risk Management summit 2014
Meet the analysts
Christian ByrnesManaging VP
John GirardVP Distinguished Analyst
Robert McMillanResearch Director
Anne RobinsResearch Director
Carsten CasperResearch VP
Adam HilsResearch Director
Earl PerkinsResearch VP
Tom ScholtzVP and Gartner Fellow
Andrew WallsResearch VP
Felix GaehtgensResearch Director
Craig LawsonResearch Director
Paul ProctorVP Distinguished Analyst
Kristian SteenstrupVP and Gartner Fellow
John WheelerResearch Director
FOCUS AREAS: Information security program management; risk management
FOCUS AREAS: Mobile enterprise strategy; information security technology and services; identity and access management; integrating Apple into the enterprise; negotiating software contracts
FOCUS AREAS: Security and risk management leaders; information security program management; risk management; IT governance; information security technology and services
FOCUS AREAS: Risk management; identity and access management; information security program management; information security technology and services
FOCUS AREAS: Privacy; information security program management; compliance; information security technology and services
FOCUS AREAS: Information security technology and services; information security program management; virtualization
FOCUS AREAS: Security and risk management leaders; IT and operational technology alignment; information security technology and services; compliance; smart grid
FOCUS AREAS: Information security program management; risk management; business continuity management; IT governance; information security technology and services
FOCUS AREAS: Information security program management; information security technology and services; privacy; security and risk management leaders; business gets social
FOCUS AREAS: Identity and access management
FOCUS AREAS: Information security technology and services
FOCUS AREAS: Risk management; information security program management; information security technology and services; compliance; IT governance
FOCUS AREAS: IT and operational technology alignment; business value of IT; IT strategic planning; competitive advantage and business transformation
FOCUS AREAS: Risk management; security and risk management leaders; IT governance; business value of IT; compliance
Gartner keynotes
Guest keynote
MondAy 25 AuGuST — 09:30
Gartner opening Keynote: Smart Risk — Balancing Security and opportunityJohn Girard, VP Distinguished Analyst; Paul Proctor, VP Distinguished Analyst; Andrew Walls, Research VP
TuESdAy 26 AuGuST — 16:00
Gartner Closing Keynote: The CISo Agenda for 2014/5Christian Byrnes, Managing VP
TuESdAy 26 AuGuST — 15:15
your Personal Brand, your Reputation, your opportunitySue Currie, Leading Personal Branding Expert
Gartner analyst one-on-one meetingsGartnerEventsgiveyoumorethanwhat your normal industry event offers. Meeting face-to-face with a Gartner analyst is one of the key benefits of attending a Gartner Summit. Personalize your 30 minute private appointment to discuss your specific issue and walk away with invaluable, tailor-made advice that you can apply to your role and your organization straight away.
Visit gartner.com/ap/security for updates and to register! 7
Solution showcaseDevelopa“shortlist”oftechnologyproviderswhocanmeetyourparticularneeds.We offer you exclusive access to some of the world’s leading technology and service solution providers in a variety of settings.
sponsorship opportunitiesFor further information about sponsoring this event contact:
Dan Giacco
Telephone: +61 438 874 149
Email: daniel.giacco@gartner.com
Maria Kamberidis
Telephone: +61 427 327 222
Email: maria.kamberidis@gartner.com
premier sponsor
platinum sponsors
silver sponsors
Media partners
powerful tools to navigate manage and decideTo get the most out of your Summit experience, we’ve created a range of tools to help you manage your goals and objectives of attending.
Gartner events navigatorWe’re excited to introduce a new and enhanced agenda planning tool which replaces our previous Agenda Builder tool. GartnerEventsNavigatorallowsyoutoplanyour personal event experience and gain themostfromyourtimeon-site.Organize,view and customize your agenda using the following criteria:
•Gartneranalystandspeakerprofiles
•Gartneranalystone-on-onemeetings
• Sessiondetailsincludingtracks,date,time, etc.
• YourGartneranalyst-userroundtableorworkshop reservations
• Dailyactivitiesandnetworking
Gartner events navigator Mobile AppManage your agenda on your mobile device!
•Getup-to-the-minuteeventupdates
• Integratesocialmediaintoyoureventexperience
• Accesssessiondocumentsandaddyournotes
• AvailableforiPhone®, iPad® and Android™
event Approval toolsForusepre-event,on-siteandpost-event,ourEventApprovalToolsmakeiteasytodemonstrate the substantial value of your Gartner event experience to your manager. They include a customizable letter, cost-benefi t analysis, top reasons to attend and more.
Visit gartner.com/ap/security for details.
Build your agenda
GARTnER HoTEL RooM RATE
$300 per night at Hilton Sydney 488 George Street Sydney NSW 2000
Phone: + 61 9266 2000
Venue
©2014Gartner,Inc.and/oritsaffiliates.Allrightsreserved.GartnerisaregisteredtrademarkofGartner,Inc.oritsaffiliates.Formoreinformation,emailinfo@gartner.comorvisitgartner.com.
Gartner security & Risk Management summit 201425 – 26 August | Hilton sydney, Australiagartner.com/ap/security
100% Money-Back Guarantee If you are not completely satisfied with this Gartner conference, please notify us in writing within 15 days of the conference and we will refund 100% of your registration fee.
Gartner Security & Risk Management Summit2014isonTwitterandLinkedIn.
#Gartnersec
Gartner security & Risk Management Xchange
Join the conversation!
3 easy ways to register
Web: gartner.com/ap/security
email: apac.registration@gartner.com
telephone: +61 2 8569 7622
pricing Pricing and Date is subject to change
standard price: $2,795 exc. GST
public sector price: $2,295 exc. GST
Gartner clients A Gartner ticket covers both days of the Summit. Contact your account manager or email apac.events@gartner.com to register using a ticket.
Group rate discount
Attend as a group — discounts availableGartner Events has designed an experience that will help teams of 4 to 25 maximize their Summit experience while on-site and long after the event concludes.
Summit group rate discount offers:
• 4forthepriceof3
• 7forthepriceof5
• 10forthepriceof7
For more information visit gartner.com/ap/security
“ By 2016, 40% of large companies will integrate IT
risk measurements with corporate performance,
doubling from 20% in 2013.” 2014 Gartner Predicts
top related