Gartner Security & Risk Management Summit 2015

(1)

Gartner

Security &

Risk Management

Summit 2015

1 – 2 September | Mumbai, India | gartner.com/in/security

Hot topics

• Cybersecurity

• Mobile and cloud security

• Data loss prevention

• IT security leaders strategies

• Governance, risk and compliance

• Identity and access management

• Operational technology and IoT security

Manage Risk and Deliver Security in a Digital World

EARLY-BIRD

DISCOUNT

Save 6,500 by

3 July

(2)

Manage Risk and Deliver

Security in a Digital World

Ruggero Contu

Research Director and Summit Chair, Gartner

The inaugural

Gartner Security & Risk Management Summit 2015, 1 – 2 September in Mumbai,

India

, will bring Gartner’s world renowned analysts and India’s security and risk management community

together for the fi rst time. The event will showcase latest research, insights and forward-thinking

perspective, found nowhere else.

Instead of putting out fi res responding to each and every threat, senior executives want information

security and risk management to become more predictable and manageable. With a host of unknown

unknowns, anticipating the future is challenging.

The Gartner Security & Risk Management Summit takes a comprehensive look at the information

security and risk discipline including: network and infrastructure security, identity/access management,

compliance, privacy, fraud, business continuity management, and resilience.

Look forward to see you in Mumbai!

Regards

(3)

Key benefi ts of attending:

• Gain role-specifi c tools and strategies to stay ahead of expanding

scopes of responsibility and increasing threats

• Align security and risk management strategies with

enterprise objectives

• Assure compliance by learning the new privacy and e-discovery

regulations and requirements

• Apply the latest techniques to tackle risks in cloud, operational

technology (OT), the Internet of Things (IoT) and IT

• Maximize enterprise ROI by using the latest business continuity

management (BCM) and enterprise resilience practices

• Build a culture that drives security performance through employee

engagement

4 Keynotes

5 Meet the analysts

6 Plan your experience

8 Agenda at a glance

10 Solution Showcase

11 Registration and pricing

Table of content

Who should attend?

• CIOs, CSOs, CISOs, CTOs,

CROs and CPOs

• IT vice presidents and directors

• Network managers, security

executives and directors

• Governance and risk and

compliance vice presidents,

directors and managers

• Enterprise architects and

planners

• Business leaders

• Finance, audit and legal risk and

compliance managers

• Business continuity and IT

disaster recovery managers

GARTNeR PRedICTS

By 2017, 30% of threat intelligence services will

include vertical-market security intelligence

information from the IoT.

(4)

Keynotes

Gartner keynotes

Gartner Opening Keynote:

Manage Risk and Deliver Security in a Digital World

Effective cybersecurity is the foundation of successful digital business. As

organizations leverage new technology and business processes to deliver

services and products to global markets, security and risk managers must

support achievement of enterprise objectives while mitigating security risks

to an acceptable level. In the face of increasing threats to IT, OT and IoT,

security and risk leaders need to build resilient organizations that can withstand

attacks and continue to attain enterprise objectives. This keynote will address

how successful security and risk leaders can embrace new approaches to

digital business while maintaining proven control architecture that mitigates

enterprise risk.

Gartner Closing Keynote:

Digital Business and Your Relationship with Risk

Digital business requires you to engage in risk to facilitate success. This forces

a different approach to risk and security that creates opportunity. However,

you are not free to do whatever you want. Accepting risk is OK, Ignoring risk is

tragic. It is necessary to balance the needs to protect against the needs to run

your business.

Tom Scholtz VP & Gartner Fellow Partha Iyengar VP Distinguished Analyst Partha Iyengar VP Distinguished Analyst Ruggero Contu Research Director Ruggero Contu Research Director

Gartner would like to thank the esteemed members of our Advisory Board

Mannan Godil

Chief Information Security Officer, Edelweiss Commodities Services Limited Mukesh Jain VP & Head, Reliance India VC Kumanan Senior Director, IDFC Ms. Vandana Nanda Director Finance, CRIS Amit Pradhan Group CISO, Cipla Limited Somak Shome Vice President of IT,

Srei Infrastructure Finance Limited

Suraj Tiwari CISO, VFS

GARTNeR PRedICTS

By 2016, at least 50% of endpoint protection providers

will incorporate EDR capabilities into their EPP suites.

(5)

Meet the analysts

eric Ahlm Research Director Partha Iyengar VP Distinguished Analyst Mark Nicolett Managing VP Tom Scholtz VP & Gartner Fellow

Craig Lawson Research Director

Lawrence Pingree Research Director

Anmol Singh

Principal Research Analyst Ruggero Contu

Research Director and Summit Chair

Ganesh Ramamoorthy Research VP

Sid deshpande Principal Research Analyst

John Girard

VP Distinguished Analyst

Engage with our team of Gartner analysts through track presentations, complimentary one-on-one meetings, analyst-facilitated workshops, roundtables and more.

Product strategy; go-to-market planning; sales and channel strategy; information security technology and services

IT strategic planning; shared services; business value of IT; competitive advantage and business transformation; IT organizational design

Information security technology and services

Information security program management; risk management; business continuity management; IT governance; information security technology and services

Information security technology and services

Market and competitive intelligence management; go-to-market planning; risk management; information security technology and services; audit and compliance

Identity and access management

Endpoint security market; cloud-based security services; email and secure web gateways competitive landscapes; device control; security budgeting; information security forecasting/market share analysis

New market opportunities; product strategy; go-to-market planning; go-to-market and competitive intelligence management; positioning and messaging

Market and competitive intelligence management; new market opportunities; security and risk management leaders

Mobile enterprise strategy; information security technology and services; identity and access management; negotiating software contracts

Many attendees tell us that a one-on-one session is worth the price of admission all by itself. Roll up your sleeves with a Gartner analyst and explore the best ways to move your strategy forward.

The Gartner Security & Risk Management Summit offers you the unique opportunity to meet privately with one of our analysts in a 30-minute consultation completely focused on helping you craft actionable solutions to current challenges. Meet with the analyst of your choice and reap the benefi ts of individualized, results oriented attention. You decide the topic or issue for discussion.

(6)

Plan your experience

Agenda tracks

A. Leadership and Management of Security and Risk

Digital Business is often at odds with conventional security strategies. While ongoing publicity regarding severe security incidents results in valuable executive support, security managers are being requested to support business initiatives and the deployment of new IT architectures brought by Digital Business, such as cloud computing, mobility and Internet of Things (IoT) while at the same deal with new security requirements originating from such changes. The program will help you gain the leadership skills needed to make the diffi cult decisions and fi nd the right balance between enabling business and minimizing risks.

B. CyberSecurity

Recent high-profi le attacks have driven aggressive cybersecurity actions by multiple governments, leading to greater CyberSecurity awareness and impending

legislation. This track will help you separate the hype from the reality and will highlight best practices for protecting your organization in a rapidly changing threat environment.

Virtual Tracks

Identity and Access Management

As businesses and institutions mature, security and risk management leaders must manage volatile and rapid change, establish effective formal governance, and provide accountability through transparency, without impeding workforce agility or eroding customer experience. IAM can enable these

evolutionary steps, but must itself evolve. It’s time for your IAM program to grow up and display the right foundation, architecture, governance, and organization for delivering real value. The IAM track features a wealth of presentations on current best practices and the latest issues and trends.

Cloud and Mobile Security

Our clients tell us that the number one obstacle to adopting cloud computing is security and mobile devices present a host of new security issues, with the BYOD phenomenon presenting the greatest challenge. However, an automatic “No” from the security team is not the answer. As organizations explore the benefi ts of cloud computing and mobility, security professionals must be prepared to highlight the risks and the costs of mitigating these risks. This track will show you how.

Digital Business and the Internet of Things

Digital Business drives new opportunities for business success but also challenges traditional approaches to information security. Attacks and threats change and adapt as organizations adjust to the new realities of digital business, including Internet of Things. As organizations accelerate their adoption of these new platforms for business operations, your security program must also rapidly adapt to the new reality and assimilate new technologies as you also mature in your use of and the effectiveness of existing technologies. This track will show you how.

Customize

your agenda

Gartner Events Navigator

Gartner Events Navigator helps you organize, view and custom-create an agenda based on:

• Date and time • Track

• Analyst/speaker profi les • Session descriptions • Key initiatives • Vertical industries

Visit gartner.com/in/security and click

the “agenda” tab or download the

Gartner Events mobile app (iPhone®_,

(7)

GARTNeR PRedICTS

By 2017, the demand for security analytics as a

service will grow by 50%.

Analyst

interaction

Analyst one-on-one meetings*

Complimentaryconsulting

with two Gartner analysts of your choice

Analyst-user roundtables*

Moderated by Gartner analysts for exchanging ideas and best practices with your peers

Ask the analyst roundtables*

Debate with the analysts directly and learn from the questions posed by your peers

Workshops*

Small-scale and interactive; drill down on specifi c topics with a how-to focus

* Space is limited and preregistration is required. Limited to end-user organizations only.

Network with

peers

Meet solution

providers

Solution Showcase

Explore cutting-edge IT solutions from top providers

Solution provider sessions

Exhibitors share their insights on the latest products and services

End–user case studies

Learn about recent implementations fi rsthand, with an opportunity for Q&A with the IT and business executives leading the initiative

Solution Showcase reception

Connect with peers in similar roles who face similar challenges, at the networking reception on the Solution Showcase designed to build relationships and facilitate the meaningful exchange of ideas and information

(8)

Agenda at a glance

07:30 – 17:45 Registration

08:30 – 09:00 Tutorial: Introduction to Mobile Security Self-Assessments John Girard Tutorial: The Gartner ITScore Maturity Model for IAM Anmol Singh

09:00 – 10:00 Gartner Opening Keynote: Manage Risk and Deliver Security in a Digital World Tom Scholtz, Partha Iyegar and Ruggero Contu

10:00 – 10:30 Refreshment Break in the Solution Showcase

TRACKS

A. Leadership and Management of Security and Risk

B. Cybersecurity

Workshops

Analyst-User Roundtables

10:30 – 11:15 How the Internet of Things Will Change Cybersecurity Forever Ganesh Ramamoorthy

What’s Driving the Third Wave of Threat Intelligence in Enterprises Craig Lawson

10:30 – 12:15 Workshop:

Best Practices for a Successful SIEM Implementation

Mark Nicolett

10:15 – 11:15 Roundtable: Endpoint Security and Application Control Lawrence Pingree

11:30 – 12:15 How to Budget for Security Spend Sid deshpande The Three Year Outlook for Advanced Threat Solutions

eric Ahlm

12:15 – 13:30 Lunch Break in the Solution Showcase 13:00 – 13:20 Magic Quadrant: Mobile Data Protection John Girard

13:30 – 14:00 One Simple Way to Get Your CEO to Embrace Risk Management Tom Scholtz

The Cyber Kill Chain Craig Lawson 13:45 – 15:15 Workshop:

Implications of IoT to Business and its Relevance to Security

Ganesh Ramamoorthy

14:15 – 14:45 Solution Provider Sessions 14:15 – 15:15 Roundtable: Network Security

in the Age of Digital Business Rajpreet Kaur

15:00 – 15:45 Security in the Cloud: Consider Different Risks and Opportunities Ruggero Contu

Defending Endpoints From the Persistant Attack Lawrence

Pingree 15:30 – 17:00 Workshop:

How to Outsource Security Effectively

Sid deshpande

15:30 – 16:30 Roundtable:

Is Your Enterprise Mobility Management/Mobile Device Management Meeting Your Requirements?

John Girard

16:00 – 16:30 Solution Provider Sessions

16:45 – 17:15 GRC: What Works and What Doesn’t Work Mark Nicolett and Rajpreet Kaur

The Impact of Data Center Transformation on Security

eric Ahlm

17:45 – 18:30 Guest Keynote

19:00 – 21:00 Solution Showcase Reception and Dinner

09:00 – 09:45 Guest Keynote:

Comparing Best Practices for Incident Response eric Ahlm

10:15 – 11:00 It’s Time to Split the Information Security Organization in Two: Bimodal Security Partha Lyengar

Pushing the Boundaries of SIEM Mark Nicolett and Rajpreet Kaur

12:00 – 12:45 Moving Identities to the Cloud Anmol Singh Managed Security Services in the India Context Sid deshpande 12:00 – 13:30 Workshop:

Cost Optimization Approaches to Security Practices

Biswajeet Mahapatra

Security Threat Intelligence Services — The What, the Who, the Why and the How Craig Lawson

13:00 – 13:30 Key Building Blocks for IoT Security Ganesh Rammamurthy Five Steps to “Failure Proof” Mobile Security John Girard

13:30 – 14:30 Lunch Break in the Solution Showcase 13:40 – 14:00 Magic Quadrant: SIEM Mark Nicolett

14:30 – 15:00 Case Study Case Study 14:30 – 16:00 Workshop:

Unified Threat Management vs Next Generation Firewalls: What are the Differences, and Why Should You Care?

Mark Nicolett and Rajpreet Kaur

15:15 – 16:00 Secure Use of Public Cloud Sid deshpande The Canary in the Digital Age, Detecting the Persistant Attacker Before it is Too Late Laurence Pingree

Designing the Right Privileged Account Management Solution Anmol Singh

16:15 – 17:00 Build an Effective Security and Risk Governance Function

Tom Scholtz

Mind the SaaS Security Gaps Craig Lawson

17:30 – 18:15 Gartner Closing Keynote: Digital Business and Your Relationship with Risk Partha Iyengar and Ruggero Contu

Monday

1 September 2015

Tuesday

(9)

08:30 – 09:00 Tutorial: Introduction to Mobile Security Self-Assessments John Girard Tutorial: The Gartner ITScore Maturity Model for IAM Anmol Singh

09:00 – 10:00 Gartner Opening Keynote: Manage Risk and Deliver Security in a Digital World Tom Scholtz, Partha Iyegar and Ruggero Contu

TRACKS

A. Leadership and Management of Security and Risk

B. Cybersecurity

Workshops

Analyst-User Roundtables

10:30 – 11:15 How the Internet of Things Will Change Cybersecurity Forever Ganesh Ramamoorthy

What’s Driving the Third Wave of Threat Intelligence in Enterprises Craig Lawson

10:30 – 12:15 Workshop:

Best Practices for a Successful SIEM Implementation

Mark Nicolett

10:15 – 11:15 Roundtable: Endpoint Security and Application Control Lawrence Pingree

11:30 – 12:15 How to Budget for Security Spend Sid deshpande The Three Year Outlook for Advanced Threat Solutions

eric Ahlm

12:15 – 13:30 Lunch Break in the Solution Showcase 13:00 – 13:20 Magic Quadrant: Mobile Data Protection John Girard

13:30 – 14:00 One Simple Way to Get Your CEO to Embrace Risk Management Tom Scholtz

The Cyber Kill Chain Craig Lawson 13:45 – 15:15 Workshop:

Implications of IoT to Business and its Relevance to Security

Ganesh Ramamoorthy

14:15 – 14:45 Solution Provider Sessions 14:15 – 15:15 Roundtable: Network Security

in the Age of Digital Business Rajpreet Kaur

15:00 – 15:45 Security in the Cloud: Consider Different Risks and Opportunities Ruggero Contu

Defending Endpoints From the Persistant Attack Lawrence

Pingree 15:30 – 17:00 Workshop:

How to Outsource Security Effectively

Sid deshpande

Is Your Enterprise Mobility Management/Mobile Device Management Meeting Your Requirements?

John Girard

16:45 – 17:15 GRC: What Works and What Doesn’t Work Mark Nicolett and Rajpreet Kaur

The Impact of Data Center Transformation on Security

eric Ahlm

17:45 – 18:30 Guest Keynote

19:00 – 21:00 Solution Showcase Reception and Dinner

09:00 – 09:45 Guest Keynote:

Comparing Best Practices for Incident Response eric Ahlm

10:15 – 11:00 It’s Time to Split the Information Security Organization in Two: Bimodal Security Partha Lyengar

Pushing the Boundaries of SIEM Mark Nicolett and Rajpreet Kaur

12:00 – 12:45 Moving Identities to the Cloud Anmol Singh Managed Security Services in the India Context Sid deshpande 12:00 – 13:30 Workshop:

Cost Optimization Approaches to Security Practices

Biswajeet Mahapatra

Security Threat Intelligence Services — The What, the Who, the Why and the How Craig Lawson

13:00 – 13:30 Key Building Blocks for IoT Security Ganesh Rammamurthy Five Steps to “Failure Proof” Mobile Security John Girard

13:30 – 14:30 Lunch Break in the Solution Showcase 13:40 – 14:00 Magic Quadrant: SIEM Mark Nicolett

14:30 – 15:00 Case Study Case Study 14:30 – 16:00 Workshop:

Unified Threat Management vs Next Generation Firewalls: What are the Differences, and Why Should You Care?

Mark Nicolett and Rajpreet Kaur

15:15 – 16:00 Secure Use of Public Cloud Sid deshpande The Canary in the Digital Age, Detecting the Persistant Attacker Before it is Too Late Laurence Pingree

Designing the Right Privileged Account Management Solution Anmol Singh

16:15 – 17:00 Build an Effective Security and Risk Governance Function

Tom Scholtz

Mind the SaaS Security Gaps Craig Lawson

When attending this event, please refer to the agenda handout provided or the Gartner Events mobile app for the most up to date session and location information

Identity and Access Management

Cloud and Mobile Security

digital Business and the Internet of Things

Virtual Tracks

Agenda correct as of 3 June 2015, and

(10)

Solution Showcase

Platinum sponsor

Silver sponsor

Sponsorship opportunities

Explore cutting-edge IT solutions from top providers; plus, participate in

solution provider sessions, networking reception and more.

For further information about sponsoring this event:

Email: [email protected]

Tel: +91 22 6613 2140

Exclusive chamber partner

(11)

Registration and pricing

3 ways to register

Web:

gartner.com/in/security

email:

[email protected]

phone:

+91 80 2222 2079

Save 6,500 by 3 July

early-bird price: INr 39,095

plus taxes

Standard price: INR 45,595

plus taxes

Public sector price: INR 36,495

plus taxes

Early-bird discount

Gartner event tickets

We accept one Gartner Summit ticket for payment. If you are a client with questions about tickets, please contact your sales representative or call +91 80 2222 2079

JW Mariott Mumbai Sahar

IA Project Road, Chhatrapati Shivaji International Airport, Andheri East, Mumbai, MH, 400 099

Venue

Group Rate Discount

Maximize learning by participating together in relevant sessions or splitting up to cover more ground, sharing your session take-aways later.

Complimentary registrations

• 1 for every 3 paid registrations • 2 for every 5 paid registrations • 3 for every 7 paid registrations

For more information, email [email protected] or contact your Gartner account manager.

Gartner events deliver what you need

In addition to three tracks of the latest Gartner analyst research, keynote speakers and case studies, your Summit registration fee includes complimentary access to these special features:

• One analyst one-on-one • Analyst-user roundtables • Workshops

• Solution Showcase

Online pre-registration is required for one-on-ones, workshops and roundtables.

Reserve your place early, as space is limited.

Event Approval Tools

For use pre-event, on-site and post-event, our Event Approval Tools make it easy to demonstrate the substantial value of your Gartner event experience to your manager. They include a customizable letter, cost-benefi t analysis and more.

Visit gartner.com/in/security for details.

GARTNeR PRedICTS

By 2017, the number of permanently

traceable individuals in developed

(12)

1 – 2 September | Mumbai, India | gartnerevent.com/in/bi

Gartner

Security & Risk Management

Summit 2015

Register now and save

6,500

Early-bird discount expires 3 July

Web:

gartner.com/in/security

email:

[email protected]

phone:

+91 80 2222 2079

3 ways to register

Gartner Security & Risk Management Summit is on Twitter and LinkedIn.

#GartnerSEC Gartner Security & Risk Management (Xchange)

Join the conversation!

Gartner Security & Risk Management Summit

8 – 11 June | National Harbor, MD

13 – 15 July | Tokyo, Japan

10 – 11 August | Sao Paulo, Brazil

24 – 25 August | Sydney, Australia

14 – 15 September | London, U.K.

2 – 3 November | Dubai, U.A.E.

Gartner Identity & Access Management Summit

7 – 9 December | Las Vegas, NV

Gartner Security Summits around the globe

United Kingdom 14 – 15 September United States 7 – 9 December United States 8 – 11 June Brazil 10 – 11 August Dubai 2 – 3 November Mumbai 9 – 10 June Australia 24 – 25 August Japan 13 – 15 July