EARLY-BIRD

Discount
Save 325 by
17 July

Gartner
Security & Risk
Management
Summit 2015
14 15 September | London, UK | gartner.com/eu/security

The Worlds Most Important Gathering for

Security and Risk Executives
Five Programs
Chief Information Security Officer (CISO)
Risk Management and Compliance
Security Manager Program: Technology, Trends and Operations
Business Continuity Management
Internet of Things Security

Manage Risk and Deliver

Security in a Digital World
Craft your strategy for business resiliency
Get the tools you need to deliver secure digital business environments and ensure your
organization can weather an attack or disruption and bounce back quickly at Gartner Security
& Risk Management Summit 2015, 14 15 September, London, UK. This years conference
covers the breadth of priorities in IT security, risk management, governance, compliance, BCM,
the role of the CISO, the business of security, privacy, IAM and more.
Join us this September to find out how you can advance your security and risk goals to support
business objectives and improve resilience across the organization.

Key benefits of attending

Who will be there?

Gain tools and strategies to stay ahead of your

new responsibilities and increasing threats

Chief Information Security Officers

Chief Risk Officers

Align security and risk strategies with your

enterprise objectives and digital transformation

Chief Information Officers

Assure compliance with new

regulatory, compliance, privacy and
e-discovery requirements

IT Security Officers/Directors

Apply the latest techniques to tackle risks in

cloud, OT and IoT
Build a culture that drives security performance
through employee engagement

Visit gartner.com/eu/security for more information

IT Vice Presidents/Directors

Risk, Compliance and Privacy Managers

Information Security/Risk Managers
Network, Infrastructure, Solutions and Security
Architects

Reevaluate your security and risk strategies and investments for the digital age
Digital business technologies and the Internet of Things are creating new threats and risks even as regulatory
compliance and legal risks continue to escalate, and sophisticated cyber threats challenge even the best security
strategies. Every business is now a digital business, and every business must become profi cient at risk assessment
and mitigation, the foundation of success in the digital age.
This years summit delivers the latest research and recommendations across security and risk management priorities,
and provides you with solutions to the latest hot topics, including:
Application, network and infrastructure
security

Digital business security and risk management

Cloud security

Operational technology (OT) security and

risk management

Mobile security

Organizational resilience through BCM

Cybersecurity

Risk management and compliance

Security Awareness and Training

The intersection of IT, operational technology and the Internet of Things is spawning a new generation of threats. Join
us for the latest strategies to help you anticipate risk, mitigate its impact and enable successful business outcomes.

Whats new for 2015

Revamped agenda featuring
new content, and covering
key challenges such as
applications, network and mobile
security; security for the cloud;
digital business security, risk
management and privacy and
EU regulations

#gartnersecurity

First ever presentation of

Magic Quadrant for operational
risk management
Industry-orientated content,
especially around fi nancial services,
banking and insurance

Content tailored for small and

medium businesses
Expanded opportunity to network
with your peers with networking
lunches and drinks receptions
available

Focused sessions on crisis and

incident management

Gartner Security & Risk Management Summit 2015

Monday
Tuesday

15 September 2015

14 September 2015

Agenda at a Glance
07:30 20:00

Registration and Information

08:00 08:45

Tutorial: Top Trends and Takeways for Cybersecurity Earl Perkins

09:00 10:00

Summit Chair Welcome and Gartner Keynote: Manage Risk and Deliver Security in a Digital World Ant Allan, Peter Firstbrook and Dionisio Zumerle

10:00 10:30

Industry Panel

10:30 11:00

Refreshment Break in the Solution Showcase

11:00 12:00

Guest Keynote to be confirmed shortly

12:00 13:15

Lunch in the Solution Showcase

Tracks

A. Chief Information Security Officer (CISO)

Program

B. Risk Management and Compliance

Program

C. Security Manager Program: Technology, Tr

13:15 14:00

The New CISO's Crucial First 100 Days

Tom Scholtz

A Public Cloud Risk Model: Accepting Cloud

Risk is OK, Ignoring Cloud Risk is Tragic
Paul Proctor

Defensive Strategies in an Age of Digital

Insurgency Oliver Rochford

14:15 14:45

Solution Provider Sessions

14:45 15:15

Refreshment Break in the Solution Showcase

15:15 16:00

Be Agile Not Fragile: Use Threat Intelligence

Services to Defend Yourself Rob McMillan

The Path to High Impact Security

Awareness Christian Byrnes

Mobile Security Threats and Trends

2015 Dionisio Zumerle

16:15 16:45

Solution Provider Sessions

17:00 17:30

Protecting Your House on the Prairie: Security

Strategy for the Smaller Enterprise Tom Scholtz

Incident Response Platforms

A Long Time Coming Rob McMillan

Your Cloud Service Adoption Strategy Must

Include Data Protection Brian Lowans

17:30 20:00

Networking Reception in the Solution Showcase

07:45 17:15

Registration and Information

08:00 08:45

People-Centric Security: Experiences and

Lessons Learnt Tom Scholtz

09:00 09:45

Case Study

09:45 10:15

Refreshment Break in the Solution Showcase

10:15 10:45

Solution Provider Sessions

11:00 11:45

Case Study

11:45 13:00

Lunch in the Solution Showcase

13:00 13:45

Avoid Five Security Staffing Disasters

Jeremy DHoinne

Digital Business and Your New Relationship with

Risk Paul Proctor

What Role Will VPNs Play in Your Business

Future? John Girard

14:00 14:30

Chief Data Officers and Chief Information

Security Officers: Friends or Foes? Debra Logan

What Can We Expect from the Upcoming EU

Data Protection Regulation? Carsten Casper

Lessons Learned on Advanced Threat Defense

Strategies and Tools Jeremy DHoinne

14:30 15:00

Refreshment Break in the Solution Showcase

15:00 15:30

Case Study

How To Build A Globally Legal and Successful BYOD Program

John Girard

15:45 16:15

One Simple Way to Get Your CEO to Embrace

Risk Management John Wheeler

Assessing Cloud Service Providers: Getting Beyond the Checklists

Erik Heidt

16:30 17:15

Gartner Closing Keynote and Summit Chair Closing Remarks: Cybersecurity Scenario 2020: The Impact of Digital Business on Security Neil

Gartner Security & Risk Management Summit 2015

How to Get Single Sign On Ant Allan

What's New and Hot in GRC? John Wheeler

Future of Endpoint Management Rob Smith

Use a Vendor Risk Management Framework to

Mitigate Regulatory, Compliance, Security and
Performance Issues Gayla Sullivan

Panel: Mobile Security and Management: A Real

World Discussion Rob Smith et al.

12:30 12:50 Magic Quadrant for Enterprise Netw

#gartnersecurity

Agenda as of 19 June 2015

During the event, please refer to the printed Agenda or the Gartner Events mobile app for complete, up to the minute session information.

Tutorial: Best Practices in Crisis Communications Roberta Witty

10:35 10:55 Magic Quadrant for Security Information and Event Management Oliver Rochford

12:15 12:35 Magic Quadrant for Operational Risk Management John Wheeler

rends and Operations

Gartner's Adaptive Security Architecture: New

Approaches for Advanced and Insider Threats
Neil MacDonald

Securing Sensitive SaaS Using Cloud Access

Security Brokers Ramon Krikken

The Dark Side of Payment Card

Security Jonathan Care

D. Business Continuity Management

Program and
E. Internet of Things Security Program

Workshops and
Contract Negotiation Clinics

Roundtables

The Availability Implications for Digital

Business Roberta Witty

12:45 14:15 Workshop:

Get Incident-Ready. Test Your Plan
with a Scenario Rob McMillan

13:15 14:15 Roundtable:

Reduce The Risks and Implement
Data Access Controls Now!
Brian Lowans

Case Study

Why Crisis Management is the Heart of BCM

Software Roberta Witty

Defending Endpoints from the Persistent Attack Privacy and the Internet of Things: How to Avoid
Peter Firstbrook
Crossing the Creepy Line Carsten Casper

14:30 16:00 Workshop:

Get Security Right in an SMB
Environment Rob McMillan

16:15 17:45 Workshop:

Secure Self-Assessing and SelfCleansing Systems with DevOps?
Joerg Fritsch

15:15 16:15 Roundtable:

Changing Your Security Culture:
Why Change is Hard and What to Do
About It Debra Logan
16:30 17:30 Roundtable:
Managing the Identity of Things
Ant Allan

08:00 09:30 Contract Negotiating

Clinic: Cloud Contracts, Develop
Your Own Security and Risk
Exhibits Gayla Sullivan

08:00 09:00 Roundtable:

Do you Measure the Impact of Your
Awareness Program? Christian Byrnes

Defending Against Sophisticated Malware

Mario de Boer

Balancing Trust and User Experience for User

Authentication Ant Allan

Designing the Modern Application Security

Perimeter With Mobile and Cloud in Mind
Ramon Krikken

Cybersecurity Panel: IT Security, OT Security, IoT

Security: Impacts and Recommendations
Earl Perkins et al.

10:45 12:15 Workshop:

Introduction to Mobile Security
Self-Assessments John Girard
and Dionisio Zumerle

10:45 11:45 Roundtable:

Building Successful Business Metrics
for Technology Risk
Paul Proctor

Secure Use of AWS and Azure: Comparison and

Best Practices Neil MacDonald

Operational Technology Security is Not Just for

Industries Anymore Earl Perkins

13:00 14:30 Workshop:

Identity Proofing Revisited as Data
Privacy Dies Jonathan Care

13:00 14:00 Roundtable:

Why Social Media Risks Are
Skyrocketing and What You Can
Do to Protect Your Company
John Wheeler

Protecting Mobile Apps

Dionisio Zumerle

Case Study

Friends at the Gate? Best Practices for Enabling

Remote Privileged Access From Vendors and
Third Parties Felix Gaehtgens

The Legality and Ethics of IoT and Employee

Monitoring TBD

What Your Containers do Not Contain! About the

Security Properties of Containers Managed by
Docker Joerg Fritsch

Women in Security and Risk Management:

Do Women Approach Security and Risk
Management Differently Than Men?
Roberta Witty

work Firewalls Jeremy DHoinne

14:45 16:15 Workshop:

Reporting Risk and Security to your
Board of Directors Paul Proctor

15:00 16:00 Roundtable:

Secure Use of Public Cloud
Neil MacDonald

MacDonald

Visit gartner.com/eu/security for more information

Solution Showcase
Develop a shortlist of technology and service providers who can meet your particular needs. We offer you exclusive
access to some of the worlds leading technology and service solution providers in a variety of settings.

Premier Sponsor

Sponsorship Opportunities
For further information about sponsoring
this event:

As a global leader in IT security, Trend Micro develops innovative security solutions that make the world
safe for businesses and consumers to exchange digital information. With over 25 years of security
expertise, were recognized as the market leader in server security, cloud security, and small business
content security. Our security is powered by Trend Micro Smart Protection Network global threat
intelligence and is supported by over 1,200 security experts around the world.

Telephone: +44 1784 267456

Email: european.exhibits@gartner.com

www.trendmicro.co.uk

Platinum Sponsors

AirWatch by VMware is the leader in enterprise mobility

management (EMM). We enable end users with a seamless
digital workspace, and empower IT with a future-proof mobility
platform that provides flexibility to manage multiple use cases,
unified management of endpoints, end-to-end security, and
seamless integration across enterprise systems.
www.air-watch.com

Qualys (www.qualys.com) is a pioneer and leading provider of

cloud security and compliance solutions with over 7,700
customers in more than 100 countries. The Qualys Cloud Platform
and integrated suite of solutions help organizations simplify
security operations and lower the cost of compliance, delivering
critical security intelligence on demand.
www.qualys.com

Darktrace is a fast-growing cyber threat defense company and

world leader in Enterprise Immune System technology.
Darktraces award-winning solution is powered by machine
learning and mathematics developed at the University of
Cambridge, and helping organizations defend against advanced
cyber-attacks and insider threat by detecting previouslyunidentified anomalies in real time.

Fortinet is a worldwide provider of network security appliances and

a market leader in Network Security. Our products and subscription
services provide broad, integrated and high-performance
protection against dynamic security threats while simplifying the IT
security infrastructure. Our customers include enterprises, service
providers and government entities worldwide, including the
majority of the 2012 Fortune Global 100.

www.darktrace.com

www.fortinet.com

Splunk Inc. provides the leading platform for Operational

Intelligence. Splunk software searches, monitors, analyzes and
visualizes machine-generated big data from websites, applications,
servers, networks, sensors and mobile devices. More than 8,400
organizations use Splunk software to deepen business and
customer understanding, mitigate cybersecurity risk, improve
service performance and reduce costs.
www.splunk.com

Gartner Security & Risk Management Summit 2015

#gartnersecurity

Silver Sponsors

Avecto is an innovative technology business specializing in

endpoint security. The companys revolutionary Defendpoint
software ensures defense in depth while empowering users to
work freely.

BlackBerry provides an end-to-end suite of secure mobile

solutions, delivering innovative mobile technologies to users and
organizations that value productivity and achievement. Learn
more: www.BlackBerry.com.

For 30 years, Boldon James has been a leader in data

classification solutions, helping organisations manage sensitive
information securely & in compliance with legislation and
standards.

www.avecto.com

www.blackberry.com

www.boldonjames.com

Certes protects data in motion. Our CryptoFlow Solutions

safeguard sensitive applications over any network with user-aware
policies that protect data when firewalls cant stop hackers.

CSG Invotas is an award-winning leader in security orchestration

and automation for global security operations, delivering an
automated threat response solution to unify, orchestrate and
automate key elements of incident response.

DenyAll is a European software vendor, an expert in next

generation application security, building on 15 years of experience
securing web applications and services.

certesnetworks.com

www.denyall.com

www.csginvotas.com

eSentire is the leader in Active Threat Protection solutions and

services, the most comprehensive way to defend enterprises from
advanced and never-before-seen cyber threats.
www.esentire.com

Imperva is a leading provider of security solutions that protect

business-critical data and applications. The companys products
enable organizations to discover vulnerabilities, protect information,
and comply with regulations.

LogRhythm, a leader in security intelligence and analytics,

empowers companies to rapidly detect, respond to and neutralize
damaging cyber threats.
www.logrhythm.com

www.imperva.com

MetricStream is the market leader for integrated Governance, Risk,

and Compliance (GRC) Management Solutions that enable
organizations to deliver better business performance.

Netskope is the leader in safe cloud enablement. With Netskope,

IT can protect data and ensure compliance across cloud apps so
businesses can move fast, with confidence.

www.metricstream.com

www.netskope.com

ObserveIT, a pioneer in User Activity Monitoring, provides video

recordings of user activity, analytics and alerting to address
user- based attacks. Over 1,200 companies use ObserveIT.
Visithttp://www.observeit.com for more information.
www.observeit.com

Provide secure identity management and single sign-on to any

application, whether in the cloud, on-premises or on a mobile
device for your employees, partners and customers with Okta.

Pirean are recognised leaders in Identity and Access management

solutions, delivering industry best practice and expertise through a
unique Software, Consulting and Support Services blend.

www.okta.com

http://pirean.com

RedSocks is a Dutch IT security company specialising in detecting

and defeating malware in the corporate market. RedSocks supplies
the RedSocks Malware Threat Defender (MTD) as a network
appliance.
www.redsocks.nl

As the inventor of the SSH protocol, we have a twenty-year history

of leading the market in developing advanced security solutions
that enable, monitor, and manage encrypted networks.
www.ssh.com

Tenable Network Security provides continuous network monitoring to

identify vulnerabilities, reduce risk and ensure compliance. Our family
of products includes SecurityCenter Continuous View, which provides
the most comprehensive and integrated view of network health, and
Nessus, the global standard in detecting and assessing network data.

Vectra Networks X-series detection platform continuously monitors

traffic to automatically detect cyber attacks, prioritizing them by
greatest risk and enabling organizations to focus resources.
www.vectranetworks.com

www.tenable.com

Voltage Security provides end-to-end, data-centric encryption,

tokenization and key management solutions that allows companies
to seamlessly secure all types of sensitive information wherever it
resides.

Secure Mobile Gateway pioneer. Mobile threat prevention and data

usage optimization with real-time analytics. On device and in the
cloud. Gartner Cool Vendor.
www.wandera.com

WatchGuard Technologies, Inc. is a global leader of integrated,

multi-function business security solutions that intelligently combine
industry standard hardware, best-of-breed security features, and
policy-based management tools.

www.voltage.com

www.watchguard.com

Wombat Security Technologies provides information security

awareness and training software to help organizations teach their
employees secure behavior.

Sponsors correct as of 12 June 2015

www.wombatsecurity.com

Visit gartner.com/eu/security for more information

Gartner
Security & Risk Management
Summit 2015
14 15 September | London, UK | gartner.com/eu/security

Registration and pricing

3 easy ways to register

Web: gartner.com/eu/security

Pricing
Pricing subject to change

early-bird price:
2,150 + UK VAT
(offer ends 17 July 2015)

Email: emea.registration@gartner.com

Standard price:
2,475 + UK VAT

Telephone: +44 20 8879 2430

public Sector price:

1,950 + UK VAT

Gartner Clients
A Gartner ticket covers both days of the Summit. Contact your account
manager or email emea.events@gartner.com to register using a ticket.
Group Rate discount
Maximize learning by participating together in relevant sessions or splitting up
to cover more topics, sharing your session take-aways later.
Complementary registrations:
1 for every 3 paid registrations
2 for every 5 paid registrations
3 for every 7 paid registrations

Venue

For more information, email emea.teamsend@gartner.com or contact your

Gartner account manager.

WHY AttEnD A GARtnER EVEnt?

WHAt MAKEs GARtnER EVEnts unIQuE?

Build a successful strategy

Get validation from Gartner
analysts
Meet with suppliers to
support your tactical planning
Expand your peer network
Innovate and problem-solve
with like-minded peers
Join the largest, most
in uential network of its kind
Grow in your role
Get content and solutions
that are most relevant to you
Lead more effectively and
develop your team

2015 Gartner, Inc. and/or its affi liates. All rights reserved. Gartner is a registered trademark of
Gartner, Inc. or its affi liates. For more information, email info@gartner.com or visit gartner.com.

Our analysts
Analyst-led presentations
Analyst one-on-one
private meetings
Analyst-facilitated
roundtables
Our research
100% independent and
objective

Park Plaza Westminster Bridge

200 Westminster Bridge Road
London, UK SE1 7UT
Phone +44 844 415 6780
www.parkplaza.com

Gartner Hotel Room Rate

Prices start at 175 per night at Park
Plaza when using promotional code
GART130915

Proven and reliable

Relevant to your role

Money-back guarantee
If you are not completely satisfied with this
Gartner conference, please notify us in writing
within 15 days of the conference and we will
refund 100% of your registration fee.