Anda di halaman 1dari 1

Gartner Security & Risk Management Summit 2012

June 11 14 | National Harbor, MD | gartner.com/us/securityrisk


Sunday, June 10
4:00 p.m. Registration

AGENDA AT A GLANCE
As of April 3, 2012, and subject to change
2012 Gartner, Inc. and/or its affiliates. All rights reserved. Gartner is a registered trademark of Gartner, Inc. or its affiliates. For more information, email info@gartner.com or visit gartner.com.

Monday, June 11
7:00 a.m. Registration 8:30 a.m. T1. FedRAMP Focus: Government Strategies for Secure Use of Cloud John Pescatore 10:00 a.m. K1a. Welcome and Opening Remarks Vic Wheatman T2. Best Practices for Owning Your Airwaves to Provide Security, Maximize Performance and Mitigate Interference Tim Zimmerman (10:15 a.m.) K1b. Opening Keynote T3. Top Security Trends and Take-Aways for 2012 and 2013 Ray Wagner Andrew Walls T4. IAM RFP: Choosing the Best Solutions for Your Business Earl Perkins T5. BCM Maturity: Where We Are, Where We Should Be Going John P. Morency, Roberta J. Witty

Strategic Road Maps for IT Security and Risk Management

CISO
The CISO
11:30 a.m. A1. Security and Risk Management as a Social Science Tom Scholtz 12:30 p.m. Attendee Lunch and Solution Showcase Dessert Reception 1:00 p.m. Theater Presentations 2:45 p.m. K2. Mastermind Interview With Michael Dell, Chairman and CEO, Dell 3:45 p.m. Solution Provider Sessions 5:00 p.m. A2. Security Program Management Overview F. Christian Byrnes 6:00 p.m. Solution Showcase Evening Reception Moderators: Neil MacDonald, Earl Perkins B1. The Security State of the Cloud

IT SECURITY
Infrastructure Protection
Jay Heiser C1. Road Map: The Next Generation of Firewalls and IPS Greg Young

BCM
Secure Business Enablement Business Continuity Management
F1. How Real-World Disasters Are Improving Business Resilience: Lessons Learned Since 9/11 John P. Morency, Roberta J. Witty E1. Higher, Faster, Stronger: The Performant IAM Program Ant Allan

RISK AND COMPLIANCE


Enterprise and Operational Risk Management
G1. Road Map: Privacy, Marketing and Behavior Tracking A Risky Mandate Andrew Frank

BUSINESS OF SECURITY AND RISK


The Business of IT Security and Risk
J1. Security Markets Worldwide 2012 Eric Ahlm, Ruggero Contu

Managing Legal and Compliance Risk


H1. Lawyers, Users and IT Security: Ten Ways to Work Together to Reduce Risk and Improve Governance Debra Logan, Jeffrey Wheatman

D1. Protecting Your Network in the Era of BYOD Lawrence Orans

B2. Road Map: Operationalizing Data and Application Defenses Against Hackers and Employees Joseph Feiman

C2. Big Data and Security: Integrating Security and Operations Data for Improved IT Intelligence Neil MacDonald

D2. Taking Privacy to the Next Level With a Privacy Program Carsten Casper

E2. Road Map: IAM Operations The IAM Data Model Earl Perkins

F2. Case Study: Intels Response to the Fukushima Earthquake/Tsunami Jeff Selvala, Director, Assembly Test Global Materials, Intel; Roberta J. Witty

G2. The Missing Link: How Ignoring Business Processes Can Be Fatal for ERM John A. Wheeler

H2. The Corporate Ethics Game Show: Lets Make a Deal or Jeopardy!? Joseph E. Schmitz, former DoD IG; John Bace, John Marshall Law School

J2. IT Security Survey: 2011-2012 Study Results and Trends Analysis Ruggero Contu, Lawrence Pingree

Tuesday, June 12
7:00 a.m. Registration 8:15 a.m. A3. When Risk Management Does More Harm Than Good: RM 101 Jay Heiser 9:30 a.m. Solution Provider Sessions 10:45 a.m. A4. Metrics That Matter Jeffrey Wheatman Breakfast by Role and Industry B3. The Endpoint Protection Platform in the Age of Tablets and Clouds Peter Firstbrook C3. Monitoring Users for Security Intelligence: Threats and Opportunities Andrew Walls D3. Road Map: Operationalizing Encryption Eric Ouellet E3. IAM Best Practices for Planning, Implementing and Managing IAM Within Your Enterprise Perry Carpenter F3. Case Study: Teleworking Through a Disaster John Girard, Roberta J. Witty G3. General Session Untangling the Multimillion-Dollar Madoff Ponzi Scheme David J. Sheehan, Partner, Baker Hostetler; Lew Schwartz, Senior Vice President, General Counsel and Corporate Secretary, Gartner J3. Technical Insights: The Art of Saying Yes Selling Application Security to Architects and Developers Ramon Krikken J4. SWOT Analysis: IBM and HP Application and Data Security Joseph Feiman

11:45 a.m. Solution Showcase Lunch 2:00 p.m. A5. Security and Risk Governance: Its Much More Than Just Reporting F. Christian Byrnes, Tom Scholtz

B4. Case Study: The World Trade Centers Situational Awareness Platform Lou Barani, Director of Security, World Trade Center; Moderator: Jeff Vining Theater Presentations B5. Road Map: Secure Email Communications With Partners and Customers Peter Firstbrook

C4. Mobile Security Risks in Depth: How Safe Is the Data on Your Smartphone and Tablet? John Girard, Lawrence Pingree C5. Case Study: DoDs Approach to Security Testing Ray Letteer, Chief, Cyber Security Division of the U.S. Marine Corps

D4. Technical Insights: Operationalizing PCI DSS Compliance Anton Chuvakin

E4. Layered Fraud Prevention for Land-Based and Mobile Computing Avivah Litan

F4. Case Study: Demographics An Unknown BCM Risk Steve Hannah, Manager, Disaster Recovery, Waddell & Reed

G4. Seven Keys to Successful and Cost-Effective Risk Oversight John A. Wheeler

H4. Lawyers, Users and IT: The Intersection of Law and Technology in 2012 Part 1. View From the Bench Debra Logan, Lew Schwartz, Judges Panel H5. Lawyers, Users and IT: The Intersection of Law and Technology in 2012 Part 2. View From the Practitioners Debra Logan, Lew Schwartz, Outside Panel

D5. Technical Insights: Improving Collective Defenses Through Information-Sharing and Threat Intelligence Dan Blum

E5. Why Your Security Awareness Program Is Doomed (and What You Can Do to Rescue It) Perry Carpenter, Andrew Walls

F5. Crisis/Incident Management Overview Leif Eriksen, Roberta J. Witty

G5. Global Supply Chain Risk: Perception and Management Hiranya Fernando

J5. Security Investors Perspectives Panel Alberto Yepez, Trident Capital Group; Walter Pritchard, Citi Investment Research; John Rizzuto, Gartner Investment; Moderator: Vic Wheatman J6. Security Market Gartner Magic Quadrant Overview Greg Young

3:15 p.m. Solution Provider Sessions 4:30 p.m. A6a. Net IT Out: Articulating the Business Value of Information Security Tom Scholtz 4:55 p.m. A6b. Net IT Out: Developing the Key Competencies of the New Security Team Tom Scholtz 5:30 p.m. K3. Guest Keynote B6a. Net IT Out: Breaking Down the Walls While Sharing Data Securely Jay Heiser B6b. Net IT Out: The DLP Process Is More Than Just a Piece of Technology Rob McMillan C6a. Net IT Out: Technical Insights Securing Browser-Based Applications Mario de Boer C6b. Net IT Out: Road Map Gaining Control of Consumerization Lawrence Orans D6a. Net IT Out: Emerging Technologies for Privacy Protection and Privacy Management Carsten Casper D6b. Net IT Out: Job Security in Cloud Era Will Jobs Stay or Vaporize? Joseph Feiman E6a. Net IT Out: One-Time-Password Hardware Tokens Going, Going Not Quite Gone Ant Allan E6b. Net IT Out: The Undeath of PKI Eric Ouellet F6a. (4:30 p.m.) and F6b. (4:55 p.m.) Net IT Out: Business Continuity Management Planning Markets and Magic Quadrants Leif Eriksen, John Girard, John P. Morency, Roberta J. Witty G6a. Net IT Out: The Realities of Cyberinsurance John A. Wheeler G6b. Net IT Out: Selecting IT Risk Assessment Methods and Tools A Use Case Approach Paul E. Proctor H6a. Net IT Out: Compliance Controls When Are Yours Too Old? Khushbu Pratap H6b. Net IT Out: SAS 70 Is Gone So What Are the Alternatives? French Caldwell

Cybersecurity: A View From the White House

Howard Schmidt, Cybersecurity Coordinator and Special Assistant to the President (Accepted)

Wednesday, June 13
7:00 a.m. Registration 7:30 a.m. Breakfast With the Analysts 8:30 a.m. A7. How to Run, Grow and Transform Your Risk and Security Program Paul E. Proctor 9:45 a.m. Solution Provider Sessions 11:00 a.m. W1. Workshop: ITScore For Security Management F. Christian Byrnes 12:00 p.m. Solution Showcase Lunch and Theater Presentations 1:30 p.m. A9. Optimizing the Information Security Organization Jeffrey Wheatman 2:45 p.m. Solution Provider Sessions 4:00 p.m. A10. Ignore Enterprise Data Protection at Your Peril B10. The Mobile Security Brothers Traveling Roadshow C10. NISTs National Initiative for Cybersecurity Education D10. Technical Insights: SaaS Email Security Trust Versus Jeffrey Wheatman John Girard, John Pescatore (NICE): What CIOs Need to Leverage Steve Hawald Technology Dan Blum 5:15 p.m. K4. Guest Keynote Information Security and Technology In General Problem Solved. Youre Welcome John Hodgman, Actor, Author and Correspondent for The Daily Show 6:15 p.m. Summit Party VIP Boat Cruise E10. Socrates Was Wrong: A Debate Rob McMillan, Andrew Walls, Earl Perkins, Tom Scholtz, Vic Wheatman F10. Panel: Educating Boards of Directors and Management in the Business Case for BCM Moderator: Roberta J. Witty G10. Six CIO Risk Techniques to Please Your Board French Caldwell H10. Managing Litigation and Regulatory Risks of Big Data Sheila Childs J10. Case Study: Increasing Collaboration Securely When Moving to Cloud-Based Apps Joe Fuller, Dominion Enterprises B8. Technical Insights: Security Monitoring for the Cloud and in the Cloud Anton Chuvakin Exhibits and Theater Presentations B9. The New Dangers of Machine to Machine (M2M) in the Enterprise Tim Zimmerman C9. Presenting a Hard Target to Attackers: Road Maps for Effective Vulnerability Management Mark Nicolett D9. Case Study: TBA E9. Managing Identity and Access in the Hybrid World Gregg Kreizman F9. Best Practices in Recovery Exercising John P. Morency G9. Technical Insights: Road Map Managing Multinational Privacy Risks in the Cloud Ian Glazer H9. Improving Your Social Risk IQ French Caldwell J9. Security 2020: Technology, Business and Threat Discontinuities Reshaping IT Security Neil MacDonald, Lawrence Pingree C8. Deep Dive Into Internet Infrastructure Attacks Lawrence Orans, John Pescatore W2. Workshop: ITScore for Privacy Carsten Casper W3. Workshop: ITScore for IAM Perry Carpenter, Ray Wagner F8. Can I Recover Through the Cloud? John P. Morency, Sheila Childs G8. Risk-Adjusted Value Management Paul E. Proctor H8. Internal Auditors: Why They Do What They Do Khushbu Pratap J8. SWOT Analysis: McAfee, Symantec, Cisco Eric Ahlm, Ruggero Contu, Peter Firstbrook B7. SIEM for Hybrid Technology and Services Deployments Kelly M. Kavanagh, Mark Nicolett C7. Technical Insights: Mobility and Security Gartner Field Research Project on Mobility and Consumerization Eric Maiwald D7. Operationalize Social Media to Improve Security Performance Andrew Walls E7. Q&A Session: The Identity and Access Management Marketplace Ant Allan, Perry Carpenter, Gregg Kreizman, Earl Perkins, Ray Wagner F7. Strategies for Achieving Continuous Application Availability Donna Scott G7. General Session Enterprise and Operational Risk Management: Directors Roundtable What the Board Wants French Caldwell, Dale Kutnick, Panelists J7. Security Journalists and Bloggers Panel Moderator: Greg Young

Thursday, June 14
7:30 a.m. Registration 8:00 a.m. A11. Quo Vadis, CISO? Developing a Realistic Infosec Management Strategy Rob McMillan, Tom Scholtz Breakfast by Industry and Role B11. How to Securely Deploy and Manage Whitelisting to Counter Advanced Threats Neil MacDonald C11. Manage Your Security Vendors or Be Mangled Greg Young W4. (8 10 a.m.) Workshop: Securing the Access Layer Identifying the Right Authentication Strategy for BYOD, Contractors, Guests and Employees Lawrence Orans, Tim Zimmerman E11. Case Study: Securing the Digital Nation The New Frontier of Cybersecurity Training and Education Keith Gordon, Senior Vice President, Security and Fraud and Enrollments, Online and Mobile Channels, Bank of America E12. Technical Insights: Endpoint Virtualization Security Considerations Mario de Boer W5. (8:00 11:30 a.m.) Workshop: Implementing BCM Standards for BCM Maturity and Organizational Certification John P. Morency, Roberta J. Witty W6. Workshop: Policy Critique Jay Heiser W7. (8:00 9:00 a.m.) Workshop: Implementing COBIT 5 Robert Stroud, ISACAs Strategy Advisory Council

9:15 a.m. A12. Road Map: Intelligent Information Governance 2012 Debra Logan 10:30 a.m. A13. Trust: The Elusive Final Ingredient Jay Heiser 11:45 a.m. K5. Closing Insights and a Review of Aha Moments

B12. Case Study: Toward a Secure Community Cloud for a Manufacturing Sector Doug Simmons, Gartner Consulting

C12. Network Security Open Q&A Eric Ahlm, John Girard, Kelly M. Kavanagh, John Pescatore, Greg Young C13. Technical Insights: Network Security Architecture for Internal Private Clouds Eric Maiwald

W8. (9:15 11:30 a.m.) Workshop: Creating Key Risk Indicators for Your Company Paul E. Proctor

D13. Developing and Implementing a Superior Mobile Device Policy John Girard

H11. New Legal Methods for Collecting Cyberinvestigation and Social Media Evidence Benjamin Wright, SANS Institute H12. Road Map: Intelligent Information Governance 2012 Debra Logan

Ray Wagner