Gartner analysts go one-on-one with each Keynote guest. Trends confirmed. Illusions shattered. News broken.
|
|
|
 |
A security- and privacy-aware enterprise needs to consider both technology and culture.
Chief information security officers, network managers, application developers, risk managers and business process owners requiring in-depth understanding of information security technologies
Tutorial: Wireless LAN Security Best Practices
(01E)
12:30 pm - 1:30 pm 23 March 2003
Pescatore, John
Security for wireless LAN systems in the enterprise remains a critical part of the networking solution. This presentation looks at the key WiFi security standards and protocols,, when will they be available to the enterprise and what is the best enterprise security strategy.
- what strategies and technologies will impact enterprise security?
- What product vendors will make a successful contribution to the mobile enterprise and how?
- Which vendors will deliver effective mobile and wireless technologies, devices, infrastructure, applications and content?
Tutorial: Internet Security 101
(02F)
2:00 pm - 3:00 pm 23 March 2003
Stiennon, Richard
Looking at the basics, Gartner-style, this tutorial reviews the threats and establishes key requirements for today's Internet standards-based networks and the protections required for Web servers and applications hosted on them.
- What are the core elements that make up effective, multi-layered Internet security strategies?
- What are the relative roles of firewalls, intrusion detection, Web assurance products and anti-virals in protecting enterprise networks?
- What are the missing pieces in products designed to protect TCP/IP networks, and what should enterprises do to address the gap between product availability and vulnerabilities?
Lead Presentation: Information Security Scenario
(17H)
5:00 pm - 6:00 pm 24 March 2003
Wheatman, Victor
The constant waves of new technologies, new business plans and technical architectures works towards insuring that the one constant is change. Providing "good enough" information security remains challenging as standards are written, re-written and XML’d to fit into the new languages of Cyberspace. The bottom line in information security is that there are no simple answers.
- How do new technologies and business processes disrupt existing security structures and introduce new vulnerabilities?
- What information security solutions are offered to the market, and how are they evolving?
- Which information security technical and business standards are ready for prime time, and which should be abandoned?
- Which information security technologies are past the peak of inflated expectations, through the trough of disillusionment, and ready for the plateau of productivity?
SEC Marketplace Presentation: A Complete Information Security Program
(MTP05A)
11:10 am - 11:25 am 25 March 2003
Karlsson, Magnus
From Gartner Consulting, get a clear picture of the management components and processes required for good security. We'll look at policies, best practices and rules of thumb for development and management of the complete security program.
Enterprise Risk Management: Manage Risk Before It Manages You
(25D)
2:00 pm - 3:00 pm 25 March 2003
Oliva, Vincent
Risk to a corporation comes in many dimensions and can seriously impair the health of an enterprise. As corporations move to real time, so does risk. It can, however, can be identified, controlled, financed and leveraged to enhance profitability and improve overall company performance. For this to be successful, the increase of the velocity of risk must be recognized and risk management principles must be applied across the enterprise. Here, we examine the elements of an integrated program of enterprise risk management.
- The elements of risk management beyond insurance.
- The elements and structure of a sound enterprise risk program
- Identification of various types of pure, speculative, operational, credit, market, country, political and other risk
- Methods for financing risk
SEC Marketplace Presentation: The Information Security Hype Cycle
(MTP15A)
3:20 pm - 3:35 pm 25 March 2003
Wheatman, Victor
Gartner's Information Security Hype cycles will tell you which threats and which protection technologies are new, which are mature, and which are languishing in the trough of disillusionment and irrelevancy.
Vendor Solution Presentation: VeriSign: Without Security, Web Services Will Be Dead on Arrival
(26C)
3:30 pm - 4:30 pm 25 March 2003
Web services can dramatically simplify and speed business processes. Companies are reluctant to expose confidential data on an unsecured Web. Because Web services are dynamic, their very nature requires increased security. This session will delve into the standards and technologies/barriers being developed today to ensure Web services security.
Enterprise Security Strategies for Windows
(32B)
9:30 am - 10:30 am 26 March 2003
Pescatore, John
Viruses, worms and Web site hacking have continued to pound on Windows-based PCs and Web servers. Threats of cybercrime and information warfare caused CxOs to elevate the priority of security in enterprise software and systems decisions. Microsoft has tried to react to increased security concerns by promising to move to “Trustworthy Computing.”
- Will Microsoft’s Trustworthy Computing initiative change how enterprises will need to secure Windows-based system?
- How will emerging standards and technologies -- such as wireless, XML and Web services -- affect implementing and managing PC and server security?
- How will Windows security management be implemented in both homogeneous and heterogeneous environments?
Gartner 360°: Security and Privacy -- How to Pass a Security Audit
(33A)
11:00 am - 12:00 pm 26 March 2003
Karlsson, Magnus Buckley, Colin Wagner, Ray Security on the Run: Implementing Wireless and Mobile Security
(35D)
1:30 pm - 2:30 pm 26 March 2003
Girard, John Pescatore, John
The two "Wireless Brothers," aided and abetted by audience participation, man-on-the-street video interviews and other multimedia support present an entertaining and informative session on mobile and wireless security issues, standards and approaches.
- What are the risks facing users of Wireless LANs, and what are some solutions?
- What is the status of wireless security standards?
- How should enterprises approach vendor lock-in versus open standards in wireless security?
Best Practice Workshop: Security and Privacy -- How to Pass a Security Audit
(35J)
1:30 pm - 2:30 pm 26 March 2003
Karlsson, Magnus Buckley, Colin Wagner, Ray Vendor Solution Presentation: Radware Inc.: Intelligent Intrusion Prevention
(36A)
2:45 pm - 3:45 pm 26 March 2003
Many security solutions stop attacks once they are in the network, but in some cases this is too late! Radware solutions bridge between application service requirements, and the underlying network infrastructure. Our solutions thwart attacks and deliver "Intelligent Intrusion Prevention."
SEC Marketplace Presentation: The Information Security Hype Cycle
(MTP32A)
3:20 pm - 3:35 pm 26 March 2003
Wheatman, Victor
Gartner's Information Security Hype cycles will tell you which threats and which protection technologies are new, which are mature, and which are languishing in the trough of disillusionment and irrelevancy.
Intrusion Detection Is Dead, Long Live Intrusion Prevention
(37B)
4:00 pm - 5:00 pm 26 March 2003
Stiennon, Richard
A sea-change in security defensive mechanisms is rapidly causing IDS to be relegated to a niche play. Intrusion prevention will provide a better security posture without creating a massive burden on IT resources.
- How will inline-network intrusion detection allow the first network intrusion prevention solution?
- At what point should an enterprise outsource for intrusion detection and prevention services, and when should the function be kept in house?
- Who are the market leaders in intrusion detection/prevention services, and what is their strategy?
SEC Marketplace Presentation: A Complete Information Security Program
(MTP36A)
5:00 pm - 5:15 pm 26 March 2003
Karlsson, Magnus
From Gartner Consulting, get a clear picture of the management components and processes required for good security. We'll look at policies, best practices and rules of thumb for development and management of the complete security program.
HIPAA: Deadlines Looming
(41H)
8:00 am - 9:00 am 27 March 2003
Rishel, Wes
This presentation will provide a look at the state of the industry regarding HIPAA and how healthcare organizations can maximize their investments in HIPAA remediation for business success.
- How well are healthcare organizations progressing in their HIPAA compliance?
- Which strategies are proving most effective to meet HIPAA challenges?
- Where should healthcare organizations turn for the resources necessary to achieve HIPAA success?
Identification and Authentication Spectrum: Passwords, Smart Cards, Public-Key Infrastructure, Biometrics
(46G)
3:00 pm - 4:00 pm 27 March 2003
Wheatman, Victor
Multiple ways exist to identify and authenticate users, from password and user ID (something you know) to iris recognition and other biometric techniques (something you are). This presentation identifies where each methodology should be used based on risk, cost and user acceptance factors.
- Which of several identification and authentication techniques are best suited for enterprise use?
- What has inhibited the acceptance of PKI and digital certificates, and where does the technology fit the enterprise?
- Of the various biometric technologies, which are likely to be cost effective for enterprise use between now and 2007?
Security for the Web-Services-Enabled Enterprise
(47G)
4:30 pm - 5:30 pm 27 March 2003
Wagner, Ray
Becoming Web services-enabled will bring new security challenges throughout the enterprise. We'll look at several examples of how Web services are secured, the standards involved, issues of trust, and what the implications of Web services are for the rest of an enterprise security program.
- How are Web services secured?
- What are the relevant technologies and standards, and what is their state of development?
- What are the security implications of Web services deployment for the rest of your enterprise?
- What architectures are available for secure Web services deployment?
|
|
|
Looking for something more specific? Browse through our 30+ tracks.
|
|
|
