page 1
page 2
page 3
page 4
page 5
page 6
page 7
page 8
page 9
page 10
page 11
page 12
page 13
page 14
page 15
page 16

3 Register Now and builder your agenda at europe. gartner. com/ security Advisory Board The Gartner Information Security Summit operates with the advice and support of a number of end- user representatives who help ensure that the content and direction of the Summit fi ts the needs of our intended audience. Paul S. Raines, Head IT Information Security, Organization For The Prevention Of Chemical Weapons Neville Hinchliffe, LUIM Risk & Resilience Manager, London Underground Richard Astill, Head of IT Risk Management & Assurance, AON Peter Tiffany, IT Security Offi cer, Department Of Health Mathieu Ransijn, Global Information Security Operations Manager, Shell Joe Dauncey, Information Security Manager, Scottish & Southern Energy What's New at the Gartner Information Security Summit? . Practical, Actionable Know- How: In the present climate, your value relies not on who you are but on what you can deliver effectively. This year's agenda features fi ve presentations telling you the " how- to" approaches for effective programs in IAM, DLP, GRC, vulnerability management and your overall security structure. . Rising Compliance Issues: The agenda deals directly with incoming regulatory requirements such as Solvency II, IFRS and SEPA, including cross- border issues and gives an exclusive analysis of how you should go about preparing for other compliance challenges. . Frameworks for the Organization: This year's agenda features a demonstration of ITILv3 for security, a real- world case study of ISO27001/ ISO27005 in action and the implementation of a risk management framework. . Advanced Practitioner Insight and Professional Development: Take your organization and your own career to the next level. Let Gartner help you with everything from a full self- assessment workshop, our maturity benchmark session showing global organizational standards and how to advance up the chain, an advanced workshop on risk management and a Gartner guide to how you can make best use of security qualifi cations and accreditation for your CV. Customize your agenda! To assist you in making the most of your attendance we have tagged a series of sessions to create two recommended agendas for you - " Your How To Guides" - put knowledge into action with the practical implementation advice offered in these sessions. " Your Technology Strategy" - a suite of sessions giving you full briefi ngs on a core selection of security and risk technologies.

4 Register today at europe. gartner. com/ security Milestones and Monsters The Web has levelled the playing fi eld. Now, anyone can come up with a great idea, and unleash it on the world. And in an age where consumer electronics is massive business, every new invention is a potential goldmine. The best thing is, to capitalize on it, you don't even have to have the idea yourself. You just have to know how and when it could change the world, and be ready. We start with a look at some of the technology past milestones that have given rise to the success stories of today, and a look ahead at some which have yet to happen - the ones that you may be able to make a few zeroes on. And then it's on into the dark side - after all... innovation isn't always for the greater good. As more and more real life and real business takes place online, there are real opportunities for organized criminals to cash in. So, who are they? How are they structured? And how are they likely to hit you? Place yourself in the hands of the perfect guide - one who has investigated cutting edge cybercrime, and demonstrated how easy it is to command an army of zombie machines to do anything you want. Spencer Kelly, Technology Tourist, Presenter of the BBC's international technology programme Click Making the Real World Trade- Off: Balancing the Costs of Security and Insecurity Over the past 25 years the practice of information security has made many advances but has not been an unobstructed march to victory over insecurity; in some ways, the organization is more insecure than ever. As best practice and theory have come into contact with the day- to- day reality within organizations, it has been demonstrated time and again that security is not an all-encompassing end goal; it is a series of evolving compromises and ongoing choices. Professor Fred Piper, internationally respected for his contributions to the advancement of information security, will explore how to balance the needs of security with the needs of a functioning organization and the people who work within it. He will argue that the role of the security professional is to demonstrate to the organization exactly what trade- offs are involved, and to govern the relationship between the policies set and their practical impacts on the people who have to work with them. Looking to the here and now, it is time to defi ne security policies that take into account the true costs and are acceptable to the people who will have to act within their proscriptions; if you fail to strike the right balance those same people will turn out to be your key enemy and your greatest threat. Professor Fred Piper, Information Security Group, Royal Holloway, University of London Gartner Strategy Keynote: Your Role in Information Security Information security only started maturing in the 1990s, when distributed computing and pervasive networking resulted in a dramatic increase in business dependency on IT. This coincided with a dramatic increase in risk. Maturation implies change. Using other examples of IT maturation, we can better understand what an information security professional will look like, starting fi ve years from now. . What are the key roles and responsibilities of information security practitioners today? . How will those key roles change over the next fi ve to seven years? . Which direction should you set for your career in information security and risk? Christian Byrnes, Gartner Gartner Closing Keynote: The Future of Information Security Infosec managers who forget the past are doomed to repeat it. We cannot understand the risk implications of continuous evolution of information media outside of the context of the last 6000 years of information security failure. Cuneiform tablets resulted in a rash of Babylonian identity frauds, Gutenberg launched a four- century debate on intellectual property protection, and cyber warriors committed man in the middle attacks in 1862. As digital technology becomes increasingly complex, and IT continues to lose control over information, the loss patterns of the past are repeating themselves at an exponentially accelerating rate. Only by understanding the lessons of the past can we prepare ourselves to thrive in a future of increasingly abstract and distributed trust mechanisms, a world of sophisticated anonymous attacks, in which the end user will inevitably become our fi rst line of defense. Jay Heiser, Gartner Plenary Sessions Plenary Sessions