We are bringing you news and highlights from the Gartner Security & Risk Management Summit, taking place this week in Sydney, Australia.

Below is a collection of the key announcements and insights coming out of the conference. You can read the highlights from Day 1 here.

On Day 2 from the conference, we are highlighting sessions on augmented cybersecurity leadership; machine identity management; and how to manage AI trust, risk and security.

Key Announcements

Gartner Unveils Top Eight Cybersecurity Predictions for 2024

Conference Day 1 Highlights

Gartner Forecasts Enterprise Security and Risk Management Spending in Australia to Grow 11.5% in 2024

Augmented Cybersecurity Leadership - What Next?

Presented by Deepti Gopal, Director Analyst, Gartner

As executives and boards continue to engage as sponsors of the cybersecurity program, CISOs must transform from tactical leaders to business executives and storytellers. In this session, Deepti Gopal, Director Analyst at Gartner, outlined how augmenting cybersecurity leadership leverages technologies such as AI, to enable leaders to make fast, sophisticated, data-driven decisions that direct their team activities in partnership networks, not through legacy chains of command.

Key Takeaways

'To be a successful cybersecurity leader in an augmented world, CISOs need to manage three key challenges - goal conflict, stress & fatigue, and non-linear challenges - when trust is at an all time low.'

'Although augmentation is designed to empower teams, there could be potential disconnect between benefits to team and leadership goals. Understand if augmentation is right for your organization.'

'Consider the ethical implications of AI adoption for augmentation. It could be more invasive, and have more serious consequences for employees than other forms of business analytics.'

'Balance the load and address stress and fatigue by augmenting the abundance problem. We are so far off in this direction that it's important to embrace this change and find ways to help our teams perform better through augmentation.'

'Before kicking off any augmentation efforts, assess the major pain points the security team indicates as early wins and create a business case that outlines possibilities and limitations.'

Machine Identity Management: How to Tackle an Urgent and Complex Issue

Presented by Felix Gaehtgens, VP Analyst, Gartner

In this session, Felix Gaehtgens, VP Analyst at Gartner, explored machine identity management from an organizational perspective - what it is and why it is so complex; how to justify and start an identity initiative; and what the must-have capabilities are.

Key Takeaways

'Machine identity management is very different from human identity management. It is complex and will require multiple tools and significant focus.'

'Establish a long-term machine identity initiative with multiple stakeholders and get funding by building convincing arguments that focus on risk reduction, compliance, business enablement and cost efficiency.'

'Collect machine identity use cases and establish best practices by enabling local champions to propagate their use.'

'Build essential machine identity management capabilities while focusing on life cycle management, automation and governance as foundational building blocks.'

'Start building essential basic capabilities by focusing on broad discovery across multiple machine identity types first. Then, continue building capabilities by prioritizing risk, existing technology and process maturity.'

Don't Let Your AI Control You: Manage AI Trust, Risk and Security

Presented by Bart Willemsen, VP Analyst, Gartner

AI creates new risks and security threats within organizations, but AI teams often perceive risk differently than security teams. In this session, Bart Willemsen, VP Analyst at Gartner, explained how organizations can manage AI trust, risk and security collaboratively and consistently.

Key Takeaways

'Compromises and attacks span all stages of the AI life cycle, including data poisoning, privacy concerns, model outcome manipulation, and model or data misuse, compromise or theft.'

'There are two common misconceptions about AI security threats. Most AI attacks only happen by outsiders, so we don't have to look inside, and most AI attacks are complicated, so let's not sweat the small stuff.'

'CISOs and AI teams perceive risk coming from AI differently. AI teams think AI risk is more likely to materialize and are more concerned about AI risk overall. It's not every day that someone is more concerned about information risk than the security team.'

'AI trust, risk and security (TRiSM) helps ensure governance, trustworthiness, fairness, reliability, privacy, security and compliance of AI solutions, turning unmanaged risks into managed risks.'

'By 2026, organizations that apply TRiSM controls to their AI applications will consume at least 50% less inaccurate or illegitimate information that leads to faulty decision making.'

That's a wrap for Gartner Security & Risk Management Summit 2024 in Sydney. See you next year.

About Gartner

Gartner, Inc. (NYSE: IT) delivers actionable, objective insight that drives smarter decisions and stronger performance on an organization's mission-critical priorities. To learn more, visit gartner.com.

Media Contacts

Emma Keen

Gartner

emma.keen@gartner.com

(C) 2024 Electronic News Publishing, source ENP Newswire