We are bringing you news and highlights from the Gartner Security & Risk Management Summit, taking place this week in
Below is a collection of the key announcements and insights coming out of the conference. You can read the highlights from Day 1 here.
On Day 2 from the conference, we are highlighting sessions on augmented cybersecurity leadership; machine identity management; and how to manage AI trust, risk and security.
Key Announcements
Gartner Unveils Top Eight Cybersecurity Predictions for 2024
Conference Day 1 Highlights
Gartner Forecasts Enterprise Security and Risk Management Spending in
Augmented Cybersecurity Leadership - What Next?
Presented by
As executives and boards continue to engage as sponsors of the cybersecurity program, CISOs must transform from tactical leaders to business executives and storytellers. In this session,
Key Takeaways
'To be a successful cybersecurity leader in an augmented world, CISOs need to manage three key challenges - goal conflict, stress & fatigue, and non-linear challenges - when trust is at an all time low.'
'Although augmentation is designed to empower teams, there could be potential disconnect between benefits to team and leadership goals. Understand if augmentation is right for your organization.'
'Consider the ethical implications of AI adoption for augmentation. It could be more invasive, and have more serious consequences for employees than other forms of business analytics.'
'Balance the load and address stress and fatigue by augmenting the abundance problem. We are so far off in this direction that it's important to embrace this change and find ways to help our teams perform better through augmentation.'
'Before kicking off any augmentation efforts, assess the major pain points the security team indicates as early wins and create a business case that outlines possibilities and limitations.'
Machine Identity Management: How to Tackle an Urgent and Complex Issue
Presented by
In this session,
Key Takeaways
'Machine identity management is very different from human identity management. It is complex and will require multiple tools and significant focus.'
'Establish a long-term machine identity initiative with multiple stakeholders and get funding by building convincing arguments that focus on risk reduction, compliance, business enablement and cost efficiency.'
'Collect machine identity use cases and establish best practices by enabling local champions to propagate their use.'
'Build essential machine identity management capabilities while focusing on life cycle management, automation and governance as foundational building blocks.'
'Start building essential basic capabilities by focusing on broad discovery across multiple machine identity types first. Then, continue building capabilities by prioritizing risk, existing technology and process maturity.'
Don't Let Your AI Control You:
Presented by
AI creates new risks and security threats within organizations, but AI teams often perceive risk differently than security teams. In this session,
Key Takeaways
'Compromises and attacks span all stages of the AI life cycle, including data poisoning, privacy concerns, model outcome manipulation, and model or data misuse, compromise or theft.'
'There are two common misconceptions about AI security threats. Most AI attacks only happen by outsiders, so we don't have to look inside, and most AI attacks are complicated, so let's not sweat the small stuff.'
'CISOs and AI teams perceive risk coming from AI differently. AI teams think AI risk is more likely to materialize and are more concerned about AI risk overall. It's not every day that someone is more concerned about information risk than the security team.'
'AI trust, risk and security (TRiSM) helps ensure governance, trustworthiness, fairness, reliability, privacy, security and compliance of AI solutions, turning unmanaged risks into managed risks.'
'By 2026, organizations that apply TRiSM controls to their AI applications will consume at least 50% less inaccurate or illegitimate information that leads to faulty decision making.'
That's a wrap for Gartner Security & Risk Management Summit 2024 in
About Gartner
Media Contacts
Gartner
emma.keen@gartner.com
(C) 2024 Electronic News Publishing, source