Speakers: Jay Heiser, Fred Piper
Location: Westbourne 3-4, Level -1
Session Type: Keynote - EMEA

Over the past 25 years the practice of information security has made many advances but has not been an unobstructed march to victory over insecurity; in some ways, the organization is more insecure than ever. As best practice and theory have come into contact with the day-to-day reality within organizations, it has been demonstrated time and again that security is not an all-encompassing end goal; it is a series of evolving compromises and ongoing choices. Professor Fred Piper, internationally respected for his contributions to the advancement of information security, will explore how to balance the needs of security with the needs of a functioning organization and the people who work within it. He will argue that the role of the security professional is to demonstrate to the organization exactly what trade-offs are involved, and to govern the relationship between the policies set and their practical impacts on the people who have to work with them. Looking to the here and now, it is time to define security policies that take into account the true costs and are acceptable to the people who will have to act within their proscriptions; if you fail to strike the right balance those same people will turn out to be your key enemy and your greatest threat. Please note that Gartner is neither responsible for, nor endorses the content of guest speaker presentations. Comments or opinions expressed in these presentations are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this presentation.