Client Portal

Gartner Security & Risk Management Summit 2025 Takeaways Part 1

Posted July 10, 2025 by Sayers 

author profile picture

Sayers

Our engineering experts leverage technology to relentlessly improve how we meet the evolving demands of both our clients and our partners while staying true to our values. We foster an environment of collaboration, innovation, and dedication to the success of our team members and clients.

Tags:

Sayers senior Cybersecurity Architects attended the 2025 Gartner Security & Risk Management Summit which took place from June 9th to the 11th in National Harbor, MD. The event attracted over 5,000 cybersecurity leaders and professionals from around the world. This year’s theme, “Engage, Innovate, Lead,” emphasized the evolving role of CISOs from technical defenders to strategic leaders driving organizational performance and resilience. As usual it provided a wealth of insights and actionable takeaways for cybersecurity professionals. 

The summit featured well over 100 presentations and sessions, covering various aspects of cybersecurity. The summit emphasized the importance of leveraging AI, enhancing cyber defense, focusing on data security, preparing for post-quantum cryptography, addressing the human element, and building cyber resilience. The summit also highlighted the need for consolidation and platform integration, effective communication and branding, continuous threat exposure management, and navigating geopolitical, global, regulatory, and tariff challenges. 

Below are 10 Takeaways from the conference.

1. Identity as the New Security Perimeter

A central theme was the shift from traditional network perimeters to identity as the core of modern security architecture. 

“The summit emphasized that identity is now the foundational element of cybersecurity, especially in cloud environments. Many organizations are struggling with identity governance and administration (IGA), with Gartner stating that 65% use less than half of their tools’ capabilities with half of their deployments in distress.” Chris Willis – Sayers VP of Cybersecurity Engineering  

2. Credential Compromise and MFA Limitations

The summit addressed the ongoing threat of credential compromise, even in environments with multi-factor authentication (MFA).

“Not all MFA is created equal; standard MFA can be bypassed, especially through phishing or alert fatigue. Organizations should consider phishing-resistant MFA (e.g., FIDO2) as a more secure alternative” Joe Schnell – Sayers Cybersecurity Architect & Identity Specialist

3. AI and Cybersecurity

AI was a dominant topic at the summit. Analysts highlighted how AI is being integrated into cybersecurity tools and how it will reshape threat detection, response, and automation. However, they also warned of overdependence on AI, which could erode foundational security skills in SOC teams by 2030. 

4. Post-Quantum Cryptography

The looming threat of quantum computing was discussed, particularly its potential to render current cryptographic methods obsolete. Organizations were urged to begin inventorying cryptographic assets and preparing for quantum-resistant solutions. 

See Sayers recent blog Enterprise Preparation for Q-Day

5. Cyber Resilience and Human Factors

The importance of resilience, both technical and human, was stressed. This includes the ability to recover from attacks and the need for cultural and behavioral security programs to address the human element in breaches.  The weakest link to an organization is the human aspect, which allows adversary groups like Scattered Spider to be catastrophically successful in their campaigns.

See Sayers recent blog Scams, Deep Fakes, and More: Employees Pose Cybersecurity Questions To Expert Panel

6. Vendor Consolidation and Platform Approaches

There is a growing trend toward consolidating cybersecurity vendors and adopting platform-based solutions. This shift aims to reduce complexity and improve integration across security tools.

7. Zero Trust Architecture

Zero Trust was another major focus. While achieving full zero trust is challenging, recommendations starting with manageable projects and emphasizing that identity and context must be at the core of any zero trust strategy. 

Sayers has been positioning this for many years, see our blog Navigating the Future: Identity Security Trends in a Zero-Trust World

8. Continuous Threat Exposure Management (CTEM)

Traditional one-time penetration testing is no longer sufficient. 

“Organizations should consider continuous threat exposure management to ensure ongoing assessment and improvement of security controls” Chris Willis – Sayers VP of Cybersecurity Engineering

9. Geopolitical and Regulatory Challenges

Analysts discussed how global events, tariffs, and evolving regulations are influencing cybersecurity planning and budgeting. These external pressures are becoming increasingly relevant to security leaders.

See Sayers recent blog Will Tariffs Impact Your Resiliency?

10. Top Cybersecurity Projects and CIO Priorities

Gartner presented their list of top cybersecurity projects, including cyber physical systems, leveraging NIST CSF 2.0 to mature governance, embedding cybersecurity into GenAI governance, and cyber storage. Managing cybersecurity and technological risk remains a top priority for CIOs in 2025. 

Contact us to speak to a Sayers Senior Cybersecurity Architect regarding the 2025 Gartner Security & Risk Management Summit.

Subscribe

    Addresses

  • Atlanta
    675 Mansell Road, Suite 115
    Roswell, GA 30076
  • Boston
    25 Walpole Park South, Suite 12, Walpole, MA 02081
  • Decatur
    120 W Trinity Pl
    Decatur, GA 30030
  • Tampa
    380 Park Place, Suite 130, Clearwater, FL 33759

 

  • Bloomington
    1701 E Empire St Ste 360-280 Bloomington, IL 61704
  • Chicago
    233 S Wacker Dr. Suite 9550 Chicago, IL 60606
  • Rosemont
    10275 W. Higgins Road, Suite 470 Rosemont, IL 60018
  • Vernon Hills - Corporate Headquarters
    960 Woodlands Parkway Vernon Hills, IL 60061

Have a Question?

Subscribe Contact us