What to Expect: 2023 Gartner Security and Risk Management Summit

Today marks the start of the 2023 Gartner Security and Risk Management Summit in London. This significant event, also held annually in Dubai, Sydney, Tokyo and the United States, is an important marker in the annual cybersecurity event calendar. Attendees can hear from top Gartner experts, explore industry case studies, and collaborate with vendors to envision the trajectory of our industry.  

As I plan my agenda for the week, it is interesting to look at the upcoming sessions and to look to identify recurring trends and topics that help us to understand how security leaders should be thinking about evolving their security strategy to better respond to current and future attacks.

Insights to Gather at the 2023 Gartner Security and Risk Management Summit

The conference aims to produce relevant content and tailored sessions for different security roles, encompassing sessions for Chief Information Security Officers, Risk Management Leaders, Security Architects and Network, Application and Data Security Managers. Many of the topics will also welcome diverse audience, though the level of depth can vary.  Some notable areas that will be covered in London this week include:

How to Better Manage the Expanding Attack Surface

Gartner has highlighted the challenge of controlling an expanding attack surface in recent research, including this year’s Hype Cycle for Security Operations and the Top Trends in Cybersecurity back in April 2023. Security teams need to adopt new approaches here due to the constantly changing technological environment, as the growing use of SaaS applications and the extended supply chains all mean that we need to think more broadly about our organization’s attack surface. Applications, users, IoT and other challenges make this a huge area of focus for security and risk leaders to address.

Click here to request your own copy of the full 2023 Gartner® Hype Cycle for Security Operations.

The growing importance of Threat Exposure Management

Linked to the previous topic and represented in multiple sessions over the three-day conference. Threat Exposure Management is an evolution of how security leaders think about their approach to security hygiene and posture management. A relevant talk this week is sub-titled ‘CISOs Need to Go Beyond Vulnerability Management’ and this illustrates a key point about a successful approach to Exposure Management. Security teams need to consider their ‘un-patchable’ attack surface that, according to Gartner, will grow to more than half of the enterprises’ total exposure by 2026.

Measuring and Communicating Cyber Risk

Another theme that I see across many talks at this year’s conference is the need to better understand cyber risk and explain it to different audiences— particularly at the executive or board level. Whether this is risk associated with the public cloud, third-party supply chain, or Generative AI, security leaders still need to be better communicators when speaking to their key stakeholders in the business. Part of this is being able to understand and align to business imperatives, but also to step above the tactical and to share measurable insights with executives and the board, that allow them to make cyber-risk informed decisions.

In addition to these specific areas, this week’s conference has more than 180 sessions covering Cloud Security, Identity & Access Management, the future of SIEM and XDR and more. It’s also worth noting that the conference features several sessions focused on building highly performing, diverse, inclusive security organizations which is a positive sign of the growing maturity of the cybersecurity industry.

Catch Up with the Noetic Cyber Team

I am looking forward to hearing more this week on these topics from the expert analysts and practitioners. Particularly on how cyber risk management, exposure and attack surface challenges can best be addressed and what new technology innovation is doing to improve our ability to respond to new threats.

For those of you that will be joining me at the show, be sure to connect with Noetic Cyber on LinkedIn to know where to find us throughout the week.

Can’t make it to London this week? Check out our upcoming events or register to join our team virtually for a live demonstration of our award-winning Cyber Asset Attack Surface Management (CAASM) platform.