Gartner Newsroom

Conference Updates

September 15, 2020

Gartner Security & Risk Management Summit, Day 2 Highlights

We are bringing you news and highlights from the Gartner Security & Risk Management Summit taking place this week virtually in EMEA and the Americas. Below is a collection of the key announcements, and insights coming out of the conference. You can also read the highlights from day one here.

On day two from the conference, we are highlighting Neil deGrasse Tyson’s guest keynote session, followed by the lessons learned with COVID-19 as a resilience game changer, how leaders can support women in IT, and five steps to creating a simple business-aligned cybersecurity strategy. Be sure to check this page throughout the day for updates.

Key Announcements

Press releases and stories covering news from the Gartner Security & Risk Management Summit conference are listed below:

Guest Keynote: Communicating Complex Ideas in a Complex Time: An Interview with Neil deGrasse Tyson

Presented by Neil deGrasse Tyson, Astrophysicist, Cosmologist, Planetary Scientist, Author, and Science Communicator

Security and risk leaders face a myriad of challenges, especially as they address the ongoing implications of COVID-19. Effective communication can help alleviate such challenges. In his keynote interview, Neil deGrasse Tyson, Astrophysicist, Cosmologist, Planetary Scientist, Author, and Science Communicator, told attendees how to break down complex ideas into smaller sound bites to bring people together and drive compelling communication.

Key Takeaways

  • “An ideal sound bite makes points that are simultaneously informative, interesting, and ideally makes you smile.”
  • “If you want people to absorb something that’s data driven, communicate it in a way that’s not data heavy. Humans want stories.”
  • “Being open to new viewpoints starts with the people in charge recognizing that they could be wrong. Differences in views almost always lead to better, more informed decisions.”
  • “There is a saying, ‘Never take car buying advice from your parents’ and it is particularly relevant to this audience as things cannot be time tested in a field that evolves as quickly as IT, security and risk management.”
  • “At times, rules constrain creativity and constrict the next steps you might take, despite bringing order to what may have previously been chaos. Rules don’t think of everything.”

It’s not too late to join the conference!

COVID-19 as a Resilience Game Changer: How the World Will Never Be the Same

Presented by Roberta Witty, VP Analyst, Gartner

COVID-19 is a gateway from one world to the next, and it’s been a game changer for organizational resilience, risk management and business continuity. Roberta Witty, VP Analyst at Gartner, explained how organizations can resist, absorb, recover and adapt to business disruption in an ever-changing and increasingly complex environment. 

Key Takeaways

  • “The pandemic arrived at a time when economies were already on the edge.” Business and government leaders were tiptoeing over cracks in the economic wall to sustain growth, but COVID-19 took a wrecking ball to that strategy. 
  • “There are three things we know: we’re in this for the long haul, right now there are more questions than there are answers, but resilience must be deliberately designed.” 
  • Business continuity management is the foundation of every resilience program.
  • “We will see remote work remain. 48% of employees are working remotely now, versus 30% before the pandemic, and 82% of organizations are planning to allow their employees to continue working from home at some level.” 
  • Twenty-eight percent of organizations expect to create a resilience role in response to COVID-19. 
  • Physical/social distancing is here to stay. In addition to staggered returns to the office, facilities changes to improve resilience may include repurposed meeting spaces, reconfigured workstations, touchless doors, smart parking and more. 
  • “Robotics are being used to help with talent and labor shortages, plus all of those digital initiatives that we’re starting to implement.” Other technology changes have included a shift of applications and IT services to the cloud, and a drive for increased data collection.
  • With 69% of security budgets having no change or a decrease, security leaders are looking at how to expand remote access, remote work infrastructure and associated processes. Security spending hotspots post-COVID-19 include secure access service edge, securing artificial intelligence, identity and access management and extended threat intelligence, detection and response.

How Leaders Can Support Women in IT

Presented by Christie Struckman, VP Analyst, Gartner

Research points to a few systemic problems that society and the IT profession need to address when it comes to women in IT. In this session, Christie Struckman, VP Analyst at Gartner, shared an action plan on how organizations can increase the number of women in their workforce and continue to support the great ones they already have. 

Key Takeaways

  • “There is a talent pipeline issue in IT professions including security and risk management. For instance, women obtain less technical degrees on average and it takes them longer to get into IT management positions.”

  • “Three constructs to create a talent pipeline are 1) Build, or hire 2) Velocity, or develop and grow and 3) Attrition, or gracefully exit.”

  • “Get creative in attracting women to your organization by developing better job descriptions, making internships available, and having a diverse interview panel.”

  • “Generate velocity for women by making it easy for them to participate in networking groups and offering them positions on high visibility projects to expand their experience.”

  • “Behaviors that marginalize women include unequal personality trait assessment, using gender-biased language, and ignoring them, among others. These are the biggest detractors of retaining women in organizations.”

  • “Embrace diversity and inclusion norms such as  listening generously and taking turns. They let people know acceptable sets of behaviors but more importantly, they make it easier to confront people on unacceptable behaviors.”

  • “Make a difference to women in IT by turning efforts to increase and retain their presence in your organization into a comprehensive program.”

Five Steps to Creating a Simple Business-Aligned Cybersecurity Strategy

Presented by Jeffrey Wheatman, VP Analyst, Gartner

Everyone knows how important strategic planning is for success and yet it is an immense challenge. In this session, Jeffrey Wheatman, VP Analyst at Gartner, shared a five step approach to create a simple story that links security program activities to business goals in a way that drives better decisions.

Key Takeaways

  • “Security and risk leaders should follow five simple steps to create a concise cybersecurity strategy: 1) Start with your business goals; 2) Identify your risks; 3) Make the risks real; 4) Articulate the program objectives; 5) Map strategy to tactics.”
  • “Always start with your business goals. This seems so obvious, but is so often missed.”
  • “Identify 8-10 risks. Too many risks is not digestible.”
  • “Make the risks real to your audience. We know many things, but the things we feel are the things we act upon.”
  • “Align risks to a set of six core security and risk management program principles: 1) Implement proactive risk management; 2) Protect our information; 3) Improve resiliency and recoverability; 4) Deploy robust crisis and incident management; 5) Prepare for digital business; 6) Mature governance.”
  • “Always look to the future. Strategic planning is not something to be done once and then forgotten.”

You can visit the Gartner Newsroom to find additional news and highlights from the Gartner Security & Risk Management Summit this week.

About Gartner

Gartner, Inc. (NYSE: IT) delivers actionable, objective insight to executives and their teams. Our expert guidance and tools enable faster, smarter decisions and stronger performance on an organization’s mission-critical priorities. To learn more, visit


It's not too late to join the conference

Latest Releases