Conference Updates

December 1, 2021

Gartner Security & Risk Management Summit 2021 EMEA: Day 3 Highlights

We are bringing you news and highlights from the Gartner Security & Risk Management Summit taking place this week virtually in EMEA. Below is a collection of the key announcements and insights coming out of the conference. You can read the highlights from Day 1 and Day 2 here.

On Day 3 from the conference, we are covering the emerging technologies in security and risk management, Gartner’s top trends in privacy and how to select and procure cybersecurity incident services. Be sure to check this page throughout the day for updates.


Emerging Technologies in Security and Risk Management

Presented by Ruggero Contu, Senior Director Analyst, Gartner

Security technologies must continually evolve to match the speed of transformation across digital businesses. In his session, Ruggero Contu, Senior Director Analyst at Gartner, highlighted some of the most critical emerging technologies in security and risk management and shared some key recommendations to security and risk management leaders who are looking at adopting these technologies.

Key Takeaways

  • Some of the key emerging technologies in security include:

    • Confidential computing is a security mechanism that executes code in a hardware-based trusted execution environment (TEE).

    • Decentralized identity replaces the use of siloed, legacy, identity and access management architecture, and instead uses a distributed identity system that can leverage blockchain or other distributed ledger technology (DLT) application.

    • Passwordless authentication offers ways of authenticating users without using passwords.

    • Secure access service edge (SASE) is an architectural model supporting edge/computing needs. SASE offers a flexible, anywhere, anytime, secure remote access. 

    • Cloud infrastructure entitlement management (CIEM) is an identity-centric software as a service (SaaS) that manages and secures multicloud access. CIEM detects anomalies and supports remediation. 

  • “Position your organization for a more secure future by choosing cybersecurity technologies that offer high levels of integration capability.”

  • “The security of a composable organization requires flexible cybersecurity mechanisms with a rich set of APIs, based on interoperability standards.”

It’s not too late to join the conference!

Top Trends in Privacy

Presented by Nader Henein, VP Analyst, Gartner

What are leading organizations focused on in regard to data privacy? In his session, Nader Henein, VP Analyst at Gartner, outlined the top five trends in privacy and privacy technology to help enterprises determine clear next steps as maturing global privacy legislation takes center stage. 

Key Takeaways

  • “Privacy is - above all things - personal and goes beyond simple compliance.”

  • “This year’s top trends in privacy comprise the critical levers you need to engage over the coming 24 months to manage liability and promote trust when handling personal information.”

  • Data localization. This is driven by state security, intelligence gathering, protectionism and globalization. Data localization planning will shift to a top priority in the design and acquisition of cloud services.  

  • AI governance. This means understanding the impact and risks of processing large amounts of data through AI-driven decision engines, which will make up the vast majority of decisions that organizations make.

  • Centralize privacy UX is a one stop shop where organizations provide users with transparency on what data is held and how it is used, allowing them to exercise their privacy rights and maintain control over their information.

  • Hybrid everything has implications on everything we do, including raising privacy risks across the enterprise at the personal, organizational and consumer levels.

  • Privacy enhancing computation. Such techniques protect personal and sensitive information at a data, software or hardware level, and  securely share, pool and analyze data without compromising confidentiality or privacy.

Been Breached? Now What? How to Select and Procure Incident Response and Breach Response Services

Presented by Prateek Bhajanka, Senior Principal Analyst, Gartner

Incident response services are a critical element for an organization’s incident response capability. In his session, Prateek Bhajanka, Senior Principal Analyst at Gartner, explained what incident response and breach response services are and the critical questions to ask when deciding if your organization needs the services.

Key Takeaways

  • “Cybersecurity incidents are inevitable. They are not a question of if, but a question of when.”

  • “If you cannot prevent the cybersecurity incidents, prepare for them.”

  • There are five P’s for an effective incident response program: planning, prep, processes, policies and playbook.”

  • “There are also different services for different situations: 1) incident response services and 2) data breach response services.”

  • “Incident response services refer to technical responses to a cybersecurity incident, like digital forensics or incident investigations.”

  • “Data breach response services refer to the communication aspect of the service, like setting up a dedicated call center or putting credit card information on credit monitoring.”

  • “When you evaluate your services’ providers ask questions like who needs to be involved, do you already have cybersecurity insurance or do you need breach response services?”


It's not too late to join the conference

Latest Releases

About Gartner

Gartner, Inc. (NYSE: IT) delivers actionable, objective insight to executives and their teams. Our expert guidance and tools enable faster, smarter decisions and stronger performance on an organization’s most critical priorities. To learn more, visit