Conference Updates

Mumbai, India, February 14, 2023

Gartner Security & Risk Management Summit 2023 India: Day 2 Highlights

We are bringing you news and highlights from the Gartner Security & Risk Management Summit, taking place this week in Mumbai, India. Below is a collection of the key announcements and insights coming out of the conference. You can read the highlights from Day 1 here.

On Day 2 from the conference, we are exploring the evolving role of the CIO and their relationship with the security & risk management leader, how to work with managed detection and response (MDR) service providers and explaining why organizations need extended detection and response (XDR). Be sure to check this page throughout the day for updates.

Key Announcements

What’s Top of Mind for CIOs and CEOs — Impact for SRM Leaders in 2023 and Beyond

Presented by Deepti Gopal, Director Analyst, Gartner

Security is now tied to all parts of an organization which means closer alignment between CIOs and security and risk management (SRM) leaders. In this session, Deepti Gopal, Director Analyst at Gartner, explored how the CIO role is evolving and what this means for SRM leaders in 2023.

Key Takeaways

  • Eighty-three percent of CIOs find themselves now involved in initiatives that go beyond their traditional role.
  • For 42% of CIOs, cybersecurity threats are keeping them up at night.

  • “SRM leaders must start mirroring what CIOs say they are focusing on. This could include disrupted operations, pace of change, culture, and underfunded mandates.”

  • “Today the SRM leader is the “de facto” person accountable for managing cybersecurity risks.”

  • “Tomorrow, the SRM leader is the person formally responsible for ensuring business leaders have the knowledge and capabilities required to make informed, high-quality information risk decisions.”

  • Gartner surveys show that the role of the CIO is developing into three technology leadership archetypes: the Digital CIO; the Digital Business leader and the Business Technology Officer.

  • “Depending on the type of CIO you’re working with, it’s likely that the weight of your focus will need to shift as well.”

  • “The more the CIO focuses on more than just their IT remit and takes a more business-focused lens, the more the CISO should focus their efforts on building trust with the business and show how security is directly enabling the creation of value for the business.”

It’s not too late to join the conference!

The Future of MDR, Where Next?

Presented by Angel Berrios, Sr Director Analyst, Gartner

The managed detection and response (MDR) market is in an initial stage of maturity, but there is still a high level of flux in the types of providers and the coverage of their solutions. In this session, Angel Berrios, Sr Director Analyst at Gartner, explained what MDR is and shared key recommendations when working with MDR service providers.

Key Takeaways

  • “MDR is a consumable service that brings expertise to your organization and allows you to think less about the why and how, and more about the ‘What should I do next?”

  • “MDR must be able to provide your organization with remote mitigation, not just words, but actions.”

  • By 2025, 50% of organizations will be using MDR services for threat monitoring, detection and response functions that offer threat containment and mitigation capabilities.

  • “MDR is outcome driven, so don’t go to vendors asking for technology, you won’t get the service you need.”

  • “Make the MDR provider understand what’s important to you, not what you think is exciting.”

  • “Seek to understand the limitations and extremities of what your MDR provider will do – you cannot outsource the lot.”

  • “It’s not you or the provider. Think hybrid, work with them, see them as an extension of your team.”

What Is "XDR" and Why Should I Care?

Presented by Franz Hinner, Sr Director Analyst, Gartner

Extended detection and response (XDR) solutions are focused exclusively on threat-facing incident responses and do not solve other use cases such as monitoring of errors, misuse or policy violations, or general security monitoring use. In this session, Franz Hinner, Sr Director Analyst at Gartner, explained what XDR is and what security and risk management leaders should do about it.

Key Takeaways

  • “XDRs unify your security tools into a more integrated approach. They combine security log data with external contextual information in a data analytics engine to provide a common detection, response and remediation capability.”

  • “The goal of XDRs is to improve the operational efficiency of security teams.”

  • “They do this by helping resolve incidents faster and more accurately and providing automation for repetitive tasks.”

  • “XDRs also aim to decrease the number of security alerts that are simply not addressed.”

  • “XDRs work by reducing the time to detect and resolve incidents and require lower maintenance compared to previous approaches.”

  • “However, the XDR market is still in its infancy. XDRs are only designed to solve the incident response and it can take a long time to adopt an XDR approach.”

Thank you for tuning in to this year's Gartner Security & Risk Management Summit in Mumbai!

About Gartner

Gartner, Inc. (NYSE: IT) delivers actionable, objective insight to executives and their teams. Our expert guidance and tools enable faster, smarter decisions and stronger performance on an organization’s mission-critical priorities. To learn more, visit

Media Contacts

It's not too late to join the conference

Latest Releases