Newsroom

Conference Updates

London, U.K., September 26, 2023

Gartner Security & Risk Management Summit 2023 London: Day 1 Highlights

We are bringing you news and highlights from the Gartner Security & Risk Management Summit, taking place this week in London. Below is a collection of the key announcements and insights coming out of the conference.

On Day 1 from the conference, we are highlighting the Gartner opening keynote presentation on debunking the myths that obscure cybersecurity’s full value, exploring how chief security officers (CISOs) need to prepare for digital society in terms of privacy and corporate ethics, and sharing the impact of CIO and CEO priorities for security leaders. Be sure to check this page throughout the day for updates.

 

Key Announcements

Gartner Opening Keynote: Debunking the Myths that Obscure Cybersecurity's Full Value

Presented by Jie Zhang and Christopher Mixter, VP Analysts, Gartner

Cybersecurity can generate massive value for the enterprise, but only if cybersecurity professionals have the courage to challenge misconceptions and move beyond obsolete principles and practices. In the Opening Keynote, Jie Zhang and Christopher Mixter, VP Analysts at Gartner, discussed the decisions and practical steps cybersecurity leaders must take to deliver the success they deserve.

Key Takeaways

  • “To get the maximum impact, cybersecurity needs to take on a minimum effective mindset across business engagement, technology, and talent. Minimum effective is a deliberate, ROI-driven approach to leading cybersecurity into the future.”

  • “A minimum effective mindset refers to the input, not the outcome.”

  • “We in cybersecurity put maximum effort into everything we do, and that is sometimes killing us. Seventy-three percent of CISOs experienced burnout in the past 12 months, and if the boss is experiencing it, you know the department is feeling it.”

  • Myth #1: More data equals better protection. “Instead of just more data, savvy cybersecurity shops pursue the least amount of information needed to help draw a straight line between the enterprise’s funding of cybersecurity and the amount of vulnerability that funding addresses.”

  • Myth #2: More technology equals better protection. “This is based on another pervasive myth: the idea that just around the corner, some technology is coming to save us. This mindset causes us to buy and acquire solutions before we are quite sure how or whether there will truly be additive value.”  

  • Myth #3: More cybersecurity pros equals better protection. “There is simply no way to scale our services to match the pace of the enterprise just by hiring more cybersecurity pros.”

  • Myth #4: More controls equals better protection. “Employees report a huge amount of friction involved with secure behavior. Controls that are circumvented are worse than no controls at all.”

More information is available in the Gartner press release, “Gartner Identifies Four Myths Obscuring Cybersecurity’s Full Value.”

 

It’s not too late to join the conference!
Register Now

Privacy and Ethics: Prepare for Digital Society

Presented by Bart Willemsen, VP Analyst, Gartner

Society is digitalizing at unprecedented speed, and the nature of our interactions has changed fundamentally. What does this mean for privacy and corporate ethics? In this session, Bart Willemsen, VP Analyst at Gartner, explained why privacy is contextual, how overzealous data harvesting may harm an organization's performance, why sometimes less is more, and areas to challenge colleagues to make life generally easier. 

 

Key Takeaways

  • “Stop mistaking security for privacy. Privacy allows purpose, leading us to assess what we need, every time and provides data usage lifecycle insight. Whereas, security just keeps what you have safe and doesn’t determine how personal data can be used.”

  • “Purpose dictates what data should be processed, helped by context, and adds what can be expected and what can’t.”

  • “Expectations are what individuals have of their own, aided by how we guide them along the way - a privacy user experience. Expectations shouldn’t be what they have come to expect after a bad experience.”

  • “Take accountability for what you do with your customers’ data and take only what you need, anonymize where possible. If you can’t protect, don’t collect.”

  • “In emerging digital environments, taking responsibility over the use of digital technologies, even if legally not required, builds and improves trust.”

  • “Be empathetic by putting yourself in your customers’ shoes. Develop a sense of right and wrong that goes past just being afraid of punishment or hoping to generate a product sale whether legally or in terms of customer loyalty.”

  • “Display competence by building the capacity and expertise to be able to quickly and adequately address problems. Don't simply acknowledge the need to care and accept the responsibility; you also need to be able to follow through.”

  • “Promote trust. It is great to take responsibility, but if your stakeholders do not trust you to do so, your offer will not be accepted.”

A Security View of the 2023 CIO and CEO Agenda

Presented by Michael Kranawetter, Senior Director Analyst, Gartner

Every year, Gartner collects data from thousands of CIOs and CEOs on what matters most to them. In this session, Michael Kranawetter, Senior Director Analyst at Gartner, shared what is most important to CIOs and CEOs and the implications for security and risk leaders.

 

Key Takeaways

  • “Boards are willing to increase risks but want results. CEOs want ‘digital dividends’ and tangible growth from digital investments, while CIOs need to deliver outcomes by prioritizing the right digital initiatives.”

  • “Digitization has accelerated enterprise demand for information security expertise, requiring CISOs to adopt a more rigorous approach to prioritizing security resources for their enterprise’s most urgent needs.”

  • “With a seemingly unending list of projects, CISOs must ensure their teams are working on those that offer the greatest business impact.”

  • “Technology deployments will continue to outpace your ability to secure them.”

  • “Risk reduction efforts are perceived as providing value, but senior leaders are doubling down on digital investments and want measurable results.”

  • “Security decisions cannot be made in isolation by the security team.”

  • “Security and risk management leaders must decentralize accountability and expand their focus to improving cyber judgment across the enterprise to help decision makers make informed risk decisions without their direct involvement.”
View coverage from Day 2
View coverage from Day 3

About Gartner

Gartner, Inc. (NYSE: IT) delivers actionable, objective insight that drives smarter decisions and stronger performance on an organization’s mission-critical priorities. To learn more, visit gartner.com.

Media Contacts

It's not too late to join the conference
Register Now
Latest Releases

Reset

Gartner Predicts AI Coding Costs Will Surpass Average Developer’s Salary by 2028 as Token Consumption Surges

June 24 2026

Gartner Predicts Neocloud Providers Will Capture 20% of the $267 Billion AI Cloud Market by 2030

June 23 2026

Gartner HR Research Finds 48% of Candidates Accepted Job Offers in 4Q25; Down From 85% Two Years Earlier

June 18 2026

Related Content

Article

Design Your Supply Chain for Change, Not Stability | Gartner

Read Now

Article

Managing Reputation in a Tech-Centric Communications Era

Read Now

Article

Sales Transformation Hinges on Seller Behavior Change

Read Now