After attending Gartner’s Security and Risk Management Summit this week, I walked away with several clear impressions. Cybersecurity innovation continues at a rapid pace, yet persistent operational challenges such as resource constraints, IT collaboration, and alert fatigue remain top of mind across end users, analysts, and vendors. At the same time, new risks tied to evolving software development practices, widespread AI adoption, and increasingly sophisticated threats are becoming larger topics of conversation.
Here are three key observations from this year’s event:
1. AI is widespread, and execution will be the differentiator.
AI was prominently featured across almost every segment of the market (security operations, vulnerability management, threat exposure, and application security). Last year, AI seemed groundbreaking. Today, it hardly feels like a novel feature. Despite the abundance of AI-focused marketing, only a handful of vendors demonstrated substantial depth in their implementations.
In my opinion, the real differentiator moving forward will be effective execution. Vendors capable of translating AI into practical outcomes, robust automation, and reliable performance will win the market. Those that rely solely on AI buzzwords without concrete capabilities are likely to fade from prominence (re: SOAR).
While optimism around AI remains high, security leaders remain cautious – and, rightfully so. The consensus is clear: autonomy is appealing, but proper governance, observability, and controls are required for LLMs and agents; especially for actions impacting critical systems.
2. Vendors sound alike, creating confusion.
While perusing the Vulnerability and Threat Intelligence Village, it was clear that many vendors were leveraging the same terminology to describe their capabilities – Exposure Assessment Platform (EAP), Adversarial Exploit Validation (AEV), Continuous Threat Exposure Management (CTEM), and Automated Security Controls Assessment (ASCA) came up repeatedly. And, yes, I was guilty of this.
To be clear, overlap and competition are good for the industry. They result in a broader set of solutions better suited to the needs of different customer segments. However, In a complex and growing market, having options should be a benefit to buyers – not a burden.
Unfortunately, end users shared that it’s becoming harder to distinguish between vendors in the same category. To provide more clarity, vendors can (and should) articulate practical use cases that move away from industry buzzwords and jargon.
It’s our job as vendors to be clear about what value we deliver, and where our products excel, through focused, customer-driven, and outcomes specific messaging. Reminder to self!
3. Fundamental security challenges persist.
Despite significant advancements in cybersecurity technology, the core challenges remain largely unchanged. Ransomware is still on the rise, vulnerability volume continues to outpace remediation capacity, and credential compromise remains a frequent entry point. Even foundational tasks like deploying agents, maintaining scan coverage, and meeting patch SLAs continue to strain security teams.
AI is creating new opportunities to improve speed and efficiency on the defensive side, but it’s also supporting the evolution of attacks. As adversaries adopt similar technologies, the threat landscape becomes more dynamic and difficult to manage.
Across multiple analyst sessions, one message came through clearly: focus on optimizing what’s already in place before investing in additional tools. This is about more than just consolidation. With budgets under pressure, teams are being asked to do more with what they already have. It’s about increasing the effectiveness of existing investments and closing the operational gaps that often go unaddressed. Concerns about tool redundancy and shelfware are growing louder. Vendors that can help customers extract more value from their current environments, without adding complexity or cost, will be best positioned in this climate.
Closing Thoughts
Overall, Gartner’s Security and Risk Management Summit underscored a cybersecurity industry that continues to move quickly but remains grounded in familiar operational realities. AI is still a major focus, but differentiation now depends less on the presence of new technologies and more on how effectively they’re applied. Execution and measurable value are what matter.
The companies best positioned for the next phase will align their solutions with the real challenges customers are facing today – prioritizing outcomes over optics.
We’ll see what next year brings.
Cheers,
Alex