All 2026 Conference Sessions

Gartner Opening Keynote: Top Cybersecurity Trends

Speaker:

• Wam Voster, VP Analyst, Gartner

Key Takeaways

• “Amid regulatory volatility and broad geopolitical, technological and organizational forces, CISOs must rethink how they approach cyber risk management, resilience and resource allocation by strategically assessing each trend across the three core themes to determine whether to embrace, monitor or deprioritize it.”

• Postquantum computing moves into action plans: “As quantum computing renders today’s cryptography unsafe by 2030, CISOs must inventory all crypto assets and establish a center of excellence to accelerate crypto‑agile readiness.”

• Agentic AI demands cybersecurity oversight: “Identify both sanctioned and unsanctioned AI agents, and enforce robust controls for each based on access and agency.”

• Global regulatory volatility drives cyber resilience efforts: “Treat compliance as a strategic advantage, not a checklist to drive cyber resilience.”
• GenAI breaks traditional cybersecurity awareness tactics: “Stop relying on general awareness, and focus on adaptive training that provides visibility into individual employee behaviors.”

Securing the Quantum Frontier: Embracing Postquantum Cryptography Today

Speaker:

Sarah Almond, Director Analyst, Gartner

Key Takeaways

• “Advances in quantum computing will make conventional asymmetric cryptography unsafe to use by 2030.”

• “Security leaders often struggle to convey urgency around postquantum security because quantum threats seem distant, but four years isn’t a long time. Delaying action puts today’s encrypted data at risk of ‘harvest now, decrypt later’ attacks, where attackers steal data today with the intent to decrypt it once quantum capabilities mature.”

• Security leaders need to adopt a preparation mindset focused on five key actions for postquantum (PQ) readiness:

  • Strategy: Build PQ efforts into the roadmap and secure investments for launching a multi-year program.

  • Visibility: Identify where cryptography is used across the enterprise.

  • Agility: Enable easy upgrades to algorithms, keys, and certificates.

  • POC: Begin practical experimentation with new PQ algorithms.

  • CCoE: Bring together the right stakeholders to drive coordinated progress.

• “Take a phased approach to building cryptographic visibility rather than trying to discover everything at once. Don’t wait for a perfect inventory and use available information to prioritise remediation, identify vendor dependencies, and shape a roadmap.”

Outlook for Third-Party Cyber-Risk Management: Challenge the Status Quo to Evolve Your Program

Speaker:

Rahul Balakrishnan, Sr Director Analyst, Gartner

Key Takeaways

• “As regulatory guidance around TPCRM has accelerated globally and in India over the last five years, cybersecurity leaders must use the expanding and prescriptive regulatory mandates to transform TPCRM risk into clear business requirements that drive the investment roadmap.”

• “CISOs should create a strategy that uses indirect monitoring to spot potential risks in a third party’s security posture and direct monitoring to track risks through internally exposed services, ensuring resources are focused on the exposures that matter most.”

• By 2028, half of all TPCRM programs will focus on continuous monitoring, allowing CISOs to repurpose due diligence resourcing to other high-value third-party risk mitigation activities.

• “As developing GenAI applications in-house is costly, many organizations rely on third‑party LLMs or GenAI-enabled SaaS solutions, making it critical for CISOs to have a clear view of the data security controls these third parties have in place to protect the organization’s data held in third-party environments.”

• “Gartner predicts that by 2028, 70% of organizations and vendors will use GenAI to complete and analyze TPCRM questionnaires, rendering the outputs increasingly unusable and disconnected from actual risk indicators. Therefore, it is essential to have human analysts validate the work done by GenAI for critical third parties.”

Preparing Privacy Program for What’s Next

Speaker:

Shadrock Roberts, Director Analyst, Gartner

Key Takeaways

• “With the enactment of the Digital Personal Data Protection (DPDP) Act, India enters a global ecosystem where 75% of the world’s population is protected by modern privacy laws.” 

• “Success in this dynamic landscape demands organizational agility, strategic foresight into emerging trends, and strong cross‑functional coordination.”

• “It isn’t just about ticking boxes or avoiding penalties. Privacy is now a core expectation, and organizations that treat it as a business opportunity rather than a compliance task, will build trust, stand out in the market, and avert costly disruptions.”

• “While privacy can seem complex, focusing on core principles such as purpose limitation, data minimization, security, transparency, and accountability gives organizations a clear and effective starting point for DPDP success.”