Gartner Security & Risk Management Summit 2025 London: Day 3 Highlights

We are bringing you news and highlights from the Gartner Security & Risk Management Summit, taking place this week in London. Below is a collection of the key announcements and insights coming out of the conference. You can also read the highlights from Day 1 and Day 2.

On Day 3 of the conference, we are addressing potential high-impact AI attacks, explaining how CISOs can optimize their AI initiatives, and sharing the key components of a comprehensive email security architecture. Be sure to check this page throughout the day for updates.

Presented by Manuel Acosta, Sr Director Analyst, Gartner

Chief information security officers (CISOs) rank AI-augmented attacks as a top concern. In this session, Manuel Acosta, Sr Director Analyst at Gartner, shared advice on how CISOs can anticipate potential high-impact AI attacks.

• “62% of organizations experienced at least one minor incident involving audio or video deepfake.”

• “Focus today on deepfakes and social engineering as urgent problems to solve.”

• “Anticipate potential evolutions by planning for relevant scenarios.”

• “Extend scenarios from current threat intelligence and GenAI into the most likely threat vectors.”

• “Build resilience to AI-augmented threats by strengthening business workflows, fostering a strong security culture, reevaluating biometric controls and updating IT processes.”

Journalists can receive additional information and/or request an interview with the Gartner expert by contacting Laurence Goasduff at laurence.goasduff@gartner.com.

Presented by Jeremy D’Hoinne, Distinguished VP Analyst, Gartner

Chief information security officers (CISOs) know AI will require more work to secure, however, there's more uncertainty about how it can help. In this session, Jeremy D’Hoinne, Distinguished VP Analyst at Gartner, explained how CISOs can optimize their AI initiatives to align with future business uses.

• “Do not use AI as an excuse and hope for a magical AI solution to solve all cybersecurity issues.”

• “Cybersecurity objectives must lead AI adoption, not the other way around.”

• “AI requires increased cybersecurity investments, not less.”

• “CISOs must become Agile AI Tinkerers.”

• “Ensure cybersecurity objectives drive the use cases.”

Journalists can receive additional information and/or request an interview with the Gartner expert by contacting Laurence Goasduff at laurence.goasduff@gartner.com.

Presented by Nikul Patel, Director Analyst, Gartner

The scale and sophistication of phishing have reached levels that cannot be dealt with by a single product. In this session, Nikul Patel, Director Analyst at Gartner, shared essential components of a comprehensive email security architecture.

• “In 2025, phishing remains one of the top observed attack vectors.”

• “Domain authentication and domain name system (DNS) hygiene acts as the first layer of defense against phishing.”

• “Think beyond email security. Recognize workspace security as the technology infrastructure required to protect the modern hybrid workforce and a strategy approach from vendors.”

• “To block widespread and most targeted phishing attacks, enhance your secure email gateway (SEG) or supplement it with specialized AI based email filtering solutions.”

• “Augmenting key internal business processes can reduce phishing impact.”

Journalists can receive additional information and/or request an interview with the Gartner expert by contacting Laurence Goasduff at laurence.goasduff@gartner.com.