Gartner Security & Risk Management Summit 2026 National Harbor: Day 3 Highlights

We are bringing you news and highlights from the Gartner Security & Risk Management Summit, taking place this week in National Harbor, Maryland. Below is a collection of the key announcements and insights coming out of the conference.

On Day 3 from the conference, we explain how to tap into the human element to optimize cybersecurity programs; the hype versus the reality of guardian agents; and how to unite exposure management, threat detection and incident response. Be sure to check this page throughout the day for updates.

• Gartner Identifies Strategic Focus Areas for CISOs to Seize Moments of Opportunity Among AI Chaos
• Gartner Identifies Four Critical Threats Requiring Urgent Improvements from Cybersecurity Leaders

Presented by Elizabeth Davis, Sr. Director Analyst, Gartner

The human element represents the single greatest unexplored opportunity for optimizing an organization’s cybersecurity risk exposure. In this session, Elizabeth Davis, Sr. Director Analyst at Gartner, explored three focus areas to help security leaders put this into practice. 

• “The human element is the greatest, and most neglected, opportunity for reducing enterprise cyber risk for any organization.”
• “Employee pressure is a key trigger for insecure employee behaviors, such as bypassing security controls. When we don’t intentionally design for how people actually work, risk becomes a by-product of performance pressure. The goal is not security awareness, but secure habits.”; “Security leaders should build a more security-conscious corporate culture by executing a security behavior and culture program (SBCP) that serves to foster and embed new, and more secure practices and behaviors.”
• One of the most important things to remember is that your employees and constituents are human, they’re assets and not risks. We must change our mindsets from treating them as risks to investing in them as a more valuable part of the enterprise cybersecurity program.”
• “If we don’t fix the human element first, every AI investment leaks value. Only CISOs carry the triple AI mandate: secure AI, defend against AI-enabled attacks and use AI to do both.”

Journalists can receive additional information and/or request an interview with Elizabeth Davis by contacting Matt LoDolce at Matt.LoDolce@Gartner.com.

Presented by Meghan Hollis, Ph.D. Sr. Principal Analyst, Gartner

Guardian agents are AI-based technologies designed to support trustworthy and secure interactions with AI. In this session, Meghan Hollis, Sr Principal Analyst at Gartner, explained how guardian agents work and how organizations can leverage them to help accelerate AI governance.

• “Guardian agents supervise AI agents and help ensure their actions align with goals and boundaries. They are designed to protect, defend, and manage AI agents, ensuring that they follow cybersecurity rules.”

•  “An AI tool that is supervising other AI agents to enforce boundaries or policies, or to monitor compliance or any of the other supervisory functions along those lines, is a guardian agent. Everything else is an AI cybersecurity agent, assistant or possibly even just a tool.”

• “Monitor the market and use a phased strategic approach for investing in guardian agents for cybersecurity.”

• “Cybersecurity leaders should start with designing guardian agents that act as sentinels, watching for problems and alerting when something happens. Then, slowly phase in agents that take actions, all while maintaining human audit and review processes to prevent things like agentic drift or AI hallucinations.”

Journalists can receive additional information and/or request an interview with Meghan Hollis by contacting Matt LoDolce at Matt.LoDolce@Gartner.com.

Presented by Pete Shoard, VP Analyst, Gartner

Threat detection, investigation and response (TDIR) tools detect threats in our environments. However, additional context around these threats is often needed to validate and prioritize incident response activities. Exposure management helps by adding relevant context to better evaluate exposures. In this session, Pete Shoard, VP Analyst at Gartner, took a deep dive into  exposure management (EM) and how to incorporate it into TDIR functions.

• “Security leaders should establish a solid TDIR and EM technical foundation to successfully capitalize on the fusion of EM and TDIR insights.”

• “To address complex use cases, security leaders must integrate insights and context across TDIR and EM boundaries.”

• “Data is always updating, which is why security leaders should avoid simply combining data in hopes for better insights or better outcomes.”

• “Rather than reinventing the wheel, security leaders' best bet is to leverage well-established capabilities with a proven track record of addressing use cases.”

• “Security leaders should evolve existing EM and TDIR capabilities to collaborate with each other to achieve better insights and outcomes of existing and new use cases.”

Journalists can receive additional information and/or request an interview with Pete Shoard by contacting Matt LoDolce at Matt.LoDolce@Gartner.com.