The Gartner Security & Risk Management Summit 2025 in Mumbai, India, continued to deliver key insights into cybersecurity, risk management, and AI-driven security strategies. The event focused on major trends in cybersecurity, the future of threat intelligence with AI, and best practices for securing AI applications.
Gartner projected a 16% growth in spending on information security in India for 2025, signaling a heightened focus on cybersecurity investment. As businesses face increasing digital threats, resilience has become a priority. Deepti Gopal, Director Analyst at Gartner, emphasized that organizations must embed resilience at all levels to enhance their ability to prevent, respond to, and recover from cyberattacks. She also highlighted the transformative role of generative AI (GenAI) in data security, urging security leaders to prioritize unstructured data security and adopt technologies like Data Security Posture Management (DSPM) for governance. Additionally, she stressed the growing importance of machine identities and called for comprehensive security policies and training to manage them effectively.
Another key topic of discussion was cybersecurity workforce well-being. Gartner predicted that by 2027, organizations investing in cybersecurity-specific resilience programs would experience 50% lower burnout-related attrition among CISOs and their teams.
AI’s role in threat intelligence was another focal point of the summit. Steve Santos, Senior Director Analyst at Gartner, highlighted how AI is transforming cyber threat intelligence (CTI). Given the vast and unmanageable volume of threat data, AI is expected to automate 25% of manual CTI tasks by the end of the year. AI-powered threat intelligence will help security teams assess and prioritize risks more effectively, reducing false positives and improving decision-making. Santos also pointed out that AI will soon play a crucial role in incident response, threat hunting, and proactive security measures. While multimodal AI is not yet fully integrated into security operations, it is expected to reshape the threat landscape in the near future.
The final major discussion of the event focused on securing AI applications. Bart Willemsen, VP Analyst at Gartner, explained that AI introduces new attack surfaces, making it imperative for organizations to develop specialized security measures. He introduced Gartner’s MOST framework, which is designed to improve model operations, enhance security, and ensure responsible AI practices. Investing in AI risk, security, and privacy tools, he argued, may increase operational costs but also drives business growth. Gartner predicts that by 2026, enterprises that invest in AI trust, risk, and security management (TRiSM) will achieve 35% more revenue growth than those that do not. Willemsen emphasized that security leaders must establish clear AI accountability frameworks, allocate dedicated budgets, and implement AI data classification strategies to mitigate risks effectively.
The summit reaffirmed that as cybersecurity threats grow in complexity, organizations must evolve their strategies by integrating AI, reinforcing resilience, and investing in advanced security frameworks. With businesses increasingly relying on AI-driven technologies, proactive security measures will be critical to maintaining trust and operational stability in the years ahead.
