The ‘More is Less’ Imperative: Takeaways from the Gartner Security and Risk Management Summit
Back to top
July 1, 2025
The ‘More is Less’ Imperative: Takeaways from the Gartner Security and Risk Management Summit
At the Gartner Security and Risk Management Summit in early June, speakers and participants consistently emphasized a core theme: security leaders must do more with less. As a former senior leader in the Air Force, I take this challenge personally.
Leaders across every sector – whether in government, finance, healthcare, manufacturing, or tech – are contending with the same struggle: modernizing network security and increasing efficiencies despite shrinking budgets and reduced personnel.
The expectation to optimize resources makes every decision a risk decision.
This pervasive challenge is compelling IT and SOC professionals to urgently reevaluate their networks security tools. For instance:
- Healthcare CISOs must determine how to better secure sensitive patient data while containing costs.
- Financial leaders are juggling complex compliance requirements while aiming to reduce spend.
- Manufacturing executives are negotiating increasingly complex operational technology systems despite flat or shrinking budgets.
Government Sector Challenges and Solutions
For me, the government sector conversations were particularly insightful. Federal leaders discussed how recent personnel reductions have reshaped their priorities and amplified the urgency attached to their initiatives. Agencies are now prioritizing security purchasing decisions for solutions that improve operational efficiency. Given recent personnel cuts, agencies are actively seeking tools that can offset insufficient human resources and that offer robust fiscal benefits.
At the same time, government agencies are reporting a surge in both the volume and sophistication of cyberattacks. As adversaries escalate their efforts, security teams face increasing workloads.
The two parallel pressures – achieving more with fewer resources and a growing number of intense cyber threats – essentially create a mandate for government sector cybersecurity professionals: They need to implement security solutions that deliver maximum value per dollar invested and operate at machine speed.
AI as a Force Multiplier for Resource-Constrained Teams
At the Summit, analysts and leaders consistently pointed to AI as a pivotal tool for achieving more with less. Three specific areas of strategic AI application frequently surfaced in conversations.
- Automation. AI-driven automation significantly accelerates threat detection, incident triage, and dynamic response workflows. In turn, human capital becomes available for higher-level initiatives.
- Efficiency. AI optimizes resource utilization by significantly reducing manual effort and enabling large-scale data processing. This means that teams can gain deeper insights and cover more ground with existing resources.
- Consolidation. Discussions also focused on how AI can drive tool consolidation, through which security professionals can more quickly gain insights and make confident threat response decisions, all while reducing complexity and cost.
The recognition of AI as a force multiplier is fundamentally reshaping the security market. As organizations increasingly come to see that network security demands a multi-faceted approach, they are actively seeking tools that can address multiple security priorities and objectives concurrently.
Operationalizing Summit Priorities with Network Detection and Response
Network detection and response (NDR) platforms are emerging as a prime example of such a tool. Modern NDR solutions powerfully address the three key AI applications – automation, efficiency, and consolidation – that were top of mind for leaders at the Gartner Security & Risk Management Summit. More broadly, for organizations that are striving to achieve more with less, advanced NDR solutions can optimize for efficiencies and deliver tangible value. These quantifiable gains include accelerated time-to-threat-resolution, reduced management overhead (single platform vs. multiple tools), and cost optimization through license consolidation and a reduction in infrastructure requirements.
The Path Forward: Scaling Security, Not Costs
Ultimately, the path to achieving expanded security coverage with fewer resources – or scaling sophisticated security without scaling costs, as highlighted by leaders at the Gartner Security & Risk Management Summit – hinges on embracing solutions that deliver efficiency, automation, and consolidation. Organizations, from federal agencies to private enterprises, are increasingly looking for strategic cybersecurity tools that align with these objectives. If this sounds like your organization, learn more here.
Discover more
Senior Strategic Advisor - Public Sector
Sarah Cleveland comes to ExtraHop with over 26 years in the Air Force as a career Cyber Officer. Retiring as a Colonel, Sarah has led at the Squadron, Group Commands, and Joint Directorate levels (J6, G6, & A6). She has been responsible for providing cyber operations in garrison as well as deployed (disadvantaged/disconnected environments). Her operational experience includes combat operations in Iraq, Afghanistan, other areas in the Middle East as well as training Colombian and Polish Special Operations Forces in communications tactics, techniques, and procedures. As her final position in the Air Force, Sarah was responsible for the global NC3 (nuclear) sensor network (operations, maintenance, and sustainment) in support of global nuclear monitoring and other organizations. She oversaw emergency action plans for NC3 Continuity of Operations (COOP) as well as facility management and personnel actions for all Air Force Technical Applications Center sites globally.
Sarah joined ExtraHop as the Department of Defense Account Manager. Her Territory is DoD (Services, COCOMs and Agencies). Sarah currently resides in the Tampa/St. Petersburg area.
Share
