The RiskTech Journal

The RiskTech Journal is your premier source for insights on cutting-edge risk management technologies. We deliver expert analysis, industry trends, and practical solutions to help professionals stay ahead in an ever-changing risk landscape. Join us to explore the innovations shaping the future of risk management.

Cyber Regret at the Gartner Security & Risk Management Summit: From Risk Dysfunction to Risk Agency
Gartner, Artificial Intelligence, Cybersecurity, GRC, Integrated Risk Thinking Samantha "Sam" Jones Gartner, Artificial Intelligence, Cybersecurity, GRC, Integrated Risk Thinking Samantha "Sam" Jones

Cyber Regret at the Gartner Security & Risk Management Summit: From Risk Dysfunction to Risk Agency

The Gartner Security and Risk Management Summit is running this week at National Harbor in Washington, DC, and the theme is "Smarter, Faster, Stronger... Together." Almost every session points in one direction, which is speed. The opening keynote called the next eighteen months a compressed decision cycle where the cost of waiting keeps rising. The Day 1 sessions covered how to secure AI agents before they act on their own, how to scale AI in cybersecurity while proving a return, and where security skills and tools will be by 2030. The message to the CISOs in the room is simple. Move faster, especially on AI.

One session says the opposite, and it is the one to watch. Gartner has a name for it now, cyber regret. The research describes a reckoning building in boardrooms over the cybersecurity money spent in recent years.

Read More
GRC Without Visionaries: What the 2025 Gartner® Magic Quadrant™ Reveals About the Future of Risk
Gartner, Magic Quadrant, GRC John A. Wheeler Gartner, Magic Quadrant, GRC John A. Wheeler

GRC Without Visionaries: What the 2025 Gartner® Magic Quadrant™ Reveals About the Future of Risk

The release of the “2025 Gartner® Magic Quadrant™ for Governance, Risk and Compliance (GRC) Tools, Assurance Leaders” marks an important turning point in the evolution of enterprise risk technology. For the first time in nearly two decades of coverage, Gartner has explicitly defined the GRC category around assurance leaders rather than enterprise risk or governance audiences.

Equally significant is the visual structure of the 2025 quadrant, which contains an entirely empty Visionaries section. While some may interpret this as a sign of stagnation, it more accurately reflects a market that has entered its integration phase. The GRC segment has reached functional maturity and operational stability, creating the foundation upon which the next generation of Integrated Risk Management (IRM) and Autonomous IRM capabilities will develop.

Here, we analyze the implications of the 2025 Magic Quadrant through the lens of the IRM Navigator™ Model and the recent IRM Navigator™ Vendor Compass for Governance, Risk and Compliance (GRC) - 2025 Edition. Our research concludes that the absence of Visionaries does not indicate a failure of innovation, but rather the outcome of successful specialization. GRC has become the operational core of enterprise assurance, while IRM now defines the broader architecture of enterprise confidence and decision intelligence.

Read More