PAGO was on site at the Gartner Security & Risk Management Summit 2025, connecting with global cybersecurity leaders and analysts to explore the future of security operations. From CTEM and ASCA frameworks to human-centric risk management, our team closely followed top sessions and dissected the technologies shaping tomorrow’s defenses. This exclusive report compiles the most relevant insights to help security teams anticipate threats, strengthen visibility, and apply proactive response strategies that align with business priorities.
CTEM & Continuous Exposure Management
Organizations are moving away from one-off assessments toward Continuous Threat Exposure Management (CTEM). Gartner emphasized that CTEM is not just a toolset but a discipline to continuously identify, validate, and remediate the exposures that matter most to business risk. Security leaders were urged to align CTEM with operational realities to reduce threat windows.
Human-Centric Risk Management
Security strategies are shifting from tech-heavy approaches to models that focus on human behavior, context, and decision-making.
Gartner introduced the concept of ASCA (Adaptive Security Control Architecture), encouraging security teams to understand user intent and business function before applying controls. It’s about reducing friction without compromising protection.
The Rise of Preemptive Response Models
Beyond detection and response, the summit highlighted a growing need for preemptive models that act before damage occurs. Proactive threat hunting, AI-enhanced context, and MDR services that isolate or block threats in real time were framed as key differentiators. Security vendors and leaders alike are rethinking what “response” should really mean.
