Download your copy of our State of Authorization: Playbook Edition Get it now »

Gartner IAM Summit London 2024 recap

Read our Q&A recap from the 2024 Gartner IAM Summit in London with CPO, Mark Cassetta and VP Marketing & Communications, Kelly O'Dwyer-Manuel.

Our team had a great time at the Gartner Identity and Access Management (IAM) summit in London, UK discussing the latest innovations and trends in the identity industry.

We spoke with our Chief Product Officer, Mark Cassetta, and VP Marketing & Communications, Kelly O’Dwyer-Manuel, about their time at the conference and to share some of their own highlights from the event.

What was your biggest takeaway from the event?

Mark: For the last twelve months, we have been seeing signs of a convergence between traditional cybersecurity teams and IAM. The opening keynote of this show “Treat Cybersecurity as Business Investment” only reinforced that this is happening in real-time. While this may not be a big surprise, I am excited about the outcomes this may start to deliver for enterprises. IAM is only as good as the context and risk signals that security can deliver – if the closer these teams feel aligned to one vision, the more of a reality it is that organizations can deliver on their protection goals.

Kelly: For me there were two takeaways from this event. The first was that IAM teams are stretched too thin and are underfunded. In fact, according to a recent survey conducted by the Gartner team, more than 60 percent of organizations felt they weren’t adequately staffed to implement an identity-first strategy. That’s a massive problem, as identity-centric threats continue to multiply and evolve.

The second takeaway was that the way identity teams are going to be able to keep pace demands from the business (and threats from bad actors) is by leveraging AI, both more established technologies like machine learning as well as generative AI. It’s not going to be a silver bullet solution – nothing is – but when thoughtfully infused into existing architecture and guided by humans, it can provide much-needed automation for some of the day-to-day activities that can bog down IAM teams and prevent them from evolving. It’s still early days, so it’ll be interesting to see how this topic evolves at the Gartner IAM Summit in Grapevine, TX in December.

Dave, Rakesh, and Mark at the Axiomatics booth at Gartner IAM London, 2024

What was the biggest surprise or hidden gem?

Mark: I think the biggest surprise for me was I didn’t have one conversation at this show where someone says “I use role-based access control (RBAC), why do I need attribute-based access control (ABAC)?”. While this may not be representative of the entire market, I feel IAM is really starting to better understand how a complete authorization strategy includes multiple access control models (RBAC, ABAC, relationship-based access control [ReBAC], etc.) all working together.

Kelly: I completely agree with Mark. When I think back to where we were with engaging people at these types of events two years ago, discussions were more in the education phase, talking about what this is. Now we’re having more focused conversations that center on the value our solution provides. It’s terrific growth in a relatively short period of time.

Outside of that, I’m not sure there were any true surprises, but it was great to see some new vendors in the exhibit hall this year, which validates how critical identity is for enterprises and the opportunities in this market.

How has this event evolved since last year? What does that say about the authorization market?

Mark: The event overall was clearly bigger, only reinforcing the wider momentum IAM is gaining. Specific to authorization, many of the discussions that we had were about either existing authorization projects that were planned for the next 12-24 months or people were looking for help to position a project for authorization. None of the conversations centered around, why do I need authorization? This is a big change.

Kelly: To my mind, these two questions are quite intertwined. When it comes to policy-driven authorization, it’s clear – there’s a better understanding of how policy-driven authorization fits into broader identity initiatives. There was a fantastic session led by Gartner analyst Espen Bago that walked through the authorization market as a whole, but it was great to see authorization pop up in other sessions as well. This says that there’s a better understanding of what policy-driven authorization is and now the conversation has evolved to address where it can help drive value for identity leaders.

What was one of your favorite sessions or moments?

Mark: I have to say that Mary Ruddy did an excellent job delivering her session about how ML and AI are changing the game for IAM. Her perspective and recommendations were pragmatic and exciting about how innovation in AI can really help solve some challenges that have plagued the industry for more than two decades.

Kelly: There were a ton of terrific analyst sessions this year. Mary’s was excellent and Homan Farahmand had another session on AI that also offered a lot of practical guidance. Michael Kelley walked through some feedback Gartner saw in a recent survey of IAM professionals that was fascinating, and the last session, an outlook of the market overall, was terrific. It’s hard to pick just one session – I picked up interesting insight from every session I attended.

And it was terrific to see such interest in Mark’s presentation! There’s a healthy appetite to use generative AI to see greater time to value (or time to entry) from policy-driven authorization. That was abundantly clear and I think what resonated best was Mark’s ability to walk through what we can realistically expect to see this year and what we might see ahead in the next year or two.

Mark Cassetta presenting at Gartner IAM London, 2024

What are you looking forward to at Gartner IAM in North America later this year?

Mark: By the time we get to Dallas, it will have been almost a year and half since the last Gartner IAM conference in North America and I think it will be great to see how conversations evolve and if the trends that we are seeing in Europe are further ahead or behind what’s happening on the other side of the pond.

Kelly: It’s always interesting, as Mark’s said, to understand the differences in approaches, trends and maturity between geographical markets. I look forward to seeing how conversations related to generative AI evolve between now and then. While there are only a few months between now and December, things are evolving so quickly, I’ll be curious to see where we are at the end of the year, both in terms of innovation on the vendor side as well as uptake on the enterprise side.

Thank you to those who visited us!

It was a pleasure getting to meet new and familiar faces at our booth and at Mark’s session on five ways generative AI makes policy-driven authorization easier. We talked about policy-driven authorization and how it can leverage attributes to define detailed access policies across an organization, had some good fish & chips, and much more.

Didn’t get the chance to talk with us at Gartner IAM in London? Request a demo and join the movement towards modernized, scalable authorization and access control with policy-driven authorization.

Want to read more about what we talked about at the summit? Here are three great resources for you to look into:

Have 30 minutes? Let's show you a demo!

See how our award-winning solution can help you meet today's access control and Zero Trust needs.

Request a demo

  Join us on LinkedIn for more insights
Archived under:
About the author

As the Marketing Communications Specialist, Emme Reichert helps execute content that resonates with customers, partners, and influencers. She has experience with marketing in the healthcare and tourism industries.