A couple weeks back, Gartner Security and Risk Management Summit took place in National Harbor, MD. Cribl was there to showcase our latest innovations and engage in meaningful conversations with security professionals—from security architects to CISOs from a wide range of industries, especially the public sector. While the buzz around AI was predictably loud—especially in the keynotes and breakout sessions—the most interesting insights came from the practical concerns CISOs, architects, and analysts brought to our booth. Here are my top three takeaways from the conference, all centered on the reality that security teams are under increasing pressure to do more with less, and they’re actively looking for smarter ways to manage data, budgets, and outcomes.
1. Telemetry Growth Is Outpacing Security Budgets
Cribl’s core message—that the explosive growth in telemetry data is outpacing security budgets—struck a chord with nearly everyone we talked to. Security teams are drowning in data, yet only a fraction of it makes it to their SIEMs and other analytics tools because of budget constraints. We heard countless stories of teams forced to make tough trade-offs: deciding which data to drop or delay simply to avoid massive overages in their SIEM bills.
This is where Cribl’s value proposition clicked. When security teams have flexibility and control over their security data, it opens up important conversations that included comments like, “Do I need all my security data in a SIEM?” In some cases, we heard people ask, “Would I even need a SIEM?” Given the growth in telemetry, these are really important questions, and we enjoyed talking to attendees about these topics.
2. The Skills Gap Is Getting Wider
Another theme that came up often: the cybersecurity talent shortage isn’t easing up—and security teams are feeling the pain. With leaner teams and growing data volumes, many security leaders are turning to vendors not just for tools, but for operational efficiency. They need solutions that simplify how data is collected, moved, transformed, and stored—especially when dealing with siloed legacy infrastructure or hybrid environments.
3. AI Needs to Show Outcomes
As expected, AI was everywhere—but it wasn’t all positive. A lot of attendees expressed fatigue with vague AI pitches. The message was clear: AI for AI’s sake isn’t selling. In a couple conversations, attendees thanked us for not "AI-washing" the conversation. Security leaders want to know: What specific problem does this solve? How does it make my team faster, more accurate, or more efficient?
We demonstrated practical use cases, like creating telemetry pipelines from natural language. By focusing on the use case and outcome, we created the "aha moments" that attendees are looking for at the conference.
One Bonus Takeaway
The venue—the Gaylord National Resort and Convention Center—made the conference enjoyable. The layout was perfect for a conference, with fun places to connect after sessions both in and around the resort, and easy logistics for getting there. Why am I mentioning this? It’s also the venue for Cribl’s upcoming event, CriblCon25, which takes place October 13-15. This is going to be the telemetry event of the year, and I would love to see you there! You won’t want to miss connecting with incredible people—yes, that means YOU—as we tackle big challenges, share architecture insights, and explore smarter ways to onboard, route, optimize, enrich, and search your data.