From Manual to Measurable: SureCloud’s Continuous Control Monitoring at Gartner Security & Risk Management Summit 2025

The Gartner Security & Risk Management Summit 2025 brought together security and risk leaders from across EMEA to explore how organisations can strengthen protection and resilience in today’s complex digital environment. Sessions focused on turning cybersecurity hype into opportunity, encouraging CISOs to reframe discussions around critical exposures and business outcomes rather than compliance alone.

Gartner analysts called for adaptive cybersecurity programs that integrate innovation, agility, and measurable outcomes. Their message aligns closely with SureCloud’s approach to connecting automation, data, and intelligence.

At this year’s summit, SureCloud unveiled the next evolution of its platform: the launch of Continuous Control Monitoring (CCM), the first native CCM capability within an enterprise GRC environment.

CCM transforms how assurance teams operate - automating evidence collection, continuously testing controls, and linking outcomes directly to business risk.

It’s a key step in helping organisations replace manual processes with measurable, data-driven insight that enhances both compliance and resilience.

“Across today’s organisations, GRC leaders are still battling the same challenges - duplicated controls, manual testing, and constant capacity strain,” said Gabriel Few-Wiegratz, Product Marketing Manager at SureCloud. “Our new CCM capability changes that. By combining automation with flexibility, it gives teams time back and turns compliance into a simpler, more efficient journey.”

Ahead of the main summit, SureCloud hosted its exclusive networking event on the Sunborn London, where Chief Product Officer Matthew Davies introduced the From Manual to Measurable concept.

During the summit, SureCloud hosted its exhibitor session, “How Intelligent Automation Can Move GRC Teams from Manual to Measurable”, featuring Matt Davies, Andrew Jutson (easyJet), and Neil Harrison (Specsavers).

The session explored how automation and analytics are redefining assurance programs across industries. Key themes included:

As Gartner’s analysts reinforced throughout the week, automation and intelligence are no longer optional - they’re essential to scaling cyber and compliance capabilities responsibly.

Findings from SureCloud’s Risk Reckoning Report closely align with the key themes from this year’s Gartner summit - resilience, measurement, and automation.

Among the 200+ GRC and security leaders surveyed:

• 50% struggle to manage multiple frameworks across regions and business units.

• 84% cite capacity strain as the main cause of reactive control management.

• 75% now discuss cyber and GRC at the board level.

The research highlights a clear need for measurable, automated assurance - the very challenge that Continuous Control Monitoring (CCM) is designed to solve.

SureCloud is the most intelligent GRC platform on the market, and its Continuous Control Monitoring (CCM) gives organisations a single, connected view of their risk and compliance posture.

With SureCloud, you can:

• Automate control testing and evidence collection for consistent compliance.

• Connect assurance with risk and policy to build a true business context.

• Use AI-driven insights to communicate effectively at the board level.

• Scale effortlessly as regulations and frameworks evolve.

From compliance leaders to CISOs, SureCloud helps organisations modernise assurance functions and build lasting resilience.