Gartner Blog Network

Avivah Litan
VP Distinguished Analyst
12 years at Gartner
30 years IT industry

Avivah Litan is a Vice President and Distinguished Analyst in Gartner Research. Her area of expertise includes financial fraud, authentication, access management, identity proofing, identity theft, fraud detection and prevention applications…Read Full Bio

Meet Delilah – the first Insider Threat Trojan

by Avivah Litan  |  July 14, 2016

Criminal recruitment of insiders is becoming an industry now with the release of a new Trojan called “Delilah”. Delilah recruits targeted insiders via social engineering and/or extortion, sometimes using ransomware techniques. It remains a closely held Trojan not yet available on the common black market, and is only shared amongst closed hacker groups, according to […]

Read more »

The Missing ‘D’ in the UEBA market

by Avivah Litan  |  June 22, 2016

I just got back from a whirlwind client-packed week at the flagship Gartner Security Summit in the Washington D.C. area. One thing that hit home was discussions with DAM (Database Activity Monitoring) vendors who are implementing a data centric view of UEBA. That is, they are starting with the data that their current products revolve […]

Read more »

Insider threats escalate and thrive in the Dark Web

by Avivah Litan  |  June 21, 2016

Insiders are being actively recruited by criminals operating on the Dark Web, according to Gartner clients. Disgruntled employees working at companies across many sectors, such as financial services, pharma, retail, tech, and government are gladly selling their services to the bad guys in order to inflict harm on their employers.  Seeking harm and revenge on […]

Read more »

Fraud hits U.S. real time payments; SWIFT heists repeated?

by Avivah Litan  |  May 19, 2016

In a little noticed event, U.S. Banks started originating real time ACH payments as part of a widespread U.S. move to real time banking payments that should be largely in place by the end of this year. (For more information, refer to NACHA, The Clearing House, and Federal Reserve Faster Payments websites). But is the […]

Read more »

Credit Card industry challenged as Fraud rises significantly at EMV-capable merchants

by Avivah Litan  |  March 14, 2016

In a little noticed but highly significant event, two small Florida merchants are lead plaintiffs in a potential class action suing the financial services industry for conspiring to get the merchants to eat more fraud. The merchants point out that their fraud rates and charges have risen more than twenty times since the October 2015 […]

Read more »

Stop bullying phone tech companies around and start doing some intelligence homework

by Avivah Litan  |  February 29, 2016

It’s no secret that terrorists almost always have two phones, one personal and one used to communicate with fellow terrorists and attack organizers. The San Bernardino shooters, Syed Rizwan Farook and Tashfeen Malik, apparently were no exception. They took the time to destroy and obliterate two other phones they had in their possession prior to […]

Read more »

Why the Government needs to leave Apple and Google Encryption Alone

by Avivah Litan  |  February 17, 2016

The cat is already out of the bag with all of the advancements in encryption software. Even if Apple or Google were to make it possible for the government to unlock an iPhone or Android phone and read their encrypted communications, there are other encryption applications terrorists and criminals could use on most smartphones that […]

Read more »

Attacks against IoT, Dark Web indexing, and other tales from Ground Zero

by Avivah Litan  |  February 7, 2016

I just returned from a trip to Israel where security innovation and ideas thrive. Here are some of the main takeaways from my trip: a) Attacks against IoT are not theoretical – they are real: We’ve heard so much about how driverless cars can be hacked. Turns out cars that still require human drivers are […]

Read more »

EMV PIN Credit Opponents should learn from Apple Pay

by Avivah Litan  |  October 20, 2015

The longstanding debate between merchants and the credit card companies over using PINs with EMV chip cards should not even be a debate in my opinion. PINs most assuredly provide more security for card use (and 70% less fraud than signature cards) and consumers comfortably use them for ATM and other debit transactions. Many banks […]

Read more »

EMV rolls out with lots of tension between retailers and card issuers

by Avivah Litan  |  September 30, 2015

Tomorrow marks the first day liability on card-present transactions will shift to retailers by default if they don’t accept a chip card that is presented to them at the point of sale. It’s like a cold splash of water – the day has finally arrived. Retailers have many decisions to make about how to cope […]

Read more »