Gartner Blog Network

Avivah Litan
VP Distinguished Analyst
12 years at Gartner
30 years IT industry

Avivah Litan is a Vice President and Distinguished Analyst in Gartner Research. Her area of expertise includes financial fraud, authentication, access management, identity proofing, identity theft, fraud detection and prevention applications…Read Full Bio

Our Country has Been Hijacked and Equifax is only the latest casualty

by Avivah Litan  |  September 10, 2017

By now everyone concerned about cybersecurity has heard of the Equifax hack and potential compromise of over 140 million identity records containing Americans’ most sensitive PII (Personally Identifiable Information).  New reports indicate that British and Canadian citizens’ data were also compromised, which makes sense given that Equifax houses their data too. Of course, lots of […]

Read more »

Can we Trust “Black Box” Machine Learning when it comes to Security or is there a Better Way?

by Avivah Litan  |  July 27, 2017

Machine learning is relatively new to security. It first went mainstream a few years ago in a few security domains such as UEBA, network traffic analytics and endpoint protection. Several vendors earned strong brand recognition by pioneering ML in those spaces. (For examples, see Forecast Snapshot: User and Entity Behavior Analytics, Worldwide, 2017 ; Magic Quadrant for […]

Read more »

Is there an ‘Alt SIEM’ Market?

by Avivah Litan  |  July 14, 2017

Not every solution fits into a neat market box. In the past year or so, I – and I am sure others — have struggled to characterize some vendors who detect security threats, including external hacks and insider threats using advanced security analytics. They don’t fit neatly into any of the defined market categories that […]

Read more »

Wannacry and Petya point to Dangerous Disconnects between IT Operations and Security

by Avivah Litan  |  June 28, 2017

The recent successful ransomware attacks – WannaCry in May and Petya this week – point to the large disconnect between IT operations, responsible for endpoint management (including patching), and Security groups, responsible for preventing malicious attacks against the organization. For years, security researchers at Gartner and elsewhere have been pointing out that well over 90% […]

Read more »

Cylance SWOT published! How important is Machine Learning to Endpoint Security?

by Avivah Litan  |  June 5, 2017

We just published a SWOT on Cylance, (see SWOT: Cylance, Endpoint Protection Platforms, Worldwide ) a firm best known for bringing machine learning to endpoint security by developing self-contained supervised models that analyze and block file-based malware before it executes. Cylance’s innovation earned the company stellar growth and market mind-share as discussed in our SWOT. See Figure […]

Read more »

 Fraud Detection market’s Continous Consolidation Cycle; MasterCard acquires NuData

by Avivah Litan  |  April 3, 2017

The late-March announcement that MasterCard is acquiring NuData Security leaves more room for fraud detection upstarts to gain market share in the online fraud detection market. NuData is certainly one of the most innovative privately owned vendors in this space, and emerged as a strong competitor following years of large company acquisitions of similarly privately […]

Read more »

MasterCard acquires NuData Security on the heels of Amex and Visa security technology acquisitions

by Avivah Litan  |  March 29, 2017

MasterCard joins the other two dominant card brands in announcing an acquisition of a fraud mitigation technology company. MasterCard announced today their acquisition of Nudata Security, an ecommerce and online banking fraud detection named by Gartner as a “Cool Vendor” in 2015. See MasterCard acquires NuData Security. This announcement follows Amex’s and Visa’s December 2016 announcements […]

Read more »

How to make Russian Hacker Attribution useful to Active Defense

by Avivah Litan  |  March 28, 2017

The recent DOJ indictment of four Russian criminals who broke into Yahoo!’s customer data and stole over a half billion sensitive records was significant for many reasons ( see U.S. Charges Russian FSB Officers and Criminal Conspirators ). The point that stood out to me the MOST was that the arrests proved the same hackers engaged […]

Read more »

Morphing EDR Market grows to $1.5 billion in 2020

by Avivah Litan  |  March 15, 2017

We just completed our Forecast for the EDR market (see Forecast Snapshot: Endpoint Detection and Response, Worldwide, 2017) and are forecasting a 45.3% CAGR from 2015 through 2020, dwarfing the overall information security market growth rate of 7% CAGR in that same time period.   The main growth driver: protection has failed too many times […]

Read more »

UEBA and DLP markets Discover Time-Tested “Risk Based” Authentication

by Avivah Litan  |  March 13, 2017

Security vendors and their customers are starting to adopt continuous time tested risk assessment techniques that raise the bar for malicious actors. Of late, some security vendors and enterprise users have been integrating their detection systems with user authentication. When a suspect event is detected, the system automatically reaches out to the user to verify […]

Read more »