Gartner Blog Network

French Caldwell
VP and Gartner Fellow
15 years at Gartner
19 years IT industry

French Caldwell is a vice president and Gartner Fellow in Gartner Research, where he leads governance, risk and compliance research. Mr. Caldwell also writes and presents on knowledge management. His research includes analysis of the impact… Read Full Bio

WhiteHouse Announces PTO Will #Crowdsource Patent Review in Anti-Troll Initiative

by French Caldwell  |  February 21, 2014

As part of its anti-patent troll initiative, the White House announced a new crowdsourcing initiative at PTO.  Should be interesting.  Is government by the people taking on new expanded meaning and moving beyond representative democracy? The idea of crowdsourcing patent review was tested on a few hundred patents already.  PTO used Stack Exchange to test […]

Read more »

Happy #GIGD, the Problem with Twitter, and Where’s the Love for Info Gov?

by French Caldwell  |  February 20, 2014

Global Information Governance Day — who knew.  Not I, and I must apologize to those who take such industry observance days seriously — which I don’t — but I forgot to bring flowers or a bottle of wine or something.  What’s really appropriate for #GIGD anyway? Not that information governance is not a serious subject, […]

Read more »

WSJ: Target Warned of Vulnerabilities Before Data Breach

by French Caldwell  |  February 15, 2014

I wouldn’t read too much into the headline of this WSJ article.  Security intel people warn of problems all the time – it’s their job.  A real bit of news is in the last paragraph of the article: Several members of Target’s cybersecurity team left the company in the months before the hack, according to […]

Read more »

A Revolution in GRC Affairs at Gartner (or burning the EGRC mq)

by French Caldwell  |  February 4, 2014

Gartner’s coverage of vendors in the GRC marketplace is about to change.  The main reason for the change, as noted in the most recent Enterprise Governance, Risk and Compliance Platforms Magic Quadrant, is that GRC solutions buyers are shifting away from a platform-centric approach to one focused on targeted solutions for specific use cases. A […]

Read more »

To Improve Cloud Security, by 2020, Enterprises Will Fire Senior Managers

by French Caldwell  |  January 17, 2014

I came across a survey report last week from security and investigations service firm Stroz-Freiberg that highlights the fundamental tenet of effective compliance and risk management – tone at the top.   The survey of 764 information workers shows that senior managers are the worst offenders when it comes to using personal cloud services to manage […]

Read more »

Praise or Punishment? You Decide — Take the poll

by French Caldwell  |  January 16, 2014

The comments from readers on this story about two Yale students who built an online course comparison service are as interesting as the story itself.  (Click here for poll.)  Aggregating data has created a boon for internet information services, and these Yale students were aggregating information to help their fellow students make hard decisions. After […]

Read more »

New FFIEC Guidance on Social Media Risk Management Effective Immediately

by French Caldwell  |  December 13, 2013

The final guidance from the FFIEC on social media risk management for financial institutions has been promulgated.  It is effective immediately.  As I mentioned earlier this year, regulatory guidance of this sort is not optional. I did a study recently on the public comments for my doctor in law and policy program at Northeastern University– […]

Read more »

A Worst Probable Case Scenario for U.S. Government Shutdown Planning

by French Caldwell  |  October 4, 2013

If you follow the shutdown news, you’ll no doubt hear some talking heads saying the shutdown will last a few more days, and some cleverer  pundits starting to link the timing for the shutdown to the debt limit deadline of 17 October.  Business, government and IT executives need a scenario on which to base longer […]

Read more »

Leaving the Screen Door Open for the G-Man

by French Caldwell  |  July 17, 2013

Colleagues today were discussing again the Snowden revelations about service providers giving governments access to digital business and social media data.  One colleague suggested that we should not use the term back door in this context since by the traditional IT security definition this would imply that government agencies had direct access to the operational […]

Read more »

Where Are the Vendors? Please Don’t Play Hide and Seek With the Analysts

by French Caldwell  |  May 23, 2013

As John Wheeler and I work on the updated Enterprise GRC Platform magic quadrant, I wonder what has happened to many of the vendors that used to brief us.  Actually, I know where they are, and now and then I’ll see them at a trade show, or shoot them an e-mail asking for an update.  […]

Read more »