Gartner Blog Network

Jay Heiser
Research VP
6 years at Gartner
24 years IT industry

Jay Heiser is a research vice president specializing in the areas of IT risk management and compliance, security policy and organization, forensics, and investigation. Current research areas include cloud and SaaS computing risk and control, technologies and processes for the secure sharing of data… Read Full Bio

The Great Firewall of Brussels

by Jay Heiser  |  October 6, 2015

Visiting Beijing last week, I found a surprisingly modern and comfortable city, but I was frustrated that I couldn’t Facebook my experiences in real time, because the government blocks access to it. In a dramatic move on the other side of the globe, the Europe’s highest court has just set the stage for what in the […]

Read more »

Are your kids ready for the SaaS puppy?

by Jay Heiser  |  June 4, 2015

Letting the line of business get a SaaS application is like giving your kids a puppy for Christmas. Hopefully, the new pet will provide a maturing experience, in which your youngsters learn how to care for and manage something that requires constant and specific attention.  But all too often, the kids fail to clean up after the new dog, […]

Read more »

“The Interview” wasn’t so bad

by Jay Heiser  |  January 9, 2015

I put my money where my mouth was, and took my wife on a date last week. I’m sure that we were not the only people who saw The Interview out of a sense of duty.  We expected it to be a tedious and silly movie, but we also felt that paying to watch it, in a regular movie theater, […]

Read more »

Sony Sued For Losing Unprotectable Data

by Jay Heiser  |  December 18, 2014

The CISO asked to protect names and SSNs has been handed a sysyphean task that can never be successful.

Read more »

Sympathy for the Sony

by Jay Heiser  |  December 12, 2014

Getting attacked by the North Koreans for making a movie that spoofs their sad little country and its tinpot dictator makes Sony the most sympathetic attack victim of the millennium.

Read more »

All Your Phone Books Are Belong To Us

by Jay Heiser  |  October 6, 2014

We do not need to protect more data; we need to protect less.

Read more »

Doctor, it hurts when I do this

by Jay Heiser  |  August 4, 2014

C: we are concerned about putting our email into the cloud. J: why? C: Somebody might look at it.  J: Somebody can already look at it, even when you do host your email server in house.  SMTP is a data leakage protocol, that isn’t designed to secure your data, but is intended to disseminate it […]

Read more »

Cloud sabotaged, all your data is permanently lost

by Jay Heiser  |  June 19, 2014

Code Spaces, a vendor that claimed to provide secure Source Code hosting and project management support, has just been forced to admit to their customers that they’ve been sabotaged by a cyber extortionist, and they probably cannot fully recover.   They put all their hopes, and all their customers’ data, into a single cloud, and it burst.  […]

Read more »

All your password are belong to us, or my heart bleeds

by Jay Heiser  |  April 11, 2014

Change all your passwords. Now. And then do it again in a week. Of course, there’s no evidence that any passwords have been exploited, but isn’t the lack of substantive evidence a suspicious fact in and of itself? It can be if you want it to be. My favorite presentation at the RSA Conference was […]

Read more »

Unknown unknowns in the Cloud

by Jay Heiser  |  April 8, 2014

Its too bad that Dick Cheney’s awkward little epistemological speech has been so thoroughly politicized, turning an important risk management principle into an opportunity for derision.  Intelligence analysts, and IT analysts, need to be acutely aware of the limits of their knowledge, especially when making decisions about the how to take advantage of public cloud services. […]

Read more »