Gartner Blog Network

New Research on Dealing with Advanced Threats

by Anton Chuvakin  |  February 24, 2014  |  1 Comment

Yes, there are people [and organizations] out there who need to hear it from Gartner again. And again. And again. And again.


So: “Malware Is Already Inside Your Organization; Deal With It” – heard it this time?

In any case, with this post I wanted to highlight two excellent notes written by my peers at Gartner:

By the way, we are not saying anything even remotely similar to “prevention is dead.” We are only saying that most organizations under-spend and under-emphasize detection (many) and response (most): “Enterprises are overly dependent on blocking and prevention mechanisms that are decreasingly effective against advanced attacks.” Still, one of the notes states that “preventive controls to “harden” endpoints are highly effective and should be revisited by security organizations.”

Over time, it is expected to change since “by 2020, 60% of enterprise information security budgets will be allocated to rapid detection and response approaches — up from less than 10% in 2014.”

Note that these notes are NOT technical and comfortably short; you can read them and then give them to your boss to read. Maybe even to his boss…

While you are at Gartner site, here are some documents I’ve recently written:

Additional Resources

View Free, Relevant Gartner Research

Gartner's research helps you cut through the complexity and deliver the knowledge you need to make the right decisions quickly, and with confidence.

Read Free Gartner Research

Category: announcement  malware  security  

Anton Chuvakin
Research VP and Distinguished Analyst
8 years with Gartner
19 years IT industry

Anton Chuvakin is a Research VP and Distinguished Analyst at Gartner's GTP Security and Risk Management group. Before Mr. Chuvakin joined Gartner, his job responsibilities included security product management, evangelist… Read Full Bio

Thoughts on New Research on Dealing with Advanced Threats

Comments are closed

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.