Gartner Blog Network

Avivah Litan
VP Distinguished Analyst
19 years at Gartner
34 years IT industry

Avivah Litan is a Vice President and Distinguished Analyst in Gartner Research. Ms. Litan's areas of expertise include endpoint security, security analytics for cybersecurity and fraud, user and entity behavioral analytics, and insider threat detection. Read Full Bio

Widespread APTs targeting Energy and Critical Infrastructure

by Avivah Litan  |  November 2, 2017

On October 20, U.S. Cert issued Alert TA17-293A ( see Alert (TA17-293A) Advanced Persistent Threat Activity Targeting Energy and Other Critical Infrastructure Sectors ) based on joint analysis between DHS and the FBI, that warned of APTs against government entities and organizations in the energy, nuclear, water, aviation, and critical manufacturing sectors. This came as no […]

Read more »

Putting the P, D, & R back into Endpoint Protection Detection and Response

by Avivah Litan  |  October 23, 2017

We just published a research note Market Insight: Increase Market Share With User-Aware and Bundled Endpoint Security  that shows most endpoint security buyers want to buy EPP (Endpoint Protection) and EDR (Endpoint Detection and Response) together in one package with one agent. That would be a good start for a fragmenting market. This trend and buyer push […]

Read more »

Our Country has Been Hijacked and Equifax is only the latest casualty

by Avivah Litan  |  September 10, 2017

By now everyone concerned about cybersecurity has heard of the Equifax hack and potential compromise of over 140 million identity records containing Americans’ most sensitive PII (Personally Identifiable Information).  New reports indicate that British and Canadian citizens’ data were also compromised, which makes sense given that Equifax houses their data too. Of course, lots of […]

Read more »

Can we Trust “Black Box” Machine Learning when it comes to Security or is there a Better Way?

by Avivah Litan  |  July 27, 2017

Machine learning is relatively new to security. It first went mainstream a few years ago in a few security domains such as UEBA, network traffic analytics and endpoint protection. Several vendors earned strong brand recognition by pioneering ML in those spaces. (For examples, see Forecast Snapshot: User and Entity Behavior Analytics, Worldwide, 2017 ; Magic Quadrant for […]

Read more »

Is there an ‘Alt SIEM’ Market?

by Avivah Litan  |  July 14, 2017

Not every solution fits into a neat market box. In the past year or so, I – and I am sure others — have struggled to characterize some vendors who detect security threats, including external hacks and insider threats using advanced security analytics. They don’t fit neatly into any of the defined market categories that […]

Read more »

Wannacry and Petya point to Dangerous Disconnects between IT Operations and Security

by Avivah Litan  |  June 28, 2017

The recent successful ransomware attacks – WannaCry in May and Petya this week – point to the large disconnect between IT operations, responsible for endpoint management (including patching), and Security groups, responsible for preventing malicious attacks against the organization. For years, security researchers at Gartner and elsewhere have been pointing out that well over 90% […]

Read more »

Cylance SWOT published! How important is Machine Learning to Endpoint Security?

by Avivah Litan  |  June 5, 2017

We just published a SWOT on Cylance, (see SWOT: Cylance, Endpoint Protection Platforms, Worldwide ) a firm best known for bringing machine learning to endpoint security by developing self-contained supervised models that analyze and block file-based malware before it executes. Cylance’s innovation earned the company stellar growth and market mind-share as discussed in our SWOT. See Figure […]

Read more »

 Fraud Detection market’s Continous Consolidation Cycle; MasterCard acquires NuData

by Avivah Litan  |  April 3, 2017

The late-March announcement that MasterCard is acquiring NuData Security leaves more room for fraud detection upstarts to gain market share in the online fraud detection market. NuData is certainly one of the most innovative privately owned vendors in this space, and emerged as a strong competitor following years of large company acquisitions of similarly privately […]

Read more »

MasterCard acquires NuData Security on the heels of Amex and Visa security technology acquisitions

by Avivah Litan  |  March 29, 2017

MasterCard joins the other two dominant card brands in announcing an acquisition of a fraud mitigation technology company. MasterCard announced today their acquisition of Nudata Security, an ecommerce and online banking fraud detection named by Gartner as a “Cool Vendor” in 2015. See MasterCard acquires NuData Security. This announcement follows Amex’s and Visa’s December 2016 announcements […]

Read more »

How to make Russian Hacker Attribution useful to Active Defense

by Avivah Litan  |  March 28, 2017

The recent DOJ indictment of four Russian criminals who broke into Yahoo!’s customer data and stole over a half billion sensitive records was significant for many reasons ( see U.S. Charges Russian FSB Officers and Criminal Conspirators ). The point that stood out to me the MOST was that the arrests proved the same hackers engaged […]

Read more »