Gartner Blog Network

Category: 'philosophy' Blog Posts

from the Gartner Blog Network

On Wild Security Maturity Overestimation

by Anton Chuvakin  |  November 13, 2017

Want to know what my absolute #1 insight that I learned working at Gartner for 6+ years is? No jokes, this is serious! Any guesses from the audience? In any...

Read more »

Security Without Security People: A [Sad] Way Forward?

by Anton Chuvakin  |  June 29, 2017

This post is a convergence of a few things: our recent foray into more basic security areas (such as from threat hunting to vulnerability management), my experiences at a recent...

Read more »

Befuddled By "Hackback"

by Anton Chuvakin  |  June 7, 2017

I’ve been meaning to write this literally for years. But now all this hoopla around “Active Cyber Defense Certainty Act” [PDF] (aka “the Hackback Law”) has triggered me into action....

Read more »

SIEM Future: A UEBA Path or An MDR Way?

by Anton Chuvakin  |  April 7, 2017

Want to hear a bad joke about #SIEM? Knock knock Who’s there? SIEM! No way… you are dead!!! Ok, in all seriousness, we all know SIEM is NOT dead –...

Read more »

Sad Hilarity of Predictive Analytics in Security?

by Anton Chuvakin  |  March 31, 2016

After spending a week in Siberia, I am ready for more fun blogging – and of course for more drama that is our industry (GO CYBER DRAMA!). In any case,...

Read more »

RSA 2016: Musings and Contemplations

by Anton Chuvakin  |  March 8, 2016

Warning: this will be harsh and a bit curmudgenly, but I am not yet old enough to be a real curmudgeon – I am not even sure I want to...

Read more »

No, Virginia, It Does NOT Mean That!

by Anton Chuvakin  |  January 25, 2016

This is a post to finally put this idiocy to rest: “If you can DETECT, why can’t you PREVENT!?” Here are my top 5 reasons why DETECTION excellence does NOT...

Read more »

"Deception as Detection" or Give Deception a Chance?

by Anton Chuvakin  |  January 8, 2016

Many industry observers have noticed that deception approaches are re-emerging in the collective attention of the operational [as opposed to research] security industry and community (“cyber”- community?). We even have...

Read more »

Jumping Security Maturity FAIL!

by Anton Chuvakin  |  January 6, 2016

Strategic threat intel before patching? Malware reversing before firewalls? Honeypots before NIPS? Are you freaking insane?! Well, are you? Why are you doing this? What good do you think it...

Read more »

On Stupidity of Some Privacy Themes

by Anton Chuvakin  |  October 16, 2015

Now is a Maverick research season here at Gartner and I wanted to draw your attention to my favorite Maverick research piece that published so far (well, apart from our...

Read more »