Gartner Blog Network

Category: 'policy' Blog Posts

from the Gartner Blog Network

Open Shares in the Trenches

by Jay Heiser  |  January 4, 2019

Today’s open sharing of sensitive files from the public cloud parallels an information warfare problem from 1916. It should remind us that security always takes a back seat when there’s...

Read more »

My Top 7 Popular Gartner Blog Posts for May 2018

by Anton Chuvakin  |  June 1, 2018

Most popular blog posts from my Gartner blog during the past month are: Our Security Orchestration and Automation (SOAR) Paper Publishes (SOAR research) <- read the paper or the blog...

Read more »

The Great Firewall of Brussels

by Jay Heiser  |  October 6, 2015

Visiting Beijing last week, I found a surprisingly modern and comfortable city, but I was frustrated that I couldn’t Facebook my experiences in real time, because the government blocks access...

Read more »

Once More on Insta-Fail Security Policies - Rant Alert!

by Anton Chuvakin  |  June 11, 2015

For a while, I was under impression that my deep disdain for “insta-FAIL security policies” (i.e. those written without any chance of ever being complied with, even during the policy-writing...

Read more »

Are your kids ready for the SaaS puppy?

by Jay Heiser  |  June 4, 2015

Letting the line of business get a SaaS application is like giving your kids a puppy for Christmas. Hopefully, the new pet will provide a maturing experience, in which your youngsters learn...

Read more »

Detailed SIEM Use Case Example

by Anton Chuvakin  |  September 24, 2013

During inquiries, I am handling a lot of questions about SIEM use cases, what they are, where to get them, how to create them, how to document them, evolve them,...

Read more »

Endpoint Threat Detection & Response Deployment Architecture

by Anton Chuvakin  |  August 5, 2013

Now that we have a name [ETDR], let’s talk deployment strategies. On what systems in your organization do you want to deploy the tools that simplify your security incident response...

Read more »

Incident Plan vs Incident Planning?

by Anton Chuvakin  |  July 23, 2013

“You MUST have an incident response plan!!!” Thus screamed plenty of security incident response guidance, including some of my own. However, whatever happened to “no plan survives contact with the...

Read more »

Is That An Incident In Your Pocket - Or Are You Just Happy to See Me?

by Anton Chuvakin  |  July 8, 2013

Here are some real-world examples of what some organizations consider to be a security incident (most of these are taken off Universities’ publicly posted security incident plans – these are...

Read more »

MDM Critical Capabilities and the Magic Quadrant

by Phillip Redman  |  June 4, 2013

I've been blogging for Gartner for 4 years now. I've noticed that my submissions are pretty non-existent in the Spring every year. That's because I am working on our big...

Read more »