Gartner Blog Network

Category: 'Information Security' Blog Posts

from the Gartner Blog Network

The Bane of All Security Tests: Acting on Results

by Anton Chuvakin  |  January 11, 2018

Want to hear a penetration testing joke? No, not this one: …but this one: Q: Do you need a pentest done? A: Not sure … will it make us secure?...

Read more »

3 Resolutions to Turn GRC Failure Into IRM Success

by John Wheeler  |  January 3, 2018

As we begin the new year, many of our clients are searching for ways to turn their failures with Governance, Risk and Compliance (GRC) technology into successful Integrated Risk Management...

Read more »

My Top 7 Popular Gartner Blog Posts for December 2017

by Anton Chuvakin  |  January 2, 2018

Most popular blog posts from my Gartner blog during the past month are: SIEM Use Cases – And Other Security Monitoring Use Cases Too! (security monitoring research) Important: How to...

Read more »

New Research: Starting Your Detection and Response Capability

by Anton Chuvakin  |  December 28, 2017

Please don’t laugh, but alongside our “Testing Security” research project (that will likely skew towards the high-maturity security audiences) we are also doing a new research project for mainstream organizations...

Read more »

All My Research Published in 2017

by Anton Chuvakin  |  December 28, 2017

To make it easy for the readers to find my research, here is the list of everything I published in 2017 [most co-authored with Augusto Barros]. Gartner GTP access is...

Read more »

On Demand | Securing IoT An Architectural and Risk-Driven Approach

by Erik Heidt  |  December 27, 2017

Thanks to everyone who participated the Webinar. "Securing the Internet of Things: An Architectural and Risk-Driven Approach" is now available on-demand, here is the link. Security is a top concern and...

Read more »

New Research: How to Actually Test Security?

by Anton Chuvakin  |  December 26, 2017

As I alluded here, we [Augusto and me] will be starting an epic new research project on testing security [BTW, should we codename it “Testing Security”, Augusto? :-)] First, a...

Read more »

Threat Simulation Call to Action for 2018

by Anton Chuvakin  |  December 20, 2017

As our SOAR research project is nearing completion, a reasonable question of “what other esoteric stuff deployed only by the top 1% we can research next?” “what other usable insight...

Read more »

Gartner Shares Findings from North Pole Inc. Data and Analytics Assessment

by Doug Laney  |  December 17, 2017

Going into the 2017 holiday season, North Pole Inc. (ticker: XMAS), the leading global distributor of presents to good girls and boys, called upon Gartner to assess and advise on...

Read more »

MSSP is/and/or/vs MDR?

by Anton Chuvakin  |  December 14, 2017

So, we are wrapping up our research on the effective use of managed services for security and that debate of MSSP vs MDR came up … again! Gartner defined MDRs...

Read more »