Gartner Blog Network

Dan Blum
Research VP
19 years at Gartner
33 years IT industry

Dan Blum, a VP and distinguished analyst, covers security architecture, cloud-computing security, endpoint security, cybercrime/threat landscape, and other security technologies. Mr. Blum has written hundreds of research… Read Full Bio

Building Cloud Immune Systems with Security Services – February 12 webinar

by Dan Blum  |  January 25, 2013

This is the link to my upcoming webinar on February 12  Building Cloud Immune Systems with Security Services Abstract: Cyber-attacks, malware, and data leakage constantly threaten IT. Cloud-based security services are key to the future of defense, but providers must continually improve just to run in place. Discussion topics ·         What is the outlook for […]

Read more »

Playing chess with APTs

by Dan Blum  |  December 28, 2012

During a briefing from the top security analyst at one of the Washington-area cyber centers, I got the idea that resisting targeted attacks from sophisticated adversaries (so-called advanced persistent threats, or APTs) is a bit like playing chess at the grand master level. Security efforts disproportionately emphasize endpoint anti-malware. But users, desktops and devices are […]

Read more »

How to control appropriate use of the web in modern work environments

by Dan Blum  |  November 30, 2012

In general, organizations are finding a need to strike a balance between restricting employees’ use of the Internet (for reasons of security, liability or productivity) and allowing such use in order to create a more agreeable work environment. I wrote about this in my report “Assessing Secure Web Gateway Technologies”, saying:  ” With all the […]

Read more »

Nowhere Man

by Dan Blum  |  October 1, 2012

Nowhere Man is not referring to the frequency of posts on this blog recently :-), nor to the Beatles song. I’m recalling a 1990s TV series about a journalist whose life was erased. Imagine (if it happened today) finding none of your credit cards or id cards work, your email’s locked out, your Facebook’s erased and […]

Read more »

For Those in Glass Houses

by Dan Blum  |  August 1, 2012

Picture yourself in a large control room watching some computer monitors with centrifuge displays when suddenly loud AC/DC music blares through the room. “Thunderstruck.” You have to watch the video or listen to a cover of the song on Spotify to imagine what it may have been like there in Iran – “Seriously,” you may ask, “What […]

Read more »

Collective Defense or Collective Dissent?

by Dan Blum  |  April 16, 2012

In a recent “botnet bruhaha” post Brian Krebs found that Microsoft stirred up a hornet’s nest when it moved aggressively through a civil law procedure (rather than the more cumbersome criminal law system) to shut down some Zeus and SpyEye botnets. Microsoft’s side of this is that the company is working to the degrade the […]

Read more »

Are we Wildebeests or Are we Lemmings?

by Dan Blum  |  March 29, 2012

Last week I was closeted in our Cloud Adoption Contextual Research findings consolidation meeting. We were researching cloud adoption by the early adopters. We found a great variety of patterns, in some cases anti-patterns; nterprises are all over the map on risk management, for example. Perhaps this is only what one should expect from the cloud […]

Read more »

We’re Right, We’re Free, We’ll Fight, You’ll See

by Dan Blum  |  February 29, 2012

Only in San Francisco would Art Coviello end a keynote address to a security audience with those lyrics, which he called “the immortal words of Twisted Sister.” But the feeling of inspiration soon changed into questioning: Amidst information security’s gathering storm, how do we “fight” but still be “right” and “free”? I found this question […]

Read more »

Proposing an International Cyberweapons Control Protocol

by Dan Blum  |  February 20, 2012

Stuxnet. Duku. DigiNotar. Commodo.  The names of exploits and breached organizations reel past like dark clouds of a gathering storm. Cybersecurity programs spread ominously around the world. I’ve seen the importance of international cyberweapons control for some time and wondered why more people weren’t talking about it. But recently, a new voice from the other […]

Read more »

The end of confidentiality?

by Dan Blum  |  February 2, 2012

Every day it seems that we have less control in the world of information security. Shadow IT rules some enterprises. Applications move to the cloud, IT’s buildings empty out, security staff are reduced to skeleton staff. While a regulatory tide rises across the world in a tower of Babel, employees and contractors in the enterprise […]

Read more »