Gartner Blog Network

Earl Perkins
Research VP
5 years at Gartner
32 years IT industry

Earl Perkins is a research vice president in the Security and Privacy team at Gartner. His focus areas include identity and access management (IAM), including user provisioning, role life cycle management… Read Full Bio

Myths of Risk and Cybersecurity Management

by Earl Perkins  |  October 19, 2018

I have been researching and thinking about risk and cybersecurity management concepts for the last year or so, and I wanted to share with you some initial conclusions I’ve reached about them. I will call them “myths”, though some may not entirely agree. Of course, there is always a bit of truth even in myths– […]

Read more »

The Death of IoT Security As You Know It

by Earl Perkins  |  December 7, 2017

There is a topic that I wanted to share with you that we at Gartner have delivered research on during 2017. We have been developing research on the topic for some time now and I thought as the year draws to a close it might be a good time to share our findings. IoT security […]

Read more »

The Latest U.S. DDoS Attack: Sorry, But I Don’t Feel Sorry For Us

by Earl Perkins  |  October 24, 2016

The recent distributed denial-of-service attacks on various U.S. and world networks leveraging compromised Internet of Things (IoT) devices have long been predicted, discussed and now analyzed over the past few days. There have been observations regarding the warnings expressed and advice on what should have been done and what could and should be done now. […]

Read more »

The New Digital Security Organization

by Earl Perkins  |  October 17, 2016

Information Technology isn’t what it used to be, is it? At one point we were focused on a relatively fixed set of infrastructure and software- mainframe computers, mid-range computers, servers, desktops and laptops with their accompanying software. Over time we also became very familiar with the implications of the tablet and mobile phone in IT […]

Read more »

It’s Time to Move on From “What is the Internet of Things” Discussion If You Want to Secure It

by Earl Perkins  |  October 12, 2016

Among Gartner clients we are now beginning to see IoT “definition fatigue” set in as the glitz and excitement surrounding the concept settles into the hard business light of day. The “discovery” of what a pervasive digital presence does to an industrial, commercial or consumer environment is now clothed in thousands of different examples that […]

Read more »

Threat Fatigue and the Failure of Cybersecurity

by Earl Perkins  |  October 7, 2016

There was a recent U.S. National Institute of Standards and Technology (NIST) study titled “Security Fatigue” that was released regarding people’s experiences with online security. Though it had what we would consider too small a sample size to have statistically significant results, we did agree with many of its findings regarding the cybersecurity attitudes of […]

Read more »

Webinar QA 2: Manage Risk & Security in the IoT

by Earl Perkins  |  July 8, 2016

As I stated in a recent blog, I completed a Gartner webinar that is now recorded– you can find this recording at if you are interested. At the end of that webinar I was able to answer some of the questions asked by attendees, but as in every case I wasn’t able to answer […]

Read more »

Webinar- Manage Risk & Security in the IoT

by Earl Perkins  |  July 6, 2016

On July 5, 2016 I gave a Gartner webinar entitled “Practical Steps to Manage Risk and Security in the Internet of Things” (This webinar can be viewed and listened to at if you are interested). At the end of the webinar, time is allotted to take questions from the listening audience. There always seem […]

Read more »

Existing Security Best-Practice Can Handle IoT Exposures?? Not Really

by Earl Perkins  |  April 8, 2016

A recent news article from both a well respected news source and vendor outlined their assurance that IoT security exposures could be taken care of with existing IT-centric security practices as long as they were implemented in a highly effective manner. I regret to say I must disagree. IoT security is a function of two […]

Read more »

What’s Next After the Internet of Things?

by Earl Perkins  |  February 1, 2016

A belated Happy New Year to everyone! I am not much for writing of the “Top 5” or “Top 10” Big Things that happened in 2015, so you didn’t hear much from me about last year. While I am a big fan of those who learn from history to avoid mistakes and bad choices for […]

Read more »