Gartner Blog Network

Erik T. Heidt
IoT Agenda Manager, Research VP
5 years at Gartner
26 years IT Industry

Erik Heidt is the IoT Research Agenda Manager for Gartner for Technical Professionals (GTP). Mr. Heidt covers Internet of Things (IoT) architecture, strategy and execution as well as security and risk management within the IoT context. Mr. Heidt focuses on developing and delivering research related to the architecture, development and operation of IoT for both users and suppliers. Mr. Heidt has more than 26 years of industry experience, with a significant focus on information security and risk management. Read Full Bio

Just Published | Planning for IoT Governance and Management

by Erik T. Heidt  |  November 29, 2016

Michael Disabato has just published “Planning for IoT Governance and Management” (members only content) which explores technology, process and organizational considerations raised by the Internet of Things. Here are some highlights from the research: “The IoT can enter an organization through formal processes either organically or as part of a shadow IoT effort. Organizations should […]

Read more »

Internet of Things Cloud Platform Research

by Erik T. Heidt  |  October 26, 2016

  GTP is kicking off the next phase of our research on Internet of Things Cloud Platforms. The specific format, timing and scope for final publications has not been determined, but we plan to begin publishing Q1 of 2017. Do you have a current IoT Cloud Platform? Consider participating in this research by setting up a briefing. […]

Read more »

10 Catalyst Presentations, 9 Reports and Now… The 2017 IoT Planning Guide !!

by Erik T. Heidt  |  October 14, 2016

“2017 Planning Guide for the Internet of Things” published yesterday. The first Planning Guide to have a 100% IoT focus and summarizing our analysis and insights into this technology. This is the seventh in-depth IoT research report GTP has published this year – and there are still 78 days to go! (Yep, there is more to […]

Read more »

Webinar “When Encryption Won’t Work: Implementing Practical Information Protection”

by Erik T. Heidt  |  July 21, 2014

Enterprise data breaches are occurring all-too-often. Many enterprises have overestimating or misunderstood the protection provided by current, or planned, encryption deployments. This presentation focuses on the attacks that are resulting in expensive and embarrassing data disclosures, and provide prioritized actions for you to consider for addressing these threats.  Portable media and data outside the data […]

Read more »

Trusting SaaS With Your Data, eh?

by Erik T. Heidt  |  June 19, 2014

Two significant SaaS data loss events is short order… May 6th,, a SaaS solution for qualitative research announced a major data loss event and today (June 19) announced that they are down,  have lost significant amounts of client data, and may be out of business. What should current or prospective SaaS users learn from this […]

Read more »

Attending Gartner Security & Risk Management Summit 2014 Next Week ?

by Erik T. Heidt  |  June 18, 2014

I am speaking at the Gartner Security & Risk Management Summit next week and there are a few talks that I believe will be of particular interests to folks who follow my blog. But first… Please be aware that I am now also using Twitter as @CyberHeidt — my schedule next week is very booked, […]

Read more »

Heartbleed Exploit in OpenSSL – How Should You Respond?

by Erik T. Heidt  |  April 9, 2014

What is the fault? It has been discovered that a coding error in OpenSSL enables attackers to examine memory on remote servers, or devices. Specificly: “A missing bounds check in the handling of the TLS heartbeat extension can be used to reveal … memory to a connected client or server.” – For those of you […]

Read more »

CERT IT Risk Podcast

by Erik T. Heidt  |  March 26, 2014

Julia Allen invited Ben Tomhave and I to collaborate with her on a podcast for CERT “Comparing IT Risk Assessment and Analysis Methods” (link).  (Note, there is a full transcript available for folks who prefer to read their podcasts.) The podcast includes a summary of recent research that Ben, Anne E. Robbins, and I published […]

Read more »

Wizard Lays Waste to Acme Data Analytics with Chef Spell…

by Erik T. Heidt  |  March 10, 2014

As reported today on the front page of Cloud Wizard’s Journal: Easy come, easy go. The same Cloud Wizard that created Acme Data Analytics cloud based data services, the differentiator that has enabled their dominance, their literal Midas Touch in every market they have entered… Undid it all when she cast a angry curse, scripted […]

Read more »

New Self-Audit Toolkit

by Erik T. Heidt  |  September 25, 2013

In “Achieving IT GRC Success“, Gartner recommended that enterprises consider six core activities in the Execution phase of the IT GRC practice. These included: Risk Assessment KRI Measurement and Management Ad Hoc Risk Decision Support Compliance Management Audit Support Policy Management There are many aspects of Audit Support that are discussed in the document, and […]

Read more »