Gartner Blog Network

Jay Heiser
Research VP
6 years at Gartner
24 years IT industry

Jay Heiser is a research vice president specializing in the areas of SaaS and public cloud risk and control. Current research areas include SaaS governance, cloud provider transparency and digital business risks.Read Full Bio

Open Shares in the Trenches

by Jay Heiser  |  January 4, 2019

Today’s open sharing of sensitive files from the public cloud parallels an information warfare problem from 1916. It should remind us that security always takes a back seat when there’s an urgent need to share data, and that there is nothing new about information war. The fatal addition of 20th century weaponry and logistics to […]

Read more »

10 Years of Cloud Security

by Jay Heiser  |  June 1, 2018

10 years ago this week, Gartner released Assessing the Security Risks of Cloud Computing  Although we had written several research notes in 2007 discussing SaaS security, the 2008 note co-authored by myself and Mark Nicolett was Gartner’s first research using the term ‘Cloud Security’. Unsurprisingly for a new domain, we had more to say about […]

Read more »

You Can’t Outrun the Security Bear

by Jay Heiser  |  October 5, 2017

The September 7 Equifax hack is a hugely emotional and hyped event that continues to generate congressional and media attention.  If there is any good news, its likely that the impact of this breach on the individual consumer is only incremental.  Most of this information had already ‘leaked’. After all, our names, addresses, and dates of […]

Read more »

A Sheep Shot

by Jay Heiser  |  April 1, 2017

My family often asks what I actually do at work.  This typical question from a Gartner Account Executive should clear that up: “I have a prospective client who needs to know what other Albanian sheepherders are doing with cud computing. The shear volume of Gartner material can be difficult to harvest, so I’d appreciate some help […]

Read more »

Are you trying to negotiate terms for a bag of hot dogs?

by Jay Heiser  |  September 27, 2016

Don’t try to spread traditional outsourcing practices over your cloud hot dog–it just won’t taste right. On a 1-to-1 basis, such as traditional outsourcing, you can negotiate any form of service or contractual provision that you want–if you are willing to pay for it. But the same doesn’t apply to one-to-many offerings. Cloud Service Providers are like sausage […]

Read more »

The Great Firewall of Brussels

by Jay Heiser  |  October 6, 2015

Visiting Beijing last week, I found a surprisingly modern and comfortable city, but I was frustrated that I couldn’t Facebook my experiences in real time, because the government blocks access to it. In a dramatic move on the other side of the globe, the Europe’s highest court has just set the stage for what in the […]

Read more »

Are your kids ready for the SaaS puppy?

by Jay Heiser  |  June 4, 2015

Letting the line of business get a SaaS application is like giving your kids a puppy for Christmas. Hopefully, the new pet will provide a maturing experience, in which your youngsters learn how to care for and manage something that requires constant and specific attention.  But all too often, the kids fail to clean up after the new dog, […]

Read more »

“The Interview” wasn’t so bad

by Jay Heiser  |  January 9, 2015

I put my money where my mouth was, and took my wife on a date last week. I’m sure that we were not the only people who saw The Interview out of a sense of duty.  We expected it to be a tedious and silly movie, but we also felt that paying to watch it, in a regular movie theater, […]

Read more »

Sony Sued For Losing Unprotectable Data

by Jay Heiser  |  December 18, 2014

The CISO asked to protect names and SSNs has been handed a sysyphean task that can never be successful.

Read more »

Sympathy for the Sony

by Jay Heiser  |  December 12, 2014

Getting attacked by the North Koreans for making a movie that spoofs their sad little country and its tinpot dictator makes Sony the most sympathetic attack victim of the millennium.

Read more »