Gartner Blog Network

John Collins
Sr Director Analyst I
1 year at Gartner
15 years IT Industry

John Henry Collins is a Sr Director Analyst. His work focuses on MSSP, MDR, SOC Operations and Threat Intelligence.Mr. Collins created and ran client beta testing for first security SaaS application at employer. He also built and led first-ever specialist security SaaS SE team at MSSP company.Mr. Collins overhauled security operation center for DHS component organization. He has also worked as incident response and on-premises security consultant, intrusion detection analyst, blue Team vulnerability tester, signals intelligence collector and advanced signals analyst.Read Full Bio

Weird Hunting Analogy and Machines vs Humans

by John Collins  |  July 30, 2020

The more people I talk with about threat hunting, the more I realize everyone has their own opinion and interpretation of what it is. Unfortunately, I believe some entities misrepresent what it is to fit their agenda which matches a lot of human behavior throughout history, but I digress. There are calls within the security […]

Read more »

Remote SecOps

by John Collins  |  March 24, 2020

The current threat landscape has pushed us as a society to a place WAY outside our comfort zone. I’m not talking just about the cyber security threat landscape. It’s March 2020 and everyone knows what is going on outside our digital bubble. Organizations have been forced into work arrangements many managers don’t feel comfortable with […]

Read more »

Giving a SOC Direction with a Target Operating Model

by John Collins  |  February 4, 2020

My first research note at Gartner focused on SOC target operating model, or SOCTOM.  Create an SOC Target Operating Model to Drive Success provides high level guidance to security and risk management (SRM) leaders. It drives the importance of understanding the current operating model (COM) and defining where they want to be with a target operating model […]

Read more »