Gartner Expert

David Anthony Mahdi

Sr Director Analyst

David Mahdi is a Research Director in IT Leaders Systems, Security and Risk at Gartner, focusing on identity and access management, authentication, and data security. Mr. Mahdi's area of expertise includes public-key infrastructure (PKI), certificate management, IAM, blockchain security, decentralized identity, BYOI, IoT, and data security.

Previous experience

Mr. Mahdi has worked in IT and the IT security industry for more than 15 years. Prior to joining Gartner, he worked at SecureKey, where he focused on digital identity ecosystems, device-based authentication and IoT security. Mr. Mahdi has extensive experience working with industry-leading enterprises, financial institutions and government agencies, on varying topics specific to identity and security. In working with these organizations, Mr. Mahdi worked extensively on innovative initiatives, such as the INTERPOL travel document and the Government of Canada's federated identity and authentication program.

He has played critical roles in shaping product and corporate strategy in the areas of mobile, cloud, authentication, identity and access management (IAM), fraud and malware detection. With roles spanning IT, engineering, business development, product management and marketing, Mr. Mahdi has had a unique multifaceted experience across the business. As an information technology professional, he has covered the areas of IAM, PKI, mobile device security, cloud security, smart cards for physical/logical access, fraud detection, encryption and network security.

Professional background


Director of Product Management and Marketing

Entrust Datacard

Senior Manager, Product Marketing


Security Specialist, Integration Engineer, and Business Development

Areas of coverage

Security of Applications and Data

Identity and Access Management and Fraud Detection


B.Eng., Electrical Engineering, Carleton University

Read More Read Less

Top Issues That I Help Clients Address

1Identity assurance (identity proofing, user authentication and trust elevation) strategy and planning

2X.509 certificate management, and SSL

3Hosted or on-premises PKI technology, planning, strategy and IoT (Internet of Things)

4Blockchain as it pertains to Identity and access management, and data security

5General identity and access management and data security - planning, technologies and strategy