Gartner Expert

Eric Ahlm

Sr Director Analyst

In 2023, Mr. Ahlm joined the Gartner for ITL (IT leaders) team covering security operations. In this role, Mr. Ahlm continues his coverage around security operations centers (SOCs) that he has done in years prior on Gartner's GTP (Gartner for technical professionals) team.

Mr. Ahlm brings a broad prospective to the security operations domain. He understands market players and trends, buyer considerations, as well as architectural and operational challenges. As such, Mr. Ahlm is comfortable speaking with Security executives, investors, vendor partners, as well as architectural teams.

With in security operations, Mr. Ahlm specializes in how to build and operate a SOC, selecting a service provider, SIEM usage including best practice and product selection, the innovative edge of detection stacks such as XDR, incident response, and automation.

Top customer challenges Mr. Ahlm helps clients with include expanding threat detection, managing alert fatigue, building automation strategies, developing SOC metrics, selecting best use of security services, increasing SOC performance/maturity.

Outside of these core areas of research, Mr. Ahlm follows major trends that have an impact on security operations, such as data science in general, ChatGPT, MITRE ATT&CK, future of soc, advanced automation, micro-services for secops.

Previous experience

Prior to his role in ITL Eric worked as a researcher director in TS&P team for 8 years, and the GTP team for 3 years. His past research topics included security operations, or generally threat detection and response technologies.

Professional background

Cisco Systems

Security Specialist


Director of Emerging Technologies


Security Partner Channel Manager

Areas of coverage

Security Operations


Bachelor of Science, Electrical Engineering Technologies (BSEET), 1998

Read More Read Less

Top Issues That I Help Clients Address

1how to build a security operations center

2how to make a security operations center scale and perform

3how to use automation for security operations

4how to build an incident response plan for cyber security

5how to architect and use a SIEM for best results in various environments