Neil MacDonald is a Vice President, Distinguished Analyst and Gartner Fellow Emeritus in Gartner Research, based in Stamford, Connecticut. Mr. MacDonald is a member of Gartner's information security, privacy and risk research team, focusing on securing hybrid multi-cloud and edge-based computing environments. Specific research areas include container/serverless security, protection of cloud workloads and applications, cloud security posture management and protection from advanced and targeted attacks with zero trust, adaptive security architectures based on a continuous adaptive risk and trust assessment (CARTA) strategic approach. His most recent research area explores the convergence of network and network security as a service into a cloud-based secure access service edge (SASE), enabling zero trust, anywhere/anytime access for a digital business and workforce.
Mr. MacDonald joined Gartner in 1995 as an Analyst on Gartner's local area networking research team, where he focused on network computing infrastructure, including identity and access management, directory services and networked operating system security. This later evolved into Gartner's identity and access management research area.
From 2001 through 2003, he led Gartner's worldwide team of industry-focused analysts, extending Gartner's research relevancy outside of the IT department to business executives wanting to use IT to better run their business. When this research team was folded back into the main research organization in 2004, he rejoined the information security research team.
Prior to joining Gartner, he worked for an information management organization in IT operations, where he was a network specialist responsible for the planning, deployment, security and support of a 9,500-node multiprotocol and multiserver LAN/WAN system.
NextEra Energy (was Florida Power and Light)
Texas Power and Light
Transmission and SCADA Control Engineering
Security of Applications and Data
B.S., with distinction, Electrical Engineering, University of Kansas
M.B.A., Florida International University
1Securing next-generation virtualized data centers and server workloads, including containers
2Securing cloud-based infrastructure-as-a-service deployments
3Strategies for securing containers and serverless, including scanning in development.
4Using the convergence of network aand network security as a service into the secure access service edge (SASE) to reduce complexity and improve secure access for digital businesses.
5Security architecture and controls evolution using continuous adaptive risk and trust (CARTA)