Gartner Expert

Paul E. Proctor

Distinguished VP Analyst

Paul Proctor is a VP and Distinguished Analyst, and former Chief of Research for Risk and Security at Gartner. He leads CIO research for technology risk, cybersecurity and digital business measurement. Mr. Proctor advises CIOs, executives and boards to manage risk and balance the needs to protect with the needs to run their business. Mr. Proctor's coverage includes board reporting, outcome-driven metrics, risk management, the Gartner business value model, and digital business transformation. His groundbreaking research in risk, value, and cost management helps organizations prioritize and invest in the readiness of technology to support their business and mission outcomes. In 2016, he was appointed to the University of California Cyber Risk Advisory Board by former Secretary of Homeland Security and UC President, Janet Napolitano.

Previous experience

Mr. Proctor has been involved in various aspects of risk management and the business value of IT since 1985. He was the founder and CTO of two technology companies and developed first and second-generation host-based intrusion-detection technologies. He is a recognized expert in the fields of risk management, information security, and associated regulatory compliance issues. He has authored two books published by Prentice Hall. He was recognized for his expertise by being appointed to the original Telecommunications Infrastructure Protection working group used by Congress to understand critical infrastructure protection issues prior to the terrorist attack of 11th September. Previously, he worked for SAIC, Centrax, CyberSafe, Network Flight Recorder, and Practical Security.

Professional background

SAIC

Engineering Manager

Centrax

Founder and Chief Technology Officer

CyberSafe

Chief Technology Officer

Areas of coverage

Security and Risk Management Leaders

Gartner Research Board for Global CIOs

IT Cost Optimization, Finance, Risk and Value

Executive Leadership: Digital Business

Executive Leadership: Strategic Risk Management

Education

B.S., Mathematics/Computer Science, University of Illinois

Read More Read Less

Top Issues That I Help Clients Address

1CIOs managing risk and security to match business need

2Developing outcome-driven metrics to manage risk, value, and cost

3Linking risk management to corporate performance

4Measuring digital business transformation through KPIs

5Board-level reporting for security and risk

Latest blog posts

NO! Organizations Should NOT Bake Ransomware Payments Into Their Business Models

May 14 2021

Read Now

Sony Pictures Hack: Advice-apalooza

January 04 2015

Read Now

People-Centric Security Can Help Limit Sony-esque Damage

January 03 2015

Read Now

Stop Picking on Sony Security over North Korea Hack

December 09 2014

Read Now

Is the Internet Already Secure Enough?

October 02 2014

Read Now

Gartner GRC Reset: And the Vendors are…

September 08 2014

Read Now

An Update on the Gartner GRC Reset

July 01 2014

Read Now

Digital Business Forever Changes How Risk and Security Deliver Value

June 02 2014

Read Now

Security and Privacy Remain Doomed with the Rise of Digital Business

February 20 2014

Read Now

Information Security Headlines are Misleading

February 11 2014

Read Now

Think Sochi is a Cyber-War Zone? Try Your Local Library.

February 06 2014

Read Now

Gartner Resets Approach to GRC

February 03 2014

Read Now

View
  • 1
of 1

Latest research and insights

Research

Summary Translation: Use Digital-Outcome-Driven Metrics to Quantify the Business Value of Technology Investments

Learn More

Research

CIOs Need to Rebalance Accountability for Cybersecurity With Business Leaders

Learn More

Purchase Research

Use Digital-Outcome-Driven Metrics to Quantify the Business Value of Technology Investments

Buy Now