Gartner Expert

Steve Riley

Sr Director Analyst

Steve Riley researches and writes about various aspects of public cloud security. Mr. Riley researches how to design and deploy secure workloads in public infrastructure-as-a-service (IaaS) clouds and how best to secure the use of software-as-a-service (SaaS) offerings. He tracks the security and compliance capabilities of cloud service providers and monitors the threat and vulnerability landscape present in public cloud services. Related areas of research include cloud security access brokers (CASB), zero-trust network access (ZTNA), cloud data loss prevention (DLP), and container security in run-time.

Previous experience

Before joining Gartner, Mr. Riley participated in a variety of security projects. He worked with a team to create an incident response process and to establish a culture of security. He was part of a group that managed worldwide forums for chief security officers and security architects, seeking customer feedback and incorporating it into security-related product design. Throughout his career, at numerous events on six continents he has delivered hundreds of presentations, many of which covered various aspects of cloud security and compliance.

Professional background

Riverbed Technology

Technical Director/Deputy CTO

Amazon Web Services

Sr. Technical Program Manager


Sr. Security Strategist

Areas of coverage

Security of Applications and Data

Cloud and Edge Infrastructure

Infrastructure Security


B.Sc., Computer and Information Engineering, The Ohio State University

Read More Read Less

Top Issues That I Help Clients Address

1How can we improve the security of cloud office?

2How do we select and manage cloud access security brokers?

3How can we govern the use of SaaS?

4How can we ensure that IaaS is being applied securely?

5How can we secure and govern the IaaS control plane?