Gartner Expert

Toby Bussa

VP Analyst

Toby Bussa covers security operations within Security and Risk Management for IT Leaders. His coverage areas focus on people, processes, technology and services to support security operations. Topics covered include managed security, managed detection and response, and incident response services; SIEM and SOAR technologies; security operations centers (SOCs); penetration testing services and solutions. Mr. Bussa is also the Key Initiative Lead for security operations responsible for the delivery of the research pipeline.

Previous experience

Mr. Bussa joined Gartner from GlaxoSmithKline, where he worked for more than 14 years in the infrastructure security team. Most recently, he held leadership roles addressing information protection, and security strategy and architecture for security monitoring, advanced threat defense, data protection, identity and access management, and global network services.

Professional background


Director, Strategy and Architecture


Director, Information Protection Management


Manager, MSS Security Analysis EMEA

Areas of coverage

Midsize Enterprise IT Leadership

Security Operations


M.S., Mineral Economics, Penn State University

B.A., Environmental Management, University of Pennsylvania

Read More Read Less

Top Issues That I Help Clients Address

1How do I implement or improve security operations in my organization, and what is the best approach?

2Evaluating, selecting, implementing and operating security monitoring technologies (SIEM, orchestration and automation, log management, big data platforms)

3Evaluating, selecting, implementing and interfacing with managed security services (MSSP) and managed detection and response (MDR) services

4How do I build or obtain a security operations center (SOC) covering people, processes, and tools.

5Best practices for threat and vulnerability management services (incident response, vulnerability assessment, pen testing, red teaming))