Toby Bussa covers security operations within Security and Risk Management for IT Leaders. His coverage areas focus on people, processes, technology and services to support security operations. Topics covered include managed security, managed detection and response, and incident response services; SIEM and SOAR technologies; security operations centers (SOCs); penetration testing; and vulnerability management. Mr. Bussa is also the Key Initiative Lead for security operations responsible for the delivery of the research pipeline.
Mr. Bussa joined Gartner from GlaxoSmithKline, where he worked for more than 14 years in the infrastructure security team. Most recently, he held leadership roles addressing information protection, and security strategy and architecture for security monitoring, advanced threat defense, data protection, identity and access management, and global network services.
Director, Strategy and Architecture
Director, Information Protection Management
Manager, MSS Security Analysis EMEA
Midsize Enterprise IT Leadership
M.S., Mineral Economics, Penn State University
B.A., Environmental Management, University of Pennsylvania
1How do I implement or improve security operations in my organization, and what is the best approach?
2Evaluating, selecting, implementing and operating security monitoring technologies (SIEM, orchestration and automation, log management, big data platforms)
3Evaluating, selecting, implementing and interfacing with managed security services (MSSP) and managed detection and response (MDR) services
4How do I build or obtain a security operations center (SOC) covering people, processes, and tools.
5Best practices for threat and vulnerability management services (incident response, vulnerability assessment, pen testing, red teaming))