Neil MacDonald

Neil MacDonald

Vice President and Distinguished Analyst

Neil MacDonald is a Vice President, Distinguished Analyst and Gartner Fellow Emeritus in Gartner Research, based in Stamford, Connecticut. Mr. MacDonald is a member of Gartner’s information security, privacy and risk research team, focusing on securing next-generation virtualized and cloud-based computing environments from advanced attacks. Specific research areas include endpoint detection and response, virtualization security, protection of hybrid cloud server workloads, cloud access security brokers and protection from advanced targeted attacks using adaptive security architectures.

Mr. MacDonald joined Gartner in 1995 as an Analyst on Gartner’s local area networking research team, where he focused on network computing infrastructure, including identity and access management, directory services and networked operating system security. This later evolved into Gartner’s identity and access management research area.

From 2001 through 2003, Mr. MacDonald led Gartner’s worldwide team of industry-focused analysts, extending Gartner’s research relevancy outside of the IT department to business executives wanting to use IT to better run their business. When this research team was folded back into the main research organization in 2004, Mr. MacDonald rejoined the information security research team.

Prior to joining Gartner, Mr. MacDonald worked for an information management organization in IT operations, where he was a network specialist responsible for the planning, deployment, security and support of a 9,500-node multiprotocol and multiserver LAN/WAN system.

Years of Experience:

  • 22 years in total with Gartner
  • 33 years in IT industry
  • 15 years in Energy & Utilities industry

Top 5 Issues I Help Clients Address:

  • Securing next-generation virtualized data centers and workloads
  • Securing cloud-based infrastructure-as-a-service deployments
  • Successfully removing administrative rights from Windows users
  • Securing cloud services access using cloud access security brokers (CASB)
  • Endpoint protection strategies focusing on detection and response (EDR)

Roles That Need My Research:

  • Chief Information Security Officer
  • Chief Compliance Officer
  • Information Security Architect
  • Security Operations Manager
  • Desktop and Server Security Manager
  • Virtualization Manager

Top Key Initiatives I Cover:

  • Cloud Security
  • Endpoint and Mobile Security
  • Infrastructure Agility
  • Application and Data Security
  • Network and Gateway Security

Common Inquiries I Address:

  • What are the best practices to secure workloads in public cloud IaaS?
  • How can I successfully remove administrative rights from Windows end users?
  • How to evaluate the multiple CASB offerings on the market?
  • What are the best practices for the successful deployment of a CASB?
  • How can I avoid weakening security as I virtualize my data center?
  • What strategy should I employ to best protect from advanced threats?
  • Which are the leading vendors for application control/whitelisting, and how can I deploy this successfully?
  • How can I seamlessly integrate security testing into DevOps style workflows?
Monday, December 4, 2017 / 3:00 PM - 3:45 PM

Security Considerations and Best Practices for Securing Containers

Linux (and Windows) OS containers are not inherently unsecure, but are being deployed unsecurely, driven by developers and a need for agility in service development and deployment. Security and risk management leaders must address container security issues around vulnerabilities, visibility, compromise and compliance. This session will provide specific best practices for secure container deployments.

Monday, December 4, 2017 / 5:00 PM - 6:00 PM

Roundtable: Cloud Security Best Practices

This roundtable will allow participants to share best practices and experiences when securing workloads and data in cloud-based services including IaaS and SaaS. Depending on roundtable preferences, the discussion will explore the role of CASBs and other security providers in securing cloud-based workloads.

Tuesday, December 5, 2017 / 11:30 AM - 12:00 PM

Securing Workloads and Information in Amazon Web Services

Most people think of Amazon Web Services (AWS) as compute and stored, but AWS is now a collection of more than 80 different services for cloud-based IaaS workloads and information. This session will discuss the specific best practices for securing workloads and information in AWS, covering compliance, encryption, key management, network security, monitoring and host-based controls.

Wednesday, December 6, 2017 / 10:15 AM - 11:00 AM

Town Hall: Software-Defined — Hype or Hope?

This town hall will cover all aspects of software-defined, ranging from networking, storage, security and more. Attendees can ask a panel of analysts direct questions, or learn from questions posed by peers.

Wednesday, December 6, 2017 / 3:45 PM - 4:15 PM

Town Hall: Cloud

This session will provide the audience an opportunity to ask cloud-related questions to a panel of Gartner analysts.

This town hall will cover all aspects of the cloud, including IaaS, PaaS, SaaS, and more. Attendees can ask a panel of analysts direct questions, or learn from questions posed by peers.

Wednesday, December 6, 2017 / 5:30 PM - 6:00 PM

DevSecOps: Seamlessly Integrating Security Into DevOps

Traditional security approaches won't work well with DevOps-style workflows, yet organizations are tasked with the security and compliance of the applications and services that are delivered from these rapid development processes. This short presentation will outline specific best practices to integrate security into DevOps, delivering DevSecOps, without breaking the collaborative nature of DevOps.

Meet the analysts face to face.