By using this site, you agree to the IDC Privacy Policy

Pete Lindstrom

Vice President of Research, Enterprise / NextGen Security

Pete Lindstrom is Vice-President of security research with IDC's IT Executive Program (IEP). He has extensive and broad expertise with a variety of information security products, but is best known as an authority on cybersecurity economics issues such as strategic security metrics, estimating risk and return, and measuring security programs. He has also focused on applying core risk management principles to new technologies, architectures, and systems, focusing on the use of virtualization, cloud security, and big data. He has developed the "Four Disciplines of Security Management" (a security operations model), and the "5 Immutable Laws of Virtualization Security," which was integrated into guidance from the PCI Council.

Prior to joining IDC in 2014, Pete accumulated 25 years of industry experience as an IT auditor, IT security practitioner, and industry analyst. He is a frequent contributor to business and trade publications and is often quoted in USA Today, WSJ Online, Information Security Magazine, VAR Business,, and CSO Magazine. His columns and articles have appeared in Information Security Magazine,, ISSA Journal, and CSO Online. Additionally, Mr. Lindstrom is a popular speaker at the RSA Security Conference, InfoSec World, ISSA International Conference, and many regional conferences.

Pete served as an officer in the U.S. Marine Corps and received a bachelor's degree in Business Administration (Finance) from the University of Notre Dame.

Dave DeWalt's departure as CEO of FireEye is indicative of the challenges being felt by senior executives and product managers at established vendors throughout the security industry. FireEye must continue its shift away from stodgy applian...
This IDC study provides guidelines for the adoption of the GDPR for all organizations to help them define a compliant information management strategy, including the data governance mechanisms and the desired technology architecture that can...
This IDC Perspective sheds light on how to take a practical, risk-based approach to risk mitigation. Worms and malware are not going anywhere. Any new outbreak or rash of incidents should not affect your security program. WannaCry...
More results