Richard Stiennon, Chief Research Analyst at IT-Harvest
Richard Stiennon, Chief Research Analyst at IT-Harvest
Guru

Richard Stiennon

Chief Research Analyst · IT-Harvest
  • IT-Harvest
  • United States
  • Joined 2022
20 Followers
0 Following
Message

About

Richard Stiennon is Chief Research Analyst for IT-Harvest, the firm he founded in 2005 to cover the 4,070+ vendors that make up the IT security industry. He has presented on the topic of cybersecurity in 32 countries on six continents. He was a lecturer at Charles Sturt University in Australia. He is the author of Surviving Cyberwar (Government Institutes, 2010) and Washington Post Best Seller, There Will Be Cyberwar. His research appears on Substack. Stiennon was Chief Strategy Officer for Blancco Technology Group, the Chief Marketing Officer for Fortinet, Inc. and VP Threat Research at Webroot Software. Prior to that he was VP Research at Gartner. He has a B.S. in Aerospace Engineering from the University of Michigan, and his MA in War in the Modern World from King’s College, London. His latest book Security Yearbook 2025 was published by Wiley in April, 2025.

Areas of Expertise

Published content

Read Beyond the Firewall: Why Executive Risk Is Reshaping Cyber Strategy
In the recent conversation on The Security Strategist podcast, cybersecurity expert Dr Chris Pierson, also the Founder and CEO of BlackCloak, joined host Richard Stiennon, Chief Research Analyst at IT-Harvest to talk about critical vulnerabilities in an enterprise and digital executive protection
Infrastructure Management Security
Beyond the Firewall: Why Executive Risk Is Reshaping Cyber Strategy
22 min
Read Why Do Most Cyber Breaches Stem from System Failures, Not Human Error?
On **The Security Strategist** podcast, Ostra Security Founder Michael Kennedy tells Richard Stiennon why breaches are system failures, not human error. Learn outcome-based security metrics for CISOs.
Security
Why Do Most Cyber Breaches Stem from System Failures, Not Human Error?
15 min
Read Are Security Teams Wasting Resources on 99% of Vulnerabilities That Don’t Matter?
Zafran CISO Nathan Rollings on The Security Strategist: Discover how Agentic AI and contextual exposure management are replacing CVSS to focus on the 1 in 50k vulnerabilities that truly matter.
In The News Security
Are Security Teams Wasting Resources on 99% of Vulnerabilities That Don’t Matter?
18 min
Read Unmasking the Invisible Threat: Defend Your APIs Before Attackers Do
Attackers log in, they don't break in. Chip Witt and Richard Stiennon reveal why traditional API security fails and how intent-aware runtime protection is essential to stop business logic abuse.
Infrastructure Management Security
Unmasking the Invisible Threat: Defend Your APIs Before Attackers Do
11 min