KuppingerCole Analysts

AI is becoming increasingly common and it appears to be unavoidable. However, is this really the case? Marina and Matthias have a conversation about the convergence of AI, machine learning, and cybersecurity. They highlight the importance of utilizing AI to protect our organizations, as attackers are also employing it. Marina explains the primary risks associated with AI in cybersecurity, such as automation mistakes, data security and privacy issues, and excessive dependence on AI. They also explore how defenders can safeguard their organizations from AI-generated threats and stress the significance of incorporating AI into a comprehensive cybersecurity strategy.

Martin Kuppinger was a virtual guest at SailPoint's SAILforward24 and was invited to have a chat with Matthew Mills about the industry and market, trends and his perspectives. Delve into the future of identity and access management (IAM) as Martin and Matthew discuss the profound impact of AI, decentralized identity, and the regulatory landscape. Gain insights into cybersecurity trends and learn how SailPoint addresses these challenges.

What a milestone! 200 episodes of the Analyst Chat. Matthias and Martin celebrate the journey of the three years of the podcast. Dive into the evolution of cybersecurity and identity management, industry impact, memorable moments, and key insights. From this episode, we will come back to a weekly schedule, so stay tuned for the episode next Monday.

Matthias invited Martin Kuppinger to dissect IAM orchestration and convergence in this episode. Explore their insights on these concepts within identity and access management, from antagonism to coexistence. Stay tuned for upcoming trends and predictions!

The upcoming EU regulation, NIS2, moves closer and organizations will need to act in order to close gaps. Anders Askåsen from Okta and Martin Kuppinger discuss the impact on critical infrastructure organizations and the implications for identity management, particularly in authentication. Learn more about the key considerations, reporting challenges, liability aspects, and the role of identity in meeting NIS2 requirements.

Join Matthias with Martin Kuppinger and Mike Neuenschwander in this special year-end episode. They reflect on the significant cybersecurity challenges of 2023. The conversation delves into persistent issues, innovations, and an outlook on trends for 2024 in the realms of cybersecurity and identity and access management.

Don’t miss this opportunity to join John Tolbert, Director of Cybersecurity Research and Lead Analyst at KuppingerCole Analysts, for this informative webinar to get an overview of ASM technologies and to find out how the ASM market is evolving, how these tools can be used by security teams, and how they can take your cyber defense capabilities to the next level to stay ahead of cyber attackers. He will also introduce KC Open Select, the new online tool from KuppingerCole that helps buyers choose the right IT solutions, and explain how this will help you in choosing the ASM solution that is a good fit for your organization. Attend this webinar to: Discover the latest trends in ASM technologies. Find out what key criteria for evaluating ASM solutions. Learn about KuppingerCole’s Leadership Compass research methodology. Get an introduction to the new KC Open Select tool. See how KC Open Select can help choose the right ASM solution for your organization.

Join Matthias in this special edition of the KuppingerCole Analyst Chat as he takes a look back at the inaugural cyberevolution cybersecurity conference in Frankfurt. The episode features participants and attendees, including Emilie Van der Lande and Steffen Nagel, as well as Christopher Schütze and Berthold Kerl from KuppingerCole. The discussion covers key moments, memorable talks, and insights gained during the event. The guests share their thoughts on the impact of AI, the Cyber Defense Matrix, and the challenges posed by deepfakes. The conversation also explores the need for diversity in discussions and the desire for more community-building aspects in future events.

Join KuppingerCole’s Lead Analyst Alexei Balaganski talking about the need for robust security strategies, the increasing complexity of API ecosystems, and the importance of holistic protection throughout an API's lifecycle. He will present the results of his recently published Leadership Compass on API Security and Management, covering over 40 vendors and their solutions. Alexei will also introduce KC Open Select, a new interactive tool from KuppingerCole that can help buyers compare security solutions and select the ones that fit their organizations’ security and compliance requirements.

In this episode, Matthias and Martin explore the evolving role of AIs in business processes. AIs are becoming significant actors, representing human identities in tools like chatbots and even functioning autonomously. Martin underscores the importance of traceability, access management, and the unique need for distinct AI identities - AIdentities.

Matthias is joined by cybersecurity expert Warwick Ashford to unravel the complexities surrounding Remote Desktop Protocol (RDP) security in the face of rising ransomware attacks. The discussion initiates with an overview of RDP's functionality and its indispensable role in modern businesses. They delve into the reasons behind RDP's susceptibility to cyber-attacks, accentuated by the remote work surge during the pandemic. The conversation takes a critical turn as it explores the precarious balance of remote accessibility and security, highlighting frequent oversights in RDP implementation. Warwick sheds light on the alarming trend of RDP credential sales on the dark web, outlining the severe repercussions for lax security measures. The dialogue then shifts to pragmatic strategies, emphasizing the non-negotiables in RDP security protocols that companies must adopt. Reinforcing the concept of Zero Trust, Warwick advocates for its integration to enhance RDP security frameworks. The episode concludes with a forward-looking perspective, contemplating the evolution of remote access technologies and preemptive measures businesses must consider to thwart emerging cyber threats.

Matthias Canisius von SentinelOne und Martin Kuppinger erkunden die Verschmelzung von XDR (Extended Detection and Response) und Identity Security. Erfahren Sie, warum diese Verbindung die Zukunft der Cybersecurity gestaltet und wie sie Angriffe in ihren frühesten Stadien vereiteln kann.

In part two of "Cybersecurity Fact or Fiction," our esteemed analysts, Matthias Reinwarth, Alexei Balaganski, Marina Iantorno, and Paul Fisher, continue their thrilling quest to distinguish between cybersecurity myths and realities. As they delve into more questions and statements, the suspense escalates, demonstrating that cybersecurity education can be both informative and exciting. Join us for another captivating conversation that will challenge your cybersecurity beliefs and provide valuable insights during Cybersecurity Awareness Month 2023.

In this episode, Marina discusses the intricacies of synthetic data, AI-generated datasets that mimic real data without revealing personal information. Marina and Matthias explore its significant role in cybersecurity, emphasizing its benefits in model training and realistic threat simulations. Marina points out how industries, especially healthcare, utilize synthetic data to meet privacy regulations. The conversation also covers the potential risks of generative AI, such as deep fakes. Companies like Zalando and OpenAI's application of synthetic data are highlighted.

To commemorate Cybersecurity Awareness Month 2023, Matthias Reinwarth, Alexei Balaganski, Marina Iantorno, and Paul Fisher came together to play "Cybersecurity Fact or Fiction". This captivating two-part endeavor serves as a valuable opportunity for individuals to refresh their understanding of security concepts. Throughout the session, the analysts take turns presenting cybersecurity related questions or statements, while their colleagues make informed guesses on whether these statements are accurate or false. This lighthearted, riveting conversation promises to both educate and captivate, as our skilled analysts skillfully discern between truth and fallacy.

Matthias is joined by experts John Tolbert and Osman Celik to unpack the concept of Attack Surface Management (ASM) and its growing relevance in cybersecurity. They discuss the challenges posed by the ever-evolving nature of attack surfaces and the role of ASM solutions in managing these changes. The three discuss cutting-edge trends such as Cloud, IoT, and Dark Web monitoring, underscoring their influence on ASM's future. The role of automation in enhancing ASM efficiency is discussed, alongside the significance of ASM in navigating regulatory compliance and making informed choices in the diverse vendor landscape.

Anirudh Sen, VP Products at Saviynt joins Nitish Deshpande, Research Analyst at KuppingerCole Analysts to explore the realm of Third Party Access Governance and its key distinctions from Identity Governance and Administration (IGA). Discover the evolving landscape of corporate Access Governance, the challenges of securing third-party relationships, and the benefits organizations can gain from effective third-party governance. Learn about the crucial role of AI and automation and gain valuable insights to help your organization stay ahead in managing third-party risks and access.

Join Matthias Reinwarth and Senior Analyst Mike Small in a quick chat on the evolution of Cloud Security Posture Management (CSPM). They discuss its proactive approach, the challenges in implementation, and the role of overarching platforms like Cloud Native Application Protection Platforms (CNAPP). Mike shares insights for smaller organizations and highlights the impact of geopolitics and AI on cybersecurity. Don't miss cyberevolution in Frankfurt this November for deeper insights.

Mike Neuenschwander, Vice President at KuppingerCole in the U.S. and Global Head of Research Strategy, recently had some thoughts about passwordless authentication and wrote a blog about it. Today, he joined Matthias for further discussion about that topic, delving deeper into entropy and how it applies to passwords, and his 2nd Law of AuthN Dynamics. Read the blog here: https://www.kuppingercole.com/blog/neuenschwander/the-second-law-of-authn-dynamics

In this episode, host Matthias and guest Warwick Ashford dive into the EU's Digital Operational Resilience Act (DORA). They discuss its impact on the financial sector's cybersecurity and operational resilience, focusing on key objectives and challenges. The conversation also covers practical aspects like ICT Risk Management, third-party risks, operational resilience testing, and cyber threat intelligence sharing. A must-listen for IT professionals navigating DORA's complexities.

In this episode, host Matthias Reinwarth is joined by guest Alexei Balaganski to discuss the implications of quantum computing for cybersecurity. The conversation covers the fundamentals of quantum computing and its distinction from classical computing. They also address the immediate and potential threats that quantum computing poses to existing cryptographic systems. The episode further explores the state of quantum-resistant encryption methods and the concept of cryptographic agility. The advancements in quantum cryptography are also discussed.

Today, host Matthias and expert Alejandro Leal discuss the dynamic realm of Access Management. They'll touch on its evolution beyond traditional capabilities, the intertwined nature of Access Management and Identity Federation, and the industry-wide shift driven by Covid-19 towards modern solutions. As passwordless authentication and decentralized identities rise, the duo will highlight the potential for innovation and cost-saving in this space.

In this episode, Matthias sits down with Nitish Deshpande to cover the intricacies of 'Securing the Autonomous World by Reinforcing Cybersecurity.' From understanding the challenges posed by automation to the cybersecurity landscape, to the pivotal role of humans amidst rising automation, Nitish offers invaluable insights. They discuss the complexities of training data for ML models, the verification of these models, and the ever-evolving nature of cybersecurity. Nitish also sheds light on the significance of contextual understanding in automation and shares his vision for the future of cybersecurity in an increasingly autonomous world. Finally, Nitish provides his top recommendations for fortifying cybersecurity infrastructure in this dynamic era. Read Nitish's Blog Post: https://www.kuppingercole.com/events/cyberevolution2023/blog/securing-the-autonomous-world-by-reinforcing-cybersecurity

Dive into the world of Privileged Access Management (PAM) and its significance in today's rapidly evolving security landscape with Lead Analyst Paul Fisher and Saviynt's Chris Owen. They explore the challenges organizations face, customer expectations, and the need to reset aspirational goals. Discover the shift towards zero standing privilege, just-in-time access, and the convergence of identity and PAM solutions. Learn about the future of PAM, the role of cloud infrastructure entitlement management, and how user experience is becoming a critical factor in PAM adoption.

In the latest episode of Kuppinger Analyst Chat, host Matthias sits down with KuppingerCole's CEO Berthold Kerl and the Director of the Practice Cybersecurity Christopher Schütze to discuss the upcoming cyberevolution event. Berthold Kerl highlights the event's unique positioning, emphasizing its blend of evolutionary continuity with revolutionary tech disruptions. Set in the heart of Europe, cyberevolution focuses on future predictions, current innovations, and the essence of collaboration. Berthold also mentions a diverse attendee list, from over 30 CISOs to students, spanning continents from Europe to Africa. Christopher Schütze touches on AI as the event's central theme and describes various formats, including keynotes, panels, and interactive workshops. He also introduces the Capture the Flag segment, providing insights into its competitive nature. Berthold spotlights the Pitch Night and its competitive spirit, while Christopher highlights workshop topics like ChatGPT and Ransomware Simulation. In conclusion, Berthold articulates cyberevolution's vision: to complement global conferences like RSA by converging innovation, business resilience, and policy in Europe.

Alexei Balaganski and Matthias discuss the current state and future of AI in cybersecurity. The conversation explores the role of AI, machine learning, and deep learning in bolstering cybersecurity defenses against evolving threats like malware, ransomware, and phishing attacks. Discover the practical applications of AI, its limitations, and the cautious optimism surrounding its potential impact on the cybersecurity landscape. Read Alexei's blog here: https://www.kuppingercole.com/events/cyberevolution2023/blog/ai-and-cybersecurity-a-new-hope-for-cyber-defenders

Join John Tolbert, Director of Cybersecurity Research at KuppingerCole, in this insightful episode featuring George Tarasov, Product Manager at Qrator Labs. Explore the world of multi-vector DDoS attacks and bot detection as they shed light on the increasing complexities and challenges faced by organizations. Learn about the evolution of multi-vector attacks, the rise of bad bots, and the strategies used by attackers to overwhelm target companies. Discover key insights and mitigation techniques to fortify your defenses against these sophisticated threats.

In this episode of the Analyst Chat podcast, host Matthias Reinwarth invites cybersecurity expert Martin Kuppinger to discuss access control tools for business application environments. They focus on two Leadership Compasses authored by Martin, which provide a comprehensive overview of the market for access control solutions centered around SAP and non-SAP systems. Martin shares insights on market segments, vendors, product functionality within the access control landscape. They explore innovative approaches to enhancing security, such as access restriction and controlling break-glass access. Furthermore, Martin and Matthias also explore the organizational aspects of access governance in dynamic LoB application environments. They discuss the challenges that arise when transitioning between new vendors, adopting SaaS solutions, and managing access control in multicloud environments.

Join Matthias as he delves into the world of deep fakes with Research Analyst Alejandro Leal. Deep fakes are manipulated media that can be difficult to distinguish from real footage, posing threats in remote identity proofing attacks and disinformation campaigns. Alejandro discusses the challenges of detecting and countering deep fakes, emphasizing the need for a multifaceted approach involving media forensics, machine learning, public awareness, and policy developments to mitigate the associated risks.

In this episode of the KuppingerCole Analyst Chat, host Matthias Reinwarth continues his conversation with guest research analyst Marina Iantorno to discuss the evolving landscape of artificial intelligence (AI) in cybersecurity. They delve into how attackers are leveraging AI to exploit system vulnerabilities and execute targeted attacks. The conversation also covers the risks associated with AI manipulation by cybercriminals, including the creation of deepfakes. The duo explores the potential of AI in cyber defense, highlighting its role in threat identification, incident response, and predictive threat intelligence. They also discuss the challenges in implementing AI-based cybersecurity solutions, emphasizing the importance of human expertise in this domain. Regulatory and legal implications of using AI in cybersecurity are also addressed. Finally, they provide practical advice on how businesses and individuals can protect themselves from AI-driven threats.

In this episode, Matthias engages in a conversation with Senior Analyst Warwick Ashford about the future cybersecurity landscape and threats. They discuss the notion that there's "nothing new under the sun" in cybersecurity, exploring how attackers use familiar tools and techniques in new ways. They emphasize the importance of understanding the evolving technology landscape and expanding attack surfaces. The discussion also covers strategies for organizations to protect themselves, achieve cyber resilience, and foster collaboration within communities. Attendees of the upcoming cyberevolution event in Frankfurt will have the opportunity to delve deeper into these topics and gain valuable insights into securing emerging technologies. Don't miss this engaging conversation on future cybersecurity threats and the need for a collective approach to defense.

In this episode of the KuppingerCole Analyst Chat, host Matthias and guest Marina Iantorno discuss the risks of deepfakes and the ethical challenges and biases in AI-driven cybersecurity. They explore AI ethics, which includes the importance of fairness, explainability, robustness, transparency and privacy in AI systems. They look at issues of algorithmic bias in AI and the cybersecurity threats posed by deepfakes. Beyond the fundamentals, they discuss mitigation strategies, which are techniques to reduce bias and counter deepfakes, including diverse datasets and adversarial training. They highlight the role of industry, academia, society and regulators in addressing these challenges and promoting ethical AI practices. The episode emphasizes the need for a multi-pronged approach to create a safe and inclusive cybersecurity environment. Read Marina's blog: https://www.kuppingercole.com/events/cyberevolution2023/blog/the-triple-threat-ai-ethics-bias-and-deepfakes-in-cybersecurity

In this podcast episode, Christopher Schütze and Matthias explore the Strategy Navigator by KuppingerCole Analysts, a lean and efficient advisory service designed to tackle common challenges faced by cybersecurity leaders. Learn how it can help optimize your cybersecurity portfolio, increase IAM efficiency, and guide your organization towards a modern Target Operating Model. We discuss the benefits of expert-led workshops, targeted information, and personalized coaching, all aimed at driving impactful action and ensuring robust protection for your organization. Leverage the strategy navigator to discover how to navigate the path towards Zero Trust or to modernize your infrastructure in a multi-hybrid world. Learn more about our Advisory Services here: https://www.kuppingercole.com/advisory

In the episode of the KuppingerCole Analyst Chat series, Martin Kuppinger and host Matthias engage in a detailed discussion about the challenges associated with the integration of Identity Governance and Administration (IGA) into identity management systems based on on-premises Active Directories. They dissect the structural and deployment aspects of Active Directories, highlighting how these often conflict with contemporary access governance paradigms. Martin explains why these contradictions can make the overlay of IGA on Active Directories extremely challenging, if not entirely unfeasible.

Join host Matthias and expert guest Alexei Balaganski in this episode of the KuppingerCole Analyst Chat. They discuss the recently updated Open Web Application Security Project (OWASP) API Security Top 10 guidelines and the shifting landscape of web security, highlighting the critical role of APIs. In addition, they emphasize the importance of Identity and Access Management (IAM) in securing APIs effectively. Tune in for valuable insights into API security, web security, and the significance of IAM. Find the OWASP API Security Top 10 list here: https://owasp.org/API-Security/editions/2023/en/0x11-t10/

This episode's guest is Marina Iantorno, Research Analyst at KuppingerCole, who is talking about the highlights and key topics discussed at the European Identity and Cloud Conference (EIC) 2023. Matthias and Marina discuss subjects such as identity and cybersecurity, trust and protocols, privacy and data protection, ethics in identity and machine learning, and the role of generative AI. Marina shares her experience as a speaker and panel moderator at the conference and provides insights into the trends and future of identity access management, cyber insurance, and decentralized identity. EIC 2023 Agenda with on-demand sessions: https://www.kuppingercole.com/events/eic2023/agenda Join the cyberevolution: https://www.kuppingercole.com/events/cyberevolution2023

Entdecken Sie die Bedeutung von IT Service Management und wie es Ihr Unternehmen voranbringen kann. In diesem Video teilen Bert Kondruß von der USU AG und Martin Kuppinger wertvolle Einblicke über die Lösungen von USU und den Mehrwert von Software as a Service (SaaS). Optimieren Sie Ihre IT-Services und erreichen Sie Ihre Unternehmensziele schneller.

Matthias invites John Tolbert to discuss Fraud Reduction Intelligence Platforms (FRIP) with him. Discover the evolving landscape of fraud prevention and detection, the key technologies used in FRIPs, and their broader applications beyond fraud reduction. Gain valuable insights from the latest edition of KuppingerCole's Leadership Compass and explore how these platforms are shaping the future of identity assurance and security: https://www.kuppingercole.com/research/lc81108/fraud-reduction-intelligence-platforms-frip

Join Matthias Reinwarth, Director of Identity and Access Management, and Nitish Deshpande, Research Analyst, as they delve into one of the most critical challenges faced by organizations today: visibility. Discover why organizations struggle with understanding user access and the potential risks of this lack of visibility. In this episode, they explore the key capabilities of access governance, such as access review, certification, risk management, request management, and analytics, and how these capabilities enable organizations to gain comprehensive visibility into their assigned accesses. Don't miss this insightful discussion on enhancing control and mitigating risks through effective access governance. Read Nitish's Leadership Compass here: https://www.kuppingercole.com/research/lc81118/access-governance

Graham Williamson, Fellow Analyst with KuppingerCole, shares his insights and expertise with our host Matthias Reinwarth as they discuss the lessons learned from Graham's research on secrets management. They also explore the concept of "Machine Identity" and why it's important for businesses to understand. Finally, they discuss how companies can best utilize the information presented in Graham's research to improve their secrets management strategies.

In this episode, Martin Kuppinger and Matthias are discussing the business case for decentralized identity, and why it is finally gaining traction in the enterprise world. They are exploring the benefits of using decentralized identity for employee onboarding, especially in the context of remote work. They look at the importance of trust and the full lifecycle management in the decentralized identity ecosystem, and how it can lead to more secure and efficient business processes. This topic is particularly relevant for the upcoming EIC, where experts and thought leaders will be gathering to discuss the latest trends and developments in digital identity. Join KuppingerCole as we explore the world of decentralized identity and its impact on the future of business.  

In this video, Anders Askåsen of Okta and Martin Kuppinger, Principal Analyst at KuppingerCole Analysts, discuss the lessons that organizations can learn from the financial services industry on compliance and multi-factor authentication (MFA). They focus on DORA and NIS, upcoming regulations that will impact the financial services industry and other organizations. They discuss the need for strong MFA and the importance of context in authentication. They also explore what other industries can learn from the financial services sector's experience.

Graham Williamson and Matthias explore the world of authentication strategies and the impact of FIDO2. They are discussing why shifting left in our authentication strategy is essential and how FIDO2 can help achieve this. They also delve into the impact that FIDO2 holds for enterprise authentication environments and give their predictions for FIDO2 authenticator devices.

Matthias is joined by Marina Iantorno in this episode to discuss the trends and predictions for IGA beyond 2023. Marina sheds light on the diverse market segment through KuppingerCole's analysis of the market and provides valuable insights into its evolution.

In a world where data breaches are becoming more and more frequent, keeping data secure has become an increasingly challenging task. Join Matthias and Alexei Balaganski in this episode as they delve into the current market trends and existing vendors in the data security industry. The discussion delves into a crucial aspect of enterprise data security architecture, including the best alternatives for safeguarding data, covering everything from security control over stored data to the fundamental network infrastructure. Tune in to learn more about keeping your data secure in 2023. Read Alexei’s Leadership Compass here: https://www.kuppingercole.com/research/lc80907/data-security-platforms

In this episode, Matthias is joined by Paul Fisher to delve deeper into the sub-series on Trends and Predictions for 2023 and beyond. The world is constantly evolving and a lot has changed and is still changing in the PAM market, which is expanding and undergoing significant transformation. Paul offers insights on the current trends for Privileged Access Management, the significance of CIEM, and the impact of mergers and new players in this crucial market segment. All things PAM: Leadership Compass: https://www.kuppingercole.com/research/lc81111/privileged-access-management Webinar: https://www.kuppingercole.com/events/2023/04/welcome-to-pamocracy Paul’s Session at EIC: https://www.kuppingercole.com/sessions/5334/1

Protecting data is a responsibility for any company, regardless of whether it is considered their most valuable asset or not. Data loss can occur due to human error or malicious intent, emphasizing the need for comprehensive protection measures. In this episode of the Analyst Chat, Warwick shares insights into effective Data Leakage Prevention systems and highlights key methods for safeguarding data.

The topic of passwordless authentication holds immense significance in today's digital landscape. Security experts believe that passwords comprise a significant weakness in security and advocate for their elimination. However, does the elimination of passwords guarantee the ultimate solution? André Durand states that passwordless authentication is not the Holy Grail but the next evolution in the user experience of authentication. Join André and Martin in their thought-provoking discourse about the next steps after passwordless authentication.

In the ongoing Analyst Chat sub-series, Matthias and Martin delve deeper into the topic of Trends and Predictions for 2023 and beyond, focusing on the critical concept of Policy Based Access Control (PBAC). Martin highlights the significance of well-defined policies for ensuring robust cybersecurity and access control, laying the groundwork for a robust zero trust approach. 

Get ready to hear a new take on generative pre-trained transformers! This week, Matthias sat down with Jörg Resch, Co-founder of KuppingerCole Analysts, to discuss the exciting possibilities of ChatGPT. Unlike Alexei, Jörg is an avid user and firm believer in the positive impact that these technologies can have on our daily lives and work. While acknowledging the risks involved, Jörg advocates for a balanced and creative approach to the potential of generative AIs. Brace yourself for a thought-provoking conversation that may just change the way you view the future.