KuppingerCole Analysts

Join Martin with Jackson and TJ from Clear Skye as they talk about how Clear Skye accelerates your Identity's digital transformation.

While the world tries to cope up with the on-going pandemic, cybercriminals have got their hands on a gold mine. Annie and Matthias sit down again to chat about the overall picture of cyberattacks, including COVID-related lures.

Annie Bailey and Matthias continue their conversation around privacy, targeted marketing and the end of the era of the 3rd party cookie, that they started two weeks ago. They discuss the characteristics and the pros and cons of upcoming approaches, while this technology area is still continuing to evolve.

Dr. Phillip Messerschmidt is an experienced practitioner with extensive background knowledge in all things IAM. He helps us to take a step back and look at IAM in daily life. Drawing on simple, understandable definitions, he provides practical recommendations for successful and efficient identity and access management.

Tracking of users via 3rd party cookies has been a constant issue regarding compliance and user privacy. This is about to change, as 3rd party cookies are being more and more blocked in browsers like Firefox and Safari. And Google has announced the same step for Chrome in upcoming versions. What does this mean for the ad business, what are new approaches for addressing targeted marketing in a potentially more privacy preserving manner? Annie Bailey joins Matthias to discuss recent developments in this field.

How can PAM technologies fit into a Zero Trust architecture and model? How could a PAM technology help us sleep better at night, as many are anxious about falling victim to an attack similar to the Solar Winds attack? Is there a future in deploying PAM in DevOps environments? And how can PAM technologies help to address regulatory compliance? Join Paul and Jim as they talk about different current topics around PAM - Privileged Access Management.

As organizations go through digital transformation, they increasingly turn to using cloud services. One aspect of the digital transformation plan that is often forgotten is ensuring business continuity. Mike Small joins Matthias to explain why business continuity is essential for cloud services, especially in light of current events.

John Tolbert has just recently completed an updated Leadership Compass research document in the market segment of Enterprise Authentication. He joins Matthias for this episode to talk about recent developments and trends in that important area of the Identity Fabric for both IAM and CIAM.

Alexei Balaganski covers a broad range of security-related topics: from database, application and API security to information protection, cryptography and AI-based security automation. He joins Matthias to give a first insight into a fascinating new approach towards access encrypted data "in use", while maintaining privacy and security of data and processing. He explains the concepts behind homomorphic encryption, the current status, the technology required and he talks about first pioneering use cases.

Martin Kuppinger is one of the founders and the principal analyst of KuppingerCole and he is steering the overall development of the topics covered in KC's research, events and advisory. He joins Matthias to talk about the importance of extending Zero Trust to cover software security, for software in any form (embedded, COTS, as-a-service) and regardless of whether it’s home-grown or externally procured.

Many enterprises are nowadays dealing with the modernization of their Identity & Access Management. Modernizing Identity Governance and Administration (IGA) and well as Access Management at the same time can become too complex.In this video blog post, Martin gives practical advice on how enterprises can get their priorities straight.

Privileged user accounts are significant targets for attacks as they have elevated permission, access to confidential data and the ability to change settings. And if compromised, the amount of damage to an organization can be disastrous. No wonder that this is on the mind of our chief information security officers. Join our CEO Berthold and Rob Edmondson, Technology Strategist at Thycotic in this conversation!

The press, security vendors, politicians and analysts alike currently often focus only on the recent SolarWinds security incident and its exceptional features and effects. While this is in fact an extremely important topic to learn from and to clean up, the shadow of this hype causes that at the same time it is often neglected that even very basic cybersecurity aspects are poorly addressed in many organizations. Alexei and Matthias look beyond the hype and discuss the need for new initiatives to achieve an actual adoption of proper measures to improve basic cybersecurity hygiene in essentially all organizations.

The Security Operations Center-as-a-Service (SOCaaS) market has emerged and continues to develop in response to demand for security monitoring, analysis, detection, response, and improvement recommendations either instead of or as a supplement to permanent on-premises SOCs. KuppingerCole Analyst Warwick Ashford joins Matthias for this week's episode and shares some insights into this evolving market segment he gained during his recent research.

More than a month into the post-SolarWinds-incident era Alexei joins Matthias to discuss further lessons learned and strategic approaches towards improving security in organizations depending on diverse cyber supply chains and their imminent threats. But they go beyond and look at the necessary changes between management awareness and software development security.

Join Simon Keates (Head of Strategy and Payment Security at Thales) and Dr. Udo Milkau (Fellow Analyst at KuppingerCole) talking about Security Issues in the FinTec Industry!

Although not really brand new, there are still a lot of interesting developments around DevOps when it comes to cybersecurity and more. Paul Fisher shares some trends and insights with Matthias and tells us what to expect in this rapidly evolving segment.

The SolarWinds incident made the news in December 2020 and continues to impact many organizations. John Tolbert joins Matthias to give a short introduction of what decision makers need to know at this stage and which measures to look at first.

Watch this Videocast with our Analyst Alexei and Todd Moore from Thales to learn why and how to encrypt everything!

John Tolbert joins Matthias and shares insights about the results from the just recently published Leadership Compass CIAM. They talk about the overall maturing of the market and the areas of innovation in products, standards and integration scenarios.

Annie joins Matthias to talk about the topic of Verified Digital Identity. They explore what these are, why they are becoming increasingly important and where they add new aspects to the concept of digital identity. A special focus is put on existing and emerging use cases, where verified digital identities can be beneficial to all types of real life entities in their day by day interaction.

Join our Analyst Mike Small and Paul Hampton, Product Manager at Thales Security as they talk about the importance of securing data in the cloud.

This podcast has already looked at the Zero Trust concept as a challenging architectural paradigm for security and an important component of modern and future-oriented security architectures from various angles. This time Christopher and Matthias focus on a phased project approach towards implementing Zero Trust in a well-paced, phased, "one-bite-at-a-time" manner.

The Zero Trust concept comes with the promise to adequately secure our modern, hybrid IT world at any time and any place. Manufacturers, consultants and even analysts agree as rarely as they do that this changed architectural paradigm is an important component of modern and future-oriented security architectures. Alexei and Matthias address the question why in practice only a few powerful zero trust architectures deliver on this promise. They try to answer the question what organizations need to consider in order to get off to a good start.

Martin Kuppinger and Danna Bethlehem, Director of Product Marketing at Thales discuss their perspectives on the interplay of Zero Trust and Identity and Access Management.

The PAM market continues to evolve and many organizations are adopting the DevOps paradigm where critical access and sensitive accounts are required in fast moving and agile environments. Paul Fisher meets Matthias for this episode and shares his research on PAM for DevOps. They talk about the challenges of this area of application, but also about the differences and similarities with "classic" PAM. And about the opportunities on a path towards a hybrid approach to PAM in today's organizations, in the midst of the Digital Transformation.

In this second of two episodes, Annie Bailey and Matthias Reinwarth look at use cases of emerging technologies in healthcare. The use of AI, and machine learning to facilitate self-diagnosis chatbots is just one of many fascinating areas of application that are discussed and analyzed.

John Tolbert has just taken a close look at the market for SOAR tools (Security Orchestration, Automation and Response) to prepare a Leadership Compass. This has just been published and this gives John and Matthias the opportunity to take a closer look at this market segment of security infrastructures.

In this first of two episodes, Annie Bailey and Matthias Reinwarth lay the foundations for the topic "Emerging Technologies in Healthcare". Beyond hype and half-knowledge, they look at the use of AI, machine learning, block chain, and modern digital identities for the comprehensive improvement of processes and systems in healthcare.

This analyst chat episode is the 50th and therefore a bit different. This time Matthias talks to two experienced analysts, Martin Kuppinger and Alexei Balaganski, about the ECSM, the European Cyber Security Month, which is to provide information and awareness on cyber security in October 2020. The particular aim they pursue is to go beyond awareness to arrive at specific measures that can benefit individuals and organizations alike.

When asked to describe IAM processes, managers tend to think first of traditional lifecycle management processes such as Joiner, Mover and Leaver (JML). While these are clearly essential for identity governance in interplay with authoritative sources, a comprehensive process framework for IAM and beyond encompasses many other areas. Martin Kuppinger and Matthias Reinwarth explore some of these additional areas between convenience and compliance.

Dynamic, risk-based, attribute- and context-related authorizations are becoming increasingly important for many enterprises. Graham Williamson and Matthias Reinwarth take a look at the market sector for dynamic authorization management and policy-based permissions in light of the recent publication of a Market Compass on this topic.

Access management and access governance in many companies are still largely based on traditional authorization concepts. Thus defining and thinking access management is often rooted in a rather one-dimensional paradigm. Martin and Matthias talk about access policies as a common language for defining and maintaining rules for access, independent of the actual implementation of access control.

Warwick Ashford and Matthias Reinwarth talk about business resilience again, focusing on cyber supply chain risk management.

Alexei Balaganski and Matthias Reinwarth look at the citizen development movement and discuss the potential risks of letting business users create their applications without proper governance and security.

Warwick Ashford and Matthias Reinwarth discuss the prerequisites and challenges of making a business able to adapt quickly to risks and disruptions.  

Anne Bailey and Matthias Reinwarth discuss the findings of the recently published Leadership Compass on Privacy and Consent Management.

Alexei Balaganski and Matthias Reinwarth discuss the concept of ephemeral credentials and its benefits for privilege management, DevOps and beyond.

John Tolbert and Matthias Reinwarth look at SP 800-207, the NIST special publication on Zero Trust architecture and discuss how it aligns with KuppingerCole's own vision of this topic (spoiler: it does align very well!)

Alexei Balaganski and Matthias Reinwarth try to make sense of the current state of quantum computing and talk about the risks it poses for information security.

John Tolbert and Matthias Reinwarth discuss benefits and limitations of agentless security solutions.

Christopher Schütze and Matthias Reinwarth discuss Enterprise Risk Management. What is it all about? What large and small companies should be focusing on? What role do IT and cybersecurity play here?

Anne Bailey and Matthias Reinwarth discuss how decentralized identities and verifiable credentials help respond to the pandemic by powering contact tracing applications, immunity passports and other important use cases.

Alexei Balaganski and Matthias Reinwarth discuss the security challenges for enterprises moving to the cloud and explain why security in the cloud is still your responsibility.

Anne Bailey and Matthias Reinwarth talk about the technologies that enable employees working remotely or from home access sensible corporate information from personal devices without compromises between productivity and security.

Matthias Reinwarth and Martin Kuppinger discuss the challenges of integrating IT service management with identity governance within an enterprise.

Matthias Reinwarth and Jonh Tolbert discuss the ongoing consolidation of the cybersecurity market and talk about its reasons and potential consequences.

Matthias Reinwarth and Martin Kuppinger talk about governance and security of data across a variety of sources and formats and the need for maintaining data lineage across its complete life cycle.

Christopher Schuetze and Matthias Reinwarth discuss a security architecture blueprint that implements the concept of Security Fabric.