KuppingerCole Blog

Digital identity thought leader Kim Cameron´s passion for fundamentally influencing the way we think about, and deal with privacy and digital identity, has brought us where we are today and will endure forever. On 30 th November, 2021, Kim passed away after his courageous battle with cancer. We will continue to honor him by living by his ideals that he expressed back in 2005 with his 7 Laws of identity . User Control and Consent, Minimal Disclosure for a Constrained Use, Justifiable Parties, Directed Identity, Pluralism of Technologies, Human Integration, Consistent...

IT endpoints are no longer just workstations and servers confined to corporate headquarters, branch offices, customer sites, and data centers. They can now be just about anything located anywhere, from employees’ homes to airports, hotels and in the cloud, and they may be devices owned by employees as a result of the bring your own device (BYOD) trend. But every endpoint represents a potential entry point for cyber attackers, and needs to be managed because in many ways endpoint devices have effectively become the new corporate network perimeter, and consequently they are...

Data leakage is mainly due to industrial espionage, hacktivism, disgruntled employees, problems in processes, and human error. Considering that most industrial espionage and other cyber attacks use social engineering in some form to gain entry to target IT systems, it is clear that despite increasing levels of automation, the human factor continues to be an important element to consider in securing critical data and defending against a broad range of cyber-attacks. The human factor in cybersecurity was a key theme at this year’s KuppingerCole Analysts’ Cybersecurity...

Cybersecurity is a basic and essential requirement for today’s organizations because they are increasingly reliant on IT, particularly as businesses becomes more digital, and this makes them increasingly vulnerable to disruption and consequently to direct and indirect financial and reputational loss due to cyber-attacks.  Cybersecurity as a requirement for businesses was a key theme at this year’s KuppingerCole Analysts’ Cybersecurity Leadership Summit , along with the human factor in cybersecurity, the application of artificial intelligence in cybersecurity,...

Chief information Security Officers agree that their organizations are under attack from a greater volume of cyber-attacks than ever before. The almost daily reports of security breaches by cyber attackers is evidence that traditional tools and approaches to cyber security are no longer effective against continually evolving cyber-attacks. One way of attempting to address this fact has been a switch in recent years away from prevention only to a security strategy that also includes detection. As a result, security professionals adopted detection technologies such as Endpoint Detection...

As mentioned in the previous edition of KC Navigator, with the implementation of digital transformation, organizations have seen the number of privileged users multiply, with new types of operations such as DevOps needing access to privileged accounts. DevOps support has become essential to many organizations looking to become more responsive and innovative by merging traditional engineering and operations teams to speed software delivery times. As a result, application developers and other agile teams increasingly need privileged access to essential tools, and this access also has to...

Credential theft is the most popular way cyber criminals use to access corporate environments, but real power comes from compromising privileged credentials, which is why Privileged Access Management (PAM) is one of the most important areas of risk management and security for any organization. In fact, PAM is becoming increasingly important because changing business practices such as the adoption of cloud computing and other aspects of digital transformation, the users of privileged accounts have become more numerous and widespread than ever before. Privileged access is highly sought...

Recent attacks on Software Supply Chains have resulted in massive impacts on industry and institutions causing damage and loss of intellectual property on a global scale. Vendors and operators in software supply chains are attractive targets for cyber criminals as a way to infiltrate end user organizations on a large scale. One of the recent examples of this, the SolarWinds Incident, demonstrated that even large software vendors with a strong cybersecurity background can be compromised, and that most organizations – including Fortune 500 companies and several US federal...

Ransomware attacks are now inevitable, with incidents of cybercriminals encrypting critical business data and demanding payments for the key, increasing 282% in the second half of 2020 compared with the first half, and a further 14% in the first six months of 2021. In all likelihood, if your company is connected to the internet, it will at some point become the target of a ransomware attack. That’s the bad news. And while the impact of a ransomware can be devastating, the good news is that there are measures you can and should take to ensure that your organization is as resilient...

Martin Kuppinger, Principal Analyst at KuppingerCole, will give a presentation entitled Cloud Security 2025 – Perspective & Roadmap on Thursday, November 11 from 11:00 am to 11:20 am at Cybersecurity Leadership Summit 2021 . To give you a sneak preview of what to expect, we asked Martin some questions about his presentation. Are today's identity and access solutions such as IGA and PAM able to serve the needs of today's complex multi-cloud, multi-hybrid IT environments? I think that's a good question. When we look at this and we look at a little bit of where do...