KuppingerCole Blog

I had no intention to write any blog posts during the holidays or, God forbid, do any predictions for the next year (look how relevant last year’s predictions turned out to be). However, an interesting story involving Ticketmaster, a large American ticket sales company, has caught my eye and made me think once again about my career in cybersecurity. The whole story goes all the way back to 2013, but the details have only recently been unsealed after the company has entered into a plea agreement and agreed to pay a $10 million fine for illegal access to a competitor’s...

The ongoing SolarWinds incident illustrates that the much-lauded Zero Trust security paradigm is, in fact, based on trust. Zero Trust is about authenticating and authorizing every action within a computing environment. It is putting the principle of least privilege into action. In an ideal implementation of Zero Trust, users authenticate with the proper identity and authentication assurance levels to get access to local devices, on-premises applications and data, and cloud-hosted resources. Access requests are evaluated against access control policies at runtime. In order for Zero Trust...

Many if not most organizations have moved to a risk management model for cybersecurity and identity management. Priorities have shifted in two major ways over the last decade: decreasing attack surface sizes focusing on detection and response technologies instead of prevention only Reducing attack surfaces inarguably improves security posture. Achieving the objective of reducing attack surfaces involves many activities: secure coding practices, vulnerability scanning and management, consolidation of functions into fewer products and services, access reconciliation, user...

Attending AWS re:Invent is always an exceptional experience and, despite it being virtual, this year was no different. As usual, there were the expected announcements of bigger better and faster services and components. AWS always shows a remarkable level of innovation with many more announcements than it is practical to cover comprehensively. Therefore, in this blog, I will focus on what I think are some of the highlights in the areas of hybrid IT, edge computing, machine learning as well as security and compliance. There is an old adage – “Keep it Simple Stupid” and...

Since the beginning of the Covid-19 crisis, the use of language in public life, in the press, and in everyday life has changed. Terms that were formerly confined to the circles directly affected by them are now much more common. For example, every informed and responsible citizen is now familiar with specific terms from epidemiology and immunology such as “reproduction number” and “herd immunity”. Another term that has risen to prominence since the beginning of the crisis is “first-line worker”. These workers literally work on the front line. They are...

Whether you’re a fan of MySQL or not, you cannot dispute the fact that it is the world’s most popular open-source database by a large margin (incidentally, it’s also the second most popular database ever, behind only its owner Oracle’s flagship commercial product). 25 years after its inception, MySQL has evolved into an essential and truly ubiquitous component of every web application stack and cloud platform. Even though some database experts might frown upon it for lacking “enterprise capabilities”, it is widely used by the largest enterprises around...

Ivanti has completed its acquisition of MobileIron and Pulse Secure. Ivanti, headquartered in Salt Lake City, had its roots in desktop management (LANDESK), evolved into endpoint and patch management, and had added full IT asset, service, and workspace management, as well as IAM capabilities. Though headquartered in North America, Ivanti had already become a global IT solutions provider. Pulse Secure, a strong secure access vendor, was spun-out from Juniper Networks in 2014. MobileIron was dedicated to mobile device management, mobile security, and authentication since it was...

If the line "We are detective" only reminds you of "guilty pleasure" radio songs from the 1980s, despite the fact that you are responsible for cybersecurity or compliance in your company, then you should read on. In any case, you probably should read on because this is a trend that is becoming increasingly important in times of growing uncertainty and loss of trust – in contracts, in companies in the supply chain, in "the Internet", and in nation-states. Trust as the foundation for reliable assurance Understanding, assuming, mitigating, and managing risks in our...

The world is caught between high expectations, futuristic fears, and non-legally binding recommendations on how to proceed with AI development and management. This means that although technologies are advancing and that many use cases are being proven effective to support enterprise data management, security, interactions with customers, and many more customized solutions per industry, most organizations are hesitant to board the AI train. For many, they do not feel they have enough guidance to launch a future-proof AI project. For the moment, all we have is a growing collection of AI...

Zero trust and IAM from the cloud as the foundation of hybrid IT must be simple Most companies today rely on a hybrid IT infrastructure: Existing on-premise solutions are extended with flexible best-of-breed SaaS solutions. This improves flexibility and agility, but also increases the scope for cyber attacks due to the growing number of digital identities. For example, the Verizon Data Breach Investigation Report 2020 showed that attack patterns that target end-users - such as phishing and the use of stolen credentials - lead the attack rankings again. With obvious numerical sequences...