KuppingerCole Blog

Blog

Arrival of the Digital Services Act (DSA)

The Digital Services Act (DSA), along with the Digital Market Act (DMA) are initiatives from the European Union Commission, proposed in December 2020 and agreed upon in April 2022 . The main goal is to provide and ensure an accountable online environment in the EU, and regulate the “gatekeepers” on online interactions. This is a wide-reaching act that will differentiate “gatekeepers” from other online services, and apply obligations to them to create a more fair, competitive, and safe online market. These acts are not in full force yet – they are subject...

Blog

Fully Homomorphic Encryption at a Glance

Widespread use of cloud services, the rising number of integrated solutions and the collaboration between organizations increase the concerns over data privacy and security. Today, we know that many data protection regulations (e.g., FIPS, GDPR, CCPA) require data to be encrypted while it is at rest and in motion. Even though we are not yet able to encrypt the data in all its states, fully homomorphic encryption (FHE) performs encryption while the data is in use state and might become one of the holy grails of encryption methods available. While it is one of the technologies available in...

Blog

Women in Identity

Women in Identity (WID) is a global organization with a vision to develop identity solutions for everyone by everyone. It was founded in 2018 by a handful of women and has grown to more than 2000 members in 32 countries. We believe that diverse teams create better solutions, and each of us works with the identity industry to achieve this. Thanks to the KuppingerCole team who has supported WID from the beginning, we are able to host a WID Get-Together at EIC 2022 on May 12 from 16:30-17:30 followed by a track. The local WID DACH team has been working hard to put together an interesting...

Blog

Curse and Blessing of Biometric Authentication

Everybody wants the benefits of biometric authentication but nobody wants to pay the potential privacy price. What is the risk for individuals and society at large? To address these challenges Mike Kiser, Director, Strategy and Standards at SailPoint, is giving a keynote speech New Face, Who Dis? Privacy vs Authentication in a World of Surveillance on Tuesday, May 10, at the European Identity and Cloud Conference 2022 . To give you a sneak preview of what to expect, we asked Mike some questions about his presentation. Your talk describes a tension in how facial recognition...

Blog

Digitization to Dissolve Data Privacy

How can organizations prepare to maintain data privacy while using a multi-tenant cloud, managed service providers, and distributed data center environments? Anil Bhandari from Arcon will elaborate on this challenge in his Keynote   Digital Identity and Privacy: Stories from the Frontline on Tuesday, May 10, at the European Identity and Cloud Conference 2022 . To give you a sneak preview of what to expect, we asked Anil some questions about his presentation. What can we expect to learn from your session on Digital Identity and Privacy: Stories from the Frontline?...

Navigator

Securing Hybrid IT and Multi Cloud Environments

A growing number of organizations are adopting cloud-based services driven by digital transformation, the desire to cut costs, and the need to support remote working. As a result, most organizations have ended up with a mixture of on-prem and cloud-based infrastructure because of the challenges in shifting all existing services to the cloud, with many adopting a phased approach. The majority of IT environments, therefore, are now hybrid with legacy applications and some business-critical data remaining on-prem or in managed hosting solutions. At the same time, organizations are...

Blog

Organizations Need a Dream IAM

Digital systems have become very complex, 95% of admins have too many permissions, and 76% of IT decision-makers are facing a skills gap. This is a recipe for disaster, so how do you fix it? Patrick Parker from EmpowerID will elaborate on this challenge in his Keynote  Model, Measure, Manage - The Journey to Autonomous Security in a Hybrid Multi-Cloud World on Tuesday, May 10, at the European Identity and Cloud Conference 2022 . To give you a sneak preview of what to expect, we asked Patrick some questions about his presentation. Why is there a need for Autonomous...

Blog

CrashOverRide or the Need for Putting OT Security at the Center of Attention

One of the deplorable components of the Russian aggression toward Ukraine has been resumption of cyber-attacks on the electrical grid. This has highlighted the vulnerability of the electrical distribution network to this kind of attack. The Computer Emergency Response Team of Ukraine disclosed that a Russian hacking group has recently attacked the grid’s industrial control systems. The attack methodology is commonly called CrashOverRide or Industroyer. It is targeted at industrial control systems, specifically electrical grids. It is configured to use fieldbus protocols for...

Blog

PCI-DSS 4.0 launched

The Payment Card Industry (PCI) Standards Council has published a major update to the Data Security Standard (DSS), version 4.0. This version is an improvement over the current version, 3.2.1, which came out in 2018.   The new publication directs organizations that need to be compliant with the standard to use Multi-Factor Authentication (MFA) build-in “Dynamic Analysis”, or risk-based authentication, in alignment with Zero Trust perform access reconciliations harden systems and servers deploy anti-malware solutions ( Endpoint Protection Detection...

Blog

Catalyzing your Digital Transformation Journey

Let us face it, we do not have a choice. The overall context for all our activities and every interaction has been and is being changed without us being asked. Digital Transformation is here, and it impacts everyone, businesses, and governments. It is changing society as a whole and the way we engage with each other in virtually every area of life.  The question of if and when to develop a digital transformation strategy is not even an issue. The need for a comprehensive approach and the resulting challenges are crystal clear. The next normal The next normal will definitely not...