KuppingerCole Blog

The Coming Storm On April 28 th , 2021 the European Data Protection Board announced that The Portuguese Data Protection Authority (CNPD) ordered INE (National Institute for Statistics) to suspend the sending of personal data from the Census 2021 to the United States. CNPD has issued a decision addressed to INE for the suspension within 12 hours of any international transfer of personal data to the United States or other third countries without an adequate level of protection in the context of Census 2021 questionnaire. If this were your organization, would it be able to...

Organizations around the world have been rapidly modernizing their access management infrastructures in response to increased cyber-attacks and data breaches, enactment of security and privacy regulations, and a shift to remote working. Access management modernization is quick shift away from insecure passwords, which time and again facilitate criminals to gain access to corporate networks and data. A recent survey on the Psychology of Passwords found that 59% of the respondents use the same password repeatedly, at home and in the office. The main reason behind this dangerous trend is...

Simplifying access to IT services by building on platforms for IT workflows and beyond ServiceNow, over the past few years, has emerged as one of the leaders in the ITSM (IT Service Management) market and beyond to what today is named ESM (Enterprise Service Management). In fact, the evolution of that market has helped ITSM leave the bunker of IT, and become a strategic element for businesses. ESM today is much bigger and more important than ITSM ever was The reason is that ESM supports organizations in business process optimization, based on central platforms with centralized...

The Good Health Pass Interoperability Blueprint was released mid-June to help shape the development of a cohesive but decentralized method of issuing, holding, and verifying the results of a COVID status test. The Good Health Pass Collaborative (GHPC) is an open and publicly funded collaborative; it was founded by ID2020 and the working group is managed by the Trust over IP Foundation . The blueprint , which is now available for public comment, lays out the most important and intentional design choices as well as recommendations to implement an interoperable and inclusive system....

Writing about legal topics is always a challenge. I am not a lawyer, but as an analyst and advisor, however, I almost inevitably encounter the implications of laws and current case law. Thus, this text describes only a personal assessment and is not intended to be, and should not be used as, legal advice (and in any case KuppingerCole Analysts do not provide legal advice). At the end of the day, any action should be clarified with colleagues properly qualified to do so, including the legal team. The ruling of the European Court of Justice (ECJ), which has gained some notoriety under...

Google has launched Vertex AI , its fully managed artificial intelligence (AI) and machine learning (ML) platform for the enterprise. It tackles the challenge of operationalizing AI/ML projects with automated pipelines, accessibility for business users, data scientists, and ML engineers, and pre-trained APIs for speech, vision, video, and more. The divide between technical know-how and precise customization and implementation of ML models is shrinking rapidly, thanks to AI Service Clouds. Fully Managed will be a Distinguishing Feature Fully managed will become a distinguishing...

The Covid-19 pandemic accelerated IT transformation in many ways. Lessons learned, among other things, is that IT software architecture must be highly flexible and scalable to handle the unforeseen tsunami waves of network traffic and flexible enough to address cyber-attacks in areas least expected or prepared, such as potential vulnerabilities in communication applications like Slack, Zoom, Microsoft Teams, or Trello. Organization's sudden imperative to shore up cybersecurity systems such as Access Management became strikingly apparent. Zero Trust During the covid-19 pandemic, the...

Green Light On May 20 th , 2021 it was announced that the EU Cloud Code of Conduct had received official approval by the Belgian Data Protection Authority, following the positive opinion issued by the European Data Protection Board.  At the same time, the European Data Protection Board (EDPB) comprised of all the European Data Protection Authorities (DPA) provided a favourable opinion that the CISPE Data Protection Code of Conduct complies with the General Data Protection Regulation (GDPR). This has been a long journey – in 2017 we published a Leadership...

Last week Colonial Pipeline, one of the largest pipelines in the US, was hit by a ransomware attack from the Dark Side cybercrime group. While many pertinent specifics about the attack are not known, FireEye and US Cybersecurity and Infrastructure Security Agency (CISA) have shed some light on how Dark Side’s malware works. These two posts point out some common Tactics, Techniques, and Procedures (TTPs) that all organizations should be on the lookout for as indicators of attack: Password spraying against Virtual Private Network (VPN) devices. Legitimate user credentials...

When thinking about the C-suite’s priorities, people tend to focus on growth, security, digital transformation or, more recently, keeping a remote workforce running. All of these aspects are important to keep the business profitable, remain at the forefront of innovation, maintain shareholder satisfaction and ensure that employees are safe, equipped and content. Yet, there is something that underpins every one of these priorities: digital trust. And without it, every area of the business would cease to function. Digital trust is a concept no business leader can ignore today. With...