News Archive


KuppingerCole Analyst Chat: The European Cybersecurity Month - Ensuring Security Beyond Awareness

This analyst chat episode is the 50th and therefore a bit different. This time Matthias talks to two experienced analysts, Martin Kuppinger and Alexei Balaganski, about the ECSM, the European Cyber Security Month, which is to provide information and awareness on cyber security in October 2020. The particular aim they pursue is to go beyond awareness to arrive at specific measures that can benefit individuals and organizations alike.


Policy-Based Access Control – Consistent Across the Enterprise

The evolution of cybersecurity protection demands a more nuanced response to providing access to a company’s sensitive resources. Policy-based access control (PBAC) combines identity attributes and context variables to enable sophisticated granting of access to corporate systems and protected resources based on centrally managed policies that ensure consistent access control decisions across the enterprise. Advancement in both business requirements and technology (such as growing use of micro-services), require a better way to control access. In a way that is consistent across all...


IAM Essentials: Identity Governance and Administration


2020 Is the Year of the Identity Management Revolution

2020 has been the year of dispersed workforces and working environments. The impact on existing infrastructure, strategies and legacy technology has been unprecedented. As a result, we embarked on a revolution for Identity & Access Management and a mind-set change for organizations big and small, global or local. Never before has IAM been more present and upfront. In this new world, trusted identities need to be the starting point for all organizational strategies and driving organizational change.


Safeguarding Your Most Valuable Data: Five Key Criteria to Assess Cloud Provider Security

This whitepaper focuses on defining the key security-focused selection criteria to help your company choose a secure platform for current and future cloud projects.


KuppingerCole Analyst Chat: There is More to IAM Processes than JML

When asked to describe IAM processes, managers tend to think first of traditional lifecycle management processes such as Joiner, Mover and Leaver (JML). While these are clearly essential for identity governance in interplay with authoritative sources, a comprehensive process framework for IAM and beyond encompasses many other areas. Martin Kuppinger and Matthias Reinwarth explore some of these additional areas between convenience and compliance.


How to Hunt Threats Effectively With Network Detection & Response Solutions

The number of cyber-attacks globally continue to rise. Attacks are growing increasingly sophisticated. The tactics, techniques and procedures that were once only used by well-funded state actors are being commoditized by cybercriminals. State actors sometimes employ tools that were formerly mostly used by cybercriminals. The threat landscape evolves continuously.

Architecture Blueprint

Architecting your Security Operations Centre

A security operations centre (SOC) is a dedicated team, usually operating 24x365, to detect and respond to cybersecurity incidents within your organisation that potentially affect your people and systems. Architecting your SOC properly in terms of technology, processes, people and a close coupling with the organisation is critical if you are to achieve value from implementing a SOC within your organisation.


Cybersecurity Awareness – Are We Doing Enough?

It’s October and it means that we are having the European Cybersecurity Month again. ECSM is the European Union’s annual campaign dedicated to promoting cybersecurity among EU citizens and organizations. To be completely honest, I do not remember it being much of a thing in previous years, but apparently, in 2020, cybersecurity awareness is much more important for the European Commission and not without, ahem, a very big reason. I have always had mixed feelings about the whole notion of “awareness”. On one hand, raising awareness is basically what we analysts do on...


Techniques for Securing Transactions With Identity Verification and Verifiable Claims

Consumer and Workforce identities are under assault. Cybercrime and fraud are pervasive problems that have only escalated during the pandemic. Even as the number of online and mobile transactions increases, businesses, government agencies, and other organizations are actively searching for solutions to help them minimize fraud and other kinds of cybercrime.


Multicloud und Digitalisierung: Wie Sie die Nutzung im Griff behalten

Die Rolle der Cloud für die Digitalisierung kann kaum überbewertet werden. Doch mit zunehmender Cloud-Nutzung sind Organisationen bezüglich der Zugriffskontrolle für Cloud-Plattformen wie AWS, Microsoft Azure und Google Cloud Platform in Verzug geraten. Zwar bieten diese Plattformen Unternehmen Agilität und beschleunigen Innovation durch neue Services wie Sprachverarbeitung oder konfigurierbare Dialogsysteme, doch oft fehlt es an der erforderlichen Kontrolle, um den Zugriff auf all diese Cloud-Ressourcen ordnungsgemäß zu regeln.


Martin Kuppinger & Robert Byrne on Identity and Access Management


Martin Kuppinger & Robert Byrne on Privileged Access Management Buzzwords

Executive View

Commvault Complete™ Data Protection

Business continuity planning is essential to the digital transformation process. This requires the use of data backup products and disaster recovery services which must support today’s multi-cloud hybrid IT environment. This report describes how Commvault Complete™ Data Protection meets these challenges.

Executive View

UNITY: IGA Modernization Framework by Persistent

Inevitably, every organization with digital security and governance requirements will go through iterations of IAM and IGA system modernization efforts. Persistent Systems' Unity provides the necessary migration framework to facilitate an IGA modernization transition.

Executive View

R&S®Trusted Gate - Secure Glocalization von Rohde & Schwarz Cybersecurity

Rohde & Schwarz Cybersecurity ermöglicht eine zuverlässige Verarbeitung regulierter und sensibler Informationen für die Zusammenarbeit und zum Dateiaustausch in gemeinsamen SharePoint-Plattformen für Organisationen in verschiedenen Ländern und Regionen unter Gewährleistung der Konformität zu unterschiedlichen Gesetzen und Vorschriften. Rohde & Schwarz Cybersecurity ermöglicht eine weltweit verteilte, effiziente und sichere Infrastruktur mit zentraler und konsolidierter Verwaltung unter Wahrung von Compliance und Datenschutz.

Executive View

Oxyliom Solutions GAÏA Advanced Identity Management

The GAÏA Advanced Identity Management component of the GAÏA Trust Platform by Oxyliom Solutions integrates the key elements of identity management required for regulatory compliance and a modern digital experience, especially in highly regulated industries such as the financial sector.


Nov 23, 2020: Zugriffsmanagement mit künstlicher Intelligenz neu erfinden

Unternehmen müssen in der modernen IT-Welt eine Vielzahl von Angestelltenidentitäten, Benutzerrollen, Zugangspunkten und Endgeräten verwalten. Diese Verwaltung von digitalen Identitäten und den entsprechenden Zugriffsrechten ist für die meisten Firmen nicht nur kompliziert, sondern auch zeitaufwändig. Wenn Unbefugte fälschlicherweise Zugriff zu sensiblen Unternehmens- und Kundendaten erhalten, kann dies zu Compliance-Problemen, Bußgeldern und Reputationsverlusten führen.


KuppingerCole Analyst Chat: Policy-based and Dynamic Authorization Management

Dynamic, risk-based, attribute- and context-related authorizations are becoming increasingly important for many enterprises. Graham Williamson and Matthias Reinwarth take a look at the market sector for dynamic authorization management and policy-based permissions in light of the recent publication of a Market Compass on this topic.


Panel - Integrating IGA and ITSM - Key Benefits and Main Challenges


Warwick Ashford: Don’t Reinvent the Wheel – Align ITSM with IAM/IGA Instead

As ITSM platforms evolve into strategic tools for service deliver across a range of busines functions, it is tempting for organizations to build in identity access management, governance, and administration functionality to provide a one-stop-shop for all employee requests and eliminate the cost of a separate IAM/IGA system. 

Warwick Ashford, senior analyst at KuppingerCole will explain why this is a risky strategy and discuss the benefits of and some use cases for aligning ITSM with IAM/IGA systems instead.


Gillan Ward: The Use of Real World Evidence (and Identities) in Support of Identity and Access Management

Central to the ability to identify, authenticate and authorise individuals and allow them access to resources is the validation of the requirements to ensure that someone is who they claim to be, possess the requisite academic or professional qualifications, work experience, skills and understanding their competency within any given skill. Ie. I may have a driving licence with allows me the right to drive but if subsequent to a test I have never had the opportunity my competency will be almost non-existent. And of course ensuring the binding of the identity throughout the lifecycle of an...


Interview with Jackson Shaw


Jackson Shaw: Is it Time for an Identity Revolution?

Why have things like cell phones and automobiles become more advanced, intuitive and cost effective over time while managing Identity, particularly Identity Governance, has remained complex and expensive? The time and resources it takes to implement an identity project hinders the business and slows any hope of digital transformation. The frustration is real and ripping and replacing has not proved to be the answer. So what’s it going to take to truly get IGA right? In this thought-provoking session, Jackson Shaw, an experienced thought leader in IGA will discuss the need to rethink...


Jessica Constantinidis: Who Are Your Customers, and Why Do They Need You or Your Product? Find the Real Business Goal You Need to Achieve by Thinking Differently

Today, if you want to respond to new competitors or communicate with people who might buy your product, you must refresh your view of who your internal and external customers are and how you can reach them. Similar questions apply to all business models : What are you doing today to make a difference? How can you optimize in ways that match our new reality? Is agility at your business core?  Nowadays, nobody can afford to make assumptions as time and money are restricted, and most are in a cost optimization phase. However with the right focus and right lens it might actually be the...


Pavel Volosen: An Implementer’s Perspective to Traditional Identity Access Governance (IAG) vs Identity Access Governance (IAG) on ServiceNow

This session will compare and contrast characteristics of Identity Access Governance built on traditional platforms, with those built on top of ServiceNOW, taken from an field perspective. Session will review implementation costs, common outcomes, and ultimately how to decide which is the most appropriate solution based on business needs.


Martin Kuppinger: Where ITSM is Heading – and the Impact on IAM

ITSM is going well beyond ITIL and IT ticketing these days: It’s becoming the portal and workflow platform Not that long ago, ITSM (IT Service Management) was what the name means: A technology used within IT to manage IT services and facing to the end user when it comes to IT requests. IT requests led to tickets as the tasks to be performed by workers in IT. And yes, there was and is ITIL (IT Infrastructure Library) describing common IT processes, there were and are Service Catalogs, and there were and are CMDBs (Configuration Management Databases). However, this is changing....


Todd Wiedman: IGA with the Power of ServiceNow

With all of the different IGA approaches available these days, have you ever wondered how global companies have success in centrally and seamlessly managing their mountains of requests while still maintaining critical workflows and compliance standards? Get the strategies you need to navigate and win from Todd Wiedman, Chief Information Security Officer, Landis+Gyr. Todd will be sharing insights and learnings from his successful implementation using the Clear Skye IGA solution natively running on the ServiceNow (NOW) Platform in this ‘not to be missed’ session.


The Story of Edge AI

Whether you are a firm believer in the bright future of Artificial Intelligence or somewhat of a skeptic like me – you simply cannot ignore the great strides AI technologies have made in recent years. Intelligent products powered by machine learning are everywhere: from chatbots to autonomous vehicles, from predicting consumer behavior and detecting financial fraud to cancer diagnostics and crop harvesting. There is however a major factor limiting even further applications of AI and ML in almost any industry: AI algorithms are very computationally intensive and until quite recently,...


How Security and Identity Fabrics Work to Help Improve Security

Many organizations struggle or even fail because they overcomplicate the implementation and extension of their cybersecurity toolset. Most do not have a central approach on security, and often use a set of tools that are not well-integrated with each other.

Welcome to KuppingerCole

How can we help you

Send an inquiry

+49 211 237 077 33

Mo – Fr 8:00 – 17:00

Stay Connected


AI for the Future of Your Business Learn more

AI for the Future of Your Business

AI for the Future of your Business: Effective, Safe, Secure & Ethical Everything we admire, love, need to survive, and that brings us further in creating a better future with a human face is and will be a result of intelligence. Synthesizing and amplifying our human intelligence have therefore the potential of leading us into a new era of prosperity like we have not seen before, if we succeed keeping AI Safe, Secure and Ethical. Since the very beginning of industrialization, and even before, we have been striving at structuring our work in a way that it becomes accessible for [...]