News Archive

Whitepaper

Whitepaper: Pirean: Orchestrated Identity for Meeting IAM & CIAM Requirements -70225

Identity and Access Management (IAM) for employees and partners is a foundational element in all digital environments today.  Consumer Identity and Access Management (CIAM) systems and services provide new technical capabilities for organizations to know their customers better.  Pirean’s solutions for IAM and CIAM can help companies deploy a single solution to meet both sets of business objectives.    

Blog

PSEUDO WHAT AND GDPR?

GDPR comes into force on May 25th this year, the obligations from this are stringent, the penalties for non-compliance are severe and yet many organizations are not fully prepared. There has been much discussion in the press around the penalties under GDPR for data breaches. KuppingerCole’s advice is that preparation based on six key activities is the best way to avoid these penalties. The first two activities are first to find the personal data and second to control access to this data. While most organizations will be aware of where personal data is used as part of their normal...

Executive View

Executive View: Microsoft Azure Information Protection - 72540

Microsoft Azure Information Protection creates a viable user experience for data classification and labeling of Office documents and emails. It enables sensitive data discovery; integrates data protection capabilities throughout Microsoft’s Azure, Office, and Windows environments; and is gaining third party support from Adobe and data leakage prevention (DLP) vendors among others. KuppingerCole recommends clients invested in Office365 and Azure consider adopting AIP as part of their data protection strategy.

Webinar

Apr 26, 2018: Access Management Leading the Cloud Transformation Drive

To survive the fierce market competition in the era of Digital Transformation, businesses strive to be as agile as possible, to quickly adjust to constantly changing customer demands, industry regulations and modern technologies. Driven by cloud transformation and digitalization, modern companies are becoming increasingly open and interconnected, with massive numbers of people, devices and applications forming millions of relationships across geographically and technologically diverse environments.

Executive View

Executive View: UNIFY Identity Broker - 70263

With today's ever-growing IT requirements for integrations between identity sources, applications and services whether on-premise, the cloud, or hybrid environments, an advanced identity provider service is required to bridge these disparate technologies. UNIFY Solutions overcomes these challenges with their Identity Broker.

Leadership Brief

Leadership Brief: Securing PSD2 APIs - 79028

The Revised Payment Service Directive (PSD2) mandates that banks provide APIs for Account Information Service Providers (AISPs) and Payment Initiation Service Providers (PISPs) to use.

Leadership Brief

Leadership Brief: Marketing Chatbots and GDPR - 79026

Chatbots are a recent trend in marketing automation, designed to enhance customers’ digital journeys and elicit more information from consumers. This report evaluates the impact of GDPR will have on the use of chatbots and provides an overview of topics to be considered in order to ensure compliance.

Blog

Azure Advanced Threat Protection: Securing Your Identities Right From the Cloud

Recently, Microsoft has announced general availability for another addition to their cybersecurity portfolio: Azure Advanced Threat Protection (Azure ATP for short) – a cloud-based service for monitoring and protecting hybrid IT infrastructures against targeted cyberattacks and malicious insider activities. The technology behind this service is actually not new. Microsoft has acquired it back in 2014 with the purchase of Aorato, an Israel-based startup company specializing in hybrid cloud security solutions. Aorato’s behavior detection methodology, named Organizational Security...

Webcast

Holistic Approach to Cyber Risk Governance in the GDPR Era

Pressured by the Digital Transformation, corporate networks are becoming increasingly complex, spanning across multiple geographical locations and technology platforms. Unfortunately, even as companies are becoming more open to the outside world, different business units within the same company still remain essentially isolated when it comes to consistently measuring and exchanging security and risk management data across their networks. Without full and clear visibility into the true company-wide risk posture, executives are bound to have massive difficulties understanding and...

Advisory Note

Advisory Note: Security Organization Governance and the Cloud - 72564

The cloud provides an alternative way of obtaining IT services that offers many benefits including increased flexibility as well as reduced cost.   This document provides an overview of the approach that enables an organization to securely and reliably use cloud services to achieve business objectives.

Leadership Brief

Leadership Brief: The Anti-Malware Requirement in PSD2 - 79027

The Revised Payment Service Directive (PSD2) mandates thatservice providersevaluatetransaction requests for signs of malware infection. In order for transactions to be considered low-risk, there must be no signs of malware infection in any sessions of authentication events.

Webcast

Faktor Mensch: Wie man das schwächste Glied der IT-Infrastruktur Ihres Unternehmens schützt

Obwohl der Markt mit einer großen Anzahl von Sicherheitslösungen reagiert und die Budgets für Cybersicherheit ständig wachsen, scheinen sich viele Unternehmen immer noch auf den Schutz von Endgeräten und Netzwerken zu konzentrieren. Sie übersehen dabei das kritischste Ziel in ihren Reihen - die Menschen. Aktuelle Studien zeigen deutlich, dass Hacker sich davon entfernen, Schwachstellen in der Infrastruktur zu attackieren und stattdessen den Faktor Mensch über Kanäle wie E-Mail, Social Media und mobile Anwendungen ausnutzen. Statt ausgefeilte...

Blog

CyberArk Acquires Vaultive to Strengthen Its Privilege Management Capabilities in Cloud

CyberArk, an overall leader in privilege management according to KuppingerCole Leadership Compass on Privilege Management, announced yesterday that it has acquired certain assets in a privately held America-based Israeli cloud security provider, Vaultive. Data encryption has emerged as a key inhibitor for organizations seeking to adopt cloud services. Most cloud providers today offer own encryption to ensure that data in transit and at rest remains unreadable if a breach occurs. However, as organizations adopt multiple SaaS...

Webinar

Apr 10, 2018: Acing the Upcoming GDPR Exam

With only weeks to go until the EU GDPR (General Data Protection Regulation) takes effect on May 25th, global businesses are scrambling to figure out how to avoid the hefty fines that loom for companies failing to achieve compliance. Sanctions for non-compliance are very severe with penalties of up to 4% of annual worldwide turnover.

Webcast

Ivana Bartoletti - Meeting the GDPR Transparency Requirements in Digital Finance

Presentation at the Digital Finance World 2018 in Frankfurt, Germany

Webcast

Matthias Reinwarth - You Are Here! Assessing Your Organisation‘s GDPR Readiness

Presentation at the Digital Finance World 2018 in Frankfurt, Germany

Webcast

Panel - PSD2 and the Identity Problem

Panel discussion at the Digital Finance World 2018 in Frankfurt, Germany

Webcast

Mike Small - PSD2 – Does the RTS Prohibit Secure Customer Authentication?

On January 13 th , 2018 a new set of rules for banking came into force that open up the market by allowing new companies to offer electronic payment services.  On November 27 th , 2017 the European Union published and press release and a draft Regulatory Technical Standard (RTS) on strong authentication. On the one hand the press release says that – “thanks to PSD2 consumers will be better protected when they make electronic payments or transactions because the RTS makes strong customer authentication (SCA) the basis for accessing one's payment account, as well as for...

Webcast

Panel - PSD2 and Open API Solutions

By giving access to customer’s online account (XS2A), PSD2 lays the foundation for new and exciting digital payments system. Many new opportunities arise through the innovative and wide-ranging usage of APIs which can be mutually beneficial for banks, TPPs and customers. In this session we will discuss the novel concepts for post-PSD2 financial ecosystem. 

Webcast

Parth Desai - Open Banking Challenges & Opportunities: Why AI is the Essential Business Enabler

Presentation at the Digital Finance World 2018 in Frankfurt, Germany

Webcast

Dr. Karsten Kinast - Preparing for GDPR: Key Aspects and Best Practices for Financial Services

The EU General Data Protection Regulation (GDPR) will be implemented in May 2018. It replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy. To achieve ist ambition the GDPR will introduce several new concepts, rights and duties. Some of these have a significant impact on financial services and may require a change to both the handling and use of personal data. The Keynote will give an introduction to the...

Webcast

Guido Scholz - GDPR Is Not Only Law, It Is Also a Trusted Relationships with Customers

Presentation at the Digital Finance World 2018 in Frankfurt, Germany

Webcast

Jason Boud - A Panorama of RegTech Trends and of the RegTech Market

Presentation at the Digital Finance World 2018 in Frankfurt, Germany

Webcast

Best Practices and Essential Tools for GDPR Compliance

Join this KuppingerCole webinar to get practical, straightforward advice on how to prepare for GDPR, including:

  • Devising and maintaining a plan to detect a data breach,
  • Properly documenting evidence of compliance for auditors,
  • Evaluating the effectiveness of your security practices,
  • Minimizing costs by reducing the number of tools and processes needed,
  • Selecting the right technology platform or managed service

Webcast

Martin Kuppinger - 2018 - The Year of Disruption: Why the Finance Business Will Never Be the Same Again

The year 2018 brings major changes to the financial industry. Two disruptive regulations (PSD2 and GDPR) come into effect early in the year and will have a far-reaching impact. Their implementation can be a challenge, but through these directives new opportunities will be created. Furthermore, the blockchain technology is becoming increasingly relevant and influential in the financial sector through its practical use. This Keynote will discuss the three game-changers, PSD2, GDPR and Blockchain impacting the industry and will give recommendations for the necessary actions. 

Webcast

Urs Zurbuchen - Revised Payment Service Directive: Understanding Its Technical Requirements for a Smooth and Secure Customer Experience

PSD2 will require 2 major technology thrusts: exposing and securing APIs for banking functions, and presenting strong authentication options for financial customers. Banks have to open up many of their core banking functions to enable the PSD2 ecosystem where Third Party Providers (TPPs) can directly initiate payment transfers and aggregate account information. Urs Zurbuchen will present how important a combined approach of web application security and identity access management is to fulfill the necessary compliance requirements. Especially for strong customer authentication the market is...

Webcast

Mark Stephen Meadows - Why Bots Need License Plates

The consumer experience is changing radically, and globally. Today, AI-powered bots in the form of chatbots, voice assistants, and avatars, are responsible for the majority of traffic on the web and conversational systems.  And CPA chatbots or accountant avatars are now telling us what to do with our money – what to buy, where to buy it, and where to invest.  How can we trust these bots? After all, they are made by humans, and sadly not all humans have your best interest at heart. These bots need license plates. Bots and AI need authentication. They need regulation,...

Webcast

Dr. Khanh Dang Ngo - Improving Smart Contracts with Civil Code

Presentation at the Digital Finance World 2018 in Frankfurt, Germany

Webcast

John Erik Setsaas - A Blockchain Reality Check - Why Blockchain May Not Be the Answer to the Identity Challenges

Blockchain is everywhere, and blockchain promises to solve any kind of problem, including that of the digital identity. This presentation will take a critical look at the promises, and look at possible scenarios for identities on the blockchain, as well as why this may not be a good idea.

Webcast

Balázs Némethi - How Blockchain Will Connect the Material Space to the Foundation of the Digital Space: Identity

Presentation at the Digital Finance World 2018 in Frankfurt, Germany

Webcast

Yana Afanasieva - Licensing, AML and other Regulatory Requirements Applicable to Cryptocurrency Operators

Yana will address several of the most common misperceptions about cryptocurrency operations, and argue that they are, in fact, already regulated under existing rules,  such as PSD2, AMLD4, investor protection and consumer rights regulation. Yana will also make a case that transactions in cryptocurrencies do not necessarily increase AML risks of the operator, especially, not in comparison to transactions with cash. Several best practices of how to organize the compliance framework for a cryptocurrency-related service provider will be given.

Webcast

Dr. Hans-Peter Güllich - Applying Artificial Intelligence for a New Age of Risk and Compliance Management

Misguided, mismanaged and misunderstood. How to provide easy to understand key information supporting fundamental C-Level decisions in the years ahead? Due to the sheer mass of available data organisations are missing an ongoing and real time monitoring of external and internal data and information allowing them to identify internal weak points (e.g. compliance failures, risk management issues, etc.), provide an early detection of risk relevant web content and comprehensively communicate the actual risk situation to all management levels.

Webcast

Daniel Kjellén - Say Goodbye to the Service Formerly Known as Banking – A Case Study on the Changes We Expect to See Across Europe

  Everyone has been talking about how PSD2 will unlock retail banking, opening up the market to new entrants and decrease banks’ power on the market. But if you are looking at the future of finance, look no further than Sweden. Daniel Kjellén, CEO and co-founder of Tink, a Swedish fintech recently identified by UBS as ”the shape of the changes we expect to see across Europe in time”, will share a case study of Sweden’s journey from financial monopolies to a consumer led market which delivers money on autopilot.  Sweden is...

Webcast

Michael Backes - CollectAI: How an Innovative Financial Service Leverages AI from the Start

Since 2012 Otto Group Digital Solutions, the Otto Group's company builder, has worked to build strategically-relevant business models in the financial industry, combining the assets of the corporate ecosystem with entrepreneurial know-how and cutting-edge technology. This keynote will showcase how we leveraged AI in our latest startup, collectAI, in order to create a value proposition that combines the best of "Man and Machine." In addition, we will look at the potential for continuous improvement moving forward.

Blog

Make Things Happen Rather Than Watch Things Happen With Vendor-Provided Compliance Solutions

In May 2017, my fellow KuppingerCole analyst Mike Small published the Executive Brief research document entitled “Six Key Actions to Prepare for GDPR” (then and now free to download). This was published almost exactly one year before the GDPR takes full effect and outlines six simple steps needed to adequately prepare for this regulation. “Simple” here means “simple to describe”, but not necessarily “simple to implement”.   However, while time has passed since then, and further regulations and laws are gradually gaining additional...

Executive View

Excutive View: Axiomatics APS - 70346

Axiomatics provides a complete enterprise-grade dynamic authorization solution that can address an organization's breadth of access control needs. The Axiomatics Policy Server (APS) makes available a suite of tools and services to manage an Attribute Based Access Control (ABAC) policy life-cycle efficiently.

Webinar

Apr 12, 2018: Cloud Data Protection Done Right: When Bringing Your Own Key Just Isn’t Enough

As companies continue to expand their adoption of cloud services for such benefits as improved flexibility and scalability, reduced time to market, and cost savings, protecting their sensitive data across a large number of SaaS platforms is becoming increasingly complicated. For heavily regulated industries, security and data protection have been the largest barriers to cloud adoption for years, but with the upcoming General Data Protection Regulation (GDPR)’s significantly tightened compliance controls and massive penalties for violations, protecting sensitive data in the cloud is becoming...

Blog

Not a Surprise: German Government Under (Cyber) Attack

Yesterday, the reports of the German government having become a victim of a cyber-attack spread the news. According to them, the attack affected the Ministry of Defense and the Department of Foreign Affairs. There is an assumption that the attack had been carried out by APT28, a group of Russian hackers. However, only very few details are available to the public.When reading the news, there are various points that made me raise my eyebrows. These include it has been a group of Russian hackers the attack is under control/isolated the German government network is well secured there has...

Quicklinks

Welcome to KuppingerCole

How can we help you

Send an inquiry

+49 211 237 077 33

Mo – Fr 8:00 – 17:00

Stay Connected

Spotlight

Modern Cybersecurity Trends & Technologies Learn more

Modern Cybersecurity Trends & Technologies

Companies continue spending millions of dollars on their cybersecurity. With an increasing complexity and variety of cyber-attacks, it is important for CISOs to set correct defense priorities and be aware of state-of-the-art cybersecurity mechanisms. [...]