News Archive

Webcast

Under Pressure From the Auditor: Rapid Response by Rapid Access Reviews

Most organizations are aching under the pressure the feel from auditors in delivering information. A large portion of that is based on access reviews, i.e. demonstrating that the least privilege principle and related regulatory requirements are met.

Leadership Compass

Leadership Compass: Database and Big Data Security - 79015

This Leadership Compass provides an overview of the market for database and big data security solutions along with guidance and recommendations for finding the sensitive data protection and governance products that best meet your requirements. We examine the broad range of technologies involved, vendor product and service functionality, relative market shares, and innovative approaches to implementing consistent and comprehensive data protection across your enterprise.

Webinar

Sep 05, 2019: It’s Time to Forget Your Password and Settle for Multi-Factor Authentication

The majority of security breaches and attacks can be traced back to stolen and compromised passwords. Mobile devices are often particularly vulnerable because many users tend to avoid long passwords and special characters.

Webcast

Mit Access-Governance-Projekten neue Vorschriften erfüllen, ohne das Rad neu zu erfinden

IGA-Projekte (Identity Governance & Administration) bergen aufgrund ihrer Komplexität diverse Risiken. Diese ergeben sich meistens in der Vernetzung einer komplexen, heterogenen IT-Infrastruktur sowie durch den bereichsübergreifenden Charakter von IGA-Projekten. Wenn man nicht bei jedem Projekt immer wieder von Null anfangen möchte, und auf Erfahrungswerte zurückgreift, können viele Risiken sehr leicht vermieden werden.

Webinar

Sep 12, 2019: How to Stop Attacker Movement in Your Network Before They Reach your “Crown Jewels”

Nearly all high-impact cyberattacks have a phase in which the attacker must conduct lateral movement from their initial landing point to their ultimate target. To do this, the attacker needs a combination of credentials and available connections between one system and another. This is the evasive process of “living off the land” using the connectivity native to the organization.

Webinar

Sep 10, 2019: Regaining Control With IGA Solutions

Role management remains a pivotal challenge in many companies. Regulations (such as BAIT and VAIT in Germany) require companies not only to implement an IGA solution (Identity Governance & Administration), but also a uniform authorization concept and its regular review, including the assignment of access rights to the individual authorized persons.

Blog

Will the Stars Align for Libra?

This week, Facebook announced details about its cryptocurrency project, Libra. They expect it to go live for Facebook and other social media platform users sometime in 2020. The list of initial backers, the Founding Members of the Libra Association, is quite long and filled with industry heavyweights such as Coinbase, eBay, Mastercard, PayPal, and Visa. Other tech companies including Lyft, Spotify, and Uber are Founding Members, as well as Andreesen Horowitz and Thrive Capital.  Designed to be a peer-to-peer payment system, Libra will be backed by a sizable reserve and pegged to...

Webcast

The Dark Side of the API Economy

In a single decade, Application Programming Interfaces (APIs) have evolved from a purely technical concept into one of the foundations of modern digital business, delivering operational efficiency, scalability and profitability to companies from various industries. Nowadays, everything is API-enabled: corporate data is the product and APIs are the logistics of delivering it to customers and partners.

Webinar

Oct 10, 2019: Onboarding Your Business Partners to Your Services: B2B IAM in Practice

Virtually any business needs to grant business partners access to certain IT services. While employee IAM is a well-established discipline, where HR frequently delivers the information about joiners, movers, and leavers, and while Consumer IAM (CIAM) commonly relies on self-registration, B2B IAM comes with different challenges.

Webinar

Oct 17, 2019: Facilitating Business with State-of-the-Art Identity Proofing Solutions

For traditional or Business-to-Employee (B2E) IAM, HR departments are responsible for gathering documentation from employees to determine their suitability for employment. For Business-to-Consumer (B2C) or CIAM, identity proofing can be more difficult. Depending on the nature of the business, the attributes that need to be collected and verified can differ widely. For example, Know Your Customer (KYC) and Anti-Money Laundering (AML) regulations govern the kinds of attributes and authoritative attributes that must be collected in the finance industry.

Webinar

Sep 24, 2019: The Compelling Case for Risk-Based Adaptive Authentication

Consumers and employees are increasingly on-the-go, and that means that more transactions and more work originates from the mobile phone. Fraud and data loss rates have also been rising. A plethora of mobile-based digital identity technologies have entered the market over the last few years to help businesses and other organization meet these challenges.

Webcast

Getting Rid of the Password – How to Increase Safety Affordably

Despite compromised passwords being the leading cause of data breaches, most online businesses still rely on solely using passwords for logins. While getting rid of password authentication is desirable from a security standpoint, organizations fear that it is a costly endeavor that can also affect user experience.

Webcast

Image Video EIC 2019

Blog

API Security in Microservices Architectures

Microservice-based architectures allow businesses to develop and deploy their applications in a much more flexible, scalable and convenient way – across multiple programming languages, frameworks and IT environments. Like with any other new technology that DevOps and security teams started to explore in the recent years, there is still quite a lot of confusion about the capabilities of new platforms, misconceptions about new attack vectors and renewed discussions about balancing security with the pace of innovation. And perhaps the biggest myth of microservices is that their security...

Blog

M&A Activity in Cybersecurity and IAM

It seems almost every week in cybersecurity and IAM we read of a large company buying a smaller one. Many times, it is a big stack vendor adding something that may be missing to their catalog, or buying a regional competitor. Sometimes it’s a medium-sized technology vendor picking up a promising start-up. In the olden days (15+ years ago), start-ups hoped for going IPO. IPOs are far less common today. Why? Mostly because it’s an expensive, time-consuming process that doesn’t achieve the returns it once did. Many times, going IPO was an interim step to getting acquired by a...

Blog

Cybersecurity Pen-Tests: Time to Get Smart About Testing?

One of my favorite stories is of a pen-test team who were brought in and situated next door to the SOC (Security Operations Centre); and after a week on-site they were invited for a tour of the SOC where they queried a series of alarms [that they had obviously caused] only to be told “oh that’s normal, we’ve been getting these continuously all week”. People perform penetration tests (pen-tests) for a multitude of reasons; “I inherited a budget with an annual pen-test” or “it’s required by the audit committee” are the most common....

Webcast

Fine-Tuning ICS Threat Models to Prioritize Mitigations of the Most Vulnerable Devices

When discussing the matters of industrial cybersecurity with IT experts, lamenting the historical divide between OT and IT seems to be a popular topic: you would often hear that the OT engineers are stubbornly ignoring the latest cyberthreats and do not see security as a priority in general.

Whitepaper

Whitepaper: Radiant Logic and the Identity Integration Imperative - 80075

Digital transformation and the need for business agility are creating an explosion in the volume, variety and velocity of identity data that enterprises have to manage efficiently. And now regulators have sharply increased the liability of enterprises for assuring that identity data is safeguarded, only accessed appropriately, and accurate. An integrated identity capability can be the key to meeting both challenges.

Webcast

Leverage Enterprise Architecture to Achieve GDPR Compliance

Several measures have been undertaken by Organizations at various levels to comply with GDPR, most of which remain reactive, fragmented and largely ad-hoc. These controls are also not continuous in nature and therefore fail to satisfy ongoing compliance requirements. Organizational leaders (CISOs, CIOs, CDPOs or CROs) felt the need for better data controls that should be baked into organizational processes to ensure compliance by design.

Quicklinks

Welcome to KuppingerCole

How can we help you

Send an inquiry

+49 211 237 077 33

Mo – Fr 8:00 – 17:00

Stay Connected

Spotlight

AI for the Future of your Business Learn more

AI for the Future of your Business

AI for the Future of your Business: Effective, Safe, Secure & Ethical Everything we admire, love, need to survive, and that brings us further in creating a better future with a human face is and will be a result of intelligence. Synthesizing and amplifying our human intelligence have therefore the potential of leading us into a new era of prosperity like we have not seen before, if we succeed keeping AI Safe, Secure and Ethical. Since the very beginning of industrialization, and even before, we have been striving at structuring our work in a way that it becomes accessible for [...]