News Archive

Webinar

Nov 06, 2019: KuppingerCole Identifies Leaders in Consumer Authentication

Password-based authentication is insecure, leads to a poor customer experience, and is costly for businesses to maintain. Knowledge-based authentication, often used for password resets, is even more insecure given that the answers to individuals’ security questions are often found online. Consumer-facing online businesses are looking for stronger authentication options to reduce the risk of fraud and provide more pleasant user experiences.

Blog

HP Labs Renewed Focus on Endpoint Security Is Worth Watching

A visit to HP Labs offices in central Bristol, about 120 miles west of London, was a chance to catch up with the hardware part of the former Hewlett Packard conglomerate, which split in two four years ago. The split also meant that there are now two HP Labs, one for the HP business and the other for Hewlett Packard Enterprise. To perhaps position itself as a serious B2B vendor we were told that HP is an “endpoint infrastructure company”, which kind of works, but its US, Chinese and Taiwanese competition could conceivably claim the same. To counter this, HP is tapping into the...

Blog

GDP R U Compliant?

Almost one and a half years after the introduction of GDPR (EU General Data Protection Regulation), some companies still struggle with implementing appropriate measures to deal with Personally Identifiable Information (PII) in a compliant fashion. Last week the Commissioner for Data Protection and Freedom of Information of the city state Berlin Maja Smoltczyk imposed a 195,000 euro fine on the German food delivery service provider Delivery Hero after it had committed a series of data protection law violations with its subsidiaries Foodora, Lieferheld and Pizza.de. It is Germany’s...

Leadership Compass

Leadership Compass: Consumer Authentication - 80061

This report provides an overview of the market for Consumer Authentication products and services and provides you with a compass to help you to find the Consumer Authentication product or service that best meets your needs. We examine the market segment, vendor product and service functionality, relative market share, and innovative approaches to providing Consumer Authentication solutions.

Blog

Redefining the Role of the CISO – Cybersecurity and Business Continuity Management Must Become One

Cyberattack resilience requires way more than just protective and defensive security tools and training. Resilience is about being able to recover rapidly and thus must include BCM (Business Continuity Management) activities. It is time to redefine the role of CISOs. I made this point in yesterday’s webinar on cybersecurity budgeting. If you missed it, you can watch the webcast here. Prevention is key in limiting cyberattacks. A Chief Information Security Officer is responsible for prevention. Best practices of employees are responsible for prevention. From the top down the...

Webcast

Cybersecurity Budgeting 2020: Set Your Priorities Right

For the majority of businesses, the budgeting season is about to start. Some are done, some will be later, if the fiscal year differs from the calendar year. But usually, in September and October, this process is kicked off. Cybersecurity is one of the areas where virtually every business will need to invest, with ever-growing cyber risks and ever-tightening regulations. On the other hand, budgets always are tight and most businesses already have a zoo of different cybersecurity tools. Thus, it might be even worth considering retiring some and focus on the ones that really help...

Press Release

CIAM Is Many Things – KuppingerCole Tells You All You Need

Consumer Identity and Access Management (CIAM) is many things. For some, it’s all about streamlining the user experience through technologies and practices. For others, IAM is all about identity lifecycle management. And for still others, it focuses on security and compliance through technologies and practices. KuppingerCole Analysts deals with all forms of CIAM at Consumer Identity World 2019 kicking off today in Seattle. Three days of interesting and insightful keynotes, panels and sessions by thought leaders and industry experts are waiting.

Blog

Regulating AI's Limitless Potential

Regulation has the uncomfortable task of limiting untapped potential. I was surprised when I recently received the advice to think of life like a box. “The walls of this box are all the rules you should follow. But inside the box, you have perfect freedom.” Stunned as I was at the irony of having complete freedom to think inside the box, those at the forefront of AI development and implementation are faced with the irony of limiting projects with undefined potential. Although Artificial General Intelligence – the ability of a machine to intuitively react to situations...

Webcast

The Compelling Case for Risk-Based Adaptive Authentication

Consumers and employees are increasingly on-the-go, and that means that more transactions and more work originates from the mobile phone. Fraud and data loss rates have also been rising. A plethora of mobile-based digital identity technologies have entered the market over the last few years to help businesses and other organization meet these challenges.

Executive View

Executive View: Tremolo Security – A Different Approach - 80160

It’s time to consider a different way to manage and use identity information. We tend to deploy identity management suites and change our processes to suit. But this can constrain us and restrict our agility in deploying identity management services.

Tremolo Security breaks the mold and asks us to focus on the task to be performed, and then to deploy an optimal solution.

Blog

Meet the Next-Generation Oracle

Oracle OpenWorld 2019 has just wrapped yesterday, and if there is a single word that can describe my impressions of it, that would be “different”. Immediately noticeable was the absence of the traditional Oracle Red spilling into the streets around the Moscone Center in San Francisco, and the reason behind it is the new corporate design system called Redwood. You can already see its colors and patterns applied to the company’s website, but more importantly, it defines new UI controls for Oracle applications and cloud services. Design, however, is by far not the...

Leadership Brief

Leadership Brief: Responding to Cyber Incidents - 80209

The overwhelming majority of organizations now depend upon online services to support their business and this exposes them to cyber security risks. While most have security protection technologies in place few have a plan for how they would respond to a cyber incident. Today, the question is not if your organization will suffer a cyber incident but when - and this makes it essential to have a plan.

Webinar

Dec 03, 2019: Extending Beyond the Limits of Multi-Factor Authentication With Continuous Adaptive Trust

The Identity and Access Management (IAM) market is undergoing rapid and at times transformative change. A steady progression from on-premises to API and cloud platforms is visible as vendors innovate, but authentication tools are under attack from determined adversaries.

Webcast

Martin Kuppinger - New Technologies, New Challenges, New Opportunities: Finding The Right Balance

How and where AI, ML, Blockchain, CIAM, Libra, and others can help solving the challenges of Digitization, a changing competitive landscape, and new regulations such as PSD2 in the Finance Industry – and where not Both traditional Finance Industry and emerging FinTech are under pressure. The competitive landscape continues to change, with new players entering the market, new business models emerging, and new regulations requiring changes in the way business is done. Everyone is fighting for the customer and wants to be the “face to the customer” – the one who...

Press Release

Finance Industry Under Pressure in Fight for the Customer

New players and technologies are stirring up the finance industry, increasing the pressure on traditional players as well as emerging Fintechs alike. “Everyone is fighting for the customer and wants to be the “face to the customer” – the one who controls the business relationship and interaction,” says Martin Kuppinger, Principal Analyst at KuppingerCole.

Blog

Blockchain: It’s not About Technology, It Is About Use Cases

Today, the German Federal Government announced its Blockchain Strategy. What might sound as a great thing, falls short, for a number of reasons. One is that it is late: after the first hype and somewhere in the phase of disillusion. This should have happened much earlier, specifically with the intent of getting or keeping a leading position. And, notably, more important would be to foster innovation by supporting start-ups with simplified regulations and administration for that type of businesses, and a far better ecosystem for venture and growth finance. A second objection: It is too...

Advisory Note

Advisory Note: Demystifying the Blockchain: What Makes a Blockchain Useful to a Firm? - 80301

Blockchain technology – as the hype advertises – can be a value-adding solution for businesses and individuals. However, it is necessary to separate blockchain’s functionality from its fame before a firm can find an appropriate use case. This report deconstructs the main features that make blockchains unique from traditional database software and identify the ways that blockchain can be used to address the preexisting issues in a database.

Webcast

The Globalization of IAM for Manufacturing Businesses

Globalization has given many companies the opportunity to run factories and other operations in various countries. In doing so, manufacturers are faced with challenging regulations they have to comply with and that may differ in the U.S., EMEA, Russia, China, and other countries. IAM is an essential element for operating business, when it comes to employees, business partners such as suppliers, and customers.

Press Release

One of Blockchain’s Core Challenges: Identifying Right Application Areas

According to the German news outlet Tagesspiegel Background Digitalisierung & KI, Germany’s Federal Government will present its blockchain strategy tomorrow. KuppingerCole Lead Analyst Matthias Reinwarth believes that blockchain solutions can deliver great potential under certain conditions, so it does not come as a surprise that the industry is occupied with the potential of blockchain.

Executive View

Executive View: Oracle Data Safe - 80076

Oracle Data Safe is a cloud-based service that improves Oracle database security by identifying risky configuration, users and sensitive data, which allows customers to closely monitor user activities and ensure data protection and compliance for their cloud databases.

Whitepaper

Whitepaper: Ein schlanker Ansatz für Identity & Access Governance - 80107

Identity & Access Governance ist ein Muss für jedes Unternehmen. Leider ist die Art und Weise, wie es heute gehandhabt wird, ineffizient und schwerfällig. Es ist an der Zeit, die Ansätze zu Identity & Access Governance zu überprüfen und schlanke Konzepte umzusetzen, die Unternehmen helfen, sich effizient an die Vorschriften zu halten und gleichzeitig Geschäftsrisiken, die sich aus überhöhten Ansprüchen ergeben, wirksam zu mindern. Kleverware IAG ist eine Lösung, die sich auf einen solchen schlanken Ansatz konzentriert.

Whitepaper

Whitepaper: A Lean Approach on Identity & Access Governance - 80048

Identity & Access Governance is a must for every business. Unfortunately, the way it is commonly done today is inefficient and cumbersome. It is latest time to review the approaches on Identity & Access Governance and implement lean concepts that help businesses to comply in an efficient manner, while also effectively mitigating business risks that derive from excessive entitlements. Kleverware IAG is a solution that focuses on such lean approach.

Advisory Note

Advisory Note: The Future of Cryptocurrencies - 80263

Cryptocurrencies remain a speculative asset, but the launch of Facebook’s Libra could upset the status quo. There are many business opportunities which would stem from widespread adoption of cryptocurrencies, but also many challenges including data protection and tracking criminal activities. The relationship between government regulators, financial institutions, and cryptocurrencies is still being determined. This analysis sheds light on the current landscape of cryptocurrencies, their inherent strengths and weaknesses, and how the impending changes may affect key industries.

Blog

PSD2 in a Europe of Small Principalities

Europe’s consumers have been promised for some years now that strong customer authentication (SCA) was on its way. And the rules as to when this should be applied in e-commerce are being tightened. The aim is to better protect the customers of e-commerce services.  This sounds like a good development for us all, since we are all regular customers of online merchants or providers of online services. And if you look at the details of SCA, this impression is further enhanced. Logins with only username and password are theoretically a thing of the past, the risk of possible fraud on...

Blog

Need for Standards for Consumable Risk Engine Inputs

As cybercrime and concerns about cybercrime grow, tools for preventing and interdicting cybercrime, specifically for reducing online fraud, are proliferating in the marketplace. Many of these new tools bring real value, in that they do in fact make it harder for criminals to operate, and such tools do reduce fraud. Several categories of tools and services compose this security ecosystem. On the supply side there are various intelligence services. The forms of intelligence provided may include information about: Users: Users and associated credentials, credential and identity proofing...

Leadership Brief

Leadership Brief: PSD2: New business opportunities and risks - 80303

The Revised Payment Service Directive (PSD2) Regulatory Technical Specifications (RTS) take effect this autumn across the EU. The directive will provide new benefits and rights for consumers, and create new business opportunities in the financial sector. However, new opportunities also imply new risks.

Webinar

Nov 19, 2019: 6 Myths of Privileged Access Management Busted

Industry thought leaders have stated that if there is only one project you can tackle to improve the security of your organization it should be Privileged Access Management (PAM). But successfully securing and managing privileged access is a tough task and is only getting harder to solve.

Blog

What Does AI in Human Resources Mean for the Small Business?

Thanks to an incessant desire to remove repetitive tasks from our to-do lists, researchers and companies are developing AI solutions to HR – namely to streamline recruiting, improve the employee experience, and to assess performance. AI driven HR management will look different in small businesses than in large companies and multinationals. There are different barriers that will have to be navigated, but also different priorities and opportunities that small businesses will have with AI. Smaller budgets create price barriers to implementing an AI system, and likely psychological...

Leadership Brief

Leadership Brief: Top Cyber Threats - 72574

The way software is used today has clearly shifted towards "as-a-service". Classic on-premises applications are migrating more and more into the (managed) cloud and users are using hybrid scenarios from local and cloud applications on their devices. This Leadership Brief discusses top cyber threats—and shows how to overcome or manage them.

Webcast

How to Stop Attacker Movement in Your Network Before They Reach your “Crown Jewels”

Nearly all high-impact cyberattacks have a phase in which the attacker must conduct lateral movement from their initial landing point to their ultimate target. To do this, the attacker needs a combination of credentials and available connections between one system and another. This is the evasive process of “living off the land” using the connectivity native to the organization. During a normal workday, credentials and connections proliferate within a network. Once inside, attackers use Mimikatz and other attack tools to automate and accelerate credential harvesting, network...

Blog

The Best Security Tool Is Your Own Common Sense

Earlier this week, Germany’s Federal Office for Information Security (popularly known as BSI) has released their Digital Barometer 2019 (in German), a public survey of private German households that measured their opinions and experience with matters of cybersecurity. Looking at the results, one cannot but admit that they do not look particularly inspiring and that they probably represent the average situation in any other developed country… According to the study, every fourth respondent has been a victim of cybercrime at least once. The most common types of those include...

Leadership Brief

Leadership Brief: How to set up your IAM organization - 72548

A technology-oriented approach to identity and access management (IAM) is becoming less important as identities become more diverse and access requirements grow. As a result, CISOs and IAM Security Officers are struggling to promote and develop the maturity of skills in the silos of technical identity management services. Adapting the structure of IAM organizations so that they are based on a service capability model helps to address key challenges in managing a broad portfolio. In this Leadership Brief, the most important topics about a complete IAM organization and some of the pitfalls...

Leadership Brief

Leadership Brief: How to get a Grip on OT Cybersecurity - 72573

With the increasing demand for more connectivity, Operational Technology (OT) organizations will need to become more interconnected with IT over time. The convergence of IT and OT is inevitable, so get started now on getting a grip on your OT Cybersecurity.

Webcast

Regaining Control With IGA Solutions

Role management remains a pivotal challenge in many companies. Regulations (such as BAIT and VAIT in Germany) require companies not only to implement an IGA solution (Identity Governance & Administration), but also a uniform authorization concept and its regular review, including the assignment of access rights to the individual authorized persons.

Whitepaper

Whitepaper: Why Modern Enterprise IAM Must Be Rearchitected: Build Your Case for Containerized IAM and IDaaS - 80044

IT paradigms are under change. Containerized solutions, building on Microservice Architectures and exposing well-defined sets of APIs, are rapidly becoming the new normal. Such architectures provide clear benefits when used for IAM, allowing customers to shift from lengthy deployments of complex IAM tools to an agile deployment and operations approach, based on continuous innovation. Avatier supports that shift with its Avatier Identity Anywhere offering as a containerized IAM solution that can run everywhere, on premises or in the Cloud as full IDaaS (Identity as a Service).

Executive View

Executive View: Akamai Zero Trust Security - 80054

Akamai’s Intelligent Edge Platform offers a broad range of access management, threat protection, and application security services that will support you in your journey to Zero Trust, making it safe, scalable and easy to manage – delivered entirely from the cloud.

Executive View

Executive View: Uniken REL-ID Security Platform - 80045

When it comes to omni-channel and multi-device marketing and commerce, authentication is an important topic. The challenge is to achieve both security and the user experience as part of an integrated customer journey. UNIKEN REL-ID is a security platform that addresses that challenge across various channels, including mobile, web, voice, and chat.

Blog

Facebook Breach Leaves Half a Billion Users Hanging on the Line

It seems that there is simply no end to a long series of Facebook’s privacy blunders. This time, a security researcher has stumbled upon an unprotected server hosting several huge databases containing phone numbers of 419 million Facebook users from different countries. Judging by the screenshot included in an article by Techcrunch, this looks like another case of a misconfigured MongoDB server exposed to the Internet without any access controls. Each record in those databases contains a Facebook user’s unique ID that can be easily linked to an existing profile along with that...

Webcast

It’s Time to Forget Your Password and Settle for Multi-Factor Authentication

The majority of security breaches and attacks can be traced back to stolen and compromised passwords. Mobile devices are often particularly vulnerable because many users tend to avoid long passwords and special characters.

Blog

How Do You Protect Your Notebook?

The other day I found a notebook on a train. It was in a compartment on the seat of a first-class car. The compartment was empty, no more passengers to see, no luggage, nothing. And no, it wasn't a laptop or tablet, it was a *notebook*. One made of paper, very pretty, with the name of a big consulting company printed on it. So, it was either a promotional gift or one that employees use. Two thirds of it had been used, which could be seen from the edge of the paper. Everyone knows these notebooks, from simple A4 college pads with cheap ballpoint pens to expensive, leather-bound prestige...

Webinar

Oct 23, 2019: KuppingerCole’s Evaluation of Leading Vendors in the Identity API Platforms Market

Many different factors are driving Digital Transformation in the market today. One factor is the change in how businesses interact with their customers. Another factor is more on the technical side that addresses the implementation of new Digital Services that have become more complex due to the different environments and the many integration points to consider.

Blog

Could Artificial Intelligence Put Lawyers Out of Business?

Artificial intelligence (AI) and machine learning tools are already disrupting other professions. Journalists are concerned automation being used to produce basic news and weather reports. Retail staff, financial workers and some healthcare staff are also in danger, according to US public policy research organization, Brookings.  However, it may come as a surprise to learn that Brookings also reports that lawyers have a 38% chance of being replaced by AI services soon. AI is already being used to conduct paralegal work: due diligence, basic research and billing services. A growing...

Executive View

Executive View: AdNovum NEVIS Security Suite - 80066

A solution for managing secure access to online services, protected assets and sensitive data. Strong authentication, a broad spectrum of access management methods, sustainable maintenance processes of identities and authorization data form the basis for secure and auditable user access to applications.

Webcast

KuppingerCole’s Evaluation of Leading Vendors in the IDaaS Access Management Market

Identity-as-a-Service Access Management (IDaaS AM) has emerged as one of the fastest-growing markets of IAM, characterized by cloud-based delivery of traditional IAM services. KuppingerCole estimates the global IDaaS market will continue to grow at a CAGR of 24% in 2019.

Executive View

Executive View: Oracle Identity Cloud Service - 80156

Most organizations now have a hybrid IT environment with a cloud first approach to choosing new applications.  While this provides many benefits it also creates challenges around security and administration.  Managing identity and access in a consistent manner across all IT services, irrespective of how they are delivered, is key to meeting these challenges.  This report covers Oracle Identity Cloud Service (IDCS) and describes how it meets the needs of organizations in some typical use-case scenarios.

Whitepaper

Whitepaper: Oracle Identity Cloud Service: Identity for Business Applications in the Hybrid IT - 80155

Today, most businesses are using hybrid IT, with a mix on-premises and cloud applications and services. And hybrid IT is here to stay, given that many of the legacy applications are hard and costly to migrate. Thus, Identity Services must work well for all these applications and the entire hybrid IT  infrastructure. While they increasingly run from the cloud, as IDaaS (Identity as a Service), connecting back to on-premise applications and delivering comprehensive IAM capabilities for hybrid IT becomes essential. Oracle Identity Cloud Service is built for these environments, with...

Blog

Google Revelations Shatter Apple’s Reputation for Data Privacy

It’s not been a good couple of weeks for Apple. The company that likes to brand itself as superior to rivals in its approach to security has been found wanting. Early in August it was forced to admit that contractors had been listening in to conversations on its Siri network. It has now temporarily stopped the practice, claiming that only “snippets” of conversations were captured to improve data. At the end of last week, a much more serious security and privacy threat was made public. Google researchers revealed that hackers have put monitoring implants into iPhones for...

Executive View

Executive View: IBM Cloud Identity - 79065

IDaaS IAM is a fast growing market, characterized by cloud-based delivery of access management capabilities for business irrespective of the application and service delivery models. The promise of improved time-to-value proposition is prioritizing adoption of IDaaS for B2B, B2E and B2C access management use-cases, helping IDaaS to dominate new IAM purchases globally. This report is an introduction for organizations to IBM’s IDaaS product, IBM Cloud Identity.

Leadership Brief

Leadership Brief: Identity Fabrics - Connecting Anyone to Every Service - 80204

Digital technologies are now influencing and changing all areas within organizations. This is fundamentally reshaping the way communication takes place, how people work together and how value is delivered to customers. Ever-changing application and infrastructure architectures reflect the requirements of the evolving challenges that face companies, government agencies and educational institutions. Therefore, IAM as a whole needs to be reconsidered. It needs to be transformed step by step into a set of services which create unified, overarching architectures, making digital services...

Quicklinks

Welcome to KuppingerCole

How can we help you

Send an inquiry

+49 211 237 077 33

Mo – Fr 8:00 – 17:00

Stay Connected

Spotlight

AI for the Future of Your Business Learn more

AI for the Future of Your Business

AI for the Future of your Business: Effective, Safe, Secure & Ethical Everything we admire, love, need to survive, and that brings us further in creating a better future with a human face is and will be a result of intelligence. Synthesizing and amplifying our human intelligence have therefore the potential of leading us into a new era of prosperity like we have not seen before, if we succeed keeping AI Safe, Secure and Ethical. Since the very beginning of industrialization, and even before, we have been striving at structuring our work in a way that it becomes accessible for [...]