News Archive

Blog

Cloud Security Posture Management Tools – What They Are and Why You Need One

Many security product vendors are now offering CSPM (Cloud Security Posture Management) as part of their portfolio - so what is CSPM and why might you need it?  In their race towards digital transformation, organizations are using cloud services to accelerate the development of new apps and improve efficiency. This provides many important business benefits but also increases the challenges of ensuring cyber-security and regulatory compliance. CSPM solutions are intended to provide a way to identify and control some of these risks.  They supplement CASBs (Cloud Access Security...

Webcast

KuppingerCole Analyst Chat: Functionalities at the Core of a Privileged Account Management System

Paul Fisher and Matthias Reinwarth continue talking about privileged access management, discussing the core capabilities of modern PAM solutions.

Leadership Brief

Leadership Brief: Enterprise Information Protection - 71036

The perimeter of the corporation has transformed into a much more fluid and permeable boundary than it once was. Sensitive information is now routinely accessed with personal and business devices by employees, and mass remote work further exacerbates this trend. Advanced methods for the protection of sensitive data are necessary. This Leadership Brief is an overview of the role that Enterprise Information Protection solutions play in the current working environment and covers the capabilities that such vendors should provide.

Webcast

Minimizing Security Impacts of a Growing Remote Workforce

Many organisations are implementing remote working policies and need to quickly support an unprecedented increase in the number of remote employees. However, an expanding remote workforce can significantly increase the attack surface and have changed the threat model of the organisation overnight. Many remote access options are quick to implement but are not secure and organisations are trying to navigate the challenges of quickly, but securely, operationalising their remote employees. In their talk, Martin Kuppinger and Morey Haber explore the risks unsecure remote access...

Webcast

KuppingerCole Analyst Chat: The Cargo Cult of Cybersecurity

Matthias Reinwarth and Alexei Balaganski talk about the reasons many companies are still failing to protect themselves from cyberattacks and data breaches even after spending so much on security tools.

Blog

Security Fabric: Investing in the Right Architecture for a Secure Future

Modern and hybrid operating models, Software-as-a-Service, regulatory requirements, working from home, various types of internal and external users, and the phenomenon of BYOD (bring your own device) are challenges we have to face today. Such challenges are constantly emerging, which demands a flexible approach. Often these flexible requirements result in many specific sub-solutions for particular problems. This causes the company to have no central overview of which services, which devices, and which applications are used and for what purpose. To challenge the internal IT teams even...

Executive View

Executive View: CSI tools - 80407

CSI tools provide a suite of solutions for managing access entitlements and risk in SAP environments. The solution come with a modern, web-based user interface and dashboarding. They deliver in-depth insight and support for managing entitlements at all levels and across all applications within common SAP environments.

Leadership Brief

Leadership Brief: The Information Protection Life Cycle and Framework: Contain and Recover - 80375

The modern economy is driven by information. Digital Transformation is made possible by information. But most forms of information must be protected to create and maintain value. The Information Protection Life Cycle and Framework provides concepts to organize the discovery, protection, and disposition of information objects. This article is the sixth in the series introducing the Information Protection Life Cycle and Framework.

Webinar

Jul 23, 2020: Remote Work and IAM – A Unique Opportunity for Security Leaders

Nowadays, Identity and Access Management (IAM) is undeniably the first line of defense for organizations worldwide. It enables employees to securely access applications while enhancing control and transparency. But IAM is also on the change. It is already more than just the traditional employee IAM. Digital business requires advanced identity services, well beyond the human identities.

Webcast

IAM Projects Stalling - No Big Picture in Mind

Webcast

Agile GRC: Adapting to the Pace of Change in the Digital Era

In the digital era, the rapid rate of change in business, IT and regulatory environments is continually accelerating, making it extremely challenging for organizations to keep pace in terms of their governance, risk and compliance (GRC) capability without the right mindset and tools. The complexity and technical nature of access controls in SAP and other business applications, makes the GRC challenge even greater. The added complexity of many GRC solutions means that organizations struggle with a lack of business buy-in and accountability for access-related risk. A more agile...

Webinar

Sep 30, 2020: How Security and Identity Fabrics Work to Help Improve Security

Many organizations struggle or even fail because they overcomplicate the implementation and extension of their cybersecurity toolset. Most do not have a central approach on security, and often use a set of tools that are not well-integrated with each other.

Webcast

Eric Wolff: Understanding Best Practices for Cloud Key Lifecycle Management

Cloud Security best practices arise from the shared responsibility model for cloud computing, which states that customers are responsible for the security of data in the cloud. This session will cover the latest trends in cloud security, cloud provider shared security models, and the use of data encryption as a best practice. With cloud encryption key lifecycle management seen by many as a problem yet to be solved, the session will wrap with an overview of CipherTrust Cloud Key Manager from Thales.

Webcast

Ankur Rastogi: Navigating the Journey to Cloud

Cloud is the foundation for any digital transformation. Most organizations now have cloud embedded not just in their IT strategy but also in their digital strategy. Cloud creates an opportunity to modernize an organization's application portfolio. While the benefits of migrating to cloud are well known, the journey to cloud comes with its own challenges and risks. If not planned properly, this can cause major headaches on the way. The session covers the benefits of a proper cloud strategy, how to set up a cloud journey and the risks that one must be ready to manage on the way.

Webcast

Hristomir Hristov: Cloud Migration – an Obscure Journey on Its Own or a Well-Paved Road

A story based on personal experience of leading several companies to smooth cloud migration. We will look at some real-life tips & tricks. We will discuss how to choose the cloud provider and the cloud setup – single-cloud, multi-cloud, or hybrid cloud. We will talk about what does ‘cloud-readiness’ means and when it is achieved. Should we start with a Zero Trust Architecture? What are the possible approaches for cloud migration - pros and cons. After all, is a migration a one-off event or a continuous process?

Webcast

Jonathan Neal: Identity and Security for Your Cloud Strategy

Join the conversation as we help you explore laying the foundation of identity and security into your cloud-first strategy.  If the following questions have crossed your mind, we're happy you found your way to this session.    A.   Business-critical apps are constantly being migrated to the cloud to keep up with business. How do I know who is accessing what and if it is appropriate? Can I eliminate persistent accounts and provide JIT access? B.   Native compliance controls are provided from each of my cloud providers making it difficult, inefficient, and...

Webcast

Oliver Cheal, Paul D'Cruz: How Has the IT Security Roadmap Changed in 2020 for Businesses?

Webcast

KuppingerCole Analyst Chat: Applying AI Governance

In a follow-up to an earlier episode, Matthias Reinwarth and Anne Bailey discuss practical approaches and recommendations for applying AI governance in your organization.

Webcast

Daniele Catteddu: Cloud Governance and Risk Assessment

The rapid growth in both scope and market share, combined with the inherent complexity of cloud computing, seem to exceed the capabilities of existing governance and risk management approaches. As users, and the uses of cloud computing evolve, so must the supporting governance models. This includes the transformation and adaptation of governance and risk management programs into the company's culture, and the evolution of the skills and expertise of the IT and Security professionals.

Webcast

Amol Sawarkar: Cloud-First - Blessings for Continued Humanitarian Work

Moving to the cloud is a relatively settled concept today. We all knew benefits; But who thought someday, the same will offer to stay and work from home; that also 100%. This is a short tour to see why IFRC opted to embrace the cloud, challenges addressed, and derived benefits as well as continued efforts in optimizing further.

Webcast

Martin Kuppinger: Cloud First – and Now? Operations, Integration, Security, Identity

In his Opening Keynote, Martin Kuppinger, Principal Analyst at KuppingerCole, will talk about the practical consequences of having a “cloud first” strategy in place. Declaring such a strategy is simple. Successfully executing it is the bigger beast to tame. Martin Kuppinger will look at the success factors for executing a “cloud first” strategy and identify what it needs in the organization, operations, integration, vendor selection, risk assessment, management, security, and identity. He also will look at the various levels of such cloud first strategies,...

Webcast

Damir Savanovic: A CSA’s Perspective on Cloud Risk Management

Cloud computing is a proven and globally accepted enterprise delivery and operational technology model and with this growing market segment, also concerns regarding privacy, security and compliance are increasing. The rapid growth, combined with the inherent complexity of cloud computing, appears to be straining the capabilities of existing governance and risk management frameworks. In this presentation, I will question the perceived effectiveness of current governance and maturity in the use of risk management frameworks being applied to cloud computing.

Webcast

Eleni Richter: Public-Cloud, Private-Cloud, On-Prem: Impacts of Cloud Cover on IDM

Today we see variable amounts of cloud cover in IT. Promising business values now meet reality. We will take a closer look at the effects of public-cloud, private-cloud, and on-premise scenarios on workloads, costs, and risks. Since cloud-usage means enlarging the (attack) surface of the IT, we will focus on security and IDM.

Webcast

Gemma Whitehouse: IoT & Enterprise - Change a Brief Introduction to Challenges and Solutions

In this presentation Gemma will overview and discuss:

  • Broad innovation trends in finance
  • Insurtech and fintech examples
  • Consumer trends and challenger businesses
  • IoT and Insurtech
  • IoT and Insurtech and sector relevance
  • IoT and the product ecosystem - old and new
  • IoT and the product ecosystem - approach
  • Data, IoT and misconceptions, and pitfalls
  • Challenges for organizations implementing emerging tech
  • Organisational solutions

Webcast

Mike Small: Cloud Backup and Disaster Recovery Why This Is an Essential Component of Digital Transformation

All organizations need to consider the risks related to the availability of their business-critical data and take appropriate measures to mitigate these risks.  In most cases this will involve investing in backup and disaster recovery products and services.  In today’s hybrid IT environment these must cover both on-premises and cloud delivered services in a consistent way. This session will cover KuppingerCole’s research into this area and summarize our Market Compass Cloud Backup and Disaster Recovery. 

Webcast

Panel - Governing Your Hybrid Cloud

This panel will discuss cloud governance challenges and describe practical solutions.

  • Governing the cloud service – what value is certification and how can you implement continuous governance?
  • Governing use of the cloud services – what tools do you need to implement controls?
  • How can you implement consistent access governance across the whole hybrid estate?
  • Do tools like CASB and CSPM really help?

Webcast

Interview with Oliver Cheal and Paul D'Cruz

Webinar

Sep 22, 2020: Information Protection in Cloud Services

Today’s economy is clearly driven by data. The most successful companies are those that can use this data to create useful information that enables them to get closer to their customers, to create new products and be more efficient. Cloud services are a key enabler in this, they allow the capture, storage, and exploitation of vast amounts of data without the need for capital expenditure. They enable the rapid development and deployment of new applications as well as the modernization of existing one.

Webcast

The Future of Privileged Access Management and Reducing Risk for Modern Digital Enterprises

While Privileged Access Management (PAM) must still fulfill its core function of protecting privileged accounts, the next generation of PAM solutions can do so much more for your organization. As organizations embrace cloud, hybrid-IT, DevOps, remote working, digital workplaces, RPA and other transformational technologies the role of PAM has changed to secure these trends at zero point. Privileged accounts are no longer the domain of administrators or super users but for users right across the organization – including non-human entities such as applications and machines.

Webcast

KuppingerCole Analyst Chat: When is a Security Product not a Security Product?

Matthias Reinwarth and John Tolbert talk about profound implications of security products not having their administrative interfaces sufficiently secured with technologies like multi-factor authentication.

Market Compass

Market Compass: Enterprise Information Protection - 80217

The KuppingerCole Market Compass provides an overview of the product or service offerings in a certain market segment.  This Market Compass covers Enterprise Information Protection solutions. Because the perimeter of the corporation has changed to include personal and business devices, mass remote work, and increased collaboration, advanced methods for the protection of sensitive data have become necessary. This is an overview of the vendors that work to secure valuable assets – the sensitive data of an organization.

Blog

A Reckoning with Facial Recognition Technology and Responsibility

Several major players in the facial recognition market – IBM, Amazon, and Microsoft – have halted all sales of facial recognition technology (FRT) to police departments in the United States. Each of these companies made a statement regarding technology’s relationship to public safety. IBM CEO Arvind Kirshna sent an open letter to several US Senators and House Representatives, stating “IBM no longer offers general purpose IBM facial recognition or analysis software. IBM firmly opposes and will not condone uses of any technology…for mass surveillance, racial...

Webcast

Gain a Unified Business View With Enterprise Identity Management

Identity Governance and Administration (IGA) is continuing to evolve through more integrated Identity and Access Governance solutions. IGA products are often required to give deep integrations with other enterprise products and applications to deliver the expected business value, as well as a need for having one interface for IGA across the range of applications and services.

Webcast

IAM Projects stalling - Plan First, Then Execute

Webinar

Jul 22, 2020: Security Fabric: Building a Secure Future With a Flexible IT Architecture

IT security is of central importance to companies. There are many requirements that must be met so that users with different roles and rights can use the various computers and networks securely and efficiently.

Webinar

Sep 17, 2020: In an Age of Digital Transformation Managing Vendor and Partner Identity Is Critical

Organizations have been managing the identity and access of employees for many years to protect data and the overall security of the enterprise. However, the onset of digital transformation has driven a need for faster, cost-effective innovation and with it the increased utilization of third-party resources. Consequently, organizations have a greater need to manage third-party access to data, systems, and facilities. This includes contractors, vendors but also partners, affiliates, volunteers, and even service accounts and bots. Modern organizations are much more collaborative and open...

Webinar

Sep 09, 2020: Identity and Access Management Strategies That Grow With Your Business

For companies that don’t need a complex Identity Governance & Administration solution (IGA), account and group administration is still a priority. Every company needs a solution for at least baseline IAM (Identity and Access Management), that fits their current state but can also equip them to expand to Identity Governance and Privileged Access Management (PAM) when they are ready.

Webcast

KuppingerCole Analyst Chat: What's AI Governance and Why Do We Need It

Matthias Reinwarth and Anne Bailey talk about Artificial Intelligence and various issues and challenges of its governance and regulation.

Webcast

KuppingerCole Analyst Chat: IAM Requires a Solid Process Framework

Matthias Reinwarth and Christopher Schütze talk about the importance of processes to make your IAM projects successful.

Leadership Compass

Leadership Compass: Network Detection and Response - 80126

This report provides an overview of the market for Network Detection and Response tools (NDR) and provides you with a compass to help you to find the solution that best meets your needs. We examine the market segment, vendor service functionality, relative market share, and innovative approaches to providing NDR solutions.

Webinar

Jul 28, 2020: We Need to Talk About Passwords – Urgently!

Passwords have been used for authentication for decades and continue to proliferate. Yet we know they create friction for users, slow down business productivity, and are a weak form of user authentication. Users are always forgetting them or use weak passwords that are easily cracked by hackers. Many organizations would love to lessen reliance on passwords but many passwordless solutions only provide a partial solution and do not solve the inherent weakness of passwords. Modern enterprises cannot cover the myriad of access use cases today with a passwordless solution alone.

Webcast

IAM Projects Stalling - Quick Wins and Big Wins

Press Release

Cloud-First Strategy Crucial to Digital Transformation

For companies that want to digitally transform their business, a cloud-first strategy is crucial . I n addition to reducing costs and improving IT efficiency, delivering new products and service s from cloud-based infrastructure enables companies to be more flexible and responsive to changing business needs. 

Webcast

Ovidiu Ursachi: Return on Investment in Cybersecurity

Webcast

Panel: Managing Cyber Supply Chain Risks and Achieving Digital Business Resilience

Businesses face various risks when deploying external products and services. Among them is the possibility of cyber intrusion which can pose a major challenge to the company’s infrastructure and require a re-think of cybersecurity strategy. A well thought-out and properly structured management of a supplier base classified as trustworthy is just as much a part of this discipline as the use of standardized certification procedures for such products. In this panel we will discuss the importance of cyber supply chain risk management (C-SCRM) and its effect on resilience of a digital...

Webcast

Christopher Schuetze: Necessary Components of an Effective Cyber Supply Chain Risk Management (C-SCRM)

As the recent widely publicized revelations have shown, the risk of purchasing hard- and software with deliberately or accidentally built-in weaknesses is much higher than we could have estimated – but it is not the only element of Supply Chain Risk. Supply chains can only be as strong as their weakest link. In a world where enterprises must focus on what they can do best and outsource everything else, it is necessary to know these weak spots and to limit the risks occurring from them.

Webcast

Panel: From Threat to Opportunity - Cybersecurity in Times of Crisis

Ensuring business continuity is a challenge during times of crisis such as the pandemic caused by the Covid-19 virus. Companies were and are facing an increasing number of cyber-attacks which can cause damage to their finances, reputation, and growth. Today, most people continue to work from home, hence the attack surface is dramatically increased. In such trying times, the effective cybersecurity measures are of utmost importance. It is essential for businesses to understand that cybersecurity has become part of business continuity and modern, innovative approaches together with a high...

Webcast

Stefan Würtemberger: In the Crosshairs of Cyber Criminals – A Case Study by Marabu

In his talk, Stefan Würtemberger will discuss the caste study of Marabu's cyber-attack. He will address the necessary steps a company has to take after being attacked by cyber-criminals. He recommends calling in external cyber-specialists (expertise & protection of own resources) and filing a complaint with the police. Furthermore, he suggests dividing your forces well a working week > 100 h does not last long. A well-documented infrastructure helps when using external forces.

Webcast

KuppingerCole Analyst Chat: PAM - What are Privileged Accounts

Matthias Reinwarth and Paul Fisher launch a new series of talks about privileged access management.

Webcast

Matthias Reinwarth: Optimizing Your Cybersecurity Spending: Where to Put Your Money During and After the Crisis?

Webcast

Dr. Mariarosaria Taddeo: Is Artificial Intelligence in Cybersecurity Trustworthy or Deceivable?

Applications of artificial intelligence (AI) for cybersecurity tasks are attracting greater attention from the private and the public sectors. Estimates indicate that the market for AI in cybersecurity will grow from US$1 billion in 2016 to a US$34.8 billion net worth by 2025. The latest national cybersecurity and defence strategies of several governments explicitly mention AI capabili- ties. At the same time, initiatives to define new standards and certification procedures to elicit users’ trust in AI are emerging on a global scale. However, trust in AI (both machine learning and...

Webcast

Barry McMahon: Harnessing Identity to Position Security as a Business Enabler

Security teams were already going through a fundamental shift in how they protect the business, even before the acceleration to remote working due to Covid-19. Given that Identity and Access Management (IAM) is now undeniably the first line of defense for organisations worldwide, how can security leaders turn the challenges, both legacy and new, into opportunities to mitigate risk and add value to the business? And all this in a way that will elevate the position, and change the perception, of security at the same time? Based on a recent study Barry McMahon from LastPass looks at the...

Webcast

Filipi Pires: Security Predictions for 2020

The year 2020 will see a transition to a new decade. So will cybersecurity. Gone are the days of networks isolated behind a company firewall and a limited stack of enterprise applications. The current paradigm demands a wide variety of apps, services, and platforms that will all require protection. Defenders will have to view security through many lenses to keep up with and anticipate cybercrime mainstays, game changers, and new players. Tried-and-tested methods — extortion, obfuscation, phishing — will remain, but new risks will inevitably emerge. The increased migration to...

Webcast

Jean-Christophe Gaillard: Cyber Security in the Midst of the COVID Crisis: Key Management Considerations for Large SMEs and Mid-Size Firms

In this session, you will hear from cyber security thought-leader and Corix Partners founder JC Gaillard. JC will discuss and deconstruct 6 cliches around cybersecurity in small and mid-size firms and why security matters more than ever in the light of the COVID crisis, before answering your questions.

Webcast

Matthias Canisius: Return to Base | The CISO's Guide to Preparing A COVID-19 Exit Strategy

While governments and public healthcare specialists are looking into the timing and manner of reopening the economy, it is clear that at some point in the hopefully not-too-distant future restrictions will be eased and businesses will return to normal operations. Returning to recently-vacated offices will certainly signify a return to normality, and for most, that will be a welcome relief after working from home for an extended period. However, just as the shift to working from home required organizations to adapt and act differently, so will the return to the office. In this...

Webcast

Bernard Montel: Cyber Defense : The New Concept of iSOC - Where Identity and SOC Has Never Been Tighter

With the introduction of AI, machine learning and UEBA, the SOC objective is to detect abnormal behavior. More than ever Identity is the battleground in this new concept of iSOC.

During this keynote, you will learn how Identity Governance and SOC need to be tight and how to remediate when a threat is detected on a specific Identity with the concept of "Threat Aware Authentication".

Webcast

Christopher Schuetze: Prepare & Invest Now – And Survive an Incident or a Breach Tomorrow

Webcast

KuppingerCole Analyst Chat: Identity Vetting - Dealing With the Wave of Fraud During the Pandemic

Matthias Reinwarth and John Tolbert discuss the latest "innovations" fraudsters are using during the pandemic crisis and the methods to mitigate them.

Leadership Compass

Leadership Compass: Unified Endpoint Management (UEM) - 70314

This report provides an overview of the market for Unified Endpoint Management (UEM) and provides you with a compass to help you to find the solution that best meets your needs. We examine the market segment, vendor service functionality, relative market share, and innovative approaches to providing UEM solutions.

Webcast

Cybersecurity Investment Priorities - Set Your Focus Right

Executive View

Executive View: ManageEngine PAM360 - 80140

In the last few years PAM has evolved into a set of targeted technologies that addresses some of the most urgent areas of business security in a period of rapid technological change. Digital transformation, Cloud, and Hybrid IT environments are putting new demands on PAM and vendors are responding to this challenge by adding new functionalities and capabilities to their solutions. This Executive View takes a closer look at ManageEngine PAM360, offered to the market by the US based company.

Executive View

Executive View: Hitachi ID Privileged Access Manager - 80142

Hitachi ID is a global IAM software provider. It offers Hitachi ID Privileged Access Manager (HiPAM) as its primary offering for the PAM market, along with the complementary Identity Manager and Password Manager products. In the last few years PAM has evolved into a set of targeted technologies that addresses some of the most urgent areas of business security in a period of rapid technological change. Digital transformation, Cloud, and Hybrid IT environments are creating new demands and modern PAM solutions are evolving to meet these challenges.

Leadership Brief

Leadership Brief: The Information Protection Life Cycle and Framework: Monitor and Detect - 80374

The modern economy is driven by information. Digital Transformation is made possible by information. But most forms of information must be protected to create and maintain value. The Information Protection Life Cycle and Framework provides concepts to organize the discovery, protection, and disposition of information objects. This article is the fifth in the series introducing the Information Protection Life Cycle and Framework.

Webcast

KuppingerCole Analyst Chat: Zero Trust from the Cloud

Matthias Reinwarth and Alexei Balaganski look at the potential alternatives to VPNs and security gateways.


Welcome to KuppingerCole

How can we help you

Send an inquiry

+49 211 237 077 33

Mo – Fr 8:00 – 17:00

Stay Connected

Spotlight

AI for the Future of Your Business Learn more

AI for the Future of Your Business

AI for the Future of your Business: Effective, Safe, Secure & Ethical Everything we admire, love, need to survive, and that brings us further in creating a better future with a human face is and will be a result of intelligence. Synthesizing and amplifying our human intelligence have therefore the potential of leading us into a new era of prosperity like we have not seen before, if we succeed keeping AI Safe, Secure and Ethical. Since the very beginning of industrialization, and even before, we have been striving at structuring our work in a way that it becomes accessible for [...]