News Archive

Blog

The Non-Zero Elements of Zero Trust

The ongoing SolarWinds incident illustrates that the much-lauded Zero Trust security paradigm is, in fact, based on trust. Zero Trust is about authenticating and authorizing every action within a computing environment. It is putting the principle of least privilege into action. In an ideal implementation of Zero Trust, users authenticate with the proper identity and authentication assurance levels to get access to local devices, on-premises applications and data, and cloud-hosted resources. Access requests are evaluated against access control policies at runtime. In order for Zero Trust to...

Blog

Attack Surface Reduction and XDR

Many if not most organizations have moved to a risk management model for cybersecurity and identity management. Priorities have shifted in two major ways over the last decade: decreasing attack surface sizes focusing on detection and response technologies instead of prevention only Reducing attack surfaces inarguably improves security posture. Achieving the objective of reducing attack surfaces involves many activities: secure coding practices, vulnerability scanning and management, consolidation of functions into fewer products and services, access reconciliation, user...

Blog

AWS – A new Vision for Hybrid IT?

Attending AWS re:Invent is always an exceptional experience and, despite it being virtual, this year was no different. As usual, there were the expected announcements of bigger better and faster services and components. AWS always shows a remarkable level of innovation with many more announcements than it is practical to cover comprehensively. Therefore, in this blog, I will focus on what I think are some of the highlights in the areas of hybrid IT, edge computing, machine learning as well as security and compliance. There is an old adage – “Keep it Simple Stupid” and...

Executive View

Datamatics TruBot

Datamatics TruBot is a multi-skilled low-code Robotic Process Automation (RPA) solution for automating high volume repetitive tasks and processes. Datamatics currently provides RPA solutions mainly to the banking, healthcare, insurance, manufacturing, and logistics industries.

Webcast

Making Zero Trust Work With the NIST Framework

There’s lots of hype around Zero Trust Security in the context of our changing mobile and cloud-centric working environments. Moving towards a modern and agile Zero Trust security concept is essential in today's mobile first, work-securely-from-anywhere world.

Virtual Event

Feb 17, 2021: Making Zero Trust a Reality

Join the KCLive Event on Zero Trust on February, 17, 2021 to gain expert insights that help you to successfully implement Zero Trust in your organization.

Virtual Event

Mar 16, 2021: IGA for Successfully Managed Identities

Join the KCLive Event on Identity Governance and Administration on March 16, 2021 to discover IGA's core capabilities to enable and protect digital transformation.

Virtual Event

Mar 03, 2021: Identity Fabrics - Future-Proofing IAM

Join the KCLive Event on Identity Fabrics on March 3, 2021 to learn how to elevate overall IAM strategies that enable digital transformation and support innovation.

Webcast

R. Buse Cetin, Tania Duarte: Building Trust in AI: How Pictures can Speak Louder than Words

As the buzz around Artificial Intelligence has increased, so have the issues around trust. There is an increasing polarisation in the discourse around AI, ADS and automation. So what can you do as a tech leader or employee in a company utilising tech, to build trust? Or much more to the point, what can you do to become trustworthy? An important step is to communicate honestly with your customers and stakeholders about the technology you use. However too often organisations fall at the first hurdle due to the damaging visual misrepresentations of AI that accompany their written...

Webcast

Pauli Isoaho: AI in the Things, Logistics & Mobility Ecosystem: Overcoming current Challenges on the Road to Smart Mobility

Webcast

Entering the Virtual World With Identity Verification

The way consumers access products and services across sectors has changed forever as interactions move from physical to digital engagement. What started as a change born from convenience, is now a necessity and solidifying into a long-term behavioural shift. As consumers choose to access more goods and services digitally than ever before, it is essential that organisations meet users’ expectations of instant and convenient transactions, or risk losing customers to more customer centric online competitors. 

Webcast

Joris Krijger: Operationalizing AI Ethics

Virtual Event

Mar 25, 2021: SOARing Towards an Enhanced SecOps Strategy

Join the KCLive Event "SOARing Towards an Enhanced SecOps Strategy" on March 25, 2021 to implement a robust endpoint security strategy in your organization.

Executive View

Simeio Identity Orchestrator

Simeio Identity Orchestrator (IO) is a solution that helps integrate and orchestrate other IAM solutions, while also adding a series of own capabilities. Utilizing Simeio IO, customers can converge existing IAM siloed solutions, that can then be operated by Simeio as an MSP or as an IDaaS. Simeio IO can allow customers to connect and direct their existing IAM infrastructure in a modern and more efficient way.

Virtual Event

Feb 03, 2021: Unlocking Decentralized Identity: A Playbook for Your Enterprise

This KCLive Event on Decentralized Identity goes beyond the hype of blockchain and offers IT leaders an opportunity to gain an in-depth understanding.

Webcast

KuppingerCole Analyst Chat: Innovation in CIAM

John Tolbert joins Matthias and shares insights about the results from the just recently published Leadership Compass CIAM. They talk about the overall maturing of the market and the areas of innovation in products, standards and integration scenarios.

Executive View

Archer Integrated Risk Management

Today’s GRC solutions offer better alignment with corporate objectives, increased transparency, superior information risk management and more cost-effective compliance. This paper looks at the mature Archer Suite which offers a comprehensive range of solutions and features to assist in managing GRC activities for different types of organizations.

Blog

Putting Your First-Line Worker at the Center of Attention

Since the beginning of the Covid-19 crisis, the use of language in public life, in the press, and in everyday life has changed. Terms that were formerly confined to the circles directly affected by them are now much more common. For example, every informed and responsible citizen is now familiar with specific terms from epidemiology and immunology such as “reproduction number” and “herd immunity”. Another term that has risen to prominence since the beginning of the crisis is “first-line worker”. These workers literally work on the front line. They are...

Webcast

The 3 Pillars of Access Control Optimization: IAM, GRC and User Monitoring

Identity & Access Management (IAM) tools are used to automate processes of user lifecycle management and control user access permissions from a single point. We can improve these processes by using conditions and policies, and eventually implementing rule-based access controls (RBAC) and policy-based access controls (PBAC). However, allocating these authorizations might expose the organization to risk if compliance is not taken into account. It is imperative to combine IAM and governance, risk management, and compliance (GRC) in order to verify that access is granted correctly, without...

Webcast

Identität ist das neue Perimeter: Sichern Sie Zugriff und Nutzung von Cloud-Anwendungen

Da mittlerweile mehr als zwei Drittel aller Beschäftigten remote arbeiten, möchten Unternehmen Ihren Nutzern sichere und flexible Arbeitsmöglichkeiten über alle Plattformen und Geräte hinweg anbieten. Und da sich 85% Ihres Datenverkehrs bereits in der Cloud befindet, schützen Sie Ihre Nutzer und Daten am besten mit Security aus der Cloud. Aber wie?

Webcast

Devesh Raj: Machine Learning System Design: A Different World

Webcast

Explore the Cutting Edge of Data-Driven Customer Experience

To accomplish complex and critical missions, market leaders are turning to a new generation of customer data platforms (CDPs). They uncover hidden revenue opportunities by unifying all sources of customer data into comprehensive and actionable profiles.

Blog

MySQL Analytics Engine: Almost Too Good to Be True?

Whether you’re a fan of MySQL or not, you cannot dispute the fact that it is the world’s most popular open-source database by a large margin (incidentally, it’s also the second most popular database ever, behind only its owner Oracle’s flagship commercial product). 25 years after its inception, MySQL has evolved into an essential and truly ubiquitous component of every web application stack and cloud platform. Even though some database experts might frown upon it for lacking “enterprise capabilities”, it is widely used by the largest enterprises around...

Webcast

KuppingerCole Analyst Chat: Verified Digital Identities

Annie joins Matthias to talk about the topic of Verified Digital Identity. They explore what these are, why they are becoming increasingly important and where they add new aspects to the concept of digital identity. A special focus is put on existing and emerging use cases, where verified digital identities can be beneficial to all types of real life entities in their day by day interaction.

Webcast

There Is No Successful Digital Transformation Without Strong Identity Management

2020 will go down in history as the year in which many companies gave their stagnating digital transformation initiatives a big new push. Due to the pandemic, organizations were forced to rapidly scale up their remote working facilities, secure employee-owned devices (Bring Your Own Devices (BYODs) , and maintain a secure environment for enterprise and customer identities . However, when it comes to their identity architecture, the picture is typically fragmented. They may have a general Identity and Access Management (IAM) platform from one company, a Privileged Access Management (PAM)...

Blog

Ivanti’s Zero Trust Journey

Ivanti has completed its acquisition of MobileIron and Pulse Secure. Ivanti, headquartered in Salt Lake City, had its roots in desktop management (LANDESK), evolved into endpoint and patch management, and had added full IT asset, service, and workspace management, as well as IAM capabilities. Though headquartered in North America, Ivanti had already become a global IT solutions provider. Pulse Secure, a strong secure access vendor, was spun-out from Juniper Networks in 2014. MobileIron was dedicated to mobile device management, mobile security, and authentication since it was established...

Webcast

Sina Brandstetter: Implementing AI Ethics @ Bosch

Webcast

Peter Voss: The Third Wave of AI

Webcast

Dr. Danish Rafique: Path to AI Production - A Strategy for Value Creation

Congratulations. Your AI business case is crisp; you already have a data strategy in place; your proof-of-concept looks and feels great; you have the right talent to build the AI product or service which will push your organisation directly into the digital age. Sounds familiar? It is at this stage where most organisations give up on the AI initiatives due to lack of value creation. Why is that, one might ask? The business case was already locked, among other aspects, where's the problem at? One word: Production. AI products and services are notoriously different in terms of production...

Webcast

Francesco Stasi: AI-Driven Insights From Historical Customer and Employee Conversations: The Next Frontier for Data-Driven Businesses

Webcast

Marisa Monteiro Borsboom: Essay on Leadership Blindness on AI and Its Impact on the Digital and Human Transformation - Do We Know What We Need to Know?

Webcast

Priti Padhy: Next Wave AI Transformation with Explainable AI

Over the last year, an unprecedented scale of digital transformation has resulted in exponential growth of organisational data, which could impact decision making. Using machine learning approaches to mine and reason through masses of data is ineffective. In this session you will learn that while the first wave of AI involved many narrow applications, the next wave will help generate a dynamic understanding of relationships and patterns in a corpus of information. This understanding primarily happens through explainable AI.  It will become a key part of enterprise digital...

Webcast

Prof. Dr. Christoph von der Malsburg: AI Beyond Deep Learning

So far, AI relies totally on human intelligence, in the form of human-written programs in classical AI or the human-provided sample data of deep learning.  The pursuit of AI over the last five decades has been caught within a fixed conceptual framework. Given the current level of tremendous attention, investment, technological infrastructure and application potential, maybe we are just a simple fundamental change in perspective away from a tremendous technological explosion.

Webcast

Martin Kuppinger: Where AI, Industrial IoT, Consumer IoT, Blockchain, Decentralized Identity, and Edge Computing Meet

Cybernetix Is What Makes Things Move, From Production to Modern 5G Based Public Infrastructures Cybernetix is not a new discipline. However, it appears being more important than ever before. It is ubiquitous when it comes to AI (Artificial Intelligence). And when AI meets industrial IoT (Internet of Things) and OT (Operational Technology) , it is about the cybernetic model. In contrast to past times, it is about hundreds of signals per second per thing, device, and machine, which needs to be processed and used for optimization. No way doing so without AI. When looking at public...

Webcast

Managing Azure AD – Regardless of How You Use It

Microsoft Azure Active Directory (Azure AD) has gained widespread adoption. Coming with Microsoft Azure Cloud as well as Microsoft 365 (i.e. Office 365), it appears in many organizations just because of decisions made outside of the IAM team.

Webinar

Mar 17, 2021: Enabling Zero Trust With Dynamic Authorization

Increased global competition is driving businesses to adopt new technologies to enhance existing processes and enable new business models, new revenue streams, and greater interactions with partners and customers through Digital Transformation.

Webcast

Data Security in the Cloud

Join our Analyst Mike Small and Paul Hampton, Product Manager at Thales Security as they talk about the importance of securing data in the cloud.

Webcast

Zero Trust for the Workforce

While the concept of zero-trust networking is nearly a decade old, the last few years have seen its popularity in industry discussions grow exponentially.

Advisory Note

Redefining Access Governance: A broader perspective

Traditional approaches to Access Governance are no longer fit for purpose due to the complexity of modern IT environments, increased security risk, and growing regulatory compliance requirements.  A new risk-based and policy-based approach is needed to reduce the cost, effort, and complexity of overseeing and enforcing access entitlements, including access reviews and recertification.

Executive View

Elastic Security

Elastic Security is a security platform built on top of the Elastic Stack. It combines security information and event management, threat hunting, endpoint security, and cloud monitoring to help analysts prevent, detect, and respond to cyber threats more efficiently.

Webcast

KuppingerCole Analyst Chat: The Project Road Towards Zero Trust - What to Do and Where to Start

This podcast has already looked at the Zero Trust concept as a challenging architectural paradigm for security and an important component of modern and future-oriented security architectures from various angles. This time Christopher and Matthias focus on a phased project approach towards implementing Zero Trust in a well-paced, phased, "one-bite-at-a-time" manner.

Executive View

Ping Identity’s PingFederate

PingFederate is among the leading-edge solutions that support identity federation standards.  PingFederate can enable Single Sign-On (SSO) between business units, enterprises, and all popular SaaS applications.  PingFederate works both on-premises or in the cloud and is easy for administrators to install and maintain.

Webcast

Zugriffsmanagement mit künstlicher Intelligenz neu erfinden

Unternehmen müssen in der modernen IT-Welt eine Vielzahl von Angestelltenidentitäten, Benutzerrollen, Zugangspunkten und Endgeräten verwalten. Diese Verwaltung von digitalen Identitäten und den entsprechenden Zugriffsrechten ist für die meisten Firmen nicht nur kompliziert, sondern auch zeitaufwändig. Wenn Unbefugte fälschlicherweise Zugriff zu sensiblen Unternehmens- und Kundendaten erhalten, kann dies zu Compliance-Problemen, Bußgeldern und Reputationsverlusten führen.

Leadership Compass

CIAM Platforms

This report provides an overview of the market for Consumer Identity and Access Management and provides you with a compass to help you to find the Consumer Identity and Access Management product that best meets your needs.  We examine the market segment, vendor product and service functionality, relative market share, and innovative approaches to providing CIAM solutions.

Executive View

Cisco Zero Trust Security

Cisco’s approach towards Zero Trust combines several foundational access policy solutions for securing your workforce, workloads and workspace with a broad range of additional security products to ensure complete visibility, protection, and compliance throughout the whole enterprise.

Webcast

KuppingerCole Analyst Chat: What Keeps Organizations From Adopting Zero Trust

The Zero Trust concept comes with the promise to adequately secure our modern, hybrid IT world at any time and any place. Manufacturers, consultants and even analysts agree as rarely as they do that this changed architectural paradigm is an important component of modern and future-oriented security architectures. Alexei and Matthias address the question why in practice only a few powerful zero trust architectures deliver on this promise. They try to answer the question what organizations need to consider in order to get off to a good start.

Webcast

Palo Alto Networks Workshop - Cloud-Native Security is Different and Here is Why - Play Some Capture the Flag While You’re at It

Brought to you by Prisma™ Cloud, our Cloud Native Security Camp is a three-hour virtual workshop for professionals focused on learning more about how to help their organizations develop the people, processes and tools necessary to secure their cloud-native deployments. Attend to learn: Why organizations need to treat cloud-native security differently How to integrate security patterns into DevOps Why it all starts with visibility and ends with automation   Key considerations when choosing security tools for your organization You’ll have the chance...

Webcast

Interview mit Goetz Walecki

Webcast

Privacy Compliance That Empowers Instead of Hinders

Protecting user privacy has become much more complicated as of late. Organizations must optimize consent rates while ensuring compliance with ever-changing global regulations and frameworks. They must look critically at their own processes to identify gaps or failures to meet privacy regulations. And organizations must find ways to effectively manage consumer requests, meticulously document processing activities and data transfers, and stay on top of a rapidly evolving regulatory landscape. Challenging, yes. But absolutely necessary.

Webcast

Markus Malewski, Joerg Hesske: No Chance for Hackers and Spies. Why Thyssenkrupp Takes a Completely Different Approach to Security

Markus Malewski, Head of SOC / SIEM at thyssenkrupp gives an insight how thyssenkrupp re-formed the Security division after the Winnti attack in 2016, why the company is so well prepared for current and future challenges and how the solutions of Elastic help to achieve those. Jörg Hesske, AVP CEMEA at Elastic shows how Elastic Security helps SecOps teams to protect their company against threats quickly and precisely with an integrative security approach.

Webcast

Martin Kuppinger: IAM für die Digitale Transformation: Ihre Identity Fabric

Zeit für die Renovierung: Wie man vom Bestands-IAM fokussiert zu einer zukunftsfähigen IAM-Infrastruktur kommt Martin Kuppinger spricht über die Herausforderungen von IAM im Zeitalter der Digitalen Transformation und die sich ändernden Anforderungen, die heute weit über ein „Mitarbeiter-IAM“ hinausgehen. Er zeigt auf, wie man das IAM fit für die neuen Herausforderungen machen kann, vom Betriebsmodell zur Bedienung hybrider Zielsysteme bis hin zur Unterstützung aller Benutzergruppen wie Partner, Konsumenten und Mitarbeiter, aber auch...

Webcast

Jochen Werne: Verfügungsmacht. Why Access Always Matters. Vergangenheit Verstehen, um Zukunft Sicher Zu Gestalten

In seiner Keynote beleuchtet Jochen Werne aus historischer Sicht warum Verfügungsmacht über Werte, jedoch auch über Informationen immer schon ein politisches und wirtschaftliches Machtinstrument war. Er zeigt auf wie leicht wir die Hoheit und die Verfügungsmacht über unsere Daten abgegeben haben und dies unabhängig vom COVID-Kontext. An Best-Practice Beispielen wird ein Überblick geschaffen mit welchen neuen Konzepten wir uns in einer vernetzten und mit KI-Technologien durchdrungenen Welt auseinandersetzen werden.

Webcast

Goetz Walecki: Wie man Vertrauen in einer Zero Trust Welt aufbaut

Verteilte IT-Umgebungen, der Einsatz einer Vielzahl von SaaS-Anwendungen, hybride IT und Multi-Cloud-Strategien: All das führt zu einer unübersichtlichen Zahl verteilter Identitäten in den zugrundeliegenden Systemen. Eine solche jenseits des Perimeters gewachsene IT-Landschaft bietet neue Angriffsfläche für Cyberangriffe und birgt Sicherheitsrisiken. Zero Trust ist die Antwort. Doch wie baut man das notwendige Vertrauen in einer Zero Trust Welt auf?

Webcast

Stefan Rabben: It Is All About Access

Anhand der Darstellung konkreter Business Cases betont der Vortrag die enorme Wichtigkeit von Zugangskontrollen für die IT-Sicherheitsstrategie von Unternehmen. Er beschreibt, welche Risiken und Schwachstellen damit gezielt adressiert werden. Sie erfahren außerdem, wie der Aufbau eines Security-Konzeptes auf Basis von sicherem Access Management konkret gestaltet werden sollte und welchen Mehrwert die Integration einer Access Management Lösung in eine bestehende IT- Infrastruktur generiert.

Webcast

Mohamed Ibbich: Welche Rolle spielt ein umfassender Privileged Access Management-Ansatz bei der sicheren Anbindung einer Remote- & Hybrid-Belegschaft?

Viele Organisationen stehen vor der Herausforderung Richtlinien für das Arbeiten aus dem Home-Office zu implementieren, um unter anderem eine stetig steigende Anzahl an Remote- und Hybrid-Mitarbeitern zu unterstützen. Während ein hybrides Arbeitsmodell eine interessante und aufregende Entwicklung darstellt, waren viele Organisationen nicht auf diese rasche, anfängliche Verlagerung der Arbeitsstruktur in Hybrid- oder Remote-Modelle vorbereitet. Die Nutzung einer Privileged Access Management-Lösung kann federführend dabei unterstützen,...

Webcast

Alexander Koerner: Holen Sie das Beste aus PAM heraus: Wie man die Verwaltung des privilegierten Accounts sinnvoll und effektiv gestaltet

  • Welche Vorarbeiten sind nötig?
  • Mit welchen Accounts fange ich an?
  • Welche Accounts sind schwer reinzubringen, schiebe ich nach hinten?
  • Anbindung IAM System
  • Automatisierung der Zugriffe
  • Automatisierung des Onboardings
  • Rolle von SIEM

Webcast

Panel - Die Rolle von PAM und wie man mit aktuellen Sicherheitsrisiken umgeht

Webcast

Alpha Barry: IAM als wesentlicher Enabler der Cloud Transformation

Beim Übergang von einer dezentralen, rechenzentrumsbasierten IT-Infrastruktur in die Cloud wird IAM oft zu einer zusätzlichen Hürde. Die Cloud setzt zwingend zentrale, konsistent betriebene IAM-Strukturen voraus, die in der Legacy-Infrastruktur nicht erforderlich waren. Alpha Barry zeigt anhand von Fallbeispielen auf, wie die Cloud-Transformation durch den Einsatz moderner IAM-Technologien signifikant vereinfacht werden kann, und welchen Beitrag IAM zur Absicherung der Cloud-Infrastruktur leisten kann.

Webcast

Dominik Schönwetter: Rollenbasiertes IAM in einem Compliance-getriebenen Unternehmen. Erfahrungsbericht aus einem länderübergreifenden Projektvorhaben.

Die Präsentation zeigt, wie ein großes international tätiges Telekommunikationsunternehmen auf Basis einer umfangreichen, historisch gewachsenen Systemlandschaft ein modernes IAM-System aufbaut und in der Praxis in einem länderübergreifenden Systemharmonisierungsprojekt umsetzt. Der Fokus liegt auf den notwendigen organisatorischen Änderungen, dem Aufbau eines unternehmensweit gültigen Rollenkonzepts, der Etablierung von Compliance- und SoD-Kontrollen und anwenderfreundlichen Mitarbeiter-Rezertifizierungen.

Webcast

Bjoern Wuscher, Athena Brown: Zero Trust beginnt mit MFA

Bei Cisco Duo Security beginnt der Weg zu Zero Trust mit der Multi-Faktor Authentifizierung (MFA). Heutzutage müssen Unternehmen eine mobile Belegschaft sichern, die Unternehmensgeräte, aber auch ihre persönlichen Geräte verwendet, um auf Unternehmensanwendungen zuzugreifen. Duo bietet der Belegschaft "Zero-Trust" durch MFA, Tools für adaptive Zugriffsrichtlinien und Gerätevertrauen. In dieser Keynote erfahren Sie, ob der „Zero Trust“ -Ansatz für Ihre IT-Sicherheit geeignet ist und wie Sie diese Reise beginnen können.  ...

Webcast

Mathias Conradt: Anatomie von Credential-Stuffing-Angriffen

In dem Maße, in dem Computerdienste kostengünstiger werden, sind böswillige Akteure in der Lage, Bot-basierte Angriffe auszuführen, um auf Benutzerkonten kostengünstiger und einfacher als je zuvor zuzugreifen. Dies bedeutet, dass die Bedrohungen nicht auf Banken oder "hochwertige" Ziele beschränkt sind. Vielmehr werden alltägliche Verbraucherdienste in großem Maßstab angegriffen, was Sicherheitsprobleme für Einzelhandels-, Reise-, Lebensmittel- und Medienunternehmen schafft. Wie sehen diese Angriffe aus? Wie lassen sie sich...

Webcast

Gerald Beuchelt, Daniel Holzinger: Passwörter: gehasst und doch unverzichtbar. Ist passwortlose Authentifizierung die Lösung?

95% der IT-Führungskräfte sehen die Nutzung von Passwörtern als Risiko. Dank Enterprise Identity- und Access Management können Unternehmen die Sicherheit erhöhen und Mitarbeitern gleichzeitig einfacheren Zugriff ermöglichen. Gerald Beuchelt, CISO bei LogMeIn, geht in diesem Vortrag auf die aktuelle Situation der Absicherung von Remote-Arbeitsplätzen ein und die Zukunftsvision des passwortfreien Arbeitens.

Webcast

Frank Unruh: Zugriffskontrollsysteme: Implementierung und Einsatz in der Praxis

Webcast

Theresa Laager: PAM und der Eisberg

Webcast

Eleni Richter: Enterprise Zusammenarbeit in der Realität

Homeoffice und remote Zusammenarbeit werden durch ein weites und attraktives Angebot von cloudbasierten Collaborations-Tools begünstigt. Die aktuelle Covid-19 pandemische Situation hat zu einem großflächigen Aussetzen der Präsenzzusammenarbeit geführt. Ein nicht unerheblicher Teil der digitalen Collaboration findet - unter Access Management Gesichtspunkten betrachtet - mäßig bis schlecht organisiert statt. Wie bekommt man solche Collaborations-Szenarien (wieder) unter Kontrolle? Wie verhält es sich mit ad-hoc Szenarien? Der Vortrag wirft einen...

Webcast

Panel - IGA- und Berechtigungsmanagement: Herausforderungen und Lösungen für Unternehmen

Webcast

Zoltan Bakos: Integration des Privileged Access Management in wichtige Geschäftsprozesse und -vorgänge, um Just-in-Time-Privilegien durchzuführen und Zero Trust zu ermöglichen.

Privilege Access Management (PAM) sollte ein Schlüsselelement in Ihrer Sicherheitsstrategie sein. Daher müssen Sie sicherstellen, dass sich die von Ihnen gewählte Lösung leicht in Ihre Geschäftsprozesse und -vorgänge integrieren lässt. Erstens muss die Lösung schnell in Ihrer Umgebung implementiert werden können und möglichst wenig Reibung im täglichen Geschäftsbetrieb verursachen. Darüber hinaus muss sie sich nahtlos in andere Geschäftsvorgänge wie IGA, DevOps, Robotische Prozessautomatisierung und Active Directory...

Webcast

Wallix Workshop - It`s all about Access! PAM-Lösungen – SetUp und Mehrwert durch Integration

In unserem praxisorientierten Workshop legen wir im ersten Teil den Fokus auf das Thema Integration in bestehende Infrastrukturen unserer Kunden. Mit dem Fokus auf eine SIEM-Integration zeigen wir auf, wie sich Ihre IT- Sicherheit durch die Investition in eine PAM-Lösung signifikant erhöht. Im zweiten Teil gehen wir speziell auf die Anforderungen unserer Kunden ein. Wir bereiten eine Teststellung vor und zeigen den großen Mehrwert auf, den auch bereits getätigte Investitionen in die IT-Sicherheit durch die Implementierung einer PAM Lösung erfahren.  ...

Blog

We Are Detective: Data Scientists to the Rescue for Cybersecurity and Governance

If the line "We are detective" only reminds you of "guilty pleasure" radio songs from the 1980s, despite the fact that you are responsible for cybersecurity or compliance in your company, then you should read on. In any case, you probably should read on because this is a trend that is becoming increasingly important in times of growing uncertainty and loss of trust – in contracts, in companies in the supply chain, in "the Internet", and in nation-states. Trust as the foundation for reliable assurance Understanding, assuming, mitigating, and managing risks in our increasingly hybrid...

Webcast

Elastic Security Workshop Part I - Unified Protection for Everyone

Learn how the latest security capabilities in the Elastic Stack enable interactive exploration, incident management and automated analysis, as well as unsupervised machine learning to reduce false positives and spot anomalies — all at the speed and scale your security practitioners need to defend your organization. Additionally, we'll be talking about the new protection and detection capabilities of the free Elastic Endpoint, now also part of Elastic Security, as well as EQL - the event query language, which brings new query and detection capabilities to Elastic Security.

Webcast

The Interplay between Zero Trust and IAM

Martin Kuppinger and Danna Bethlehem, Director of Product Marketing at Thales discuss their perspectives on the interplay of Zero Trust and Identity and Access Management.

Webcast

Bryan Christ: Improving Operational Maturity with an Automation First Strategy

In his keynote, Bryan will talk on how automating Identity and Access Management can evolve your operational maturity and strengthen your security programs. 

Webcast

Mario van Riesen: The Evolution of Application Security

Cyberattacks have rapidly evolved since the advent of online transacting almost 25 years ago, with attackers continually escalating and refining their evasion techniques. While organisations and individuals continue to mobilise in an attempt to mitigate the global disruptions taking place around them, cybercriminals have wasted no time in exploiting the COVID-19 pandemic. Today, attackers and fraudsters call upon a sophisticated suite of tools, including human-powered click farms, social engineering, and malware – all designed to defeat traditional defenses...

Webcast

KuppingerCole Analyst Chat: Privileged Access in an Agile World - PAM for DevOps

The PAM market continues to evolve and many organizations are adopting the DevOps paradigm where critical access and sensitive accounts are required in fast moving and agile environments. Paul Fisher meets Matthias for this episode and shares his research on PAM for DevOps. They talk about the challenges of this area of application, but also about the differences and similarities with "classic" PAM. And about the opportunities on a path towards a hybrid approach to PAM in today's organizations, in the midst of the Digital Transformation.

Webcast

Ioannis Chrysakis: The CAP-A Best Practice: Towards Enabling a Privacy-Friendly Apps Market by Applying a Crowdsourcing-Based Evaluation Approach

Webcast

The Role of Customer Identity & Access Management in Digital Transformation

Companies and organizations have strategic decisions to make at the Customer Identity & Access Management (CIAM) front. First, they have to decide whether to invest into a dedicated CIAM solution or to build on existing infrastructure. If there is already a foundation, what should be their next steps to have a mature CIAM strategy in place? If they do not have a CIAM solution, where do they start? Applications, systems, identities tend to be siloed while as a business grows, it’s imperative they are cohesive and well-integrated in order to provide a superior customer experience.

Webcast

Jochen Fischer: A Small Leak Can Sink A Great Ship - Cybersecurity Warfare & SAP

Security is Culture – and culture starts with people (not technology!) The complex topic of SAP-security is a massive challenge for the almost 500.000 companies worldwide using SAP. The challenges are the same for everyone, and it is the combined corporate responsibility of the C-Level and all employees to protect the enterprise from threats. These core applications can be secured by focusing on the 3 main attack vectors: People, Processes, and Technology. Within this keynote, Jochen Fischer shares what needs to be done to define clear ownership and responsibilities for SAP-security....

Webcast

Jan Tietze: Minimising Risk from Cyber Threats: Focus on Reducing Time to Containment

Webcast

Panel - Assuring the Security of Your Enterprise - Social Engineering and Pentesting

Webcast

Berthold Kerl: Top 2021 Cyber Topics: Results From a Recent KC Survey

In this talk, you will learn about the results of the recent KuppingerCole Survey on top Cybersecurity Topics for 2021.

Webcast

Dr. Mariarosaria Taddeo: Trusting AI in Cybersecurity: A Double-Edged Sword

Applications of artificial intelligence (AI) for cybersecurity tasks are attracting greater attention from the private and the public sectors. Estimates indicate that the market for AI in cybersecurity will grow from US$1 billion in 2016 to a US$34.8 billion net worth by 2025. The latest national cybersecurity and defence strategies of several governments explicitly mention AI capabili- ties. At the same time, initiatives to define new standards and certification procedures to elicit users’ trust in AI are emerging on a global scale. However, trust in AI...

Webcast

Jakub Boratynski: EU Cybersecurity Policy Actions and Priorities

Technological advances and new trends provide great opportunities to the economy and society as a whole. The high reliance on digital technologies especially during the COVID-19 crisis increases at the same time the potential attack surface for malicious actors. The paradigm of security is shifting. The EU is undertaking several actions for its citizens and companies, in order to enhance the resilience of critical infrastructure, support supply chain security (5G) and research, create a European cybersecurity certification and a new, modern cybersecurity strategy for Europe.

Webcast

Hila Meller: Covid 19 - Adapting to the New Normal

In her key note Hila Meller will explain how the new normal impacted by the Covid-19 global pandemic is reflected in the Cyber Security Space.

She will explain the changing threats in this new reality as well as the steps and strategies used by BT to globally adapt to the news ways of working, combined with a wider global view based on inputs and collaboration with large multi-national organizations.

Webcast

Paolo Comi, Nadia Fabrizio: Quantum Secured Blockchain

This talk aims to share the experience achieved during  Q-Secure Net , a 2020's project co-financed by the European Institute of Technology (EIT) and Italtel, Cefriel, Politecnico di Milano, CNR, UPM and Telefonica. Q-Secure Net will provide a cost-effective and flexible network solution for  unconditionally secure communication services  based on  Quantum Key Distribution (QKD)  thought for fiber-optic networks. The talk will also present an application of  Blockchain Atomic Swaps  for the exchange of securities and cryptocurrencies, developed in the...

Webcast

Ana Isabel Ayerbe Fernández-Cuesta: Security by Design IoT Development and Certificate Framework

Next-generation of Smart IoT Systems needs to manage the closed loop from sensing to actuation with safe operational boundaries and the need to be distributed across IoT, Edge and cloud infrastructures with complex and heterogeneous systems, connectivity and failures, as well as being able to operate in an unpredictable physical world facing situations that have not been fully understood or anticipated in the software development process. In this context, it is necessary to support the continuous delivery of trustworthy Smart IoT Systems, to support their agile operation, to support the...

Webcast

Anett Mádi-Nátor: C-Level Cybersecurity Awareness – Does the C-Suite Fall Behind in Understanding the Importance of Cybersecurity Services?

In the crisis created by Covid-19 it is even more obvious how C-level are reacting and in cases not reacting properly to new cybersecurity situations resulting from rapid and enforced digitalisation. Can or should they be given more time to adapt? Can they build up the proper cybersecurity decision making skillset? Is it worth the effort? The speaker explains how that is possible, what new digital roles should be created within an organisation and how to meet challenges posed by the transforming digital ecosystem.

Webcast

Martin Rohrer: Cyber Navigation in Turbulent Times – How Cyber Maturity Assessments Provide a Sense of Direction

When navigating a big ship, it is crucial to know your position and the course you set. In this case, the ship is a symbol for a company planning its investment in cyber security. In practice, the overall strategic view is often obscured or missing. An assessment of the cyber maturity level will give a better understanding of the position as well as the direction, considering the specific risks. A risk-based approach allows investments in cybersecurity to have the greatest possible, measurable impact.

Webcast

Espen Otterstad: Social Engineering - Exploiting the Human Factor

Webcast

Christopher Schuetze: Safer With Security - How Fabrics Can Be Used to Manage the Complexity of Your Enterprise Security

A flexible architecture is an absolute must in order to keep pace with new challenges within a constantly evolving landscape. Christopher Schütze, Cybersecurity Practice Director and Lead Analyst at KuppingerCole, will look at methodologies that help to structure, reorganize, and extend the existing Cybersecurity landscape within your organization. He will examine current topics such as “Information is the new oil” and “Trust only with verification – Zero Trust” and how you can integrate this into your strategy. Information security...

Blog

New Developments in European AI Regulation

The world is caught between high expectations, futuristic fears, and non-legally binding recommendations on how to proceed with AI development and management. This means that although technologies are advancing and that many use cases are being proven effective to support enterprise data management, security, interactions with customers, and many more customized solutions per industry, most organizations are hesitant to board the AI train. For many, they do not feel they have enough guidance to launch a future-proof AI project. For the moment, all we have is a growing collection of AI...

Webinar

Jan 27, 2021: IT-Sicherheitsberatung hinter den Kulissen: Die Top 5 Herausforderungen, die Cloud Modelle mit sich bringen

Der Bedarf nach Cloud-Lösungen ist heute so stark wie nie zuvor. In den letzten Monaten konnten wir weltweit eine steigende Akzeptanz von Cloud Plattformen und Cloud-Diensten beobachten. Sogar die Deutsche Bahn verlagert ihre komplette IT in die Cloud.

Webcast

Ammar Alkassar: Cybersecurity and Digitisation within the Corona Crisis – First Experiences and Initial Conclusions

Within the Corona Crisis, IT and digitisation have proven their essential role for state administration, economy, as well as society. These techniques are not only the backbone for our highly-industrialized countries, but now also recommended as such. The keynote will reflect the first months of the Corona Crisis with a focus on digital administration and IT as backbone. In this context, aspects of project management, management culture, and risk tolerance will be addressed. Last, but not least the keynote will present theses on experiences and future do’s and don’ts,...

Webcast

Greg van der Gaast: The Future Role of the CISO

Webcast

Panel - Zero Trust Paradigm for the Future of Security

Webcast

Enrico Frumento: IT-OT Convergence of Security

Experts define Operational Technology (OT) as  «hardware and software that detects or causes a change, through the direct monitoring and/or control of industrial equipment, assets, processes and events.» OT differs from IT, in terms of functionalities, the culture of operators and threats. In recent months, we witness an increasing convergence of IT and OT systems.  This area is a novel and rapidly expanding one for both cybercrime and industry.  Recent IBM’s 2020 X-Force Threat Intelligence Index summarizes that attacks targeting operational technology...

Webcast

Jean-Christophe Gaillard: The Cyber Security Skills Gap: Real Problem or Self-inflicted Pain?

You don’t have to go far these days to find security professionals complaining about skills shortages, and countless media outlets relaying their views. But there are at least two sides to this argument and the situation requires a more balanced approach. The security industry needs to rebuild its narrative to attract more raw talent at all levels.

Webcast

Stefan Würtemberger: The Road to Zero Trust After a Cyber-Incident

Webcast

Brennan Lodge: Home Grown Machine Learning Implementation for the SOC

The machine learning deployment, integration, and release pipeline is unique and unlike any typical software, application or detection life cycle. A SOC has a blend of infrastructure, team dynamics, disparate logs and data sets, a SEIM, ticketing systems and a need for analytics to better serve and improve their defenses, cyber security posture and incident response. Proper implementation of using machine learning for cyber security defenses can be done with both team and engineering integrations. This talk will walk through an example of machine learning implementation for the SOC in an...

Webcast

Panel - European Cybersecurity Job Market and the Gender Perspective

Webcast

Matt Berzinski: Choosing the Right IAM solution to secure your Hybrid Cloud Environment

In 2020 organizations have been forced to accelerate their digital transformation plans to meet the needs of a more digital engaged end user. From remote workforces to shifts to online commerce, nearly every industry has had to adopt to this new reality. This has resulted in rapid cloud service adoption and a need for integration of existing on-premises investments with them. But today's Hybrid Cloud reality needs a comprehensive security policy that encompasses newly acquired cloud technologies all the way down to legacy on premises...

Webcast

Rolf von Roessing: Business Continuity – Learnings in the Light of the Corona Crisis

Webcast

Sergej Epp, Ashley Ward: Need for Speed: How DevOps is Changing Cybersecurity

Is your cybersecurity as fast as your business? Finding the right strategy to secure the growing speed and diversity of DevOps driven application development and dynamic infrastructures is hard. To master this journey, organisations have not only to adapt new security controls but in most cases to redefine their cybersecurity strategy and traditional approaches such as Defence-in-Depth and Zero Trust Architectures from scratch. In this session, you will learn the FIRST PRINCIPLES how to align the pace of your cybersecurity to your business speed from both perspectives: a cybersecurity...

Webcast

Darran Rolls: The Confessions of an X-CISO: Identity Centric Security @ Enterprise Scale

Webcast

Steffen Minkmar: Cyber Resilience - Regulatory Developments in the Financial Services Industry (and Beyond)

Cyber resilience, a term often heard but never fully understood, has made headlines for many years. Nonetheless, we are still confronted with ransomware attacks that lead to the standstill of organizations, as evidenced in the 2017 Maersk attack or the declared state of emergency by the mayor of the city of New Orleans in December 2019 after the city was hit by a cyberattack. Many organizations perceive cyber resilience as yet another regulatory topic to be addressed by the IT department or the IT security teams, ignoring the regulatory requirements deriving from stakeholders such as...

Webcast

Panel - Secure Work Anywhere: The New Normal from Corporate Policies to Security Practices

Webcast

Panel - Accelerating Digital Transformation with Secure Cloud Access

Blog

User Experience Above All - Secure Access for Employees, Devices and Applications!

Zero trust and IAM from the cloud as the foundation of hybrid IT must be simple Most companies today rely on a hybrid IT infrastructure: Existing on-premise solutions are extended with flexible best-of-breed SaaS solutions. This improves flexibility and agility, but also increases the scope for cyber attacks due to the growing number of digital identities. For example, the Verizon Data Breach Investigation Report 2020 showed that attack patterns that target end-users - such as phishing and the use of stolen credentials - lead the attack rankings again. With obvious numerical sequences and...

Hybrid Event

Nov 09 - 11, 2021: Cybersecurity Leadership Summit 2021

Join us at the Cybersecurity Leadership Summit 2021 from November 9th to 11th to hear security executives, thought leaders, and KuppingerCole analysts share valuable insights on establishing and managing a dynamic, risk-based cybersecurity program at your firm.

Webcast

Flavio Aggio: COVID-19 Cybersecurity Attacks

Cybersecurity technologies to identify, protect, detect, respond and recover are extremely important, but not sufficient. HumanOS upgrade is required to safely use the Internet and It is not only about training and awareness. It is about the way users must behave online and IT community must openly acknowledge system vulnerabilities. Humans are the weakest and strongest links in Cybersecurity.

Webcast

Stefan Romberg: Regulatory Compliance Challenges in 2020

How do you prepare for the increasing regulatory challenges in a time of ongoing cloud migrations with global service providers? The invalidation of the EU-US privacy shield and the enforcement of the NDAA Section 889 will require a thorough review of existing controls and a swift management of stakeholder interests. This key note will provide practical experiences and guidance to ensure you meet your compliance goals.

Webcast

Martin Kuppinger: Cybersecurity Trends in the Age of Work from Home

The way people are working has changed fundamentally. Cybersecurity is even more essential than before. Martin Kuppinger, Principal Analyst at KuppingerCole, will look at the factors that drive the relevance of cybersecurity, but also change the way cybersecurity is done right. He then will look at the trends in cybersecurity and how new technologies and methods help in mitigating cyber risks and improving cyber attack resilience. This includes looking at the impact of Work from Home, changing attack vectors, or the impact of AI on cybersecurity, and discussing what new technologies such...

Executive View

Cherwell ITSM

Cherwell ITSM is a comprehensive IT Service Management application that can be installed on premise or in the cloud and is built on top of the Cherwell CORE platform – a  low-code, configuration file driven service management platform that enables rapid customization, automation, orchestration, integration and extensibility.

Webcast

KuppingerCole Analyst Chat: Emerging Technologies in Healthcare - Solutions and Use Cases

In this second of two episodes, Annie Bailey and Matthias Reinwarth look at use cases of emerging technologies in healthcare. The use of AI, and machine learning to facilitate self-diagnosis chatbots is just one of many fascinating areas of application that are discussed and analyzed.

Webcast

Choosing the Right Fraud Reduction Intelligence Tool in a Digitally Evolving Economy

Fraud is a major cost to businesses worldwide and it is on the rise. In it’s 2019 annual report, the Internet Crime Complaint Center (IC3) put a specific focus on methods such as elder fraught, credit card fraud and confidence/romance fraud, emphasizing the growing occurrence of intentional deception in cybercrime. Companies of all industries face the same challenge: The complex and constantly changing world of fraud detection. The Fraud Reduction Intelligence Platform (FRIP) market is mature and growing and the solutions in this space are quite diverse. Therefore, it comes as...

Webcast

Operationalizing Least Privilege

Striking the balance between enabling users and administrators to be productive whilst protecting your sensitive systems and data is becoming ever more challenging. Attackers are often one step ahead of organizations, and even those with the most comprehensive security systems and controls in place find that an attacker will discover and exploit their Achilles’ heel.

Webcast

The Future of IAM is Automated

Interview with Paul Trulove, Chief Product Owner, SailPoint

Webcast

IAM Essentials: Lifecycle Management

Webcast

Decoding Advanced Privileged Access Management for Digital Environments - A conversation with Paul Fisher and Anil Bhandari

Did you know that privileged accounts are a major source of data leaks? These powerful administrative accounts provide access to business-critical information stored in applications and servers. A single instance of privileged password abuse can bring down the entire IT infrastructure. Therefore, enterprises are rethinking the access control mechanism to harden authentication.

Executive View

ARCON PAM SaaS

Privileged Access Management (PAM) must evolve if it is to meet the demands of different types of organizations and IT architecture. A one size fits all approach does not work in a world where access to privileged accounts is changing. Organizations need PAM solutions that fulfill security requirements but also deliver convenience, rapid deployment, and cost efficiency. Therefore, PAM delivered as a service is gaining traction in the market and, in this report, we consider the merits of ARCON PAM SaaS.

Executive View

BigID

In today's data-centric world, it has become paramount to protect sensitive data and help organizations face mounting regulatory requirements, challenges, and compliance risks. BigID enables organizations to take action on that data to meet privacy, security, and governance requirements by finding, categorizing, analyzing, and correlating their data at scale.

Webcast

Chad Wollen: What Is Privacy Experience Management? Why Does It Matter to Your Business?

Webcast

Non-functional Criteria

Webcast

Creating a Market Compass

Webcast

KuppingerCole Analyst Chat: SOAR - A North American Product Only?

John Tolbert has just taken a close look at the market for SOAR tools (Security Orchestration, Automation and Response) to prepare a Leadership Compass. This has just been published and this gives John and Matthias the opportunity to take a closer look at this market segment of security infrastructures.

Webcast

What’s Really Going on in Your Microsoft Active Directory and Azure AD Infrastructure

Most small and mid-sized businesses rely on Microsoft technology in their IT infrastructure. For the vast majority of larger organizations, solutions such as Microsoft Active Directory also form a vital part of their IT infrastructure. Understanding what is going on in these infrastructures thus is essential. Only then, organizations will be able to react quickly and focused.

Executive View

Illusive Platform

Illusive Networks’ distributed deception platform is a highly scalable, intelligence-driven security solution that offers unprecedented visibility into corporate security posture from the attacker’s viewpoint and helps deal with cyberattacks before, during, and after they happen.

Advisory Note

The Role of APIs for Business

An Application Programming Interface (API) is an intermediary that allows two applications to talk to each other. Without APIs, the digital experiences consumers have grown accustomed to, such as booking a hotel room or in car navigation, would not be possible. In recent years, API proliferation has grown exponentially, and they increasingly being used by companies and organisations to deliver digital transformation and be part of the emerging API economy.

Blog

The Evolution of Endpoint Security: Beyond Anti-Malware

15 to 20 years ago, a virus scanner – or let me call it Endpoint Protection – on your private or corporate computer was standard. Today, you must also have something like a virus scanner on your endpoint device. But in 2020, is it sufficient to detect viruses, worms, and rootkits or botnets like we did in the past? There have been a lot of changes in the way attackers try to steal data, get access to your computers, or even block you from working with your computer. This evolution must be part of your strategy for protecting your endpoints. It is called Endpoint...

Webcast

Lars Brodersen: Digitalization of CRM - Rethink, entirely!

Webcast

Dr. Zacharias Voulgaris: The Usefulness of Anonymization and Pseudonymization in Data Science and A.I. Projects

Webcast

Richard Meeus: Don’t Treat Your Customers Like Criminals: CIAM Best Practices to Balance CX and Security

Customer registration, identity verification, and multi-factor authentication are all critical to reduce fraudulent activity and protect your customers’ identity data. However, they don’t offer the same warm welcome as an instore employee. Join this keynote presentation to learn how to seamlessly convert, engage, and manage millions of customers online—without sacrificing security.

Webcast

Sharon Boyd: Bringing to Life Your CX Strategy, in the World of Tech

Webcast

Using Deception for Early and Efficient Threat Detection

Most organizations are benefiting from the scalability, flexibility, and convenience of modern cloud services and new, highly distributed hybrid corporate networks. Unfortunately, many have also learned the hard way that defense of these systems and the assets they contain continue to remain prone to and the victim of cyberattacks and other security risks.

Webcast

Dr. André Kudra: Integrating Decentralized Identity Into Your Existing Infrastructure: Do's and Don'ts

In this keynote we are looking at practically moving existing infrastructures towards the Decentralized Identity world – widely known as Self-Sovereign Identity (SSI). Leveraging the Credential-based Access Control (CrBAC) paradigm, implementing SSI in an enterprise is easier than most people think. We will learn why and how SSI is such a bright way out of the complex and interwoven IAM world still predominant today, more than 11 years after “Dos and Dont´s when Introducing a Compliance Management Tool” in a Role-based Access Control (RBAC) context at EIC 2009.

Webcast

Erwan Gaultier: Next Generation Customer Life: A 3 yrs. Chief Customer Officer’s Agenda

Webcast

Berthold Kerl, Dr. Karsten Kinast: After Privacy Shield's Death: What Is Still Possible?

With the July 2020 decision of the Court of Justice of the European Union, the „Privacy Shield“ called framework that allowed personal information to be transferred between the EUC und the US; had been invalidated with immediate effect. The only remaining justification to keep on exchanging such information have been the „Standard Contractual Clauses“ (SCC, although they do not fully replace the Privacy Shield. Therefore, the questions now are: Where do Standard Contractual Clauses (SCC) come into the game? Can SCC fully replace the Privacy Shield? Are...

Webcast

Martin Kuppinger: The First Steps to CIAM: Verify Your Customer, Authenticate Your Customer

The Role of KYC for CIAM and Where Learning From KYC Will Help You in Getting Better in CIAM Many solutions in CIAM focus on authentication, while others have their strengths in integrating with marketing automation. However, there is an additional angle, relevant for both highly regulated industries but also any other industries. It is the onboarding process, regardless of whether specific KYC (Know Your Customer) requirements must be formally met or not. Martin Kuppinger will talk about the role and approaches of Identity Verification in the context of CIAM and how this maps to...

Webcast

Reduce Dependency on Active Directory With Cloud Identity

When it comes to identity management many companies depend heavily on Microsoft Active Directory (AD). This high degree of dependency on one service can become a problem when this service faces an outage. Also, respective of the requirements companies have, all services have certain limitations which are sometimes necessary to overcome. Many cyberattacks are perpetrated via staff endpoint devices (computers, smartphones or even printers). This necessitates a fine-mesh risk management approach with a centralized solution, called Identity Fabric at KuppingerCole.

Webcast

Matthias Reinwarth: CIAM and the KuppingerCole Identity Fabric

A Flexible, Adaptable Architecture Framework to Meet the Accelerating Demands of a Digital Enterprise Consumer identity and access management (CIAM) has arrived in the business processes of digital enterprises. Customers, prospects, devices, things and their relationships are becoming increasingly important. At the same time, the innovation cycles for customer-oriented applications are becoming shorter and shorter. And CIAM itself is facing continuously changing challenges. The service-oriented paradigm of the KuppingerCole Identity Fabric provides the perfect foundation for a steady...

Webcast

Zachary Faruque: The Consumer Trust Battleground: How Consent and Preferences Becomes a Competitive Edge

Webcast

Dr. Torsten Lodderstedt: eKYC: Seamless Customer Identification Using Existing Verified Digital Identities.

Webcast

Rolf Hausammann: Transformation from a "Contract Specifc Login to a User Centric Experience"

Webcast

Genc Begolli: CIAM at AUDI - A Constant Transformation in a Worldwide Digital Ecosystem

AUDI has developed a worldwide digital ecosystem for its customers. In order to participate at the ecosystem and to consume the provided services a profound CIAM infrastructure has been developed by AUDI. To cope with the evolved customer needs, the increased number of digitalized services and of course matured requirements from security and data privacy the CIAM infrastructure is at a constant transformation at AUDI. During this session we will give you a rough overview of main transformations within the last couple of years at AUDI AG....

Webcast

KCLive Award: Consumer Authentication

The KCLive Award honors outstanding projects, standards, or people in the field of Identity Management, Cybersecurity and AI.

Webcast

Yvo van Doorn: Attract and Retain More Customers with CIAM Technology

Consumers are now accessing gated content, customer portals or smart devices in ways and at a scale never seen before. The most successful companies aren’t just focused on providing secure, seamless and painless access for the end-user. They’re also passionate about delivering a customer experience that will help them drive growth. And it starts at the login box.

Webcast

Panel: Best Ways to Balance User Experience & Security for your Consumer Identity Management Strategy

The challenge is to offer user-friendly login procedures via social media accounts, passwords or biometric devices while securing and respecting personal data at the same time. This combination must be taken seriously to provide a smooth Customer Experience (CX) and to guarantee that every consumer can control the access to his personal information. Join this panel to hier the best practise advises of experts in the branch.

Webcast

Katryna Dow: Human-centric Data & Identity Management – Implementing Real World Case Studies

Earlier in 2020, the European Union published “A European Strategy for Data” outlining its vision for a connected single digital market where the benefits of the digital economy could enhance the lives of its citizens, residents and trade partners. However, we now find ourselves at a very real crossroad. A post-pandemic world will be a new type of normal. Amidst the tragic loss of lives there have been breakthroughs in science, new ways of working along with embracing new digital tools. We are at the beginning of a new design and architectural phase where just because...

Webcast

Balraj Dhillon: Digital ID and Responding to a Healthcare Crisis for a Canadian Province

At the peak of the COVID-19 pandemic, the Province of New Brunswick in Canada needed to enable digital access to COVID-19 test results. Simeio, working with New Brunswick’s Provincial healthcare arm MyHealthNB delivered a digital identity solution. This enabled secure access which was validated against authoritative data sources to proof identity. This also allowed New Brunswick citizens to stay safe and practice social distancing by obtaining results securely and confidentially. COVID-19 has driven healthcare organizations to enable virtual support and digital...

Webcast

George Fletcher: The Changing Landscape of Authentication

Webcast

Martijn Loderus: Building Blocks of CIAM

Consumer identity and access management (CIAM) is the connective technology between consumers and brands. CIAM is an important consideration when navigating routes to market for your products and services. A consumer’s journey navigating solutions to problems is where you can leverage the CIAM building blocks — capture, engage, manage and administration — for more personalized campaigns and direct consumer engagement. Read on to learn the meaning and drivers of these building blocks. In this session, learn more about the building blocks and how various...

Executive View

IBM QRadar Advisor with Watson

QRadar Advisor with Watson integrates the QRadar Security Analytics Platform with Watson’s cognitive AI to perform fully automated forensic investigations of security incidents, dramatically improving analyst productivity and enabling quick response to cyberthreats.

Webcast

KuppingerCole Analyst Chat: Emerging Technologies in Healthcare - The Underlying Trends

In this first of two episodes, Annie Bailey and Matthias Reinwarth lay the foundations for the topic "Emerging Technologies in Healthcare". Beyond hype and half-knowledge, they look at the use of AI, machine learning, block chain, and modern digital identities for the comprehensive improvement of processes and systems in healthcare.

Webcast

Interview on Privacy & Consent Management (Ian Evans, Managing Director at OneTrust)

KC Analyst Anne Bailey interviews Ian Evans, Managing Director at OneTrust, about privacy and consent management.

Webinar

Dec 09, 2020: Identität ist das neue Perimeter: Sichern Sie Zugriff und Nutzung von Cloud-Anwendungen

Da mittlerweile mehr als zwei Drittel aller Beschäftigten remote arbeiten, möchten Unternehmen Ihren Nutzern sichere und flexible Arbeitsmöglichkeiten über alle Plattformen und Geräte hinweg anbieten. Und da sich 85% Ihres Datenverkehrs bereits in der Cloud befindet, schützen Sie Ihre Nutzer und Daten am besten mit Security aus der Cloud. Aber wie?

Leadership Compass

Security Orchestration Automation and Response (SOAR)

This report provides an overview of the SOAR market and provides you with a compass to help you to find the solution that best meets your needs. We examine the SOAR market segment, product/service functionality, relative market share, and innovative approaches to providing SOAR solutions.

Whitepaper

Privileged Access Management solutions for Agile, multi-cloud and DevOps environments

Privileged Access Management (PAM) is an important area of risk management and security for any organization. Privileged accounts have traditionally been given to administrators to access critical data and applications. But changing business practices and upgrades to IT including cloud and other trends has meant that users of privileged accounts have become more numerous and widespread. An area in sharp focus is agile development teams such as DevOps and others that need secure access to privileged resources in the cloud; support for these has become essential to many organizations. Such...

Webinar

Dec 08, 2020: Explore the Cutting Edge of Data-Driven Customer Experience

To accomplish complex and critical missions, market leaders are turning to a new generation of customer data platforms (CDPs). They uncover hidden revenue opportunities by unifying all sources of customer data into comprehensive and actionable profiles.

Whitepaper

Protecting Intellectual Properties while enabling business agility with R&S®Trusted Gate by Rohde & Schwarz Cybersecurity

Many industries, specifically the ones that on one hand must collaborate and share information and on the other hand have to deal with highly sensitive information and state-run industrial espionage – such as e.g. Life Sciences, Pharma, or BioTech – must enable information protection while enabling business agility. They need to define their Information Protection Lifecycle and foster it by adequate technology. Document-level access control and distributed storage combined with strong encryption is an important building block in enabling such concepts.

Executive View

ideiio

Identity Governance & Administration (IGA) is not only for large enterprises but organizations of all sizes to reduce the risk of user access to applications, systems, and data and ensure compliance with applicable laws and regulations. ideiio focuses on providing a straightforward and easy way to deploy and use IGA in organizations regardless of its size.

Executive View

Oracle APEX – secure low-code application development platform

Oracle Application Express (APEX) is a low-code development platform that allows business users with limited IT skills to design and maintain scalable enterprise applications, storing their data securely in the Oracle Autonomous Database. 

Leadership Compass

Enterprise Databases in the Cloud

This Leadership Compass provides an overview of the enterprise databases offered primarily as managed services to enable modern cloud-native application architectures as well as data processing and analytics at scale. We examine both the portfolios of large cloud service providers and innovative modern managed database offerings to provide you the guidance and recommendations for finding the right technology for your next application or a cloud migration project.

Webcast

John Tolbert: Topic Overview - Challenges and Trends

Webcast

John Tolbert: Methodology

Webcast

Anne Bailey: Market Overview

Webcast

Anne Bailey: Core Functionalities

Webcast

KuppingerCole Analyst Chat: The European Cybersecurity Month - Ensuring Security Beyond Awareness

This analyst chat episode is the 50th and therefore a bit different. This time Matthias talks to two experienced analysts, Martin Kuppinger and Alexei Balaganski, about the ECSM, the European Cyber Security Month, which is to provide information and awareness on cyber security in October 2020. The particular aim they pursue is to go beyond awareness to arrive at specific measures that can benefit individuals and organizations alike.

Webcast

Policy-Based Access Control – Consistent Across the Enterprise

The evolution of cybersecurity protection demands a more nuanced response to providing access to a company’s sensitive resources. Policy-based access control (PBAC) combines identity attributes and context variables to enable sophisticated granting of access to corporate systems and protected resources based on centrally managed policies that ensure consistent access control decisions across the enterprise. Advancement in both business requirements and technology (such as growing use of micro-services), require a better way to control access. In a way that is consistent across all...

Webcast

2020 Is the Year of the Identity Management Revolution

2020 has been the year of dispersed workforces and working environments. The impact on existing infrastructure, strategies and legacy technology has been unprecedented. As a result, we embarked on a revolution for Identity & Access Management and a mind-set change for organizations big and small, global or local. Never before has IAM been more present and upfront. In this new world, trusted identities need to be the starting point for all organizational strategies and driving organizational change.

Webcast

IAM Essentials: Identity Governance and Administration

Whitepaper

Safeguarding Your Most Valuable Data: Five Key Criteria to Assess Cloud Provider Security

This whitepaper focuses on defining the key security-focused selection criteria to help your company choose a secure platform for current and future cloud projects.

Webcast

KuppingerCole Analyst Chat: There is More to IAM Processes than JML

When asked to describe IAM processes, managers tend to think first of traditional lifecycle management processes such as Joiner, Mover and Leaver (JML). While these are clearly essential for identity governance in interplay with authoritative sources, a comprehensive process framework for IAM and beyond encompasses many other areas. Martin Kuppinger and Matthias Reinwarth explore some of these additional areas between convenience and compliance.

Webinar

Jan 26, 2021: The Evolution of Access Control

The purpose of an identity management system is to support access control to an organization’s sensitive systems and protected resources. Contemporary access control has progressed from static entitlements, still used in many organisations. Not only manual interventions are necessary to change roles, also provisioning, reconciliation, recertification and auditing are laborious tasks, which complicate each business process.

Webcast

How to Hunt Threats Effectively With Network Detection & Response Solutions

The number of cyber-attacks globally continue to rise. Attacks are growing increasingly sophisticated. The tactics, techniques and procedures that were once only used by well-funded state actors are being commoditized by cybercriminals. State actors sometimes employ tools that were formerly mostly used by cybercriminals. The threat landscape evolves continuously.

Architecture Blueprint

Architecting your Security Operations Centre

A security operations centre (SOC) is a dedicated team, usually operating 24x365, to detect and respond to cybersecurity incidents within your organisation that potentially affect your people and systems. Architecting your SOC properly in terms of technology, processes, people and a close coupling with the organisation is critical if you are to achieve value from implementing a SOC within your organisation.

Blog

Cybersecurity Awareness – Are We Doing Enough?

It’s October and it means that we are having the European Cybersecurity Month again. ECSM is the European Union’s annual campaign dedicated to promoting cybersecurity among EU citizens and organizations. To be completely honest, I do not remember it being much of a thing in previous years, but apparently, in 2020, cybersecurity awareness is much more important for the European Commission and not without, ahem, a very big reason. I have always had mixed feelings about the whole notion of “awareness”. On one hand, raising awareness is basically what we analysts do on...

Webcast

Techniques for Securing Transactions With Identity Verification and Verifiable Claims

Consumer and Workforce identities are under assault. Cybercrime and fraud are pervasive problems that have only escalated during the pandemic. Even as the number of online and mobile transactions increases, businesses, government agencies, and other organizations are actively searching for solutions to help them minimize fraud and other kinds of cybercrime.

Webcast

Privileged Access Management Buzzwords

Webcast

Multicloud und Digitalisierung: Wie Sie die Nutzung im Griff behalten

Die Rolle der Cloud für die Digitalisierung kann kaum überbewertet werden. Doch mit zunehmender Cloud-Nutzung sind Organisationen bezüglich der Zugriffskontrolle für Cloud-Plattformen wie AWS, Microsoft Azure und Google Cloud Platform in Verzug geraten. Zwar bieten diese Plattformen Unternehmen Agilität und beschleunigen Innovation durch neue Services wie Sprachverarbeitung oder konfigurierbare Dialogsysteme, doch oft fehlt es an der erforderlichen Kontrolle, um den Zugriff auf all diese Cloud-Ressourcen ordnungsgemäß zu regeln.

Webcast

Identity and Access Management

Executive View

Commvault Complete™ Data Protection

Business continuity planning is essential to the digital transformation process. This requires the use of data backup products and disaster recovery services which must support today’s multi-cloud hybrid IT environment. This report describes how Commvault Complete™ Data Protection meets these challenges.

Executive View

UNITY: IGA Modernization Framework by Persistent

Inevitably, every organization with digital security and governance requirements will go through iterations of IAM and IGA system modernization efforts. Persistent Systems' Unity provides the necessary migration framework to facilitate an IGA modernization transition.

Executive View

R&S®Trusted Gate - Secure Glocalization von Rohde & Schwarz Cybersecurity

Rohde & Schwarz Cybersecurity ermöglicht eine zuverlässige Verarbeitung regulierter und sensibler Informationen für die Zusammenarbeit und zum Dateiaustausch in gemeinsamen SharePoint-Plattformen für Organisationen in verschiedenen Ländern und Regionen unter Gewährleistung der Konformität zu unterschiedlichen Gesetzen und Vorschriften. Rohde & Schwarz Cybersecurity ermöglicht eine weltweit verteilte, effiziente und sichere Infrastruktur mit zentraler und konsolidierter Verwaltung unter Wahrung von Compliance und Datenschutz.

Executive View

Oxyliom Solutions GAÏA Advanced Identity Management

The GAÏA Advanced Identity Management component of the GAÏA Trust Platform by Oxyliom Solutions integrates the key elements of identity management required for regulatory compliance and a modern digital experience, especially in highly regulated industries such as the financial sector.

Webinar

Nov 23, 2020: Zugriffsmanagement mit künstlicher Intelligenz neu erfinden

Unternehmen müssen in der modernen IT-Welt eine Vielzahl von Angestelltenidentitäten, Benutzerrollen, Zugangspunkten und Endgeräten verwalten. Diese Verwaltung von digitalen Identitäten und den entsprechenden Zugriffsrechten ist für die meisten Firmen nicht nur kompliziert, sondern auch zeitaufwändig. Wenn Unbefugte fälschlicherweise Zugriff zu sensiblen Unternehmens- und Kundendaten erhalten, kann dies zu Compliance-Problemen, Bußgeldern und Reputationsverlusten führen.

Webcast

KuppingerCole Analyst Chat: Policy-based and Dynamic Authorization Management

Dynamic, risk-based, attribute- and context-related authorizations are becoming increasingly important for many enterprises. Graham Williamson and Matthias Reinwarth take a look at the market sector for dynamic authorization management and policy-based permissions in light of the recent publication of a Market Compass on this topic.

Webcast

Jessica Constantinidis: Who Are Your Customers, and Why Do They Need You or Your Product? Find the Real Business Goal You Need to Achieve by Thinking Differently

Today, if you want to respond to new competitors or communicate with people who might buy your product, you must refresh your view of who your internal and external customers are and how you can reach them. Similar questions apply to all business models : What are you doing today to make a difference? How can you optimize in ways that match our new reality? Is agility at your business core?  Nowadays, nobody can afford to make assumptions as time and money are restricted, and most are in a cost optimization phase. However with the right focus and right lens it might actually be the...

Webcast

Pavel Volosen: An Implementer’s Perspective to Traditional Identity Access Governance (IAG) vs Identity Access Governance (IAG) on ServiceNow

This session will compare and contrast characteristics of Identity Access Governance built on traditional platforms, with those built on top of ServiceNOW, taken from an field perspective. Session will review implementation costs, common outcomes, and ultimately how to decide which is the most appropriate solution based on business needs.

Webcast

Todd Wiedman: IGA with the Power of ServiceNow

With all of the different IGA approaches available these days, have you ever wondered how global companies have success in centrally and seamlessly managing their mountains of requests while still maintaining critical workflows and compliance standards? Get the strategies you need to navigate and win from Todd Wiedman, Chief Information Security Officer, Landis+Gyr. Todd will be sharing insights and learnings from his successful implementation using the Clear Skye IGA solution natively running on the ServiceNow (NOW) Platform in this ‘not to be missed’ session.

Webcast

Warwick Ashford: Don’t Reinvent the Wheel – Align ITSM with IAM/IGA Instead

As ITSM platforms evolve into strategic tools for service deliver across a range of busines functions, it is tempting for organizations to build in identity access management, governance, and administration functionality to provide a one-stop-shop for all employee requests and eliminate the cost of a separate IAM/IGA system. 

Warwick Ashford, senior analyst at KuppingerCole will explain why this is a risky strategy and discuss the benefits of and some use cases for aligning ITSM with IAM/IGA systems instead.

Webcast

Panel - Integrating IGA and ITSM - Key Benefits and Main Challenges

Webcast

Gillan Ward: The Use of Real World Evidence (and Identities) in Support of Identity and Access Management

Central to the ability to identify, authenticate and authorise individuals and allow them access to resources is the validation of the requirements to ensure that someone is who they claim to be, possess the requisite academic or professional qualifications, work experience, skills and understanding their competency within any given skill. Ie. I may have a driving licence with allows me the right to drive but if subsequent to a test I have never had the opportunity my competency will be almost non-existent. And of course ensuring the binding of the identity throughout the lifecycle of an...

Webcast

Interview with Jackson Shaw

Webcast

Jackson Shaw: Is it Time for an Identity Revolution?

Why have things like cell phones and automobiles become more advanced, intuitive and cost effective over time while managing Identity, particularly Identity Governance, has remained complex and expensive? The time and resources it takes to implement an identity project hinders the business and slows any hope of digital transformation. The frustration is real and ripping and replacing has not proved to be the answer. So what’s it going to take to truly get IGA right? In this thought-provoking session, Jackson Shaw, an experienced thought leader in IGA will discuss the need to rethink...

Webcast

Martin Kuppinger: Where ITSM is Heading – and the Impact on IAM

ITSM is going well beyond ITIL and IT ticketing these days: It’s becoming the portal and workflow platform Not that long ago, ITSM (IT Service Management) was what the name means: A technology used within IT to manage IT services and facing to the end user when it comes to IT requests. IT requests led to tickets as the tasks to be performed by workers in IT. And yes, there was and is ITIL (IT Infrastructure Library) describing common IT processes, there were and are Service Catalogs, and there were and are CMDBs (Configuration Management Databases). However, this is changing....

Blog

The Story of Edge AI

Whether you are a firm believer in the bright future of Artificial Intelligence or somewhat of a skeptic like me – you simply cannot ignore the great strides AI technologies have made in recent years. Intelligent products powered by machine learning are everywhere: from chatbots to autonomous vehicles, from predicting consumer behavior and detecting financial fraud to cancer diagnostics and crop harvesting. There is however a major factor limiting even further applications of AI and ML in almost any industry: AI algorithms are very computationally intensive and until quite recently,...

Webcast

How Security and Identity Fabrics Work to Help Improve Security

Many organizations struggle or even fail because they overcomplicate the implementation and extension of their cybersecurity toolset. Most do not have a central approach on security, and often use a set of tools that are not well-integrated with each other.

Webcast

The Evolution of Encryption: Getting Ready for the Quantum Watershed

The relentless move towards the digital transformation seems unstoppable. Organizations must secure their trust and reputation in the face of increasing attacks, advances in technology, increased regulation and compliance, and the continued shift to the cloud and cloud services. Unfortunately, not a single week goes by without another large-scale data breach or leak reported by the media – it seems that a company of any size or industry can fall victim to insufficient or ineffective data protection controls.

Webcast

The Role of Data-Centric Security in the Cloud

As modern businesses across all verticals continue their rapid digitalization, the need to store, process and exchange data securely is becoming an essential factor for any company. However, this is particularly challenging for high-tech companies dealing with highly-sensitive R&D data.

Webinar

Dec 03, 2020: There Is No Successful Digital Transformation Without Strong Identity Management

2020 will go down in history as the year in which many companies gave their stagnating digital transformation initiatives a big new push. Due to the pandemic, organizations were forced to rapidly scale up their remote working facilities, secure employee-owned devices (Bring Your Own Devices (BYODs) , and maintain a secure environment for enterprise and customer identities . However, when it comes to their identity architecture, the picture is typically fragmented. They may have a general Identity and Access Management (IAM) platform from one company, a Privileged Access Management (PAM)...

Webinar

Dec 15, 2020: Entering the Virtual World With Identity Verification

The way consumers access products and services across sectors has changed forever as interactions move from physical to digital engagement. What started as a change born from convenience, is now a necessity and solidifying into a long-term behavioural shift. As consumers choose to access more goods and services digitally than ever before, it is essential that organisations meet users’ expectations of instant and convenient transactions, or risk losing customers to more customer centric online competitors. 

Webcast

KuppingerCole Analyst Chat: Access policies as the Common Language for Defining Access

Access management and access governance in many companies are still largely based on traditional authorization concepts. Thus defining and thinking access management is often rooted in a rather one-dimensional paradigm. Martin and Matthias talk about access policies as a common language for defining and maintaining rules for access, independent of the actual implementation of access control.

Webcast

Application Access Governance for SAP Environments and Beyond

For many enterprises, SAP systems are an essential part of their corporate IT infrastructure, storing critical business information and employee data. SAP systems have traditionally been a major focus area for auditors. It is therefore essential that all existing SAP systems are covered by an effective solution for managing risks, including managing access controls and SoD controls, and implementing adequate Access Governance.

Webcast

Seamless Connectivity: Why You Need It and How to Get It Right

Businesses are increasingly embracing new technologies to enhance existing processes and enable new business models and revenue streams through Digital Transformation. Service-based business IT, however, is not without challenges, particularly around access governance and control. Digital Transformation is all about enabling everyone and everything to connect seamlessly to new digital services, to facilitate value exchange while still ensuring regulatory compliance, faster product innovation, secure remote working capabilities, and multi-channel consumer access despite ever-tightening...

Webcast

IAM Essentials: Identity Data Integration

Market Compass

Cloud Access Security Brokers

The KuppingerCole Market Compass provides an overview of the product or service offerings in a certain market segment.  This Market Compass covers CASB (Cloud Access Security Broker) solutions that help to secure the organizational use of cloud services.

Webcast

Information Protection in Cloud Services

Today’s economy is clearly driven by data. The most successful companies are those that can use this data to create useful information that enables them to get closer to their customers, to create new products and be more efficient. Cloud services are a key enabler in this, they allow the capture, storage, and exploitation of vast amounts of data without the need for capital expenditure. They enable the rapid development and deployment of new applications as well as the modernization of existing one.

Blog

5 Key Benefits of Marrying IGA and ITSM

For today’s companies, IT service management is more than IT support. ITSM is about working behind the scenes to help employees to do the work that drives your business – providing a one-stop shop for service needs, upgrades, improvements, and asset management. If IGA doesn’t play a critical role in your ITSM strategy, it should. We frequently hear from customers who are looking to better align IGA and ITSM, and our conversations with the analyst firm KuppingerCole often focus on this topic as well. Simply put, it just makes sense to marry IGA and ITSM. There’s a...

Webcast

KuppingerCole Analyst Chat: Business Resilience Management Part II

Warwick Ashford and Matthias Reinwarth talk about business resilience again, focusing on cyber supply chain risk management.

Webcast

KCLive Award: Best IAM for Mid-Market Project

Webcast

Mans Hakansson: Modernizing IAM - Implementing Policy Based Access Management & Governance

In this session PlainID will discuss how organizations can rethink, redesign and modernize their Identity and Access Management (IAM) architecture by implementing PBAC (Policy Based Access Control). This service should be a central service supporting not only one specific set of applications but rather act as a focal point (or a “brain” if you like) for different IAM technologies. This new architecture pattern has evolved to better support more applications and more advanced use cases.

Webcast

Interview with James Taylor

Webcast

Matthias Reinwarth: Beyond Static Access - Leveraging Access Policies To Deal With The Increasing Complexity Of Access Governance

Webcast

Darran Rolls: Standing on the Beach, Looking at the Sea: Identity Governance & Administration, Today, Tomorrow and Sometime Later

In this session Mr. Darran Rolls with provide a unique perspective on the emergence, growth and future advancement of IGA technology.  In it, he provides an assessment of where we stand today with existing solutions and deployment approaches, and highlights where the industry needs to focus regarding program oversight, cross-system orchestration and integration with cloud and DevOps processes. I’ll start working on the content this week and have some questions on format and delivery: Is there a preferred slide template or format? What is the optimum approach record...

Webcast

Alpha Barry: The Value of Identity Governance and Administration in Non-Regulated Companies

While properly defined and tool-supported identity and access governance (IGA) is prevalent in regulated industries to ensure compliance, it is still fairly uncommon in mid-sized or even larger companies in non-regulated industry sectors. This has not been a problem in the past, when classical, data-center based IT infrastructure was dominant. Mr. Barry will point out why a lack of IGA can become a major issue when introducing hybrid or cloud-based IT infrastructure, and will explain why tool-based IGA can even add long term value in automating the administration of a hybrid infrastructure...

Webcast

Nick Groh: Evolving Data-Driven Decision Making Beyond Identity Management

As organizations become increasingly digital, they must continue to evolve their IAM strategy to solve business challenges, support new initiatives, and incorporate data-driven decisions. In this session, Nick Groh will introduce the concept of data-driven decision making, including how artificial intelligence can help reduce the costs of decision-making. The session will also cover mobile trends and other sources of leveraging data, and focus on applications to identity management. This session will look at how IGA has mature use cases, but needs to be applied more broadly. Finally, there...

Webcast

In an Age of Digital Transformation Managing Vendor and Partner Identity Is Critical

Organizations have been managing the identity and access of employees for many years to protect data and the overall security of the enterprise. However, the onset of digital transformation has driven a need for faster, cost-effective innovation and with it the increased utilization of third-party resources. Consequently, organizations have a greater need to manage third-party access to data, systems, and facilities. This includes contractors, vendors but also partners, affiliates, volunteers, and even service accounts and bots. Modern organizations are much more collaborative and open...

Webcast

David Black: The Use of Real World Identities in Support of Identity and Access Management

Webcast

Olivier Schraner: Adapting IGA to Your Digital Agenda

As more products become digitally presented and delivered, process agility increases and the requirements against IGA solutions change significantly. Established patterns need to be shed, and new approaches to governing your human and robotic workforce become essential. This talk looks at the evolution of IGA requirements in the face of rapid business transformation, and explores different approaches of solving new challenges while keeping then enterprise safe and compliant.

Executive View

Fudo PAM by Fudo Security

Fudo Security’s PAM solution is the company’s primary product in the expanding PAM market. In the last few years PAM has evolved into a set of targeted technologies that addresses some of the most urgent areas of business security in a period of rapid technological change. Digital transformation, Cloud, and Hybrid IT environments are creating new demands and innovative PAM solutions are emerging to meet these challenges.

Webcast

Zugriffsschutz für sensible Daten – mit Data Access Governance und Identity Governance

Damit Sie besagte Vorschriften rechtzeitig erfüllen können, ist es notwendig, sensible Daten zu erkennen und zu klassifizieren, unabhängig davon, wo sie sich befinden. Vor einer Cloud-Migration müssen Sie die Kritikalität von Daten verstehen und definieren, welche Informationen in die Cloud verlagert werden können, welche nicht und wie solche Informationen geschützt werden müssen. Die Sicherheit kann unter anderem durch proaktives Überwachen von unberechtigten und möglicherweise bösartigen Zugriffen erhöht werden. Die Ergebnisse...

Press Release

Darran Rolls Joins KuppingerCole as Executive Research Fellow

KuppingerCole Analysts AG, one of Europe’s leading IT analyst companies, has appointed Darran Rolls as a KuppingerCole Executive Research Fellow. Darran will initially be engaged to conducting research in the areas of information security and identity governance, enhancing the expertise of the advisory team and its related services.

Webinar

Oct 29, 2020: What’s Really Going on in Your Microsoft Active Directory and Azure AD Infrastructure

Most small and mid-sized businesses rely on Microsoft technology in their IT infrastructure. For the vast majority of larger organizations, solutions such as Microsoft Active Directory also form a vital part of their IT infrastructure. Understanding what is going on in these infrastructures thus is essential. Only then, organizations will be able to react quickly and focused.

Webinar

Nov 05, 2020: Choosing the Right Fraud Reduction Intelligence Tool in a Digitally Evolving Economy

Fraud is a major cost to businesses worldwide and it is on the rise. In it’s 2019 annual report, the Internet Crime Complaint Center (IC3) put a specific focus on methods such as elder fraught, credit card fraud and confidence/romance fraud, emphasizing the growing occurrence of intentional deception in cybercrime. Companies of all industries face the same challenge: The complex and constantly changing world of fraud detection.

Leadership Brief

Working for the Business, not the Auditors

Forward-thinking companies no longer see cybersecurity, governance, compliance and privacy as something they are just forced to do. Instead, a comprehensive alignment with applicable policies, regulations and laws is the basis for consistently and competitively enabling and sustainably operating digital business.

Executive View

Atos DirX Directory

Atos DirX Directory is one of the few enterprise-grade directory services in the market, delivering a high-performance, high-scalability, high-availability, and high-secure implementation that is required by many of today’s large-scale use cases in the Digital Transformation. Atos DirX Directory builds on a purpose-built and optimized data layer and delivers comprehensive support for X.500 and LDAPv3 protocols and specifications.

Executive View

R&S®Trusted Gate - Secure Glocalization by Rohde & Schwarz Cybersecurity

Rohde & Schwarz Cybersecurity offers reliable management of regulated and sensitive information to promote compliant collaboration and file sharing in unified SharePoint platforms for organizations spanning countries and regions with different laws and regulatory requirements. Rohde & Schwarz Cybersecurity utilizes globally distributed, efficient and secure infrastructure with central and consolidated administration while maintaining compliance and privacy.

Webinar

Dec 02, 2020: Managing Azure AD – Regardless of How You Use It

Microsoft Azure Active Directory (Azure AD) has gained widespread adoption. Coming with Microsoft Azure Cloud as well as Microsoft 365 (i.e. Office 365), it appears in many organizations just because of decisions made outside of the IAM team.

Webcast

The Fast Track to Optimized Operations With IAM-as-a-Service

IAM-as-a-Service provides the operational agility by bringing-in skills and expertise to implement a precise strategy, technology deployment, process automation, service delivery and support model, thus, gaining operational efficiency and streamlining budgets. Therefore, IAM-as-a-Service, with its pre-built integrations, is the ideal solution for short-staffed IAM teams. Join this webinar and learn     Why IAM projects often stall     How you implement initiatives faster with IAM-as-a-Service     How you can make use of automation...

Webinar

Dec 09, 2020: The 3 Pillars of Access Control Optimization: IAM, GRC and User Monitoring

Identity & Access Management (IAM) tools are used to automate processes of user lifecycle management and control user access permissions from a single point. We can improve these processes by using conditions and policies, and eventually implementing rule-based access controls (RBAC) and policy-based access controls (PBAC). However, allocating these authorizations might expose the organization to risk if compliance is not taken into account. It is imperative to combine IAM and governance, risk management, and compliance (GRC) in order to verify that access is granted correctly, without...

Webinar

Jan 20, 2021: Accelerating Your Digital Transformation: Secure and Successful Cloud Migrations

The use of cloud services is one of the key enablers of digital transformation - accelerating time to value, providing more access to powerful IT resources in a more cost-effective manner and removing the management costs associated with commodity services. However, these benefits come with some risks. Migrating your business applications to the cloud without creating security vulnerabilities, unnecessary risks to your data and ensuring compliance, is critical for a successful digital transformation.

Webinar

Nov 03, 2020: Decoding Advanced Privileged Access Management for Digital Environments - A conversation with Paul Fisher and Anil Bhandari

Did you know that privileged accounts are a major source of data leaks? These powerful administrative accounts provide access to business-critical information stored in applications and servers. A single instance of privileged password abuse can bring down the entire IT infrastructure. Therefore, enterprises are rethinking the access control mechanism to harden authentication.

Blog

Data-Driven Decision Making for Identity Security

Symantec Enterprise: With more informed decisions comes more automated security. In today’s Zero Trust world, where the principle of least privilege is ubiquitous, enterprises are struggling to balance security while simultaneously enabling a highly agile business environment. There has always been friction with security and making highly specific security decisions quickly and efficiently contributes to this. Moreover, decision-making in enterprises exists on a spectrum from completely manual to completely automated. Regardless of where your organization resides on this scale, you...

Webcast

KuppingerCole Analyst Chat: Meet the Citizen Developer

Alexei Balaganski and Matthias Reinwarth look at the citizen development movement and discuss the potential risks of letting business users create their applications without proper governance and security.

Webinar

Dec 16, 2020: Making Zero Trust Work With the NIST Framework

There’s lots of hype around Zero Trust Security in the context of our changing mobile and cloud-centric working environments. Moving towards a modern and agile Zero Trust security concept is essential in today's mobile first, work-securely-from-anywhere world.

Webcast

Die Demokratisierung der Cybersicherheit

Im Laufe der vergangenen Jahrzehnte haben Unternehmen vielen Anstrengungen auf sich genommen, um ihre IT-Sicherheit zu verbessern und so ihre Daten und Netzwerke zu schützen. Eine Konsequenz daraus wird immer deutlicher sichtbar: CISOs und ihre Teams müssen sich um eine (zu) große Zahl an Produkten und Lösungen kümmern, die der Unternehmenssicherheit dienen sollen. Oft sorgt schon die schiere Masse an Lösungen für eine hohe Komplexität und jährlich steigende Gesamtbetriebskosten (TCO), wobei der Mehrwert für die Sicherheit durch eine immer...

Webcast

Identity for All – Not for the Few

While digitalization is a major challenge for all kinds of enterprises, it is particularly hard for medium sized enterprises. For many years, medium sized enterprises have struggled to deploy Identity Management as well as Identity Governance (IGA) solutions and show true business value and a return on investment. This is largely due to the complexity of implementation and the level of configuration and customization to fulfill the requirements. As a result, many companies have deployed Access Management solutions like single sign-on only to find that while great for user convenience, they...

Webcast

Identity and Access Management Strategies That Grow With Your Business

For these organizations, an adaptable Active Directory-centered (AD) approach can address the areas of highest impact. By adding cloud-based access request and access certification functionality to the mix, a company can achieve a basic IGA solution for a fraction of the cost, complexity, and deployment time. This approach also provides the opportunity to expand the scope beyond AD and Azure AD by embracing many non-Windows systems (such as Unix/Linux) and SaaS applications (via SCIM connectivity). Learn how to build a strategy for a modular approach to identity that can be custom fit to...

Virtual Event

Oct 20, 2020: KCLive Tools Choice: Privacy and Consent Management

Privacy isn’t a superficial requirement. It is a cultural change that is transforming the way individuals and enterprises treat data and impacts almost all industries, especially B2C. Everyone from end-users to enterprises to hackers know that identity information has value, and that if not protected it will be exploited. And yet collecting private information has become ubiquitous with online business to deliver personalized services. Enterprise-grade tools to handle and safeguard end-user information existed before the wave of global privacy regulation hit, but the Privacy and Consent...

Executive View

SAP Cloud Identity Access Governance

SAP Cloud Identity Access Governance (IAG) is the SaaS solution provided by SAP for managing access risks and SoD controls from the cloud, for both SaaS business applications and a range of on-premises services. It covers areas such as Access Analytics, Role Management, Access Requests, Access Reviews, and Privileged Access Management for these environments. SAP Cloud IAG can run independently of SAP Access Control, but also integrates neatly with that solution.

Buyer's Compass

Buyer’s Compass: Access Management

Access Management capabilities are well-established in the broader scope of IAM and are continuing to gain attraction due to emerging requirements for integrating business partners and customers. This KuppingerCole Buyer’s Compass will provide you with questions to ask vendors, criteria to select your vendor and requirements for successful deployments. This document will help prepare your organization to conduct RFIs and RFPs for Access Management.

Webcast

Morey J. Haber: 10 Steps to Universal Privilege Management

Virtually every cybersecurity breach today involves the exploitation of privileged access. Privileges are initially exploited to infiltrate an IT environment; once compromised by threat actors, privileges are further leveraged to move laterally, access assets, install malware, and inflict damage. In this session, learn 10 key steps to achieving Universal Privilege Management, and how it is used to secure every user, session, and asset across your IT environment. Covered topics include:  Why relying on password management alone leaves dangerous gaps in protection Disrupting...

Webcast

Joint Session: Demonstration of the Integrated Approach

Webcast

Neeme Vool: Implementing IAM in the Enterprise: 3 Takeaway Gems from Engineer

IAM implementations are not all same, but for sure there is not as many implementations as there are situations.I have selected 3 major factors which defined our IAM project. Of course, final result was a consequence of lot more things. And yes, we succeeded to implement full Identity lifecycle in the enterprise where starting point is a complex matrix of requirements like multiple legal entities, multiple contracts, kinds of work relationships, several account directories, manual processes. Just name any situation, we had it. We were on the edge of failure and almost ready to...

Webcast

Vickus Meyer: Nedbank Identity & Access Governance Fundamentals in Action

Webcast

Panel Discussion - The Road to Enterprise Identity Success

Webcast

Henk Marsman: Moving From the Dark Age of Legacy to the Era of Enlightenment

In this presentation Henk will share the journey that Rabobank made from a situation in 2017 with two solutions and infrastructural environments for IAM and two teams, that merged and went on a journey to become one, as well as overcoming the legacy environments that delivered the service. The presentation details especially the management of this journey and how to move from A to B to C to D to Enlightenment. And perhaps we're not even there yet. The presentation will detail our specific journey, but general key takeaways can be identified that apply to any IAM department and service.

Webcast

Mike Kiser: 13 Treasures in 81 Minutes: The Isabella Stewart Gardner Heist and Identity as the New Vermeer

In the early hours of March 18th, 1990, two men entered the Gardner Museum. They left 81 minutes later with 13 artworks, including two Rembrandts, a Vermeer, a Degas, and ancient Chinese vase.  The heist remains unsolved today, with no leads and no suspects — and the museum is offering a $10 million prize for the safe return of the pieces. Given that background, you might assume that this was another session about zero trust. It’s not. Recently, a growing emphasis on data privacy has sought to treat identities and their associated data as valuable works of art as...

Webcast

Matthias Reinwarth: The Three Fundamentals of Enterprise Identity Success - My Take

Webcast

Loren Russon: Good Enough is Never Enough When Protecting Your Business Resources & Customer’s Data

Technology is evolving quickly and keeping pace requires deep knowledge and experience. Enterprises are also evolving quickly and demand advanced but simple identity solutions to successfully fast track digital transformation, cloud adoption and Zero Trust initiatives. By utilizing “Best of Breed” solutions, organizations can take advantage of the key benefits that only a multi-vendor solution can offer. Join this session to learn about the core principle of best of breed solutions and hear about some examples of what organizations have done to build the right foundation for...

Webcast

KuppingerCole Analyst Chat: Business Resilience Management

Warwick Ashford and Matthias Reinwarth discuss the prerequisites and challenges of making a business able to adapt quickly to risks and disruptions.

 

Leadership Brief

Status and Advantages of Small Data Machine Learning Paradigms

Consider the relationship between Machine Learning (ML) and data consumption – is more always better? This Leadership Brief discusses the possible benefits of Small Data for ML, some technological approaches to get there, why you should still be cautious of Small Data, and recommendations on applying this practically.

Webinar

Oct 27, 2020: Reduce Dependency on Active Directory With Cloud Identity

When it comes to identity management many companies depend heavily on Microsoft Active Directory (AD). This high degree of dependency on one service can become a problem when this service faces an outage. Also, respective of the requirements companies have, all services have certain limitations which are sometimes necessary to overcome. Many cyberattacks are perpetrated via staff endpoint devices (computers, smartphones or even printers). This necessitates a fine-mesh risk management approach with a centralized solution, called Identity Fabric at KuppingerCole.

Webcast

IAM Essentials: Virtual Directory Services

Webcast

Remote Workforce: How to Protect Yourself From Emerging Threats?

The outbreak of the COVID-19 pandemic has served as a catalyst for digitization in many companies and led to an increase in remote work and adoption of the bring your own device (BYOD) policy. Every device and digital service that employees use is a potential gateway into company networks and thus poses a security risk. The risks are magnified even more when privileged accounts enter the equation because they enable access to critical data. Given the immediacy and speed with which companies had to shift from office to remote work, security concerns were often neglected leading to an...

Webinar

Dec 01, 2020: Zero Trust for the Workforce

While the concept of zero-trust networking is nearly a decade old, the last few years have seen its popularity in industry discussions grow exponentially.

Webcast

Designing and Establishing a Mature PAM Ecosystem for Reducing Risk in Your Organisation

What makes a PAM strategy different from enterprise password management or Identity Access Management? What are the first actions you should take to protect your privileged accounts in the shortest amount of time? And, how has the definition of “PAM Basics” changed as the industry and cyber risks have evolved? This webinar is a must for teams launching PAM initiatives to ensure they start on the right foot. As you progress on your PAM journey, there’s always something new to learn. If you’ve already begun your PAM rollout, this event is a great chance to...

Webinar

Oct 14, 2020: Policy-Based Access Control – Consistent Across the Enterprise

The evolution of cybersecurity protection demands a more nuanced response to providing access to a company’s sensitive resources. Policy-based access control (PBAC) combines identity attributes and context variables to enable sophisticated granting of access to corporate systems and protected resources based on centrally managed policies that ensure consistent access control decisions across the enterprise. Advancement in both business requirements and technology (such as growing use of micro-services), require a better way to control access. In a way that is consistent across all silos,...

Blog

10 Use Cases for Universal Privilege Management

Even before COVID-19 entered our lexicon, privileged access management (PAM) was widely recognized as a foundational cybersecurity technology. In recent years, almost every cyberattack has involved compromised or misused privileges/privileged credentials. Most malware needs privileges to execute and install payload. Once a threat actor has infiltrated an IT network, privileges are typically needed to access resources or compromise additional identities. With privileged credentials and access obtained, a threat actor or piece of malware essentially becomes a malicious “insider”....

Executive View

IdentityIQ – SailPoint

IdentityIQ continues to provide organizations with a comprehensive solution to their identity management requirements. With the recent advances in predictive identity management, the tool reduces manual intervention and improves accuracy of user entitlements. The latest release adds cloud access management capability allowing entitlements in DevOps environments to be monitored and managed.

Webcast

KuppingerCole Analyst Chat: Privacy and Consent Management

Anne Bailey and Matthias Reinwarth discuss the findings of the recently published Leadership Compass on Privacy and Consent Management.

Executive View

SecZetta Third-Party Identity Risk Solution

Managing third party identities has become an important issue for companies when they open their infrastructures to non-employees from partners and vendors. The influx of third-party identities puts an extra strain on existing IAM tools but management solutions that provide added functionality for non-employee identities are now available. SecZetta has streamlined existing solutions to create its new Third Party Identity Risk Solution. 

Executive View

CyberArk

Privileged Access Management (PAM) has evolved into a set of technologies that address some of today's most critical areas of cybersecurity in the context of digital transformation and industrial change. The CyberArk Core Privileged Access Security solution is designed to secure and protect privileged accounts and credentials within cloud and hybrid infrastructures. It is part of a suite of solutions and technologies from one of the leading providers of PAM.

Executive View

Micro Focus Identity Governance

Identity Governance is a mature Identity Governance and Administration (IGA) solution that is undergoing extensive development to meet the identity services requirements of the modern enterprise. As business systems become increasingly demanding of identity management environments, Micro Focus continues to extend its Identity Governance product, improving the user interface, automating provisioning and governance processes, removing dependence on manual intervention and facilitating regulatory compliance. Micro Focus Identity Governance should be considered by organizations seeking to...

Buyer's Compass

Privileged Access Management

Privileged Access Management (PAM) is one of the most important areas of risk management and security in any organization. Privileged accounts have traditionally been given to administrators to access critical data and applications. But, changing business practices, agile software development and digital transformation has meant that users of privileged accounts have become more numerous and widespread. To reduce the risk of privileged accounts being hijacked or fraudulently used, and to uphold stringent regulatory compliance within an organization, a strong PAM solution is essential.

Executive View

ManageEngine Log360

Log360 from ManageEngine is a tightly integrated suite of log management and network security analytics tools. Complementing SIEM capabilities with EDR, DLP, and even SOAR functionality, it offers a convenient and affordable one-stop solution for security analytics and threat remediation across on-prem and cloud.

Executive View

Radware Kubernetes WAF

Containerized microservices are gaining momentum in IT organizations today, requiring tools such as Kubernetes for automating the orchestration and management of those containers. The Radware Kubernetes WAF meets the unique requirements of the Kubernetes environment to protect its containerized applications and data.

Webcast

The 3 Steps to Secure IAM Modernization

When organizations modernize their Identity and Access Management (IAM), they have three fundamental requirements: an understanding of current capabilities, a migration strategy to transform the IAM infrastructure and finally, the staff with the expertise to execute the plan. The challenges on the way from legacy IAM to a modern IAM infrastructure are manifold and should be considered beforehand.

Virtual Event

Nov 09, 2020: KCLive Tools Choice: Endpoint Protection, Detection, and Response

In a Zero Trust world, where the perimeter is no longer the primary line of defense, the security of every single endpoint in a network is becoming increasingly important. While traditional Endpoint Protection has been efficient to fight attacks with common malware through detecting its “fingerprints” like hashes or other recurring code structures, Endpoint Detection & Response solutions go beyond prevention by detecting suspicious activities and patterns as they occur, so that cyber threats can be mitigated in real-time.

Leadership Brief

The Role of AI in Modern Business Intelligence Platforms

Business intelligence (BI) platforms have become essential for enterprises with an exponential increase in data generation and usage. The next generation of BI platforms will expand on the volume of data analysis and the degree of control a business user has over the process. This Leadership Brief presents the several roles that artificial intelligence plays in BI, and what your organization can do to take full advantage of it.

Leadership Compass

Privacy and Consent Management

This report provides an overview of the market for Privacy and Consent Management platforms and provides you with a compass to help you to find the solution that best meets your needs. We examine the market segment, vendor service functionality, relative market share, and innovative approaches to providing solutions that enable you to collect and manage consent in a compliant and privacy-centric manner.

Webcast

KuppingerCole Analyst Chat: Ephemeral Credentials

Alexei Balaganski and Matthias Reinwarth discuss the concept of ephemeral credentials and its benefits for privilege management, DevOps and beyond.

Webinar

Oct 08, 2020: How to Hunt Threats Effectively With Network Detection & Response Solutions

The number of cyber-attacks globally continue to rise. Attacks are growing increasingly sophisticated. The tactics, techniques and procedures that were once only used by well-funded state actors are being commoditized by cybercriminals. State actors sometimes employ tools that were formerly mostly used by cybercriminals. The threat landscape evolves continuously.

Webcast

Theresa Laager: How to Wreak Your PAM Project

A PAM Project needs to be handled like a relationship, if you neglect it and don’t treat it well, it will fail.

Let me introduce you to some failsafe methods for ruining your PAM project

Webcast

Paul Fisher: In the Future PAM will Become Embedded in the IT Stack

Paul Fisher will expand on his analysis of how Privileged Access Management platforms will develop support for DevOps and other key users. This will mean that certain PAM functions will be embedded within the technology stack, opening up password free and secure access paths and enable rapid task fulfilment.

Webcast

John Ovali: Privileged Access Management – Motivation and Benefits

Why PAM is a must and how you can benefit from it: Many corporations need to comply with regulations which result in extended logging and monitoring of privileged activities. The Presentation shows how to start a successful PAM implementation and how to benefit from it.

Webcast

David Wishart: How to Solve the Top 5 Access Management Challenges in Hybrid Cloud Environments

SSH.COM polled 625 IT and application development professionals across the United States, United Kingdom, France, and Germany to find out more about their working practices. We found that cloud and hybrid access solutions, including privileged access management software, slow down daily work for IT and application development professionals. These hurdles encourage users to take risky shortcuts and workarounds that put corporate IT data at risk.  Join SSH.COM’s David Wishart, VP Global Partnerships, to learn: Why the user experience of the...

Webcast

Interview with Dave Wishart

Webcast

Kari Nousiainen: Planning and Deploying Identity Federation based PAM Using Certificates

 Metso Outotec have recently deployed PrivX from SSH.COM as a Privileged Access Management system to provide audited secure access to server administrators and developers. They have integrated the PrivX PAM solution into their existing workforce identity management solution to provide secure audited access using Just-In-Time certificate-based access rather than passwords.

Webcast

Jens Bertel Nykjær: Implementing PAM, How Did We Get Support and Buy-In From the Organisation?

Webcast

Pooja Agrawalla: Are You Doing Privileged Access Management Right?

Webcast

Joseph Carson: Privileged Access Cloud Security: Insider Tips and Best Practices

As the adoption of cloud applications and services accelerates, organizations across the globe must understand and manage the challenges posed by privileged access from remote employees, third parties, and contractors. With 77% of cloud breaches due to compromised credentials, making sure your users get easy and secure access to the cloud should be a top priority. Join Thycotic chief security scientist and author Joseph Carson as he explains a practical approach to help you define and implement privileged access cloud security best practices. He will also share how Thycotic’s...

Webcast

Vibhuti Sinha: Cloud PAM on the Rise: The Future is Now

The new normal demands organizations to enable remote workplace in a rapid and secure way.  The new normal requires privileged asset owners to make intelligent, informed and right decisions even with a fragmented view of risk.  The new normal requires governance to be integrated and inherent with privileged access workflows and not an after-thought.  This session would give insights and best practices to create the least privileged model, minimizing the risks associated with standing privileges and prepare enterprises to rapidly transform...

Webcast

Rohit Nambiar: Cloud PAM: Challenges, Considerations And Approach

As Enterprises transitions to IaaS, Cloud Security and specifically IAM strategy and execution becomes crucial. IAM controls for IaaS/Public Cloud need to identify, secure and monitor Privilege Assets at the same time deal with the inherent elasticity, scalability and agility of the Public Cloud . As such a Privileged Access Management Program for Cloud i.e Cloud PAM is required to meet the increasingly stringent compliance and audit regulations and keep enterprises secure.

Webcast

Panel - Addressing Enterprise Security Challenges with PAM

Webcast

KuppingerCole Analyst Chat: NIST’s Zero Trust Architecture

John Tolbert and Matthias Reinwarth look at SP 800-207, the NIST special publication on Zero Trust architecture and discuss how it aligns with KuppingerCole's own vision of this topic (spoiler: it does align very well!)

Webcast

Alexander Koerner: Success Factors PAM Projects

Often I saw in the planning of PAM Projects that the Manager „only“ plan the implementation of the tool. It was a quite good installation but the project was not successful. Here some points I learned to have the customer happy and bring the Project to success:

 

  • Right Projectplanning with the right scope
  • The Right Strategy
  • Hand Over to run phase
  • Documentation
  • Interfaces to other Systems
  • Lessions Learned

Leadership Compass

Access Governance & Intelligence

The Access Governance (AG) market is continuing to evolve through more intelligent features. This Leadership Compass will give an overview and insights into the AG market, providing you a compass to help you find the products that can meet the criteria necessary for successful AG deployments.

Webinar

Oct 28, 2020: Using Deception for Early and Efficient Threat Detection

Most organizations are benefiting from the scalability, flexibility, and convenience of modern cloud services and new, highly distributed hybrid corporate networks. Unfortunately, many have also learned the hard way that defense of these systems and the assets they contain continue to remain prone to and the victim of cyberattacks and other security risks.

Leadership Brief

Recommendations for aligning ITSM with IAM/IGA

The versatility of modern IT Service Management systems (ITSM) is leading many organizations to configure these systems to deal with all employee service requests, including those related to IAM/IGA. But this is a risky strategy from a maintenance and compliance point of view. This Leadership Brief outlines the key reasons for aligning ITSM with IAM/IGA systems, and how this is best achieved.

Blog

AI-Powered Data for All – Informatica's Acquisition of GreenBay Technologies

Informatica has just announced that they have made another acquisition this summer: GreenBay Technologies, a startup focused on AI and machine learning. Read about their July 2020 acquisition here. GreenBay Technologies brings CloudMatcher to Informatica’s Intelligent Data Platform (IDP). CloudMatcher uses machine learning to automate entity matching and schema matching tasks with high accuracy. This impacts several key data management capabilities such as master data management, data cataloging, data quality, governance, and data integration. This acquisition adds to the core...

Leadership Brief

The Information Protection Life Cycle and Framework: Deceive

The modern economy is driven by information. Digital Transformation is made possible by information. But most forms of information must be protected to create and maintain value. The Information Protection Life Cycle and Framework provides concepts to organize the discovery, protection, and disposition of information objects. This article is the seventh in the series introducing the Information Protection Life Cycle and Framework.

Executive View

One Identity Active Roles

One Identity Active Roles is a powerful tool for integrated management of both on-premises Microsoft Active Directory and Microsoft Azure Active Directory. It comes with strong support for managing Exchange Servers and Office 365, but also Identity Lifecycle Management that supports a range of non-Windows and SaaS applications.

Executive View

Password Safe von MATESO

Password Safe von MATESO ist eine Lösung für das zentrale, unternehmensweite Management von Kennwörtern und anderen „Secrets“ und die Überwachung und Kontrolle von deren Nutzung. Das Produkt unterstützt alle wesentlichen Funktionen in diesem Bereich wie die automatische Rotation von Kennwörtern und die Übergabe von Kennwörtern im Hintergrund an Anwendungen, ohne dass Nutzer Kennwörter im Klartext sehen. Password Safe von MATESO ist eine ausgereifte Lösung für den unternehmensweiten Einsatz.

Blog

A Look at NIST’s Zero Trust Architecture

NIST, the US National Institute for Standards and Technology, recently released SP 800-207 Zero Trust Architecture. The NIST special publication examines the principles of and motivations for ZTA, as well as implementation considerations, security concerns, and suggestions for improvements to architecture. NIST SPs are authored primarily for consumption by other US government agencies. In practice, however, their documents often become de facto standards and guidelines used more broadly in industry. In this post I’ll review the strengths of the SP and identify areas for improvement....

Webcast

KuppingerCole Analyst Chat: Is Quantum Computing an Imminent Security Threat?

Alexei Balaganski and Matthias Reinwarth try to make sense of the current state of quantum computing and talk about the risks it poses for information security.

Blog

The Battle of PAM Clients: 5 Benefits of Thin Clients

Privileged Access Management (PAM) software comes in many forms. Some are heavy with software components (the thick client model) while others are leaner (the thin client model). Since we at SSH.COM are firm believers in the thin client model, I wanted to present five solid reasons why this is the case. 1. No constant cycle of installing, patching and configuring agents Thick clients require that you have to install agents on the client - and usually on the server as well. Moreover, you need to ensure that those agents are always up-to-date, patched and compatible with the operating...

Webcast

KuppingerCole Analyst Chat: The Pros and Cons of Agentless Security

John Tolbert and Matthias Reinwarth discuss benefits and limitations of agentless security solutions.

Buyer's Compass

Buyer’s Compass: Core Features of Privacy and Consent Management Solutions

Building a trust-filled and transparent relationship with end-users depends now more than ever on Privacy and Consent Management solutions. These services accomplish many tasks such as helping organizations collect and manage consent signals provided by end-users, managing cookies and trackers, and providing measurement of an organization’s journey towards privacy compliance. To ensure that the privacy policies and consent choices of your end-users are enforced across the digital advertising ecosystem, a strong Privacy and Consent Management solution is essential.

Executive View

SailPoint Predictive Identity

SailPoint Predictive Identity est une plate-forme SaaS qui ajoute à l’IGA des capacités reposant sur l'IA . Cela concerne notamment l'analyse des risques d'accès, l'examen des droits d'accès avec des recommandations de validation ou de révocation et l'optimisation automatisée des modèles d'accès. Cette solution améliore de manière significative l'expérience utilisateur de l'IGA par rapport aux approches traditionnelles, tout en fournissant également une « IA explicable », qui indique...

Webinar

Nov 04, 2020: Operationalizing Least Privilege

Striking the balance between enabling users and administrators to be productive whilst protecting your sensitive systems and data is becoming ever more challenging. Attackers are often one step ahead of organizations, and even those with the most comprehensive security systems and controls in place find that an attacker will discover and exploit their Achilles’ heel.

Executive View

SailPoint Predictive Identity

SailPoint Predictive Identity ist eine SaaS-Plattform, die IGA um KI-basierte Funktionen erweitert. Dazu gehören unter anderem die Analyse von Zugriffsrisiken, Empfehlungen für die Genehmigung oder den Widerruf von Berechtigungen während der Berechtigungsprüfung und die automatische Optimierung von Zugriffsberechtigungsmodellen. Die Lösung bietet im Vergleich zu traditionellen IGA-Ansätzen erhebliche Verbesserungen der Benutzererfahrung mit IGA und liefert gleichzeitig eine „erklärbare KI“, die darüber informiert, warum bestimmte...

Webinar

Oct 07, 2020: Techniques for Securing Transactions With Identity Verification and Verifiable Claims

Consumer and Workforce identities are under assault. Cybercrime and fraud are pervasive problems that have only escalated during the pandemic. Even as the number of online and mobile transactions increases, businesses, government agencies, and other organizations are actively searching for solutions to help them minimize fraud and other kinds of cybercrime.

Webcast

IAM Essentials: What are Directory Services?

Blog

GCP Trust, Security and Compliance

In their race towards digital transformation, organizations are using cloud services to accelerate the development of new apps and improve efficiency. They allow new applications to be rapidly developed, existing applications to be modernized and deployed without additional capital spend. This provides important business benefits but also increases the challenges for the cloud customer to ensure cyber-security and regulatory compliance. It is in this light that the recent announcements from GCP (Google Cloud Platform) need to be understood. Trust but Verify Initially, cloud service...

Virtual Event

Oct 01, 2020: IGA Solutions for ServiceNow Infrastructures

This event will focus on IT Service Management (ITSM) to Identity Governance and Administration (IGA) integration and specifically on the integration of IGA solutions with the ServiceNow platform.

Executive View

Cygna Auditor Platform

The Cygna Auditor Platform is a unified environment for collecting events from Active Directory, Azure AD, Windows Servers, Microsoft 365, and some other platforms, and providing analytics and alerting on these events. It incorporates the former BeyondTrust Auditor Suite. The Cygna Auditor Platform is a solution targeted on administrators of Microsoft Windows-centric environments, but also supports management of hybrid infrastructures.

Webcast

KuppingerCole Analyst Chat: An Enterprise Risk Management Primer

Christopher Schütze and Matthias Reinwarth discuss Enterprise Risk Management. What is it all about? What large and small companies should be focusing on? What role do IT and cybersecurity play here?

Webinar

Sep 23, 2020: Seamless Connectivity: Why You Need It and How to Get It Right

Businesses are increasingly embracing new technologies to enhance existing processes and enable new business models and revenue streams through Digital Transformation. Service-based business IT, however, is not without challenges, particularly around access governance and control. Digital Transformation is all about enabling everyone and everything to connect seamlessly to new digital services, to facilitate value exchange while still ensuring regulatory compliance, faster product innovation, secure remote working capabilities, and multi-channel consumer access despite ever-tightening budgets.

Webcast

Markus Sabadello: U.S. Permanent Resident Cards with SSI

The U.S. Department of Homeland Security (DHS) has supported Self-Sovereign Identity technologies such as Decentralized Identifiers (DIDs) and Verifiable Credentials for several years. Now, a number of companies have been selected to work with DHS on implementing digital versions of identity documents such as the Permanent Resident Card (Green Card). In this use case, the issuer of Verifiable Credentials is USCIS (United States Citizenship and Immigration Services), and the verifier is TSA (Transportation Security Administration). The overall objective is to make use of SSI...

Webcast

Adrian Doerk: Bringing Self-Sovereign Identity Into Practice: Lessons Learned from Lissi and the SSI for Germany Consortia

In the future, you will not only decide where your data is stored, but also with whom you want to share your data. If you share data, everything will be logged for you and you will always have an overview of who has received data from you. This is what transparency looks like and this is what SSI promises you. But, what are the challenges when trying to implement SSI paradigms in the real world, and where do we may have to change the overall reception on digital identities? Get first-hand insights from our experience on a project to initiate...

Webcast

Peter Busch: Digital Trust and Digital Sovereignty in Mobility

Based on the foundational works for Distributed Ledger Technologies and strategies to use them for specific concrete mobility use cases, the next level of approaching the digital identity and security challenge of the Internet of Things will be shown in actual projects together with partners from the industry.

Webcast

Prof. Dr. David Chadwick: COVID-19 Certificates for Everyone

Working with the NHS, we are connecting our verifiable credentials infrastructure to its COVID-19 tests database so that we will be able to issue COVID-19 verifiable credentials to people in real time. Our unique design provides selective disclosure and conformance to GDPR for both the issuer (the NHS) and the verifier (e.g. a restaurant or a care home), without the need for a blockchain, revocation infrastructure or zero knowledge proofs. We will describe the architecture of our system, provide screen shots of the mobile phone interfaces, and describe the user trials we are shortly to...

Webcast

Will Abramson: Solving Problems with SSI

An overview of a number of problem-driven use cases for SSI technology, focusing on a number of different domains; healthcare, distributed machine learning and education. A recap of research undertaken at the Blockpass Identity Lab over the last year.

Webcast

Anne Bailey: Reimagining Identity: a Buyer’s Guide to Decentralized Identity

Blockchain is a reaction to real security and privacy concerns.  Whether or not you choose to adopt any blockchain solution, these concerns do exist and should be addressed in the way you manage enterprise Identity and Access Management. This session is for those who want to know what components to consider when implementing a blockchain ID system, and for those who wouldn’t touch blockchain with a 10-foot stick but still value the insights that come from a different identity paradigm. Modeled from KuppingerCole’s Blockchain ID Buyer’s Compass, this...

Webcast

Panel - The Challenges Of Deploying SSI at Scale

In this panel we will discuss the challenges of deploying Self-Sovereign Identity at scale, both technical and regulatory.

Webcast

KuppingerCole Analyst Chat: COVID Response and Decentralized Identity Solutions/Verifiable Credentials

Anne Bailey and Matthias Reinwarth discuss how decentralized identities and verifiable credentials help respond to the pandemic by powering contact tracing applications, immunity passports and other important use cases.

Webcast

Marco Cuomo, Daniel Fritz: Blockchain-anchored Identities and Credentials Enabling Digital Transformation in the Pharma

With a SSI guarantee of privacy, patients will soon leverage a multitude of healthcare services that build on Decentralized Identity and Verifiable Credentials.  Marco and Dan are leading the “PharmaLedger” consortium in the evaluation and prioritization of these use cases and can provide insights into the thinking and possibilities that the future holds.

Webcast

Dr. Manreet Nijjar: A Digital Staff Passport for Doctors

In this talk, you will learn how a doctor’s digital passport can improve patient safety, reduce the burden on clinical staff & lower operational inefficiencies and risks in the NHS.

Webcast

TJ Behe: Beyond Blockchain: Creating Value from Compliant Self-Sovereign Identity

Enterprise wants to focus on the value identity can bring beyond verified access. Whilst reducing identity management compliance risk and storage costs, more organizations are giving customers their identity ownership back. They are using intelligent agents, real-time data updates and new conferred trust verification methods to leverage (consented-for) identity data insights for cross-sell and up-sell - and to better service customers, employees and partners. Distributed graph technology is enabling this. It guarantees privacy, anonymity and security – ensuring no...

Webcast

Interview with Dr. Andre Kudra

Webcast

Joy Chik: Making Digital Privacy Real

Digital privacy is a central concern for pretty much everyone. But what does ‘privacy’ really mean? How do you get it and what does it cost you? The identity community has been hard at work on a new identity model that gives people a path to take control of their online identities and personal information, making privacy convenient for individuals and practical for the organizations they interact with. In this keynote, Joy Chik will share why this identity model is necessary, how it’s becoming real, and what steps will catalyze adoption.

Webcast

Panel - Where Do We Stand on Self-Sovereign Identity? Business Value and Opportunities Under SSI Framework

Executive View

BioCatch

BioCatch is an innovative Fraud Reduction Intelligence Platform (FRIP). Their three-part solution in this space consists of Policy Manager, Case Manager, and Analyst Station, which are used by fraud analysts and operations teams to determine appropriate actions in response to indicators. BioCatch utilizes industry-leading passive biometrics for not only user behavioral analysis but also cognitive analysis to help their customers make better and more informed risk decisions by looking for signs of criminal activity in online sessions. With deep expertise in the financial industry, BioCatch...

Webcast

Four Key Components Critical to the Future of Privileged Access Management

Privileged Access Management (PAM) has assumed a critical role in protecting the most valuable data and services within organizations from theft, loss, and unauthorized access. But as companies and other organizations have become more complex and embrace digital transformation, PAM is also taking on a core operational function to achieve better insight into data usage and contribute to agile working processes.

Webinar

Sep 28, 2020: The Role of Data-Centric Security in the Cloud

As modern businesses across all verticals continue their rapid digitalization, the need to store, process and exchange data securely is becoming an essential factor for any company. However, this is particularly challenging for high-tech companies dealing with highly-sensitive R&D data.

Blog

What Some Vendors Missed in MITRE ATT&CK Round Two and How to Fix the Gaps

MITRE recently published the detailed results of their second round of tests. This test pitted APT29 malware and methods against 21 cybersecurity vendors. The MITRE testing is an excellent benchmark for comprehensively exercising Endpoint Protection (EPP) and Endpoint Detection & Response (EDR) tools in real-world scenarios where organizations find themselves under attack by Advanced Persistent Threats (APTs). MITRE describes the environments, methodology, and operation flow of their testing regime in great detail here. The raw results are available for review, and they have created a...

Leadership Brief

Incident Response Management

The probability of becoming a victim of a data breach is now higher than ever. The hyperconnected world and the ever-increasing complexity of modern IT systems and processes pose new challenges for IT staff.  All organizations must invest in an Incident Response Management plan. Preparation is essential and ensuring that everyone knows what to do can significantly reduce the impact of a cybersecurity incident.

Executive View

Adobe: Experience Cloud

When optimizing customer centricity and customer journeys across all touchpoints, automation is key. Various aspects have to be considered in order to create an individual and fit-for-purpose customer experience. Adobe’s Experience Cloud consists of various applications and services that cover many marketing-related areas, such as advertising, touchpoint management, personalization, data management, and analytics.

Webcast

KuppingerCole Analyst Chat: Questions to Ask Your Cloud Provider About Security

Alexei Balaganski and Matthias Reinwarth discuss the security challenges for enterprises moving to the cloud and explain why security in the cloud is still your responsibility.

Webinar

Sep 24, 2020: Application Access Governance for SAP Environments and Beyond

For many enterprises, SAP systems are an essential part of their corporate IT infrastructure, storing critical business information and employee data. SAP systems have traditionally been a major focus area for auditors. It is therefore essential that all existing SAP systems are covered by an effective solution for managing risks, including managing access controls and SoD controls, and implementing adequate Access Governance.

Webcast

KuppingerCole Analyst Chat: An Overview of Enterprise Information Protection

Anne Bailey and Matthias Reinwarth talk about the technologies that enable employees working remotely or from home access sensible corporate information from personal devices without compromises between productivity and security.

Webinar

Jan 14, 2021: Effective Endpoint Security With Automatic Detection and Response Solutions

The realization that cyber-attacks are inevitable has led the cybersecurity industry to shift some of its focus to detection and response rather than prevention in recent years. Therefore, the market for solutions designed to detect attacks on endpoints and respond accordingly has grown significantly. These Endpoint Detection & Response (EDR) solutions look for evidence and effects of malware that may have slipped past Endpoint Protection (EPP) products. EDR tools also perform evaluation of threat intelligence, event correlation, and often allow interactive querying, live memory analysis,...

Leadership Brief

The Information Protection Life Cycle and Framework: Dispose

The modern economy is driven by information. Digital Transformation is made possible by information. But most forms of information must be protected to create and maintain value. The Information Protection Life Cycle and Framework provides concepts to organize the discovery, protection, and disposition of information objects. This article is the final in the series introducing the Information Protection Life Cycle and Framework.

Market Compass

Endpoint Protection, Detection, and Response

The KuppingerCole Market Compass provides an overview of the products offerings in Endpoint Protection, Detection and Response.  The Endpoint Security space continues to see much innovation and some consolidation. The formerly separate products Endpoint Protection (EPP) and Endpoint Detection & Response (EDR) are increasingly coming together in the marketplace.

Webinar

Sep 08, 2020: Identity for All – Not for the Few

While digitalization is a major challenge for all kinds of enterprises, it is particularly hard for medium sized enterprises. For many years, medium sized enterprises have struggled to deploy Identity Management as well as Identity Governance (IGA) solutions and show true business value and a return on investment. This is largely due to the complexity of implementation and the level of configuration and customization to fulfill the requirements. As a result, many companies have deployed Access Management solutions like single sign-on only to find that while great for user convenience, they...

Webcast

We Need to Talk About Passwords – Urgently!

Passwords have been used for authentication for decades and continue to proliferate. Yet we know they create friction for users, slow down business productivity, and are a weak form of user authentication. Users are always forgetting them or use weak passwords that are easily cracked by hackers. Many organizations would love to lessen reliance on passwords but many passwordless solutions only provide a partial solution and do not solve the inherent weakness of passwords. Modern enterprises cannot cover the myriad of access use cases today with a passwordless solution alone.

Press Release

KuppingerCole Unveils Security Fabric Concept for Modernizing Cybersecurity Architecture

KuppingerCole has developed a paradigm for defining the building blocks of a comprehensive and future-proof cybersecurity architecture based on the concept of a “Security Fabric” to help firms modernize their approach to security and reduce the complexity of their security tools portfolio.

Webcast

KuppingerCole Analyst Chat: ITSM and IGA - How to Integrate Two Key Infrastructures Right

Matthias Reinwarth and Martin Kuppinger discuss the challenges of integrating IT service management with identity governance within an enterprise.

Webcast

Remote Work and IAM – A Unique Opportunity for Security Leaders

Nowadays, Identity and Access Management (IAM) is undeniably the first line of defense for organizations worldwide. It enables employees to securely access applications while enhancing control and transparency. But IAM is also on the change. It is already more than just the traditional employee IAM. Digital business requires advanced identity services, well beyond the human identities. The segregation between various dimensions of IAM is blurring. IAM today treads the line between providing security and acting as a business enabler. It has left behind the notion of being "just IT" and...

Webcast

KuppingerCole Analyst Chat: Vendor Consolidation in Cybersecurity

Matthias Reinwarth and Jonh Tolbert discuss the ongoing consolidation of the cybersecurity market and talk about its reasons and potential consequences.

Executive View

Clear Skye IGA: IGA on the ServiceNow NOW platform

Clear Skye IGA differs from common IGA implementations by running on the ServiceNow NOW platform and providing full integration into ServiceNow capabilities. It thus bridges the gap between ITSM and IGA allowing for fast and efficient implementation of IGA capabilities for organizations already using ServiceNow.

Blog

Decentralized Identity Could Become a Reality, but Blockchain May Not Be a Part of It

Decentralized Identity is a concept that may not be mainstream yet, but it is a term that embodies the sentiment that many individuals feel regarding the control they wish they had over their personal data. The public has become increasingly more vocal about the misuse of their data, and global regulation has responded to this outcry with the GDPR, CCPA, ePrivacy Directive, and more. While this grants some control over some aspects of user data, there is an assumption that underpins these privacy regulations: that personal data can be held and used by an entity other than the owner....

Webcast

Security Fabric: Building a Secure Future With a Flexible IT Architecture

IT security is of central importance to companies. There are many requirements that must be met so that users with different roles and rights can use the various computers and networks securely and efficiently.

Blog

IBM Cloud for Financial Services

On July 22nd, 2020 IBM announced their IBM Cloud for Financial Services – what is this, why have IBM taken this step, and what does this announcement mean? Financial Services Compliance Challenges One recurring challenge for all organizations is complying with the ever-increasing number of laws and regulations. When IT services are delivered on-premises organizations often believe that this ensures the oversight, control and visibility needed to ensure and prove compliance. This is not the case with cloud-delivered services where there is a shared responsibility model and less...

Webinar

Sep 01, 2020: Designing and Establishing a Mature PAM Ecosystem for Reducing Risk in Your Organisation

What makes a PAM strategy different from enterprise password management or Identity Access Management? What are the first actions you should take to protect your privileged accounts in the shortest amount of time? And, how has the definition of “PAM Basics” changed as the industry and cyber risks have evolved?

Webinar

Nov 19, 2020: Privacy Compliance That Empowers Instead of Hinders

Protecting user privacy has become much more complicated as of late. Organizations must optimize consent rates while ensuring compliance with ever-changing global regulations and frameworks. They must look critically at their own processes to identify gaps or failures to meet privacy regulations. And organizations must find ways to effectively manage consumer requests, meticulously document processing activities and data transfers, and stay on top of a rapidly evolving regulatory landscape. Challenging, yes. But absolutely necessary.

Blog

Oracle Delivers on Earlier Cloud Promises

Back in February (oh, how time flies! Just to think that it was right before the beginning of the COVID-19 pandemic…) I wrote a blog post looking at Oracle’s ambitious plans for developing its cloud strategy and expanding its worldwide infrastructure footprint. The post was titled “Will 2020 Be the Year of Oracle Cloud?” and just five months later the company has already demonstrated that it does not just finally have a promising vision for Oracle Cloud, but also a strong commitment to...

Webinar

Oct 13, 2020: 2020 Is the Year of the Identity Management Revolution

2020 has been the year of dispersed workforces and working environments. The impact on existing infrastructure, strategies and legacy technology has been unprecedented. As a result, we embarked on a revolution for Identity & Access Management and a mind-set change for organizations big and small, global or local. Never before has IAM been more present and upfront. In this new world, trusted identities need to be the starting point for all organizational strategies and driving organizational change.

Webinar

Sep 29, 2020: The Evolution of Encryption: Getting Ready for the Quantum Watershed

The relentless move towards the digital transformation seems unstoppable. Organizations must secure their trust and reputation in the face of increasing attacks, advances in technology, increased regulation and compliance, and the continued shift to the cloud and cloud services. Unfortunately, not a single week goes by without another large-scale data breach or leak reported by the media – it seems that a company of any size or industry can fall victim to insufficient or ineffective data protection controls.

Webcast

KC Virtual Awards

Webcast

Richard Meeus: Balancing Customer Experience and Security with CIAM

The pandemic has accelerated consumer adoption of digital channels, like online shopping, home delivery, and telehealth with  30% [of consumers planning] to shop more online in the future . As the world adjusts to a new normal, brands must create the high quality, scalable online experiences consumer demand. In this 20-minute keynote session, Akamai Senior Technology and Strategy Director Richard Meeus and Senior Director of Product Management Drew Ward will expand on consumer trends catalyzing digital transformation and dive into: Customer identity and access management...

Webcast

Dinçer Sidar: Unlocking the Potential of CX: IAM Practices for Corporate Clients

Banking products have become commodities; the only way to stand out from competition is to offer differentiating customer experience. Both retail and corporate clients expect personal, easy, and smart solutions from their banks. Identity & Access Management plays an essential role in this equation – offering high level of security without compromising on customer experience is the main challenge.

In this keynote session, Dinçer Sidar will talk about the changing customer expectations and deep dive into IAM practices and learnings for corporate banking clients.

Webcast

Katryna Dow: The Future Proof CIAM Bridge

Over the past few years, we have seen significant innovation in CIAM solutions, particularly when it comes to privacy and consent. In parallel, the distributed world of Self Sovereign Identity and Verified Credentials are gaining traction and adoption.

What if there was a way to have both? This session will focus on the work Meeco has been doing to bridge the existing world and the emerging world via OpenID Connect. It will include practical use cases that support multi-stakeholder eco-systems and enable customer experiences that build trust and manage compliance.

Webcast

Interview: Implications of Recent Court Ruling on EU-US Data Protection Umbrella Agreement

Hours ago the EU Court ruled that the Privacy Shield called EU-US Data Protection Agreement is invalid, while it considers Standard Contractual Causes to be valid. Also, intersting in this context is the US Cloud Act. This may be of some impact to existing and future transcontinental relationships and the usage of US-based services within the EU. In this interview, Annie Bailey and Mike Small will discuss these new developments and implications.

Webcast

KuppingerCole Analyst Chat: Data Management and Data Lineage - The Foundation for Big Data Governance and Security

Matthias Reinwarth and Martin Kuppinger talk about governance and security of data across a variety of sources and formats and the need for maintaining data lineage across its complete life cycle.

Webcast

George Fletcher: Vectors of Identity: A Model for Better User Experience

In many identity flows today, the user experience is the same regardless of the operation the user is trying to perform. This often means that from the user's perspective, they have a binary experience; either they are already logged and are NOT challenged, or they are not logged in and are challenged. The concepts of this talk go beyond "adaptive authentication" in that "authentication strength" is only one of the vectors being considered. This talk will define a set of identity "vectors" that can be used to provide better user experiences across the full life-cycle of user identity and...

Webcast

Dr. Torsten Lodderstedt: Identity Assurance with OpenID Connect

OpenID Connect has become a leading standard for providing relying parties with identity information. With a growing global adoption, OpenID Connect faces new use cases, like eGovernment, telecommunications, and health applications, where just providing identity information is not enough. Instead, the identity provider (IDP) needs to explicitly attest the verification status of the claims delivered. More precisely, it must distinguish verified from unverified claims and provide information about the verification itself: What data was verified? How was that checked and according to which...

Webcast

Panel: Addressing the Customers' „Pain Points“ - CIAM for Better Security and Compliance

In the digital-first environment, the threat of identity cybercrime is higher than ever. It is imperative for all the players to offer their customers frictionless, personalized and secure experience which can be quite challenging particularly when dealing with a large number of identities. Offering the more refined customer experience, understanding your customer without compromising security and compliance is not an easy feat. In this panel, our speakers will discuss the main critical points that need to be taking into account while enabling seamless customer identity...

Webcast

Panel: Customer Identities are Critical – How Can Businesses Build Trust and a Privacy-Centric CIAM Strategy?

Digital trust is what sets brands apart from their competitors. Taking and storing customer data is a duty of care, and brands cannot afford data breaches or compromises. To gain digital trust, leading brands need an airtight data protection strategy that gives customers control of their personal data without compromising user experiences. The strategies by which companies collect, store, use, and manage consumer profiles are under growing scrutiny from regulators, malicious actors, and the consumers themselves. Join this thought-provoking discussion about the value of customer identities...

Press Release

KuppingerCole Honors BMW’s IAM for Digital Transformation

KuppingerCole Analysts AG has named the Bavarian car manufacturer BMW as the winner in the category of IAM for Digital Transformation in its annual recognition of industry excellence in IAM and security projects.

Webcast

Yvo van Doorn: 3 Things You Need to Know About Your Customers’ Identities

Hear how a global retail giant, who’s online customers number in the hundreds of millions, has used Identity and Access Management to create a better, safer experience for their customers. Often seen as a checkbox item, at the end of the to-do list when it comes to developing, scaling and innovating applications and services, identity management and it’s often complex requirements impact a number of areas - from the overall software architecture, to data compliance, to the data you gather, and want to gather on your customers, to IT security and more. This presentation...

Webcast

Martin Ingram: Customer IAM (CIAM) and Digital Transformation

  • How does Digital Transformation change how we deliver Customer IAM?
  • What have I learned as we have embraced Digital Transformation?
  • How can CIAM help deliver on the promise of Digital transformation?
  • How CIAM will become a business enabler in the future

Webcast

Matthias Reinwarth: Convergence - Integrating CIAM into Enterprise Architectures

Consumer Identity Management (CIAM) ensures privacy, consent management, security, personalization and user experience for external users, especially consumers and customers. Although the drawbacks of building yet another data silo are obvious, many organizations still view CIAM as an isolated system. But this ignores significant potential. Matthias Reinwarth talks about the range of opportunities that can be gained by converging CIAM into an overall IAM concept, but also by integrating CIAM into broader cybersecurity and marketing infrastructures.

Webcast

KuppingerCole Analyst Chat: A Cybersecurity Reference Architecture for Your Security Fabric

Christopher Schuetze and Matthias Reinwarth discuss a security architecture blueprint that implements the concept of Security Fabric.

Blog

The Latest Twitter “Hack” Raises Inconvenient Questions

It looks like the whole world is currently talking (at least, tweeting) about the latest large-scale Twitter hack. High profile accounts of the likes of Barack Obama, Joe Biden, Bill Gates, and Jeff Bezos, as well as companies like Apple or Uber, were suddenly promoting a cryptocurrency scam. At first, they referred to a specific crypto-related website, but as it was quickly taken down, the hackers switched to spreading multiple Bitcoin addresses, asking people to send money to them to get a double amount of their investment back. Even though this type of scam is nothing new and should...

Virtual Event

Sep 15, 2020: Identity Governance & Administration and Next Generation Access

Digital transformation has made it possible for the Organisations to become more effective and more efficient in developing new products and the ways of working, at the same time Organizations now face many challenges to their digital security. The increased connectivity needed to support mobile employees, to integrate business partners into internal processes and to get closer to their customers has increased digital risks. Protecting the digital assets, the systems, and applications in this complex hybrid IT environment requires a well-thought-out understanding of risks and...

Executive View

Auth0 Platform

Auth0 provides a flexible platform that can be used for Consumer Identity and Access Management (CIAM), Business-to-Employee (B2E), and Business-to-Business (B2B) use cases. Auth0’s platform solutions are highly customizable to meet a variety of business requirements with a developer-centric focus.

Webcast

Endpoint Protection Made Easy With Privilege Management

Endpoint detection and response (EDR) solutions monitor endpoint and network events and record the information in a central database. There, the information is subjected to further analysis, detection, investigation, reporting, and alerting. While EDR solutions may be a good start to protect endpoints, they are by no means sufficient. Instead, Endpoint Privilege Management (EPM) solutions must be integrated to protect the systems from within.

Webinar

Sep 14, 2020: The Fast Track to Optimized Operations With IAM-as-a-Service

When IAM projects stall it is usually due to budget or timeline constraints as well as a lack of automation that can be leveraged by operations team to accelerate IAM processes and IAM modernization. Also, IAM operations and administration teams are often too busy with low-value tasks or lack the skills and expertise for rapid planning and implementation of IAM initiatives. In the long run, this puts overall digital initiatives of the company on hold. But the rapidly evolving digital landscape requires IAM teams to be productive and agile.

Leadership Brief

Wie wir Passwörter loswerden – Noch Heute

Die IT-Sicherheits-Community ist sich schon lange einig, dass Passwörter ein Problem sind, weil sie einfach zu entwenden und im Endeffekt anfällig für menschliche Fehler sind. Dieser Leadership Brief befasst sich damit, wie Organisationen ihre allgemeine Sicherheit verbessern können, indem sie sich über die Abhängigkeit von Passwörtern im Klaren werden und sich darauf vorbereiten, auf alternative Authentifizierungsmethoden umzusteigen.

Market Compass

Dynamic Authorization Management

The KuppingerCole Market Compass provides an overview of the product or service offerings in a selected market segment. This Market Compass covers the Dynamic Authorization Management market and provides a comparison of the main product offerings. Dynamic Authorization externalizes access control decisions to a centrally-managed authorization service that evaluates access policies in real-time to permit or deny a user’s access request to resources.

Analyst Advice

Business Resilience Management (Crisis Roadmap for Beginners)

Business Resilience Management is key to business survival in the face of rapidly changing IT, cyber threat, and regulatory environments.

Webcast

Didier Cohen: Forget About Complex PAM Projects: Now’s the Time for Quick, Easy and TCO-efficient Privileged Access Management

As organizations are quickly advancing into the digital transformation, there is a growing need to secure access to critical infrastructure assets. IT security leaders have identified the need for a Privileged Access Management solution but, as their infrastructures expand and are increasingly subjected to cyber threats, they too often struggle with deployment and operational challenges. This conference will highlight how modern solutions can adapt to the evolving needs that IT leaders have to address by providing scalable deployment, operational simplicity, and reduced total cost of...

Webcast

Alpha Barry: Implementing PAM in Practice – Lessons Learned in an Industrial Company

In this talk, Alpha will discuss the often arduous way from buying and initially implementing a PAM solution to achieving significantly improved security as a program target. He will share lessons learned about necessary changes to IT infrastructure architecture and operational processes to ensure maximum impact of a PAM project. Overcoming organizational resistance to the new processes and tools is equally important. Alpha will explain what to expect, and leave the audience with some best practice ideas to engage and involve stakeholders in IT operations and general management.

Webcast

Michael Dullea: Zero Trust Requires Comprehensive Privileged Access Management

Are you trying to implement a Zero Trust architecture in your environment?  A critical component of Zero Trust is making sure you cover your privileged users which these days go well beyond system administrators. Join Michael Dullea, Head of Product Management for Symantec PAM, as he discusses how the combination of proxy-based and agent-based privileged access management approaches offer complementary capabilities needed to achieve zero trust access to the accounts that hold the keys to your kingdom.  Understand why the traditional proxy-based approach just isn't good enough,...

Webcast

Paul Fisher: Trends and Findings From the 2020 PAM Leadership Compass

The PAM market has never been so dynamic and competitive as it reacts to changes in demands from organizations grappling with the effects of digital transformation on security and compliance. The findings from this year’s KuppingerCole PAM Leadership Compass reflect this dynamism as the vendors innovate across the board and add much needed functionality. Join Paul Fisher, Senior Analyst at KuppingerCole, as he discusses the findings from the report and what they mean for PAM in your own organization.

Webcast

Interview with Peter Gyongyosi

Webcast

KuppingerCole Analyst Chat: Consent Management Done Right

Graham Williamson and Matthias Reinwarth talk about consent: what does it mean for identity professionals, service providers or lawyers and how to reconcile all those different views in modern IAM environments.

Webcast

Panel - How to Manage Modern Security Risks and the Important Role of PAM

Webcast

Steve Wright: What’s So Special About This Data Anyway

The issues of data governance and ethics has plagued every government in the world in the last few months – why ?

What is the problem and opportunity of Big Data, AI, Machine Learning and the unique insights this provides to our society?

Why, after so many years do we fear the dark web, and what are the motivations of state based actors?

Webcast

Adam Drabik: Importance of Identity & Access Management and other Aspects of Cybersecurity in Post-Covid-19 World

The session will be about threat landscape tips from the practitioners.

Webcast

Panel - Digital Trends, Risks and Rewards - Achieving Control of Privilege Accounts in the Digital Enterprise

Webcast

Panel - The Future of Security & Why Prioritizing PAM is Important?

Webcast

Peter Gyongyosi: What's the Next Generation in PAM?

Privileged Access Management (PAM) solutions have become essential for compliance and security. A wide range of PAM solution choices is available, with the next generation of solutions designed to address the entire PAM process, not just the individual PAM challenges. Next-gen solutions are also built to optimize business operations with automated processes, simplified deployment and easily integrate with existing environments. They take into consideration the way admins work, provide maximum transparency and remove the operational friction that was typical of first-gen solutions. Plus,...

Webcast

KuppingerCole Analyst Chat: Getting Rid of the Password

Warwick Ashford and Matthias Reinwarth discuss the standards, technologies and organizational changes needed to finally get rid of the password-based authentication once and for all.

Webcast

Ninad Chavan: Need for PAM for Secured User Access to Business Applications on Cloud

Considering the nature of business, EGI was proactively planning to implement a centralized solution that could: Monitor all the remote users (including business users) taking access to the target servers on Cloud infrastructure from external network Allow secured and seamless file transfer from development to production environments Enable a second factor authentication for users accessing core business applications PAM helped address the same with: Comprehensive monitoring and access policy management to control and manage user access to critical cloud resources...

Webcast

Working From Home Is Not Secure Without an Effective IAM

The past few months have not only been disruptive to business models, but also to the way many people work. Working from Home (WfH) is the new normal for many of us, but it comes with many challenges, for workers, for their managers, for the IT teams. One of the biggest challenges is finding the right balance between enabling WfH and security.

Webcast

Martin Kuppinger: PAM: You're not alone. The interplay of PAM with Cybersecurity, IAM, and ITSM

Privileged Access Management (PAM) is essential to every business – just because every business is under attack, and privileged accounts are what (targeted) attacks are focusing on. Thus, there is a need for PAM, with organization, processes, policies, controls, and technology. But PAM must not be an isolated initiative. It is tightly linked to both cybersecurity and IAM initiatives, and there is also an interplay to ITSM. In his talk, Martin Kuppinger will look at how PAM relates to other areas and how to set up a comprehensive initiative that focuses on mitigating risks and...

Leadership Brief

Security Fabric: A Methodology for Architecting a Secure Future

Work from home, bring your own device, a professional cyber-crime industry, IoT & OT. We all have to face these challenges while fullfilling a zoo of endless requirements. It is complex to keep the overview and the flexibility in our IT security services and the used toolset. Setting up the architecture with the concept of a Security Fabric helps to structure, to optimize and to improve the corporate Cybersecurity approach.

Blog

Imagining Future Regulations on AI – Similarities to the GDPR?

There are ongoing discussions from high-level expert groups from the EU Commission about what regulation of Artificial Intelligence – particularly the algorithms that process data – will look like. There is a high priority to not only create alignment with the GDPR but to add flexibility for future advancements so that a baseline level of data protection is always provided, even as new AI applications are implemented. There are many elements of the GDPR that are particularly worth looking closer at regarding algorithmic models for recommendations, predictions, and decisions....

Executive View

NRI Secure Technologies: Uni-ID Libra 2.4

Consumer Identity and Access Management (CIAM) is a rapidly growing market that offers a better user experience for the consumer and new challenges for the organization. NRI Secure’s Uni-ID Libra continues to innovate and provide the necessary components of a CIAM solution with a focus on the Japanese market.

Webinar

Oct 06, 2020: Multicloud und Digitalisierung: Wie Sie die Nutzung im Griff behalten

Die Rolle der Cloud für die Digitalisierung kann kaum überbewertet werden. Doch mit zunehmender Cloud-Nutzung sind Organisationen bezüglich der Zugriffskontrolle für Cloud-Plattformen wie AWS, Microsoft Azure und Google Cloud Platform in Verzug geraten. Zwar bieten diese Plattformen Unternehmen Agilität und beschleunigen Innovation durch neue Services wie Sprachverarbeitung oder konfigurierbare Dialogsysteme, doch oft fehlt es an der erforderlichen Kontrolle, um den Zugriff auf all diese Cloud-Ressourcen ordnungsgemäß zu regeln.

Webinar

Sep 10, 2020: Die Demokratisierung der Cybersicherheit

Im Laufe der vergangenen Jahrzehnte haben Unternehmen vielen Anstrengungen auf sich genommen, um ihre IT-Sicherheit zu verbessern und so ihre Daten und Netzwerke zu schützen. Eine Konsequenz daraus wird immer deutlicher sichtbar: CISOs und ihre Teams müssen sich um eine (zu) große Zahl an Produkten und Lösungen kümmern, die der Unternehmenssicherheit dienen sollen. Oft sorgt schon die schiere Masse an Lösungen für eine hohe Komplexität und jährlich steigende Gesamtbetriebskosten (TCO), wobei der Mehrwert für die Sicherheit durch eine immer höhere Zahl an Tools fraglich ist.

Webinar

Aug 25, 2020: The 3 Steps to Secure IAM Modernization

When organizations modernize their Identity and Access Management (IAM), they have three fundamental requirements: an understanding of current capabilities, a migration strategy to transform the IAM infrastructure and finally, the staff with the expertise to execute the plan. The challenges on the way from legacy IAM to a modern IAM infrastructure are manifold and should be considered beforehand.

Webinar

Sep 16, 2020: Zugriffsschutz für sensible Daten – mit Data Access Governance und Identity Governance

Ein Großteil der geschäftlichen Dokumente in Unternehmen ist in Dateiordnern auf Microsoft SharePoint, Box, Dropbox und Google Drive gespeichert. Da ist es keine Überraschung, dass diese Daten zu den neuen Zielen von Hackern geworden sind. Mit zunehmenden Compliance-Anforderungen wie DSGVO, TISAX oder PCI ist der Zugriffsschutz auf diese Dateien längst nicht mehr nur eine Option, sondern Vorschrift. Auch die Erfüllung der Vorgaben der ISO 270xx-Normen ebenso wie von KRITIS erfordert entsprechende Maßnahmen.

Webcast

KuppingerCole Analyst Chat: A Holistic View of Cybersecurity - Introducing the Security Fabric

Christopher Schuetze and Matthias Reinwarth introduce Security Fabric - a new architectural approach towards cybersecurity with the goal to achieve consistent and fully managed security across the whole corporate IT.

Webcast

KuppingerCole Analyst Chat: NDR - Network (Threat) Detection and Response

John Tolbert and Matthias Reinwarth talk about network detection and response solutions: what are the threats they are looking for and how they complement endpoint protection tools to ensure consistent protection against advanced attacks.

Webcast

Identity Für Alle – Nicht Nur Für Wenige: Identity Management Für Den Mittelstand

Die digitale Transformation ist eine globale Herausforderung für Unternehmen jeder Größe. Im Gegensatz zu großen Konzernen fehlt es kleinen und mittelständischen Unternehmen aber oft an Fachpersonal und finanziellen Ressourcen, um Transformationsprozessen und den notwendigen technischen Voraussetzungen ausreichend Aufmerksamkeit zu widmen.

Blog

Getting a Grip on Your Big Data – Informatica Announces Acquisition of Compact Solutions

Informatica just announced that they agreed to acquire Compact Solutions, a vendor of Enterprise Metadata Management with engineering and professional services being based out of Krakow, Poland. Compact Solutions core product is MetaDex, which enables full end-to-end visibility of data flows, especially around some complex data sources, and thus helps organizations in understanding, tracking, managing, and protecting data flows and increasing efficiency in their broader data and analytics landscape as well as making more efficient use of their data. Metadata Management: Knowing your data...

Executive View

Symantec Identity Governance and Administration

In the absence of a secure external perimeter Identity and Access Management has become fundamental to protecting corporate digital assets.  Identity Governance and Administration includes two core elements of IAM - Identity Provisioning and Access Governance - that are essential to enabling and securing digital transformation.  This report describes how Symantec Identity Governance and Administration meets these challenges.

Leadership Brief

The Information Protection Life Cycle and Framework: Secure

The modern economy is driven by information. Digital Transformation is made possible by information. But most forms of information must be protected to create and maintain value. The Information Protection Life Cycle and Framework provides concepts to organize the discovery, protection, and disposition of information objects. This article is the fourth in the series introducing the Information Protection Life Cycle and Framework.

Blog

What's the Next Generation in PAM?

Before there were PAM solutions everyone was given access to privileged accounts with little regard or control as to who had access to them, when they had access and what they did with that access. As security breaches started to rise and compliance regulations were written it was obvious that manual processes and home-grown approaches to manage privileged access weren't enough to secure your organization. First PAM solutions solved issues but were too inflexible That's when privileged management solutions popped up in the market. There were solutions for password management and...

Blog

Elements of a Disaster Operations Plan

If anyone in any organization was in any doubt about the importance of having a Disaster Operations Plan, that has surely changed since the outbreak of the Covid-19 pandemic. Some organizations have coped better than others, but every organization should either be working on developing a Disaster Operation Plan or on improving the one they already have by identifying where the plan did and did not work well. Design a plan based on resources you already have A Disaster Operation Plan is a crisis-specific plan that builds off what an organization should already have in place. The following...

Webcast

Workforce Continuity in a Time of Crisis

It is not only in times of crisis like the current coronavirus pandemic that companies need to adapt and respond quickly to changing circumstances to provide workers with remote access and deal with onboarding and deprovisioning contingent workers. Continually changing and increasing customer demands as well as workforce expectations to work remotely, flexibly and on the move are also driving the need to be able to grant appropriate, security and compliant access rights to employees in near-real time to prevent gaps in workflows, increase productivity and improve compliance. IAM...

Webcast

IAM Projects Stalling - Stakeholder Management

Blog

Cloud Security Posture Management Tools – What They Are and Why You Need One

Many security product vendors are now offering CSPM (Cloud Security Posture Management) as part of their portfolio - so what is CSPM and why might you need it?  In their race towards digital transformation, organizations are using cloud services to accelerate the development of new apps and improve efficiency. This provides many important business benefits but also increases the challenges of ensuring cyber-security and regulatory compliance. CSPM solutions are intended to provide a way to identify and control some of these risks.  They supplement CASBs (Cloud Access Security...

Webcast

KuppingerCole Analyst Chat: Functionalities at the Core of a Privileged Account Management System

Paul Fisher and Matthias Reinwarth continue talking about privileged access management, discussing the core capabilities of modern PAM solutions.

Leadership Brief

Leadership Brief: Enterprise Information Protection - 71036

The perimeter of the corporation has transformed into a much more fluid and permeable boundary than it once was. Sensitive information is now routinely accessed with personal and business devices by employees, and mass remote work further exacerbates this trend. Advanced methods for the protection of sensitive data are necessary. This Leadership Brief is an overview of the role that Enterprise Information Protection solutions play in the current working environment and covers the capabilities that such vendors should provide.

Webcast

KuppingerCole Analyst Chat: The Cargo Cult of Cybersecurity

Matthias Reinwarth and Alexei Balaganski talk about the reasons many companies are still failing to protect themselves from cyberattacks and data breaches even after spending so much on security tools.

Webcast

Minimizing Security Impacts of a Growing Remote Workforce

Many organisations are implementing remote working policies and need to quickly support an unprecedented increase in the number of remote employees. However, an expanding remote workforce can significantly increase the attack surface and have changed the threat model of the organisation overnight. Many remote access options are quick to implement but are not secure and organisations are trying to navigate the challenges of quickly, but securely, operationalising their remote employees. In their talk, Martin Kuppinger and Morey Haber explore the risks unsecure remote access...

Blog

Security Fabric: Investing in the Right Architecture for a Secure Future

Modern and hybrid operating models, Software-as-a-Service, regulatory requirements, working from home, various types of internal and external users, and the phenomenon of BYOD (bring your own device) are challenges we have to face today. Such challenges are constantly emerging, which demands a flexible approach. Often these flexible requirements result in many specific sub-solutions for particular problems. This causes the company to have no central overview of which services, which devices, and which applications are used and for what purpose. To challenge the internal IT teams even...

Executive View

Executive View: CSI tools - 80407

CSI tools provide a suite of solutions for managing access entitlements and risk in SAP environments. The solution come with a modern, web-based user interface and dashboarding. They deliver in-depth insight and support for managing entitlements at all levels and across all applications within common SAP environments.

Leadership Brief

Leadership Brief: The Information Protection Life Cycle and Framework: Contain and Recover - 80375

The modern economy is driven by information. Digital Transformation is made possible by information. But most forms of information must be protected to create and maintain value. The Information Protection Life Cycle and Framework provides concepts to organize the discovery, protection, and disposition of information objects. This article is the sixth in the series introducing the Information Protection Life Cycle and Framework.

Webinar

Jul 23, 2020: Remote Work and IAM – A Unique Opportunity for Security Leaders

Nowadays, Identity and Access Management (IAM) is undeniably the first line of defense for organizations worldwide. It enables employees to securely access applications while enhancing control and transparency. But IAM is also on the change. It is already more than just the traditional employee IAM. Digital business requires advanced identity services, well beyond the human identities.

Webcast

Agile GRC: Adapting to the Pace of Change in the Digital Era

In the digital era, the rapid rate of change in business, IT and regulatory environments is continually accelerating, making it extremely challenging for organizations to keep pace in terms of their governance, risk and compliance (GRC) capability without the right mindset and tools. The complexity and technical nature of access controls in SAP and other business applications, makes the GRC challenge even greater. The added complexity of many GRC solutions means that organizations struggle with a lack of business buy-in and accountability for access-related risk. A more agile...

Webcast

IAM Projects Stalling - No Big Picture in Mind

Webinar

Sep 30, 2020: How Security and Identity Fabrics Work to Help Improve Security

Many organizations struggle or even fail because they overcomplicate the implementation and extension of their cybersecurity toolset. Most do not have a central approach on security, and often use a set of tools that are not well-integrated with each other.

Webcast

KuppingerCole Analyst Chat: Applying AI Governance

In a follow-up to an earlier episode, Matthias Reinwarth and Anne Bailey discuss practical approaches and recommendations for applying AI governance in your organization.

Webcast

Ankur Rastogi: Navigating the Journey to Cloud

Cloud is the foundation for any digital transformation. Most organizations now have cloud embedded not just in their IT strategy but also in their digital strategy. Cloud creates an opportunity to modernize an organization's application portfolio. While the benefits of migrating to cloud are well known, the journey to cloud comes with its own challenges and risks. If not planned properly, this can cause major headaches on the way. The session covers the benefits of a proper cloud strategy, how to set up a cloud journey and the risks that one must be ready to manage on the way.

Webcast

Eric Wolff: Understanding Best Practices for Cloud Key Lifecycle Management

Cloud Security best practices arise from the shared responsibility model for cloud computing, which states that customers are responsible for the security of data in the cloud. This session will cover the latest trends in cloud security, cloud provider shared security models, and the use of data encryption as a best practice. With cloud encryption key lifecycle management seen by many as a problem yet to be solved, the session will wrap with an overview of CipherTrust Cloud Key Manager from Thales.

Webcast

Amol Sawarkar: Cloud-First - Blessings for Continued Humanitarian Work

Moving to the cloud is a relatively settled concept today. We all knew benefits; But who thought someday, the same will offer to stay and work from home; that also 100%. This is a short tour to see why IFRC opted to embrace the cloud, challenges addressed, and derived benefits as well as continued efforts in optimizing further.

Webcast

Damir Savanovic: A CSA’s Perspective on Cloud Risk Management

Cloud computing is a proven and globally accepted enterprise delivery and operational technology model and with this growing market segment, also concerns regarding privacy, security and compliance are increasing. The rapid growth, combined with the inherent complexity of cloud computing, appears to be straining the capabilities of existing governance and risk management frameworks. In this presentation, I will question the perceived effectiveness of current governance and maturity in the use of risk management frameworks being applied to cloud computing.

Webcast

Jonathan Neal: Identity and Security for Your Cloud Strategy

Join the conversation as we help you explore laying the foundation of identity and security into your cloud-first strategy.  If the following questions have crossed your mind, we're happy you found your way to this session.    A.   Business-critical apps are constantly being migrated to the cloud to keep up with business. How do I know who is accessing what and if it is appropriate? Can I eliminate persistent accounts and provide JIT access? B.   Native compliance controls are provided from each of my cloud providers making it difficult, inefficient, and...

Webcast

Eleni Richter: Public-Cloud, Private-Cloud, On-Prem: Impacts of Cloud Cover on IDM

Today we see variable amounts of cloud cover in IT. Promising business values now meet reality. We will take a closer look at the effects of public-cloud, private-cloud, and on-premise scenarios on workloads, costs, and risks. Since cloud-usage means enlarging the (attack) surface of the IT, we will focus on security and IDM.

Webcast

Gemma Whitehouse: IoT & Enterprise - Change a Brief Introduction to Challenges and Solutions

In this presentation Gemma will overview and discuss:

  • Broad innovation trends in finance
  • Insurtech and fintech examples
  • Consumer trends and challenger businesses
  • IoT and Insurtech
  • IoT and Insurtech and sector relevance
  • IoT and the product ecosystem - old and new
  • IoT and the product ecosystem - approach
  • Data, IoT and misconceptions, and pitfalls
  • Challenges for organizations implementing emerging tech
  • Organisational solutions

Webcast

Mike Small: Cloud Backup and Disaster Recovery Why This Is an Essential Component of Digital Transformation

All organizations need to consider the risks related to the availability of their business-critical data and take appropriate measures to mitigate these risks.  In most cases this will involve investing in backup and disaster recovery products and services.  In today’s hybrid IT environment these must cover both on-premises and cloud delivered services in a consistent way. This session will cover KuppingerCole’s research into this area and summarize our Market Compass Cloud Backup and Disaster Recovery. 

Webcast

Hristomir Hristov: Cloud Migration – an Obscure Journey on Its Own or a Well-Paved Road

A story based on personal experience of leading several companies to smooth cloud migration. We will look at some real-life tips & tricks. We will discuss how to choose the cloud provider and the cloud setup – single-cloud, multi-cloud, or hybrid cloud. We will talk about what does ‘cloud-readiness’ means and when it is achieved. Should we start with a Zero Trust Architecture? What are the possible approaches for cloud migration - pros and cons. After all, is a migration a one-off event or a continuous process?

Webcast

Panel - Governing Your Hybrid Cloud

This panel will discuss cloud governance challenges and describe practical solutions.

  • Governing the cloud service – what value is certification and how can you implement continuous governance?
  • Governing use of the cloud services – what tools do you need to implement controls?
  • How can you implement consistent access governance across the whole hybrid estate?
  • Do tools like CASB and CSPM really help?

Webcast

Martin Kuppinger: Cloud First – and Now? Operations, Integration, Security, Identity

In his Opening Keynote, Martin Kuppinger, Principal Analyst at KuppingerCole, will talk about the practical consequences of having a “cloud first” strategy in place. Declaring such a strategy is simple. Successfully executing it is the bigger beast to tame. Martin Kuppinger will look at the success factors for executing a “cloud first” strategy and identify what it needs in the organization, operations, integration, vendor selection, risk assessment, management, security, and identity. He also will look at the various levels of such cloud first strategies,...

Webcast

Daniele Catteddu: Cloud Governance and Risk Assessment

The rapid growth in both scope and market share, combined with the inherent complexity of cloud computing, seem to exceed the capabilities of existing governance and risk management approaches. As users, and the uses of cloud computing evolve, so must the supporting governance models. This includes the transformation and adaptation of governance and risk management programs into the company's culture, and the evolution of the skills and expertise of the IT and Security professionals.

Webcast

Oliver Cheal, Paul D'Cruz: How Has the IT Security Roadmap Changed in 2020 for Businesses?

Webcast

Interview with Oliver Cheal and Paul D'Cruz

Webinar

Sep 22, 2020: Information Protection in Cloud Services

Today’s economy is clearly driven by data. The most successful companies are those that can use this data to create useful information that enables them to get closer to their customers, to create new products and be more efficient. Cloud services are a key enabler in this, they allow the capture, storage, and exploitation of vast amounts of data without the need for capital expenditure. They enable the rapid development and deployment of new applications as well as the modernization of existing one.

Webcast

The Future of Privileged Access Management and Reducing Risk for Modern Digital Enterprises

While Privileged Access Management (PAM) must still fulfill its core function of protecting privileged accounts, the next generation of PAM solutions can do so much more for your organization. As organizations embrace cloud, hybrid-IT, DevOps, remote working, digital workplaces, RPA and other transformational technologies the role of PAM has changed to secure these trends at zero point. Privileged accounts are no longer the domain of administrators or super users but for users right across the organization – including non-human entities such as applications and machines.

Webcast

KuppingerCole Analyst Chat: When is a Security Product not a Security Product?

Matthias Reinwarth and John Tolbert talk about profound implications of security products not having their administrative interfaces sufficiently secured with technologies like multi-factor authentication.

Market Compass

Market Compass: Enterprise Information Protection - 80217

The KuppingerCole Market Compass provides an overview of the product or service offerings in a certain market segment.  This Market Compass covers Enterprise Information Protection solutions. Because the perimeter of the corporation has changed to include personal and business devices, mass remote work, and increased collaboration, advanced methods for the protection of sensitive data have become necessary. This is an overview of the vendors that work to secure valuable assets – the sensitive data of an organization.

Blog

A Reckoning with Facial Recognition Technology and Responsibility

Several major players in the facial recognition market – IBM, Amazon, and Microsoft – have halted all sales of facial recognition technology (FRT) to police departments in the United States. Each of these companies made a statement regarding technology’s relationship to public safety. IBM CEO Arvind Kirshna sent an open letter to several US Senators and House Representatives, stating “IBM no longer offers general purpose IBM facial recognition or analysis software. IBM firmly opposes and will not condone uses of any technology…for mass surveillance, racial...

Webcast

Gain a Unified Business View With Enterprise Identity Management

Identity Governance and Administration (IGA) is continuing to evolve through more integrated Identity and Access Governance solutions. IGA products are often required to give deep integrations with other enterprise products and applications to deliver the expected business value, as well as a need for having one interface for IGA across the range of applications and services.

Webcast

IAM Projects stalling - Plan First, Then Execute

Webinar

Jul 22, 2020: Security Fabric: Building a Secure Future With a Flexible IT Architecture

IT security is of central importance to companies. There are many requirements that must be met so that users with different roles and rights can use the various computers and networks securely and efficiently.

Webinar

Sep 17, 2020: In an Age of Digital Transformation Managing Vendor and Partner Identity Is Critical

Organizations have been managing the identity and access of employees for many years to protect data and the overall security of the enterprise. However, the onset of digital transformation has driven a need for faster, cost-effective innovation and with it the increased utilization of third-party resources. Consequently, organizations have a greater need to manage third-party access to data, systems, and facilities. This includes contractors, vendors but also partners, affiliates, volunteers, and even service accounts and bots. Modern organizations are much more collaborative and open...

Webinar

Sep 09, 2020: Identity and Access Management Strategies That Grow With Your Business

For companies that don’t need a complex Identity Governance & Administration solution (IGA), account and group administration is still a priority. Every company needs a solution for at least baseline IAM (Identity and Access Management), that fits their current state but can also equip them to expand to Identity Governance and Privileged Access Management (PAM) when they are ready.

Webcast

KuppingerCole Analyst Chat: What's AI Governance and Why Do We Need It

Matthias Reinwarth and Anne Bailey talk about Artificial Intelligence and various issues and challenges of its governance and regulation.

Webcast

KuppingerCole Analyst Chat: IAM Requires a Solid Process Framework

Matthias Reinwarth and Christopher Schütze talk about the importance of processes to make your IAM projects successful.

Leadership Compass

Leadership Compass: Network Detection and Response - 80126

This report provides an overview of the market for Network Detection and Response tools (NDR) and provides you with a compass to help you to find the solution that best meets your needs. We examine the market segment, vendor service functionality, relative market share, and innovative approaches to providing NDR solutions.

Webinar

Jul 28, 2020: We Need to Talk About Passwords – Urgently!

Passwords have been used for authentication for decades and continue to proliferate. Yet we know they create friction for users, slow down business productivity, and are a weak form of user authentication. Users are always forgetting them or use weak passwords that are easily cracked by hackers. Many organizations would love to lessen reliance on passwords but many passwordless solutions only provide a partial solution and do not solve the inherent weakness of passwords. Modern enterprises cannot cover the myriad of access use cases today with a passwordless solution alone.

Webcast

IAM Projects Stalling - Quick Wins and Big Wins

Press Release

Cloud-First Strategy Crucial to Digital Transformation

For companies that want to digitally transform their business, a cloud-first strategy is crucial . I n addition to reducing costs and improving IT efficiency, delivering new products and service s from cloud-based infrastructure enables companies to be more flexible and responsive to changing business needs. 

Webcast

Ovidiu Ursachi: Return on Investment in Cybersecurity

Webcast

Panel: Managing Cyber Supply Chain Risks and Achieving Digital Business Resilience

Businesses face various risks when deploying external products and services. Among them is the possibility of cyber intrusion which can pose a major challenge to the company’s infrastructure and require a re-think of cybersecurity strategy. A well thought-out and properly structured management of a supplier base classified as trustworthy is just as much a part of this discipline as the use of standardized certification procedures for such products. In this panel we will discuss the importance of cyber supply chain risk management (C-SCRM) and its effect on resilience of a digital...

Webcast

Christopher Schuetze: Necessary Components of an Effective Cyber Supply Chain Risk Management (C-SCRM)

As the recent widely publicized revelations have shown, the risk of purchasing hard- and software with deliberately or accidentally built-in weaknesses is much higher than we could have estimated – but it is not the only element of Supply Chain Risk. Supply chains can only be as strong as their weakest link. In a world where enterprises must focus on what they can do best and outsource everything else, it is necessary to know these weak spots and to limit the risks occurring from them.

Webcast

Panel: From Threat to Opportunity - Cybersecurity in Times of Crisis

Ensuring business continuity is a challenge during times of crisis such as the pandemic caused by the Covid-19 virus. Companies were and are facing an increasing number of cyber-attacks which can cause damage to their finances, reputation, and growth. Today, most people continue to work from home, hence the attack surface is dramatically increased. In such trying times, the effective cybersecurity measures are of utmost importance. It is essential for businesses to understand that cybersecurity has become part of business continuity and modern, innovative approaches together with a high...

Webcast

KuppingerCole Analyst Chat: PAM - What are Privileged Accounts

Matthias Reinwarth and Paul Fisher launch a new series of talks about privileged access management.

Webcast

Stefan Würtemberger: In the Crosshairs of Cyber Criminals – A Case Study by Marabu

In his talk, Stefan Würtemberger will discuss the caste study of Marabu's cyber-attack. He will address the necessary steps a company has to take after being attacked by cyber-criminals. He recommends calling in external cyber-specialists (expertise & protection of own resources) and filing a complaint with the police. Furthermore, he suggests dividing your forces well a working week > 100 h does not last long. A well-documented infrastructure helps when using external forces.

Webcast

Matthias Reinwarth: Optimizing Your Cybersecurity Spending: Where to Put Your Money During and After the Crisis?

Webcast

Dr. Mariarosaria Taddeo: Is Artificial Intelligence in Cybersecurity Trustworthy or Deceivable?

Applications of artificial intelligence (AI) for cybersecurity tasks are attracting greater attention from the private and the public sectors. Estimates indicate that the market for AI in cybersecurity will grow from US$1 billion in 2016 to a US$34.8 billion net worth by 2025. The latest national cybersecurity and defence strategies of several governments explicitly mention AI capabili- ties. At the same time, initiatives to define new standards and certification procedures to elicit users’ trust in AI are emerging on a global scale. However, trust in AI (both machine learning and...

Webcast

Barry McMahon: Harnessing Identity to Position Security as a Business Enabler

Security teams were already going through a fundamental shift in how they protect the business, even before the acceleration to remote working due to Covid-19. Given that Identity and Access Management (IAM) is now undeniably the first line of defense for organisations worldwide, how can security leaders turn the challenges, both legacy and new, into opportunities to mitigate risk and add value to the business? And all this in a way that will elevate the position, and change the perception, of security at the same time? Based on a recent study Barry McMahon from LastPass looks at the...

Webcast

Matthias Canisius: Return to Base | The CISO's Guide to Preparing A COVID-19 Exit Strategy

While governments and public healthcare specialists are looking into the timing and manner of reopening the economy, it is clear that at some point in the hopefully not-too-distant future restrictions will be eased and businesses will return to normal operations. Returning to recently-vacated offices will certainly signify a return to normality, and for most, that will be a welcome relief after working from home for an extended period. However, just as the shift to working from home required organizations to adapt and act differently, so will the return to the office. In this...

Webcast

Filipi Pires: Security Predictions for 2020

The year 2020 will see a transition to a new decade. So will cybersecurity. Gone are the days of networks isolated behind a company firewall and a limited stack of enterprise applications. The current paradigm demands a wide variety of apps, services, and platforms that will all require protection. Defenders will have to view security through many lenses to keep up with and anticipate cybercrime mainstays, game changers, and new players. Tried-and-tested methods — extortion, obfuscation, phishing — will remain, but new risks will inevitably emerge. The increased migration to...

Webcast

Jean-Christophe Gaillard: Cyber Security in the Midst of the COVID Crisis: Key Management Considerations for Large SMEs and Mid-Size Firms

In this session, you will hear from cyber security thought-leader and Corix Partners founder JC Gaillard. JC will discuss and deconstruct 6 cliches around cybersecurity in small and mid-size firms and why security matters more than ever in the light of the COVID crisis, before answering your questions.

Webcast

Bernard Montel: Cyber Defense : The New Concept of iSOC - Where Identity and SOC Has Never Been Tighter

With the introduction of AI, machine learning and UEBA, the SOC objective is to detect abnormal behavior. More than ever Identity is the battleground in this new concept of iSOC.

During this keynote, you will learn how Identity Governance and SOC need to be tight and how to remediate when a threat is detected on a specific Identity with the concept of "Threat Aware Authentication".

Webcast

Christopher Schuetze: Prepare & Invest Now – And Survive an Incident or a Breach Tomorrow

Webcast

KuppingerCole Analyst Chat: Identity Vetting - Dealing With the Wave of Fraud During the Pandemic

Matthias Reinwarth and John Tolbert discuss the latest "innovations" fraudsters are using during the pandemic crisis and the methods to mitigate them.

Leadership Compass

Leadership Compass: Unified Endpoint Management (UEM) - 70314

This report provides an overview of the market for Unified Endpoint Management (UEM) and provides you with a compass to help you to find the solution that best meets your needs. We examine the market segment, vendor service functionality, relative market share, and innovative approaches to providing UEM solutions.

Webcast

Cybersecurity Investment Priorities - Set Your Focus Right

Executive View

Executive View: ManageEngine PAM360 - 80140

In the last few years PAM has evolved into a set of targeted technologies that addresses some of the most urgent areas of business security in a period of rapid technological change. Digital transformation, Cloud, and Hybrid IT environments are putting new demands on PAM and vendors are responding to this challenge by adding new functionalities and capabilities to their solutions. This Executive View takes a closer look at ManageEngine PAM360, offered to the market by the US based company.

Executive View

Executive View: Hitachi ID Privileged Access Manager - 80142

Hitachi ID is a global IAM software provider. It offers Hitachi ID Privileged Access Manager (HiPAM) as its primary offering for the PAM market, along with the complementary Identity Manager and Password Manager products. In the last few years PAM has evolved into a set of targeted technologies that addresses some of the most urgent areas of business security in a period of rapid technological change. Digital transformation, Cloud, and Hybrid IT environments are creating new demands and modern PAM solutions are evolving to meet these challenges.

Leadership Brief

Leadership Brief: The Information Protection Life Cycle and Framework: Monitor and Detect - 80374

The modern economy is driven by information. Digital Transformation is made possible by information. But most forms of information must be protected to create and maintain value. The Information Protection Life Cycle and Framework provides concepts to organize the discovery, protection, and disposition of information objects. This article is the fifth in the series introducing the Information Protection Life Cycle and Framework.

Webcast

KuppingerCole Analyst Chat: Zero Trust from the Cloud

Matthias Reinwarth and Alexei Balaganski look at the potential alternatives to VPNs and security gateways.

Virtual Event

Sep 03, 2020: The Three Fundamentals to Enterprise Identity Success

Organisations of all sizes are recognizing the need for a modern enterprise identity program to help fast track digital transformation, cloud adoption and Zero Trust initiatives. In order to capture the full capabilities, benefits and security of a modern enterprise identity program, you need the integration of solutions that cover all users, permissions and privileges. Attend this virtual event to learn how the integration between Identity and Access Management, Identity Governance and Privileged Access Management can protect your critical systems and data, reduce risk and help you quickly...

Virtual Event

Aug 20, 2020: Advanced Privileged Access Management & New Trends

This virtual event is dedicated to advanced methodologies in Privileged Access Management. Expert speakers and panelists will talk about successfully securing and managing privileged access which is a tough task and is only getting harder to solve.

Webcast

Redefining IAM: Harnessing AI to Identify Risk at the Speed of Change

In an increasingly complex and rapidly changing business, IT and regulatory environment, traditional approaches to identity governance must evolve to keep up with the rate of change. Given the dynamic nature of today’s business, managing entitlements and conducting access reviews have become particularly challenging, for example.

Webcast

KuppingerCole Analyst Chat: How to Avoid Becoming a Phishing Victim During the Pandemic

Matthias Reinwarth and Martin Kuppinger explain how to protect your users from phishing attacks when they're all working from home...

Learn more about how to continue successful business with Senior Analyst Warwick Ashford's Analyst Advice on Business Resilience Management.

Executive View

Executive View: IBM Watson OpenScale - 80505

IBM Watson OpenScale a solution to enable the responsible monitoring and management of AI projects. The comprehensive attention to data management, analytics, model training, deployment, and model lifecycle management make Watson OpenScale a strong choice for enterprises.

Market Compass

Market Compass: Conversational AI Building Platforms - 80384

The KuppingerCole Market Compass provides an overview of the product or service offerings in a certain market segment. This Market Compass covers conversational AI building platforms with a focus on chatbot solutions. Such solutions are a common trend in marketing, sales, service management, human resources, and many other use cases.

Blog

Conversational AI Building Platforms (Market Compass Preview)

AI-based conversational interfaces developed plenty of hype for use cases within marketing, sales, and service management. Various types of solutions are on the market, offered by both small start-ups and large, international, established enterprises. More than a hype Conversational interfaces experienced hype in 2016, followed by some disillusionment in the next years, as many solutions were technical gadgets rather than delivering real value. This is about to change, as many solutions are more mature now - and implemented as a part of digitalization projects within marketing, sales, or...

Blog

The Role of Identity in Business Continuity Planning

When it’s “business as usual”, it seems strange to think about disruptions and disasters. With competing priorities and the pressure of everyday demands, planning for worst-case scenarios can feel alarmist and macabre. But as anyone experienced in disaster preparedness will tell you, the best time to prepare for unexpected disruptions to your business is before they happen. And in today’s digital workplace, the ability to support remote employees and ensure secure access to work resources is an essential component of a business continuity plan. Why a business...

Webcast

Never mind the robots, here’s the real AI

Matthias Reinwarth explains how to let machine learning add value to your organization.

Blog

Cybersecurity Investment Priorities - Portfolio Optimization

Webcast

Protect, Detect, Respond, Mitigate: A Modern Security Paradigm for Modern Enterprises

The traditional approach forces enterprises to deploy multiple additional security solutions – EPP, EDR or NDR among them – to try and close remaining gaps, leading to even higher strain on security analysts. Facing response times of hours if not days, companies turn to managed services that rely on the scale of the cloud to reduce the load but introduce additional operational and compliance challenges. What if there were a modern alternative to hoarding security tools, relying instead on a single unified platform with a single endpoint agent to perform all those functions,...

Webcast

Cybersecurity Investment Priorities - Portfolio Optimization

Webinar

Jun 30, 2020: Workforce Continuity in a Time of Crisis

It is not only in times of crisis like the current coronavirus pandemic that companies need to adapt and respond quickly to changing circumstances to provide workers with remote access and deal with onboarding and deprovisioning contingent workers.

Executive View

Executive View: Omada Identity Suite - 80506

Modern Identity Governance and Administration (IGA) solutions need to take traditional IGA further to meet today's customer requirements such as entitlement and onboarding automation or providing insight into access risks. Omada Identity Suite not only supports this with Access Governance and Identity Provisioning but also takes it a step further by giving an IGA best practices framework and implementation methodology.

Blog

KuppingerCole Analyst Chat: Enterprise Databases in the Cloud

Matthias Reinwarth and Alexei Balaganski talk about making the right choice of a database engine to power your next cloud project.

Webinar

Jul 15, 2020: Endpoint Protection Made Easy With Privilege Management

Endpoint detection and response (EDR) solutions monitor endpoint and network events and record the information in a central database. There, the information is subjected to further analysis, detection, investigation, reporting, and alerting. While EDR solutions may be a good start to protect endpoints, they are by no means sufficient. Instead, Endpoint Privilege Management (EPM) solutions must be integrated to protect the systems from within.

Blog

The New Normal Post Covid-19

As soon as national lockdowns began to limit the spread of Covid-19 it was clear that the world would never be the same again, and last week’s Microsoft Build conference has highlighted what some of those changes will be, starting with the event itself being fully virtual for the first time. Remote working set to increase longer-term While remote working was becoming increasingly popular in the run-up to the Covid-19 crisis, few organizations were well equipped to accommodate this. In the past two months, however, just about every organization has had to find a way of enabling...

Webcast

KuppingerCole Analyst Chat: Enterprise Databases in the Cloud

Matthias Reinwarth and Alexei Balaganski talk about making the right choice of a database engine to power your next cloud project.

Market Compass

Market Compass: Cloud Backup and Disaster Recovery - 71176

The KuppingerCole Market Compass provides an overview of the product or service offerings in a certain market segment.  This Market Compass covers solutions that provide backup, restore and disaster recovery of IT service data into the cloud in the context of the hybrid IT service delivery environment that is now commonly found in medium to large organizations.

Blog

KuppingerCole Analyst Chat: Zero Trust as a Concept for … Trust and Security

Matthias Reinwarth and Martin Kuppinger dispel a few myths about Zero Trust.

Executive View

Executive View: Microsoft Azure Active Directory - 80401

From small businesses to large enterprises, organizations today require a solid foundation for their Identity and Access Management (IAM) services. These services are increasingly delivered as cloud services or IDaaS (Identity as a Service). Microsoft Azure Active Directory (Azure AD) provides Directory Services, Identity Federation, and Access Management from the cloud in a single integrated solution with extensive integration opportunities.

Webcast

KuppingerCole Analyst Chat: Zero Trust as a Concept for … Trust and Security

Matthias Reinwarth and Martin Kuppinger dispel a few myths about Zero Trust.

Press Release

Berthold Kerl wird CEO von KuppingerCole

Der Aufsichtsrat der KuppingerCole Analysts AG hat Berthold Kerl mit Wirkung ab 1. Juli 2020 zum Chief Executive Officer ernannt. Die Unternehmensgründer Martin Kuppinger und Jörg Resch bleiben dem Unternehmen in ihren derzeitigen Funktionen als Vorstandsmitglieder erhalten. Berthold Kerl kommt von der Deutsche Bank AG, wo er als CISO EMEA für Identity & Access unternehmensweit zuständig war.   

Press Release

Berthold Kerl Named CEO of KuppingerCole

KuppingerCole Analysts AG, a leading global technology analyst firm providing insights & decision support for tech professionals, today announced that Berthold Kerl, former Managing Director & Global Head of Identity and Access / CISO EMEA at Deutsche Bank AG, has been named as Chief Executive Officer (CEO), commencing July, 1st, 2020. Co-Founders Martin Kuppinger and Joerg Resch will remain in their current functions as board members.

Blog

Microsoft Adding New Capabilities to Azure Active Directory

Over the past years, Microsoft has spent significant effort to make Azure Active Directory (Azure AD) the central platform for identities in Microsoft environments and beyond. Microsoft now announced several new capabilities that help to support further use cases. New features in Azure AD One of these is the support for FIDO2 security key sign in for hybrid environments, consisting of both Azure AD and on-premises Active Directory. FIDO2 as a standard allows using a variety of authenticators, including biometric authentication, with various applications. This extension allows for using a...

Executive View

Executive View: Ilantus Compact Identity - 80177

IAM is a complex challenge for businesses, comprising of various capabilities such as IGA (Identity Governance & Administration), Access Management, and Privileged Access Management. Deployment is shifting towards flexible models supporting a range of deployment options, including IDaaS (Identity as a Service). Ilantus Compact Identity is an IAM offering targeting businesses that are looking for a comprehensive, integrated solution that can run either on premises or in the Cloud.

Executive View

Executive View: SentinelOne Singularity Platform - 80139

Die integrierte Sicherheitsplattform von SentinelOne kombiniert Präventions-, Erkennungs-, Analyse- und Mitigierungsfunktionen mit dem autonomen KI-Agenten und ermöglicht so tiefe Einblicke und konsistenten Schutz für On-Premises-Endgeräte, virtualisierte Umgebungen und Cloud-Workloads.

Executive View

Executive View: SentinelOne Singularity Platform - 80139

SentinelOne’s integrated security platform combines prevention, detection, analysis, and mitigation capabilities with the autonomous AI agent to enable deep visibility and consistent endpoint security across on-premises devices, virtualized environments and cloud workloads.

Blog

Will Azure Arc Help Hybrid IT Customers to Find the Pot of Gold?

At Ignite in November 2019 Microsoft announced Azure Arc which is now in public preview. Azure Arc extends Azure Resource Manager capabilities to cover Linux and Windows servers, as well as Kubernetes clusters on any infrastructure across on-premises, and multi-cloud. In French “L’arc-en-ciel” is the word for rainbow so will Azure Arc help customers to find a much-needed solution to their hybrid multi-cloud management challenges? The Hybrid Management Challenge As well as on-premises IT services, most organizations are now using cloud services from multiple vendors, and...

Executive View

Executive View: Thycotic Access Controller - 80406

Thycotic is one of the world’s leading providers of Privileged Access Management (PAM) solutions. In the last few years PAM has evolved into a set of targeted technologies that addresses some of the most urgent areas of business security in a period of rapid technological change. Digital transformation, Cloud, and Hybrid IT environments are putting new demands on PAM. Against this backdrop, Thycotic has integrated three new Access Controller products into its portfolio of PAM solutions to meet these challenges.

Blog

KuppingerCole Analyst Chat: The Alphabet Soup of Security Analytics

Matthias Reinwarth and Alexei Balaganski discuss the plethora of acronyms for security analytics solutions: from SOC and SIEM to UEBA and SOAR.

Virtual Event

Aug 06, 2020: Future of Digital Identity: Self-Sovereign Identity & Verifiable Credentials

This virtual event is dedicated to SSI and the future of identity. One of the main challenges facing the broad implementation of SSI is integration and standardization, which will be addressed by speakers and panelists. Various best practice talks will also be part of the exciting agenda.

Webcast

KuppingerCole Analyst Chat: The Alphabet Soup of Security Analytics

Matthias Reinwarth and Alexei Balaganski discuss the plethora of acronyms for security analytics solutions: from SOC and SIEM to UEBA and SOAR.

Webcast

Tim Barber: Creating an Innovative Identity Fabrics Structure

Every business today is faced with a digital transformative imperative. In a digital world, where everyone is connected to everything, secure access is key for employees, partners, customers and even things. Organizations are challenged however by the need for controlling and staying on top of constant change and at the same time allowing continuous innovation of both technology and business models. How do you keep up with the speed of change and the need for security?  In his keynote, Tim Barber will discuss the concept of Identity Fabrics - platforms that provide all...

Webcast

Martin Kuppinger: Identity Fabrics - Delivering IAM for the Digital Business

Identity Management is on the change. It will never be the same again. It is already more than Employee IAM. The segregation between various parts of IAM is blurring. Digital business require advanced identity services, well beyond the human identities. Identity Fabrics are the model for your Future IAM. They are about a consistent set of capabilities and services in a modern architecture, supporting your business and IT use cases. They deliver the Identity Services for your new digital services, ready-to-use and supporting the time-to-value in the digital transformation of your business....

Webcast

KC Virtual Awards: Category - Enterprise IAM

The KuppingerCole Virtual Awards Series 2020 honors outstanding Identity Management and Security projects, standards or people during the upcoming virtual conferences. Today's award category considers Enterprise IAM projects, including Identity Governance & Administration, Identity Federation, Privileged Access Management, and other technologies. These projects may cover all types of identities but should include employee identities and focus on managing hybrid environments. Join the live award ceremony as the KuppingerCole jury announces the Best Enterpise IAM Project winner.

Webcast

Nat Sakimura: No ID, No DX

Industrial revolutions share two common properties: 1) New Increasing Return Technological Paradigm and 2) New Funding Methods. In the first industrial revolution, they were the steam engine and the fiat money creation. The combination allowed the British to create a Global Empire capitalizing on the increasing return nature. The same pattern holds for the 4th industrial revolution as well. This time, it was the cyberspace and the money creation system called "Silicon Valley". This time, however, the land grab is not on the existing continent. It is on a newly formed 8th continent, also...

Webcast

David Miles: How to Handle Massive Forced Change in Active Directory Accounts

The current healthcare crisis has drastically changed how and where work is done, and the way organizations operate. To get to this point, it was a battle for IT admins that oversee your Active Directory infrastructure.

Then what happens when this crisis is over? How can your organisation quickly and smoothly bounce back from the identity management challenges brought on all the forced change?

Webcast

Alyssa Kelber, Jon Lehtinen: Build Your Own IDaaS: Lessons from Year One

Build or buy? Do we have the staff, talent, & budget to operate a new security service if we decide to build? In this talk, Alyssa Kelber & Jon Lehtinen deconstruct the myth that you need large teams & expensive software to run cloud-native Identity-as-a-Service platforms for your enterprise. They will share their experience building their own at Thomson Reuters using commercial off the shelf software, containerization, and native cloud services, as well as the lessons learned, business impact & costs savings over the year since the service’s launch.

Webcast

Prof. Dr. David Chadwick: I Want COVID-19 Certificates But I Don't Want a DID

The W3C Verifiable Credentials Data Model is being used as the basis for creating standardised COVID-19 certificates of different types: vaccination, test and immunity certificates.  As the W3C Recommendation clearly states, "DIDs are a new type of identifier that are not necessary for verifiable credentials to be useful. Specifically, verifiable credentials do not depend on DIDs and DIDs do not depend on verifiable credentials." So why are most implementers insisting on building COVID-19 certificates with DIDs and blockchains? This talk will provide an answer to this question, and...

Webcast

Adam Cooper: Digital Identity as a Building Block for Ethical Digital Economies

Governments are building huge identity systems because they need to plan service delivery, understand demographics and deliver essentials such as healthcare and education whilst building digital economies and addressing financial inclusion. They also have concerns over fraudulent activity, security and border control. These are conflicting issues with very different needs. Technology always moves faster than laws and government capacity is often behind the curve. Knowing what to implement, when and how is difficult when capacity is low. Digital economies need digital identity, as...

Webcast

David Doret: IAM Performance Measurement

IAM Performance Measurement In late 2018, a group of seasoned IAM professionals spent an evening discussing IAM challenges in a café. They shared a common frustration: the absence of a standardized Performance Measurement System (PMS) to monitor and compare the performance of IAM programs in organizations. Yet, as the old saying goes, you only get what you measure. They organized a series of workshops throughout 2019, worked hard and here it is: the foundations of a standardized IAM PMS have now been layed out. This not-for-profit project driven by passionate IAM experts is open...

Webcast

Interview with Tim Barber

Webcast

Panel: Overcoming Enterprise Challenges & Future-proofing Your IAM Strategy

The need for the robust IAM strategy, enabling higher efficiency and productivity, is greater than ever. There are many things to be considered when considering adopting a new IAM strategy which might be overwhelming and confusing to some extend. This panel will overview the most important trends in Identity and access management as well as discuss the potential future development of the IAM landscape. Refined IAM solutions in complex with a holistic approach is crucial to stay ahead of evolving security threats.

Webcast

Panel: Disruptive Role of Mobile Device Manufactures Within the Digital Identity Market

Webcast

Sylvie Vandevelde: Use Case: Belgian Mobile ID for Digital Inclusion

Public and private services are digitalizing their services and need to create solutions that are accessible to everyone. Customers are expecting more, and citizens want to interact with the public services in a smoother way.  Next to that, the sensitivity of information being exchanged online grows rapidly and data privacy is a real concern to many people. How can you build a digital society that is accessible, secure and respects privacy? What is the role of a digital ID?

Webcast

Ros Smith: Re-inventing Identity Management at the BBC

You don’t need to go to many Identity Management conferences to realise that Identity and Access Management projects are hard to implement and also that IAM is one of the least “technological” of the Security disciplines, with it being 10% technology and 90% business change. The BBC is currently meeting the challenge of IAM transformation head on.

Webcast

Mathias Conradt: The Evolution of IAM: From Being a 'Bandaid' To a Strategy

For organisations that want to ensure safe, scalable and efficient access to their applications and services, identity is playing a bigger role than ever before. In this session, Mathias Conradt will discuss today’s digital environment and how digital transformation is moving up on the agenda for C-level, and what that means for IAM solutions. Particularly since the bar has been reset when it comes to remote working, online shopping, meeting and socialising. Mathias will explore how organisations have typically - and are now - approaching IAM adoption and implementation, focusing...

Virtual Event

Jul 16, 2020: Customer Identity & Marketing Automation

This virtual event offers a great opportunity to listen to discussions by experts from different industries dealing with CIAM and Marketing automation. Hear more about CIAM use cases for marketing and how to win customer trust by safeguarding their data. Enrich your knowledge to become better prepared for dealing with the challenges in this ever-changing environment.

Blog

KuppingerCole Analyst Chat: Cybersecurity Portfolio Optimization

Matthias Reinwarth and Christopher Schütze talk about how to efficiently identify and rate your investments into Cybersecurity. Free Analyst Advice:Business Resilience Management (Crisis Roadmap for Beginners)

Executive View

Executive View: Symantec Privileged Access Manager - 80331

Privileged Access Management (PAM) solutions are critical cybersecurity controls that address the security risks associated with the use of privileged access in organizations and companies. This report describes how Symantec Privileged Access Management meets these challenges.

Executive View

Executive View: Nexis Controle 3.4 - 80158

Nexis Controle 3.4 implements intelligent role and identity analytics while laying the foundation for strategic role lifecycle management as either a stand-alone solution or as a companion component to existing Identity and Access Management infrastructures.

Executive View

Executive View: One Identity Manager - 80310

One Identity Manager is one of the leading Identity and Access Governance (IAG) solutions. It builds on a sophisticated, consistent concept which allows for intuitive user experience, rapid customization and easy deployment. One Identity Manager is offering a rich toolset and framework to connect various target systems to its identity and access management solution.

Leadership Brief

How to Get Rid of Passwords - Today

The IT security community has long recognized that passwords are a problem because they are easily cracked or compromised and are ultimately susceptible to human failings. This leadership brief looks how organizations can improve overall security by addressing their reliance on passwords and prepare to move to alternative authentication methods.

Leadership Compass

Leadership Compass: Access Control Tools for SAP Environments - 80104

This report provides an overview of the market for Access Control Tools for SAP Environments and provides you with a compass to help you to find the solution that best meets your needs. We examine the market segment, vendor service functionality, relative market share, and innovative approaches to providing solutions that increase security in SAP Environments by restricting access, controlling break-glass access, and related capabilities.

Blog

Five Golden Rules for Efficient Virtual Collaboration

Beyond security and technology: Matthias Reinwarth leverages the experiences of KuppingerCole Analysts in doing advisory via electronic collaboration platforms and shares 5+1 golden rules for jumpstarting efficient cooperation.

Blog

3 Steps to Improve Your Cybersecurity with Enterprise Risk Management

If you start considering the topic of cybersecurity in your company, you’ll quickly realize that there are many facets. In traditional companies, IT has grown in parallel to meet the requirements in digitization and production in a timely manner. These traditional companies and their suppliers with physical products such as automobiles often have a somewhat higher degree of maturity in general Enterprise Risk Management, which only deals in part with IT-relevant risks. Companies that were founded more recently, or that offer their products or services on a purely digital level have...

Webinar

Jul 02, 2020: Identity für Alle – nicht nur für Wenige: Identity Management für den Mittelstand

Die digitale Transformation ist eine globale Herausforderung für Unternehmen jeder Größe. Im Gegensatz zu großen Konzernen fehlt es kleinen und mittelständischen Unternehmen aber oft an Fachpersonal und finanziellen Ressourcen, um Transformationsprozessen und den notwendigen technischen Voraussetzungen ausreichend Aufmerksamkeit zu widmen.

Webinar

Jun 18, 2020: The Future of Privileged Access Management and Reducing Risk for Modern Digital Enterprises

While Privileged Access Management (PAM) must still fulfill its core function of protecting privileged accounts, the next generation of PAM solutions can do so much more for your organization. As organizations embrace cloud, hybrid-IT, DevOps, remote working, digital workplaces, RPA and other transformational technologies the role of PAM has changed to secure these trends at zero point. Privileged accounts are no longer the domain of administrators or super users but for users right across the organization – including non-human entities such as applications and machines.

Webcast

Five Golden Rules For Efficient Virtual Collaboration

Beyond security and technology: Matthias Reinwarth leverages the experiences of KuppingerCole Analysts in doing advisory via electronic collaboration platforms and shares 5+1 golden rules for jumpstarting efficient cooperation.

Webcast

Beating Fraudsters at Their Own Game With Fraud Reduction Intelligence Platforms

Fraud continues to be a major challenge for many organizations today. Industries such as finance, banks, payments, insurance, gaming, telecommunications, health care, etc. are dealing with increasing amounts of fraud and escalating sophistication of attacks. Account Takeovers (ATOs), synthetic fraud, and bots are a pervasive problem and continue to drain revenue from many businesses.

Blog

Why BCM/BCRM and Cybersecurity Must Converge

Webcast

Why BCM/BCRM and Cybersecurity Must Converge

Press Release

KuppingerCole Brings Experts in Identity Management to Screens Around the World

Wiesbaden, May 12, 2020 – With the coronavirus putting plans for big events temporarily on ice, KuppingerCole will deliver the European Identity & Cloud Conference 2020 as a series of virtual events. The series kicks off on May 12 with a six-hour online event focusing on Identity Fabrics & the Future of Identity Management.

Whitepaper

Whitepaper: IAM: Globalization & Large-Scale Enterprise - 80130

Identity and Access Management (IAM) has never been more important or challenging in the face of a rapidly changing business, regulatory and IT environment. This is especially true for multinational companies that must comply with an ever-increasing number of security and privacy regulations. Service Layers delivers a managed IAM service using a scalable, customizable, component-based platform with a service-oriented architecture to support multi-instance deployments to meet the key IAM challenges facing global enterprises.

Leadership Compass

Leadership Compass: Privileged Access Management - 80088

Privileged Access Management (PAM) is one of the most important areas of risk management and security in any organization. Privileged accounts have traditionally been given to administrators to access critical data and applications. But, changing business practices, hybrid IT, cloud and other aspects of digital transformation has meant that users of privileged accounts have become more numerous and widespread. To reduce the risk of privileged accounts being hijacked or fraudulently used, and to uphold stringent regulatory compliance within an organization, a strong PAM solution is essential.

Webinar

Jun 25, 2020: Minimizing Security Impacts of a Growing Remote Workforce

Many organisations are implementing remote working policies and need to quickly support an unprecedented increase in the number of remote employees.

Blog

Converging IAM Solutions AND Reducing Complexity

IAM is no green field approach, but needs to evolve over time. Matthias Reinwarth explains how the Identity Fabrics paradigm can be deployed to move towards a more modern and capable IAM architecture while increasing efficiency.

Webinar

Jun 17, 2020: Gain a Unified Business View With Enterprise Identity Management

Identity Governance and Administration (IGA) is continuing to evolve through more integrated Identity and Access Governance solutions. IGA products are often required to give deep integrations with other enterprise products and applications to deliver the expected business value, as well as a need for having one interface for IGA across the range of applications and services.

Webcast

Converging IAM Solutions AND Reducing Complexity

IAM is no green field approach, but needs to evolve over time. Matthias Reinwarth explains how the Identity Fabrics paradigm can be deployed to move towards a more modern and capable IAM architecture while increasing efficiency.

Blog

KuppingerCole Analyst Chat: Incident Response Management

Christopher Schütze and Matthias Reinwarth explain the importance of having an incident response plan.

Webcast

KuppingerCole Analyst Chat: Incident Response Management

Christopher Schütze and Matthias Reinwarth explain the importance of having an incident response plan.

Blog

KuppingerCole Analyst Chat: How to Ensure Your Video Conference’s Security

Matthias Reinwarth and Martin Kuppinger discuss the measures necessary for securing your favorite online communication platform.

Webcast

KuppingerCole Analyst Chat: How to Ensure Your Video Conference’s Security

Matthias Reinwarth and Martin Kuppinger discuss the measures necessary for securing your favorite online communication platform.

Webcast

Digital Identities & Healthcare IAM: Balancing Efficiency in Clinical Workflows and the Need for Security & Privacy

IAM infrastructure is becoming increasingly critical to the business success of healthcare providers. This is driven in the first instance by digitization and connectivity of everything and the inevitable efforts of cyber-criminals to compromise the newly connected assets. At the same time, and especially in sectors like healthcare, whose business is based on the collection and use of lots of valuable consumer data, the public and governments are demanding more accountability for safeguarding and appropriate use of personal information.

Virtual Event

Jul 07, 2020: Privileged Access Management (PAM) for Your Enterprise

In this virtual event, KuppingerCole and other top experts in the industry will present crucial information on why companies need PAM and how PAM works best to prevent security breaches and credential thefts through defining and implementing the right strategy.

Blog

Creating an Innovative Identity Fabric Structure

To maintain competitive advantage, digital transformation is no longer a choice – it’s an imperative. The rapid shift to the cloud and as-a-service models has enabled organizations to offer more digital services and applications across a wider range of devices for their workforce and customers. In this increasingly connected world, managing digital identities and access in a secure and adaptable way is critical and needs to play an important role in your business strategy. Implementing identity services piecemeal every time you roll out a new digital service is expensive, slow,...

Blog

IBM Cloud Satellite Announcements

The idea behind cloud computing used to be simple – let the cloud service provider provide and manage the IT services and infrastructure while you get on with your business. However, reality got in the way and cloud computing has become yet another dimension in the complex web of IT service delivery. It is against this backdrop that the announcement of IBM Cloud Satellite at this year’s THINK conference needs to be judged. Public Cloud meets the real world The public cloud provides great flexibility for developers - allowing them to obtain the computing resources they need...

Blog

AI Governance: What to Consider

Webinar

Aug 04, 2020: Four Key Components Critical to the Future of Privileged Access Management

Privileged Access Management (PAM) has assumed a critical role in protecting the most valuable data and services within organizations from theft, loss, and unauthorized access. But as companies and other organizations have become more complex and embrace digital transformation, PAM is also taking on a core operational function to achieve better insight into data usage and contribute to agile working processes.

Webcast

AI Governance: What to Consider

Blog

The 5 Golden Rules of E-Payment

Anne Bailey gives you a list of golden rules to ensure security and compliance of electronic payments.

Webinar

Jun 23, 2020: Agile GRC: Adapting to the Pace of Change in the Digital Era

In the digital era, the rapid rate of change in business, IT and regulatory environments is continually accelerating, making it extremely challenging for organizations to keep pace in terms of their governance, risk and compliance (GRC) capability without the right mindset and tools.

Webinar

May 28, 2020: Redefining IAM: Harnessing AI to Identify Risk at the Speed of Change

In an increasingly complex and rapidly changing business, IT and regulatory environment, traditional approaches to identity governance must evolve to keep up with the rate of change. Given the dynamic nature of today’s business, managing entitlements and conducting access reviews have become particularly challenging, for example.

Webcast

The 5 Golden Rules of E-Payment

Anne Bailey gives you a list of golden rules to ensure security and compliance of electronic payments.

Blog

Microservices in Identity and Access Management

Webcast

Microservices in Identity and Access Management

Blog

KuppingerCole Analyst Chat: Making IAM Projects Succeed - The Importance of Project Management

Matthias Reinwarth and Graham Williamson are talking about managing IAM projects properly.

Webcast

KuppingerCole Analyst Chat: Making IAM Projects Succeed - The Importance of Project Management

Matthias Reinwarth and Graham Williamson are talking about managing IAM projects properly.

Leadership Compass

Leadership Compass: Identity Governance & Administration (IGA) - 80063

The Identity Governance and Administration (IGA) market is continuing to evolve through more integrated Identity Provisioning and Access Governance solutions that are now increasingly aided by intelligent features. This Leadership Compass will give an overview and insights into the IGA market, providing you a compass to help you find the products that can meet the criteria necessary for successful IGA deployments.

Executive View

Executive View: SailPoint Predictive Identity - 80124

SailPoint Predictive Identity is a SaaS platform that adds AI-based capabilities to IGA. These include analysis of access risks, recommendations for approving or revoking entitlements during access review, and automated optimization of access models, amongst others. The solution provides significant improvements in user experience of IGA, compared to traditional IGA approaches, while also delivering “explainable AI”, informing about why certain recommendations are given.

Blog

KuppingerCole Analyst Chat: The Dark Side of the API Economy

Matthias Reinwarth and Alexei Balaganski discuss the challenges of explosive API growth without proper security controls in place.

Webcast

Access all Apps with Azure AD: A Single Identity Solution for Secure Access

Most businesses already rely on Azure Active Directory for secure, seamless access to Microsoft services like Office 365 and Azure. But with more applications being used than ever before, organizations are asking themselves what bigger role Azure Active Directory can play in securing their entire application ecosystem. Today, secure application access is a key challenge organizations face when implementing a Zero Trust strategy. Applications can live anywhere – in the cloud, on-premises, as a service, or on a mobile device – and are used from anywhere, at any time by...

Webcast

KuppingerCole Analyst Chat: The Dark Side of the API Economy

Matthias Reinwarth and Alexei Balaganski discuss the challenges of explosive API growth without proper security controls in place.

Blog

Why IAM From the Cloud is the New Normal

Martin Kuppinger explains the benefits of Identity and Access Management delivered from the cloud.

Webcast

Why IAM From the Cloud is the New Normal

Martin Kuppinger explains the benefits of Identity and Access Management delivered from the cloud.

Webcast

The Security & Identity Challenges of Modern IT: Agile IT & DevOps Done Right & Secure

Security and identity must evolve in order to support today’s IT. While traditional IT appears being rather simple to secure, current security risks necessitate a greater degree of agility: shifting to DevOps paradigms, implementing a CI/CD chain, running services in hybrid cloud environments (or wherever else). This requires a security angle on DevOps, which you might name DevSecOps. Such an approach includes security and identity as a service, which has been referred to in the past as Application Security Infrastructures. It requires adequate protection of both the DevOps tools...

Blog

Security Should Not Become a "Business Disabler"

Webcast

Security Should Not Become a "Business Disabler"

Blog

KuppingerCole Analyst Chat: Making IAM Projects Succeed - Why You Need a Solution Architecture

Matthias Reinwarth and Graham Williamson are talking about designing an IAM project architecture.

Webcast

KuppingerCole Analyst Chat: Making IAM Projects Succeed - Why You Need a Solution Architecture

Matthias Reinwarth and Graham Williamson are talking about designing an IAM project architecture.

Blog

CoronaApp: Time to Act Now, Not to Talk

Kuppingercole's Principal Analyst Martin Kuppinger gives his opinion on problems and arguments surrounding various apps for tracking the spread of the virus. And privacy is not the biggest challenge here... You can watch his speech in English or in German below.

Blog

KuppingerCole Analyst Chat: Fraud Reduction Intelligence Platforms

Matthias Reinwarth and John Tolbert explain the meaning behind the term and talk about various factors that help identify fraudulent transactions in different industries.

Webcast

CoronaApp: Time to Act Now, Not to Talk

Kuppingercole's Principal Analyst Martin Kuppinger gives his opinion on problems and arguments surrounding various apps for tracking the spread of the virus. And privacy is not the biggest challenge here...

Webcast

KuppingerCole Analyst Chat: Fraud Reduction Intelligence Platforms

Matthias Reinwarth and John Tolbert explain the meaning behind the term and talk about various factors that help identify fraudulent transactions in different industries.

Webcast

Managing a Crisis: Prepare for Weathering the Next Storm to Come

While the Covid-19 crisis is still in full effect, many businesses have mastered the first phase of disruption. Now, the time starts to plan for the future, at many levels – financials, business models, product strategies, and more. One of these topics must be Business Continuity & Resilience Management (BCRM), for being better prepared for weathering the next storm to come. And that will come, be it the next peak of Covid-19, be it a major natural disaster hitting your business, be it – and that is the one with the highest probability – a severe cyberattack. And...

Executive View

Executive View: IBM Watson - 80232

IBM Watson is a computing platform that aims to meet the AI needs of any organization – those that wish to develop projects themselves, or those who wish to gain standard capabilities quickly. The comprehensive attention to data management, analytics, model training, deployment, and lifecycle management make the portfolio of IBM Watson products a strong choice for enterprises.

Webinar

Sep 02, 2020: Remote Workforce: How to Protect Yourself From Emerging Threats?

The outbreak of the COVID-19 pandemic has served as a catalyst for digitization in many companies and led to an increase in remote work and adoption of the bring your own device (BYOD) policy. Every device and digital service that employees use is a potential gateway into company networks and thus poses a security risk. The risks are magnified even more when privileged accounts enter the equation because they enable access to critical data. Given the immediacy and speed with which companies had to shift from office to remote work, security concerns were often neglected leading to an...

Leadership Brief

Leadership Brief: Mitigating Availability & Security Risks in Centralized Digital Workplace Delivery - 80223

Centralizing delivery of digital workplaces can bring cost, efficiency and productivity rewards but security and risk management must be baked in if availability is not compromised by cyber attacks or unexpected disruption.

Blog

Cybersecurity of Tomorrow: Delivered Entirely From the Cloud

As businesses embrace the Digital Transformation and become increasingly cloud-native, mobile and interconnected, the corporate network perimeter is gradually disappearing, exposing users to malware, ransomware, and other cyber threats. Traditional perimeter security tools no longer provide adequate visibility, threat protection, and scalability, nor can they offer convenience and productivity for users on the go. In a crisis, a cybersecurity strategy is a matter of survival The previous paragraph summarizes what KuppingerCole, along with many other industry experts, has been preaching...

Blog

Sind die BSI Richtlinien für Gesundheitsanwendungen richtig und ausreichend?

Nie war Digital Healthcare so wichtig wie heute, in Zeiten von COVID-19. Das Bundesamt für Sicherheit in der Informationstechnik (BSI) hat eine Richtlinie für sichere Anwendungen im Gesundheitswesen vorgestellt. Richtig und wichtig, auch Security by Design und Privacy by Design für die Vertraulichkeit sensitiver Daten. Nur: Ohne ausreichende Budgets wird es nicht funktionieren.

Virtual Event

Jun 16, 2020: Cloud First - Strategy & Roadmap

This KuppingerCole Virtual Event will help you navigate the tough decisions your company has to make in pursuing a cloud-first strategy and provide answers to complex questions to help identify a clear path ahead and ensure your business gains maximum benefit from a well-planned and carefully considered strategy.

Virtual Event

Jun 02, 2020: Cybersecurity & Enterprise Risk Management

In this Virtual Event, you will learn about current trends and developments in cybersecurity and how to minimize cyber risks in your enterprise.

Webcast

Die Krise bewältigen: So überstehen Sie den nächsten Sturm

Während die Covid-19-Krise noch in vollem Gange ist, haben viele Unternehmen die erste Phase des Umbruchs gemeistert. Jetzt ist es an der Zeit, auf vielen Ebenen – Finanzen, Geschäftsmodelle, Produktstrategien und mehr – für die Zukunft zu planen. Eines dieser Themen muss das Business Continuity & Resilience Management (BCRM) sein, um besser auf den nächsten Sturm vorbereitet zu sein. Und der wird kommen, sei es der nächste Anstieg von Covid-19, sei es eine große Naturkatastrophe, die Ihr Unternehmen trifft, oder sei es – und das...

Webcast

Sind die BSI Richtlinien für Gesundheitsanwendungen richtig und ausreichend?

Blog

Zero Trust Paradigm for the Future of Security

Martin Kuppinger explains the meaning behind the popular buzzword.

Webcast

Zero Trust Paradigm for the Future of Security

Martin Kuppinger explains the meaning behind the popular buzzword.

Executive View

Executive View: Soterion for SAP - 80113

Soterion for SAP is a GRC (Governance, Risk & Compliance) solution targeted at SAP environments and delivering major capabilities in that space. The solution is available as both on premises solution and in an as-a-service model. Soterion has put specific emphasis on delivering a solution for GRC and access control in SAP environments that is easy-to-use, coming with a business-friendly user interface.s

Whitepaper

Whitepaper: Fast Access Management in the Hybrid Cloud for SMBs - 80137

Moving to the cloud sets new challenges for managing access to critical IT environments for small and medium-size businesses (SMBs). These include managing access to multi-cloud services that are used on-demand but discarded when no longer needed, finding a scalable solution without big IT projects and costs, and managing administrative access with limited resources. At the same time, organizations must ensure subcontractors get the right level of privilege for the task at hand but don't walk away with access credentials. SMBs must also protect the company from privileged credential...

Webcast

AI Governance From a Practical Perspective

How can you ensure that your Artificial Intelligence project does not become a liability? An improper implementation, a socially insensitive data label, or negligent data management can easily lead to an auditing nightmare. What are the best practices to safely utilize and govern AI? This webinar highlights key considerations when implementing an AI application, particularly for use in IAM. Learn the key questions to ask when implementing an AI project so that governance and audits do not become an issue later.  Many AI projects falter or fail when they encounter a governance...

Blog

KuppingerCole Analyst Chat: Five Key Topics for Cybersecurity

Matthias Reinwarth and Martin Kuppinger identify the key topics for cybersecurity in the times of crisis. Get a complete overview on Business Resilience Management for free and read the Analyst Advice from Senior Analyst Warwick Ashford!

Webcast

KuppingerCole Analyst Chat: Five Key Topics for Cybersecurity

Matthias Reinwarth and Martin Kuppinger identify the key topics for cybersecurity in the times of crisis. Get a complete overview on Business Resilience Management for free and read the Analyst Advice from Senior Analyst Warwick Ashford!

Blog

KuppingerCole Analyst Chat: Beyond Prevention - the Bigger Picture of Cyber Security

Matthias Reinwarth and Christopher Schütze are taking a look at five different phases of cyber security.

Webinar

May 13, 2020: Beating Fraudsters at Their Own Game With Fraud Reduction Intelligence Platforms

Fraud continues to be a major challenge for many organizations today. Industries such as finance, banks, payments, insurance, gaming, telecommunications, health care, etc. are dealing with increasing amounts of fraud and escalating sophistication of attacks. Account Takeovers (ATOs), synthetic fraud, and bots are a pervasive problem and continue to drain revenue from many businesses.

Webcast

KuppingerCole Analyst Chat: Beyond prevention - The Bigger Picture of Cyber Security

Matthias Reinwarth and Christopher Schütze are taking a look at five different phases of cyber security.

Webcast

A Compass for Choosing the Right Fraud Reduction Intelligence Platform

Companies are turning to Fraud Reduction Intelligence Platforms to reduce account takeover (ATO), synthetic fraud, bots, and other forms of fraud, which continue to be a pervasive and revenue-draining problem across many industries.

Executive View

Executive View: Hitachi ID IAM Suite - 80399

Enterprise IAM suites today need to meet an ever-growing list of IT requirements, which includes process automation, self-service, and identity-related administration and governance capabilities. Hitachi ID offers a well-integrated all-in-one IAM package that can meet these enterprise business requirements.

Executive View

Executive View: Sophos Intercept X - 80227

Sophos Intercept X is an endpoint security solution that is powered by a deep learning neural network, anti-exploit techniques, and anti-ransomware technology to provide advanced detection for all types of threats, especially ransomware, fileless/in-memory malware and malware that exploits unknown vulnerabilities in operating systems and application software.
Sophos Intercept X also offers optional integrated Endpoint Detection and Response response capabilities as well as Managed Threat Response services.

Blog

AI Landscape: More Complicated Than You Might Have Thought

I’m by no means an AI expert. Sure, I’ve been following the topic with much curiosity ever since reading an article about thinking machines back in 1990. Also, having a degree in mathematics sometimes helps to understand certain technicalities behind product labels. Still, I’m neither an AI developer nor a data scientist – I’m just an industry analyst whose primary job is to understand what new technologies and services appear on the market and to explain them to people who know even less than I do… Dispelling Myths When it comes to the recent media...

Blog

What Role Is Artificial Intelligence Playing During the COVID-19 Pandemic?

Novel coronavirus has impacted almost every country in the world. Millions have been infected, while fatalities caused by Covid-19 recently exceeded 100 thousand. Governments, science institutions and private companies are, among other methods, using Artificial Intelligence to find optimal ways of tackling the pandemic. Searching for the cure Using AI for finding novel drugs is not new. For several years now, large pharmaceutical companies have been collaborating with start-ups and established vendors for faster and optimal search for the desired medicine. AI has even been used to find...

Blog

Why Adaptive Authentication is the Future

Martin Kuppinger explains adaptive authentication.

Blog

COVID-19 Contact Tracing: Privacy Is not the only Challenge

In the UK there are plans to use a mobile ‘phone app to trace people who have been in contact with someone who has COVID-19 to warn them to go into quarantine in order to slow the spread of the virus. This approach is reported to have been successful in other countries, but it has raised concerns over individual privacy and how the government might use the data. However, while data analytics and other techniques can help with the pandemic privacy is not the only challenge. Quarantine Works Plagues are not new, and history has taught us that the most effective response to a plague is...

Webcast

Why Adaptive Authentication is the Future

Martin Kuppinger explains adaptive authentication.

Whitepaper

Whitepaper: Enhanced Privilege Access Management Solutions - 80176

Privileged Access Management (PAM) is one of the most important areas of risk management and security in any organization. Changing business practices, agile software development and digital transformation has meant that PAM solutions need an enhanced set of features to reduce the risk of privileged accounts being hijacked in this more challenging operating environment.

Blog

KuppingerCole Analyst Chat: Setting Your Cybersecurity Priorities Right

Matthias Reinwarth and Martin Kuppinger explain what you could be doing wrong with regards to cybersecurity priorities.

Webcast

KuppingerCole Analyst Chat: Setting Your Cybersecurity Priorities Right

Matthias Reinwarth and Martin Kuppinger explain what you could be doing wrong with regards to cybersecurity priorities.

Blog

KuppingerCole Analyst Chat: Protecting Your Organization Against Ransomware

Matthias Reinwarth and Alexei Balaganski discuss the history of ransomware and the measures needed to protect yourself against it.

Executive View

Executive View: Indeed Certificate Manager - 80178

Indeed Certificate Manager is a platform for centralized management of enterprise public key infrastructures. Its modular, hardware-agnostic architecture and innovative remote management capabilities help reduce management costs, improve productivity, and strengthen your company’s overall security and compliance posture.

Leadership Brief

Leadership Brief: Managing Non-Human Identities - 80278

As digital transformation gains momentum, new types of digital identity are emerging and growing rapidly. Identity management has traditionally focused on human identities, but non-human identities are proliferating and must not be overlooked. This Leadership Brief looks the importance of managing non-human and human identities in the same way, and how to approach achieving that.

Webinar

Apr 22, 2020: Die Krise bewältigen: So überstehen Sie den nächsten Sturm

Während die Covid-19-Krise noch in vollem Gange ist, haben viele Unternehmen die erste Phase des Umbruchs gemeistert. Jetzt ist es an der Zeit, auf vielen Ebenen – Finanzen, Geschäftsmodelle, Produktstrategien und mehr – für die Zukunft zu planen.

Webinar

Apr 23, 2020: Managing a Crisis: Prepare for Weathering the Next Storm to Come

While the Covid-19 crisis is still in full effect, many businesses have mastered the first phase of disruption. Now, the time starts to plan for the future, at many levels – financials, business models, product strategies, and more.

Hybrid Event

Sep 13 - 16, 2021: European Identity and Cloud Conference 2021

The European Identity & Cloud Conference returns fully digitalized, reacting to the global pandemic. We have collected a lot of experience in virtual conferencing throughout 2020 to be able to offer you a safe and hygienic event experience – on-site, virtual, and hybrid.

Blog

IAM Projects Stalling – Too Tools-Centric

Martin Kuppinger explains the reasons why so many Identity and Access Management projects can stall or even fail.

Webcast

IAM Projects Stalling – Too Tools-centric

Martin Kuppinger explains the reasons why so many Identity and Access Management projects can stall or even fail.

Press Release

KuppingerCole Cancels EIC 2020 Due to Ongoing Coronavirus Pandemic

Wiesbaden, April 7, 2020 – KuppingerCole Analysts AG officially cancels EIC 2020 due to the ongoing coronavirus pandemic. "Although we couldn’t wait to host you, the safety and health of our speakers, partners, participants, and team is too precious to risk," say Board Member Joerg Resch. "We take the guidance of our public health authorities – global and local – to heart, and have made our decision based on their recommendations."

Advisory Note

Advisory Note: Emerging Technologies Fostering Digital Business Innovation: Utilities & Energy - 80265

The energy and utilities sector will need to adapt to new industry trends of digitalization, decentralization, and the advent of a new type of consumer: the prosumer. Smart grids are a more efficient offering for energy management, and new business models beyond the prosumer will require the partnership of different actors in the industry. Emerging technologies like artificial intelligence (AI), blockchain, and IoT have can contribute to achieving these goals, but they are most impactful as supportive technologies that enable a deeper company transformation.

Blog

PEPP-PT: Bridging the Gap Between COVID-19 Pandemic Control and Privacy by Design

The use of modern information technology, in particular mobile data, is seen as a central measure in containing the current pandemic. However, the Corona App, which is used in South Korea to track the chains of infection, uses a variety of data (GPS, surveillance cameras, credit card data) to track the movements of potentially infected people, and does so in complete disregard of the privacy of those affected. Access to personal mobility data, combined with information on actual infections and diseases, holds the promise of providing better insight into the pathways of infection and the...

Blog

KuppingerCole Analyst Chat: Cybersecurity in the Enterprises in the Age of WFH

Matthias Reinwarth and Martin Kuppinger are discussing the security challenges enterprises are now facing with the majority of employees working from home.

Webcast

KuppingerCole Analyst Chat: Cybersecurity in the Enterprises in the Age of WFH

Matthias Reinwarth and Martin Kuppinger are discussing the security challenges enterprises are now facing with the majority of employees working from home.

Blog

Cybersecurity Awareness Training: Die wichtigsten Punkte in fünf Minuten

Martin Kuppinger spricht über die wichtigsten Aspekte von Cybersecurity, die man als Nutzer beachten sollte.

Leadership Brief

Leadership Brief: The Information Protection Life Cycle and Framework: Control Access - 80372

The modern economy is driven by information. Digital Transformation is made possible by information. But most forms of information must be protected to create and maintain value. The Information Protection Life Cycle and Framework provides concepts to organize the discovery, protection, and disposition of information objects. This article is the third in the series introducing the Information Protection Life Cycle and Framework.

Executive View

Executive View: Vectra Cognito - 80230

Vectra Cognito is a Network Detection and Response (NDR) platform supported by threat research and Artificial Intelligence (AI) in the form machine learning (ML) and Deep Learning for analyzing enterprise network traffic on premise and in the cloud to detect and respond to malicious activity by adversaries, with threat investigation and threat hunting capability.

Executive View

Executive View: R&S®Trusted Gate von Rohde & Schwarz Cybersecurity - 80400de

Transparente, datenzentrische Sicherheit in nicht vertrauenswürdigen Infrastrukturen. Zuverlässige Kontrolle und Überwachung von sensiblen Informationen, die in öffentlichen Clouds und Kollaborationswerkzeugen (z.B. Microsoft Office 365, SharePoint, Teams) gespeichert sind. Virtualisierung, Verschlüsselung und Aufteilung von Daten, um eine sichere und bequeme Zusammenarbeit für Multi-Cloud-, firmeninterne und hybride Speicherumgebungen und echte Datensouveränität zu ermöglichen. 

Webcast

Cybersecurity Awareness Training: Die wichtigsten Punkte in fünf Minuten

Martin Kuppinger spricht über die wichtigsten Aspekte von Cybersecurity, die man als Nutzer beachten sollte.

Blog

IAM Projects Stalling – Too Big to Win

Martin Kuppinger explains the reasons why so many Identity and Access Management projects can stall or even fail.

Blog

Working Securely at Home During the Pandemic

As more people are working from home than ever before, there is an increasing demand for communication services. But security needs to be a key consideration as businesses adapt to a new way of working, as my colleagues John Tolbert, Matthias Reinwarth, and Alexei Balaganski have pointed out in their recommendations on responding to the Covid19 pandemic. The move to cloud is obvious For many organizations, meeting the challenges presented by the pandemic means making a quick move to the cloud, but as Matthias points out, this must be managed properly with security in mind. AWS, which...

Webcast

IAM Projects Stalling – Too Big to Win

Martin Kuppinger explains the reasons why so many Identity and Access Management projects can stall or even fail.

Blog

KuppingerCole Analyst Chat: How to Protect Data in a Hostile World

Matthias Reinwarth and John Tolbert are talking about the challenges of data protection in modern times.

Webcast

KuppingerCole Analyst Chat: How to Protect Data in a Hostile World

In the first official episode of the KuppingerCole Analyst Chat podcast, Matthias Reinwarth and John Tolbert are talking about the challenges of data protection in modern times.

Blog

Was die IT in der Krise NICHT machen sollte

Martin Kuppinger spricht über die Dinge, die IT-Teams in der Krise in jedem Fall vermeiden sollten.

Leadership Brief

Leadership Brief: The Information Protection Life Cycle and Framework: Acquire and Assess - 80371

The modern economy is driven by information. Digital Transformation is made possible by information. But most forms of information must be protected to create and maintain value. The Information Protection Life Cycle and Framework provides concepts to organize the discovery, protection, and disposition of information objects. This article is the second in the series introducing the Information Protection Life Cycle and Framework.

Webcast

Was die IT in der Krise NICHT machen sollte

Martin Kuppinger spricht über die Dinge, die IT in jedem Fall in der Corona-Krise vermeiden sollte.

Blog

Top 5 Work from Home Cybersecurity Recommendations for Enterprises

Today, Lead Analyst John Tolbert gives his five work from home cybersecurity recommendations for enterprises.

Webcast

Data Sovereignty in Public Clouds

Just a few years ago, IT infrastructures resembled medieval fortresses: Firewalls, intrusion prevention systems and anti-virus programs were supposed to ward off attacks even before the attacker  could enter.

Webcast

Top 5 Work from Home Cybersecurity Recommendations for Enterprises

John Tolbert is talking about the current situation with regards the pandemic crisis and the cybersecurity-related things to consider for enterprises.

Blog

Die fünf wichtigsten Cybersecurity Maßnahmen für Unternehmen in Zeiten des Home Office

Martin Kuppinger spricht in seinem Video über die wichtigsten Cybersecurity-Maßnahmen für Unternehmen während der Corona-Pandemie.

Executive View

Executive View: IRM-Prot-On - 71313

Sharing enterprise information is both a security risk and a necessity of the modern enterprise. IRM-Prot-On of Groupo CMC is a strong provider of enterprise information protection services. The solution enables document and file protection, permissions management, and information classification.

Executive View

Executive View: Micro Focus Access Manager - 80311

The Micro Focus Access Manager counts amongst the established and mature solutions for Web Access Management and Identity Federation. Micro Focus is continuously improving the product, leveraging new technology and remaining responsive to client requirements for an agile and comprehensive solution to their access control requirements. Micro Focus Access Manager is a solution well-suited for supporting web services authentication requirements, federated authentication environments, and agile deployment scenarios.

Executive View

Executive View: R&S®Trusted Gate by Rohde & Schwarz Cybersecurity - 80400

Transparent, data-centric security for untrusted infrastructures. Reliable control and monitoring of sensitive information stored in public clouds and collaboration tools (e.g. Microsoft Office 365, SharePoint, Teams). Virtualization, encryption and fragmentation of data enabling secure and convenient collaboration for multi cloud, on-premises and hybrid storage environments and true data sovereignty.

Executive View

Executive View: CyberArk Privilege Cloud - 80122

Privileged Access Management (PAM) has evolved into a set of technologies that addresses some of the most urgent areas of cybersecurity today against a backdrop of digital transformation and industrial change. CyberArk Privilege Cloud is an as-a-service solution designed to protect and control privileged access across on-premises, cloud and hybrid infrastructures. It is part of a suite of solutions and technologies from one of the leaders in PAM.

Blog

Ransomware During the Pandemic Crisis

It is really astonishing how quickly the word “pandemic” has evolved from a subject of obscure computer games to the center of everyone’s daily conversations… However, when discussing the latest news about the coronavirus outbreak, one should not forget another pandemic that’s been causing massive damages to businesses, governments, and individuals around the world for several years already. Since its initial emergence in Eastern Europe about a decade ago, it has quickly evolved into one of the largest global cyberthreats, crippling hospitals and entire...

Webcast

Die fünf wichtigsten Cybersecurity Maßnahmen für Unternehmen in Zeiten des Home Office

Martin Kuppinger spricht über die wichtigsten Cybersecurity-Maßnahmen für Unternehmen während der Corona-Pandemie.

 

Blog

KuppingerCole Analyst Chat - Our New Regular Podcast

Today we're officially launching KuppingerCole Analyst Chat - our new soon-to-be-regular audio podcast. In the pilot episode Martin Kuppinger and I are discussing Identity & Access Management challenges so many are facing now while having to work from home. At the moment, you can subscribe to our podcast on Spotify or watch new episodes on our YouTube channel. Other platforms will follow soon. Stay tuned for more regular content from KuppingerCole analyst team!

Virtual Event

May 12, 2020: Identity Fabrics & the Future of Identity Management

With this Virtual Event, KuppingerCole will help you in defining a step-by-step approach to migrate from your legacy IAM to a future-proof Identity Fabric.

Webinar

Apr 29, 2020: Access all Apps with Azure AD: A Single Identity Solution for Secure Access

Most businesses already rely on Azure Active Directory for secure, seamless access to Microsoft services like Office 365 and Azure. But with more applications being used than ever before, organizations are asking themselves what bigger role Azure Active Directory can play in securing their entire application ecosystem.

Webinar

Jul 09, 2020: Working From Home Is Not Secure Without an Effective IAM

The past few months have not only been disruptive to business models, but also to the way many people work. Working from Home (WfH) is the new normal for many of us, but it comes with many challenges, for workers, for their managers, for the IT teams. One of the biggest challenges is finding the right balance between enabling WfH and security.

Webcast

Identity & Access Management Challenges - Work From Home Edition

Welcome to the pilot issue of the KuppingerCole Analyst Chat - our soon-to-be-regular podcast. Stay tuned for more episodes!

Leadership Brief

Leadership Brief: Typical Risks and Pitfalls for IGA Projects - 72580

As the number and types of digital identities proliferate in the digital era and the number of data protection regulations around the world continues to grow, the need for an effective Identity Governance & Administration (IGA) capability has never been greater. This leadership brief outlines common risks and pitfalls of enterprise IGA projects and how they can be avoided.

Whitepaper

Whitepaper: AI, Machine learning and Privileged Access Management - 80120

Choosing a PAM solution has become a complex, and potentially time consuming, decision for modern organizations but one they must get right. If trends such as customer identities or privileged accounts used by DevOps are to be managed securely, then the final purchasing decision rests on carefully selecting solutions with the right feature sets. New technologies such as machine learning and AI are now being added to PAM solutions.

Executive View

Executive View: iWelcome IDaaS and CIAM - 80328

iWelcome provides a mature Identity-as-a-Service platform with extensive support for B2C (Customer Identity & Access Management – CIAM) and B2B use cases with interfaces for end-users as well as app developers. As an EU-based company, iWelcome strives to fulfill regional requirements such as interoperability with various national IDs and GDPR compliance, and as such provides unparalleled consent management features. Although iWelcome provides a horizontal solution, it has a strong customer base in regulated industries.

Leadership Brief

Leadership Brief: Introduction to the Information Protection Life Cycle and Framework - 80370

Leadership Compass

Leadership Compass: Fraud Reduction Intelligence Platforms - 80127

This report provides an overview of the market for Fraud Reduction Intelligence Platforms and provides you with a compass to help you to find the solution that best meets your needs. We examine the market segment, vendor service functionality, relative market share, and innovative approaches to providing Fraud Reduction Intelligence Platform solutions.

Blog

AI and Healthcare

AI's role in reducing the impact of future pandemics As the coronavirus spreads fear and panic across the world, it’s perhaps timely to take a step back and consider the future of healthcare and how AI will help. But first let’s consider that the coverage and spread of the virus shows us precisely just why reliable data is needed to help us cope with new diseases. At time of writing, most official advice on coronavirus is not based on hard data led evidence on how the virus spreads, the best way to contain it, who is most vulnerable, what is the incubation period and so on....

Webinar

Apr 21, 2020: AI Governance From a Practical Perspective

How can you ensure that your Artificial Intelligence project does not become a liability? An improper implementation, a socially insensitive data label, or negligent data management can easily lead to an auditing nightmare. What are the best practices to safely utilize and govern AI?

Blog

Top 5 Work from Home Cybersecurity Recommendations for Enterprises

As the business world moves to rapidly enable work-from-home (WFH), enterprise IT teams need to shift resources and priorities to ensure that remote workers are protected. Already we see malicious actors adapting and targeting remote workers more. My colleague Alexei Balaganski published a list of recommendations for small businesses. The Situation CheckPoint reports 4,000 domains related to coronavirus have been registered since January 2020, of which 3% are malicious and 5% are suspicious. Phishing attacks are increasing, which aim to capture remote workers credentials. VPNs are...

Leadership Brief

Leadership Brief: Beyond Marketing: The Future of Customer Interaction - 80292

Customer interaction is much more than marketing—it comprises all touchpoints during the customer journey. And the borders are becoming more and more blurry as many areas, such as marketing, sales, service, support, and consultancy are part of customer experience (CX). Furthermore, technological aspects shape the future of customer interaction: artificial intelligence and the Internet of Things (IoT) are among the most important technological trends in the changing field of customer interaction.

Webinar

Apr 16, 2020: A Compass for Choosing the Right Fraud Reduction Intelligence Platform

Companies are turning to Fraud Reduction Intelligence Platforms to reduce account takeover (ATO), synthetic fraud, bots, and other forms of fraud, which continue to be a pervasive and revenue-draining problem across many industries.

Blog

5G and Identity

5G Identity and Authentication 5G is the next generation of cellular mobile communications intended to support the massive increase in capacity and connectivity that will be required for the future cloud of things and to provide the enhanced bandwidth needed for new mobile data services.  The security of both depend upon being to identify not only the people but also the things that are using the network services.  Organizations need to act now to take account of how 5G will impact on their identity and access management governance and processes. 5G identifiers First it is...

Buyer's Compass

Buyer's Compass: API Management and Security - 80215

The complexity and breadth of the challenges to discover, monitor and secure all APIs within your enterprise can be daunting. This KuppingerCole Buyer’s Compass will provide you with questions to ask vendors, criteria to select your vendor, and requirements for implementing consistent governance and security along the whole API lifecycle.

Blog

The DON’Ts of IT in the Times of Crisis

Truly we are living in interesting times (incidentally, this expression, commonly known as “the Chinese curse”, has nothing to do with China). Just a couple of weeks ago the world was watching China fighting the coronavirus outbreak as something that surely can never happen in other countries. Today Europe and the United States are facing the same crisis and we’re quickly coming to the realization that neither memes nor thoughts and prayers are going to help: many countries have already introduced substantial quarantine measures to limit social interactions and...

Blog

Home Office in the Times of Pandemic – a Blessing or a Curse?

One of the most interesting office work developments of the last 20-30 years, the home office has radically gained new relevance amid the developing coronavirus pandemic. With the goal of limiting the spread of the virus, many companies and employees must suddenly resort to the option of working entirely from home. This is not only self-evident but also urgently necessary and will support many companies in their continued existence at the same time. Home office as an immediate pandemic quarantine measure The advantages are clear: social contacts in real life will be reduced to a...

Blog

Malicious Actors Exploiting Coronavirus Fears

Security researchers are discovering a number of malicious attacks designed to exploit public fears around COVID-19, more commonly just called coronavirus. The attacks to date take two major forms: a map which looks legitimate but downloads #malware, and various document attachments that purport to provide health and safety information related to COVID-19. The coronavirus heat map may look legitimate, in that it takes information from Johns Hopkins University’s page, which is itself clean. However, nefarious actors have created a package for sale on the dark web called...

Virtual Academy KC Master Class

Apr 07, 2020: Business Resilience Management in a Pandemic Crisis 

Attend this KC Master Class to learn what actions you can take immediately to handle the current pandemic crisis. In a second stage, an in-depth course will help you bolster your business resilience in the future. In order to react to the current pandemic developments, this KC Master Class is conceptualized particularly flexible to fit your needs and time constraints.

Blog

Modernizing IAM Solutions Leveraging New Operating Models With the KuppingerCole Identity Fabric

Executive View

Executive View: Exabeam Security Management Platform - 80001

Exabeam is a highly modular platform for collecting, storing, managing and correlating security events across multiple IT systems, both on-premises and in the cloud, with integrated orchestration and automation capabilities to improve analysts’ productivity. It can augment an existing SIEM or completely replace it.

Webcast

Modernizing IAM solutions leveraging new operating models with the KuppingerCole Identity Fabric

Learn more about Legacy IAM and how to modernize IAM solutions leveraging new operating models with the KuppingerCole Identity Fabric.

Webcast

The Perils of Today’s Approach on Access Governance: Start Protecting Data at Source

Protecting sensitive, valuable data is a must for every organization. Ever-increasing cyber-attacks and ever-tightening regulations mandate businesses to take action. Unfortunately, the common approaches of IGA (Identity Governance and Administration) that focus on managing static entitlements for systems and applications fall short in really securing the data at risk. They fail in managing data in motion. They are static. They don’t manage the usage of data well. Not to speak of all the challenges in role management projects and around regular access reviews.

Executive View

Executive View: Atos DirX Identity - 80166

Atos DirX Identity is a mature offering for IGA (Identity Governance and Administration), delivering both leading-edge Identity Provisioning capabilities and a strong risk-based Access Governance feature set. Atos has made significant improvements when it comes to the ease and flexibility of customization and added a modern, responsive user interface together with RESTful interfaces.

Webinar

May 26, 2020: Protect, Detect, Respond, Mitigate: A Modern Security Paradigm for Modern Enterprises

The Antivirus has been proclaimed dead years ago – you’ve probably heard those stories many times. But did you realize that the EDR (Endpoint Detection and Response), which was once supposed to address all its shortcomings, isn’t doing well either? After all, with the sheer number and complexity of modern cyber threats, what’s the point of detecting each one if you have neither time nor qualified manpower to analyze and mitigate them before they turn into major disruptions?

Blog

High Assurance MFA Options for Mobile Devices

In recent years much of the focus in the authentication space has been on MFA, mobile devices, and biometrics. Many technical advances have been made which also serve to increase usability and improve consumer experiences. There are a few reasons for this. MFA Multi-factor authentication is the number 1 method to reduce ATO (account takeover) fraud and prevent data breaches. We all know password authentication is weak and the easiest way in for malicious actors. MFA has been mandated by security policy in many organizations and government agencies for years. MFA is now also required in...

Webcast

What Does the Future Hold for Passwordless Authentication and Zero Trust?

Enterprises of all types face a growing number of cyber threats today. Studies show that most data breaches begin with compromised passwords. Moreover, password management is expensive and not user-friendly. Enterprise workforce users are driving the consumerization of IT. They want the same kind of flexibility and ease-of-use from the authentication systems at work that they use at home; often, this means using mobile devices.

Leadership Brief

Leadership Brief: What to Consider When Evaluating Decentralized Identity? - 80451

Decentralized identity solutions that meet a range of enterprise use cases are on the market. Being a discerning consumer means knowing the right questions to ask. This Leadership Brief guides you through the critical aspects of decentralized identity solutions that are relevant to enterprise adoption.

Executive View

Executive View: Informatica CLAIRE Engine - 80391

Intelligent data management allows enterprises to identify, understand, and act upon trends in enterprise data and metadata, and is an essential addition to the digitized organization’s toolkit. Informatica’s CLAIRE is a AI and machine learning engine which powers its intelligent data platform that is built into Informatica’s data management products, and is a strong choice to address the data management needs of today.

Leadership Brief

Leadership Brief: Find Your Route from SIEM to SIP and SOAR - 80008

Security Information and Event Management (SIEM) platforms have been a key part of many enterprises’ cybersecurity infrastructures for over a decade. However, facing the growing number and sophistication of cyber threats, even the largest security operations centers built around them fail to respond to attacks in time. Are SIEMs a thing of the past already? This Leadership Brief provides some insights and recommendations.

Blog

Preparation Is Key: Where Prevention Ends, and Business Continuity and Incident Response Management Begins

Ensuring the availability of processes and services in the event of an incident or a cyber attack is a fundamental part of a company’s cybersecurity approach. Commonly used phrases when it comes to such cybersecurity strategies, are Incident Response Management (IRM) and Business Continuity Management (BCM). Both should be part of a company's cybersecurity strategy, but what is the difference, how are they connected, and at what point in time do they start? Identification and prevention are fundamental Every organization is under attack, and there is the risk of being hit by a major...

Advisory Note

Advisory Note: Business Continuity in the age of Cyber Attacks - 70361

Business continuity and cyber security remain largely in separate siloes. But changes in the IT and cyber threat landscapes mean there is an urgent need for organizations to alter their approach. This leadership brief identifies why there needs to be closer alignment and integration between business continuity and cyber security teams, and provides recommendations on how to achieve this to reduce the business impact of cyber attacks and ensure none is a business killer.

Webcast

Solving Problems in Privileged Access Management with Automation

While businesses race ahead with digital transformation, security and identity management are often being left behind. The complexity of modern organizations of all sizes has undermined the traditional concepts of privileged access management (PAM) and privileged account usage. Help desks and IT security teams are often too busy and understaffed to be able to give PAM the attention it deserves.

Leadership Brief

Leadership Brief: 10 Top Trends in IAM - 80335

Digital identities are at the core of Digital Transformation, Information Security and Privacy. It has never been more important for enterprises to ensure they have the capability to manage identities effectively in a rapidly changing business, regulatory and IT environment. This Leadership Brief looks at the main trends to help businesses evolve their Identity and Access Management (IAM) strategies to meet new, emerging and future requirements.

Blog

Compromise of IOTA

Turning a blind eye to security in favor of optimism If you have any take-away from reading KuppingerCole research, hopefully it is that APIs are a critical element to protect. This is true regardless of the industry. Even cryptocurrencies. IOTA, the blockchain-like cryptocurrency and transaction network was compromised in mid-February. The API access to the IOTA crypto wallet via a payment service was targeted and exploited for potentially two to three weeks. Approximately 50 accounts were compromised, leading to the eventual theft of around 2 million Euros. There is a risk in trusting...

Market Compass

Market Compass: Decentralized Identity: Blockchain ID & Self-Sovereign Identity Solutions - 80064

The KuppingerCole Market Compass provides an overview of product or service offerings in a certain market segment.  This Market Compass covers decentralized identity, specifically Blockchain Identity and Self-Sovereign Identity (SSI) solutions. This is a very dynamic space filled with visionary and innovative vendors that are applying decentralized identity to real enterprise use cases. Their development marks the entrance of blockchain technology into mainstream enterprise Identity and Access Management (IAM), and their progress will indicate the future evolution of digital identity.

Blog

5G - How Will This Affect Your Organization?

What is it that connects Covent Garden in London, The Roman Baths in Bath and Los Angeles? The answer is 5G mobile communications used by media organizations. On January 29th I attended the 5G Unleashed event at the IET in London. (The IET is the body that provides professional accreditation for Engineers in the UK). At this event there were several presentations describing real world use cases of 5G as well as deep dives into the supporting infrastructure. While 5G is being sold to consumers as superfast mobile broadband there is a lot more to it than that. It has the potential to impact...

Virtual Academy KC Master Class

Mar 18, 2020: Identity & Access Management (IAM) Essentials

In this KC Master Class you will get a deep understanding of the terms and concepts of Identity and Access Management (IAM). Our analysts will teach common use cases, the various types of technologies that are part of IAM, the interplay of IAM and other areas such as cybersecurity, IT Service Management, but also architecture and the organizational aspects such as policies, processes, and organization.

Leadership Brief

Leadership Brief: Explainable AI - 80362

One of the largest barriers to widespread machine learning (ML) adoption is its lack of explainability. Most ML models are not inherently explainable on a local level, meaning that the model cannot provide any reasoning to support individual decisions. The academic and private sectors are very active in developing solutions to the explainability issue, and this Leadership Brief introduces the main methods that make AI explainable.

Advisory Note

Advisory Note: Trends in Privileged Access Management for the Digital Enterprise - 71273

Privileged Access Management (PAM) is one of the most important areas of risk management and security in any organization. Privileged accounts have traditionally been given to administrators to access critical data and applications. But, changing business practices, agile software development and digital transformation has meant that privileged accounts have become more numerous and widespread. To reduce the risk of privileged accounts being hijacked or fraudulently used, and to uphold stringent regulatory compliance within an organization, an adequate PAM solution is essential.

Executive View

Executive View: Google's Cloud Identity - 80326

Identity as a Service (IDaaS) is fast becoming the new face of Identity and Access Management (IAM) with several vendors now delivering cloud based IAM services to support the growth in cloud-based applications in the enterprise. Google’s Cloud Identity provides access to many popular cloud applications and offers some endpoint management features.

Leadership Brief

Leadership Brief: Cybersecurity Trends & Challenges 2020 - 80502

2019 already has been a challenging year in cybersecurity. There have (again) been many severe cyberattacks and breaches, and there is no hope that this might change in 2020. Cyberattacks will continue to increase in frequency and perhaps severity, and the cyber risks to hyperconnected businesses will continue to grow. With everything and everyone being connected, the attack surface is expanding. This Leadership Brief will discuss the top 5 challenges and the top 5 trends that KuppingerCole sees for 2020, followed by recommendations to deal with those challenges.

Webinar

May 07, 2020: Digital Identities & Healthcare IAM: Balancing Efficiency in Clinical Workflows and the Need for Security & Privacy