News Archive

Blog

The Battle of PAM Clients: 5 Benefits of Thin Clients

Privileged Access Management (PAM) software comes in many forms. Some are heavy with software components (the thick client model) while others are leaner (the thin client model). Since we at SSH.COM are firm believers in the thin client model, I wanted to present five solid reasons why this is the case. 1. No constant cycle of installing, patching and configuring agents Thick clients require that you have to install agents on the client - and usually on the server as well. Moreover, you need to ensure that those agents are always up-to-date, patched and compatible with the operating...

Webcast

KuppingerCole Analyst Chat: The Pros and Cons of Agentless Security

John Tolbert and Matthias Reinwarth discuss benefits and limitations of agentless security solutions.

Buyer's Compass

Buyer’s Compass: Core Features of Privacy and Consent Management Solutions

Building a trust-filled and transparent relationship with end-users depends now more than ever on Privacy and Consent Management solutions. These services accomplish many tasks such as helping organizations collect and manage consent signals provided by end-users, managing cookies and trackers, and providing measurement of an organization’s journey towards privacy compliance. To ensure that the privacy policies and consent choices of your end-users are enforced across the digital advertising ecosystem, a strong Privacy and Consent Management solution is essential.

Executive View

SailPoint Predictive Identity

SailPoint Predictive Identity est une plate-forme SaaS qui ajoute à l’IGA des capacités reposant sur l'IA . Cela concerne notamment l'analyse des risques d'accès, l'examen des droits d'accès avec des recommandations de validation ou de révocation et l'optimisation automatisée des modèles d'accès. Cette solution améliore de manière significative l'expérience utilisateur de l'IGA par rapport aux approches traditionnelles, tout en fournissant également une « IA explicable », qui indique...

Executive View

SailPoint Predictive Identity

SailPoint Predictive Identity ist eine SaaS-Plattform, die IGA um KI-basierte Funktionen erweitert. Dazu gehören unter anderem die Analyse von Zugriffsrisiken, Empfehlungen für die Genehmigung oder den Widerruf von Berechtigungen während der Berechtigungsprüfung und die automatische Optimierung von Zugriffsberechtigungsmodellen. Die Lösung bietet im Vergleich zu traditionellen IGA-Ansätzen erhebliche Verbesserungen der Benutzererfahrung mit IGA und liefert gleichzeitig eine „erklärbare KI“, die darüber informiert, warum bestimmte...

Webinar

Oct 07, 2020: Techniques for Securing Transactions With Identity Verification and Verifiable Claims

Consumer and Workforce identities are under assault. Cybercrime and fraud are pervasive problems that have only escalated during the pandemic. Even as the number of online and mobile transactions increases, businesses, government agencies, and other organizations are actively searching for solutions to help them minimize fraud and other kinds of cybercrime.

Webcast

IAM Essentials: What are Directory Services?

Blog

GCP Trust, Security and Compliance

In their race towards digital transformation, organizations are using cloud services to accelerate the development of new apps and improve efficiency. They allow new applications to be rapidly developed, existing applications to be modernized and deployed without additional capital spend. This provides important business benefits but also increases the challenges for the cloud customer to ensure cyber-security and regulatory compliance. It is in this light that the recent announcements from GCP (Google Cloud Platform) need to be understood. Trust but Verify Initially, cloud service...

Virtual Event

Oct 01, 2020: IGA Solutions for ServiceNow Infrastructures

Executive View

Cygna Auditor Platform

The Cygna Auditor Platform is a unified environment for collecting events from Active Directory, Azure AD, Windows Servers, Microsoft 365, and some other platforms, and providing analytics and alerting on these events. It incorporates the former BeyondTrust Auditor Suite. The Cygna Auditor Platform is a solution targeted on administrators of Microsoft Windows-centric environments, but also supports management of hybrid infrastructures.

Webcast

KuppingerCole Analyst Chat: An Enterprise Risk Management Primer

Christopher Schütze and Matthias Reinwarth discuss Enterprise Risk Management. What is it all about? What large and small companies should be focusing on? What role do IT and cybersecurity play here?

Webinar

Sep 23, 2020: Seamless Connectivity: Why You Need It and How to Get It Right

Businesses are increasingly embracing new technologies to enhance existing processes and enable new business models and revenue streams through Digital Transformation. Service-based business IT, however, is not without challenges, particularly around access governance and control. Digital Transformation is all about enabling everyone and everything to connect seamlessly to new digital services, to facilitate value exchange while still ensuring regulatory compliance, faster product innovation, secure remote working capabilities, and multi-channel consumer access despite ever-tightening budgets.

Webcast

Prof. Dr. David Chadwick: COVID-19 Certificates for Everyone

Working with the NHS, we are connecting our verifiable credentials infrastructure to its COVID-19 tests database so that we will be able to issue COVID-19 verifiable credentials to people in real time. Our unique design provides selective disclosure and conformance to GDPR for both the issuer (the NHS) and the verifier (e.g. a restaurant or a care home), without the need for a blockchain, revocation infrastructure or zero knowledge proofs. We will describe the architecture of our system, provide screen shots of the mobile phone interfaces, and describe the user trials we are shortly to...

Webcast

Interview with Dr. Andre Kudra

Webcast

Markus Sabadello: U.S. Permanent Resident Cards with SSI

The U.S. Department of Homeland Security (DHS) has supported Self-Sovereign Identity technologies such as Decentralized Identifiers (DIDs) and Verifiable Credentials for several years. Now, a number of companies have been selected to work with DHS on implementing digital versions of identity documents such as the Permanent Resident Card (Green Card). In this use case, the issuer of Verifiable Credentials is USCIS (United States Citizenship and Immigration Services), and the verifier is TSA (Transportation Security Administration). The overall objective is to make use of SSI...

Webcast

Will Abramson: Solving Problems with SSI

An overview of a number of problem-driven use cases for SSI technology, focusing on a number of different domains; healthcare, distributed machine learning and education. A recap of research undertaken at the Blockpass Identity Lab over the last year.

Webcast

Adrian Doerk: Bringing Self-Sovereign Identity Into Practice: Lessons Learned from Lissi and the SSI for Germany Consortia

In the future, you will not only decide where your data is stored, but also with whom you want to share your data. If you share data, everything will be logged for you and you will always have an overview of who has received data from you. This is what transparency looks like and this is what SSI promises you. But, what are the challenges when trying to implement SSI paradigms in the real world, and where do we may have to change the overall reception on digital identities? Get first-hand insights from our experience on a project to initiate...

Webcast

Marco Cuomo, Daniel Fritz: Blockchain-anchored Identities and Credentials Enabling Digital Transformation in the Pharma

With a SSI guarantee of privacy, patients will soon leverage a multitude of healthcare services that build on Decentralized Identity and Verifiable Credentials.  Marco and Dan are leading the “PharmaLedger” consortium in the evaluation and prioritization of these use cases and can provide insights into the thinking and possibilities that the future holds.

Webcast

Dr. Manreet Nijjar: A Digital Staff Passport for Doctors

In this talk, you will learn how a doctor’s digital passport can improve patient safety, reduce the burden on clinical staff & lower operational inefficiencies and risks in the NHS.

Webcast

TJ Behe: Beyond Blockchain: Creating Value from Compliant Self-Sovereign Identity

Enterprise wants to focus on the value identity can bring beyond verified access. Whilst reducing identity management compliance risk and storage costs, more organizations are giving customers their identity ownership back. They are using intelligent agents, real-time data updates and new conferred trust verification methods to leverage (consented-for) identity data insights for cross-sell and up-sell - and to better service customers, employees and partners. Distributed graph technology is enabling this. It guarantees privacy, anonymity and security – ensuring no...

Webcast

Peter Busch: Digital Trust and Digital Sovereignty in Mobility

Based on the foundational works for Distributed Ledger Technologies and strategies to use them for specific concrete mobility use cases, the next level of approaching the digital identity and security challenge of the Internet of Things will be shown in actual projects together with partners from the industry.

Webcast

Anne Bailey: Reimagining Identity: a Buyer’s Guide to Decentralized Identity

Blockchain is a reaction to real security and privacy concerns.  Whether or not you choose to adopt any blockchain solution, these concerns do exist and should be addressed in the way you manage enterprise Identity and Access Management. This session is for those who want to know what components to consider when implementing a blockchain ID system, and for those who wouldn’t touch blockchain with a 10-foot stick but still value the insights that come from a different identity paradigm. Modeled from KuppingerCole’s Blockchain ID Buyer’s Compass, this...

Webcast

Joy Chik: Making Digital Privacy Real

Digital privacy is a central concern for pretty much everyone. But what does ‘privacy’ really mean? How do you get it and what does it cost you? The identity community has been hard at work on a new identity model that gives people a path to take control of their online identities and personal information, making privacy convenient for individuals and practical for the organizations they interact with. In this keynote, Joy Chik will share why this identity model is necessary, how it’s becoming real, and what steps will catalyze adoption.

Webcast

KuppingerCole Analyst Chat: COVID Response and Decentralized Identity Solutions/Verifiable Credentials

Anne Bailey and Matthias Reinwarth discuss how decentralized identities and verifiable credentials help respond to the pandemic by powering contact tracing applications, immunity passports and other important use cases.

Webcast

Panel - The Challenges Of Deploying SSI at Scale

In this panel we will discuss the challenges of deploying Self-Sovereign Identity at scale, both technical and regulatory.

Webcast

Panel - Where Do We Stand on Self-Sovereign Identity? Business Value and Opportunities Under SSI Framework

Executive View

BioCatch

BioCatch is an innovative Fraud Reduction Intelligence Platform (FRIP). Their three-part solution in this space consists of Policy Manager, Case Manager, and Analyst Station, which are used by fraud analysts and operations teams to determine appropriate actions in response to indicators. BioCatch utilizes industry-leading passive biometrics for not only user behavioral analysis but also cognitive analysis to help their customers make better and more informed risk decisions by looking for signs of criminal activity in online sessions. With deep expertise in the financial industry, BioCatch...

Webcast

Four Key Components Critical to the Future of Privileged Access Management

Privileged Access Management (PAM) has assumed a critical role in protecting the most valuable data and services within organizations from theft, loss, and unauthorized access. But as companies and other organizations have become more complex and embrace digital transformation, PAM is also taking on a core operational function to achieve better insight into data usage and contribute to agile working processes.

Webinar

Sep 28, 2020: The Role of Data-Centric Security in the Cloud

As modern businesses across all verticals continue their rapid digitalization, the need to store, process and exchange data securely is becoming an essential factor for any company. However, this is particularly challenging for high-tech companies dealing with highly-sensitive R&D data.

Blog

What Some Vendors Missed in MITRE ATT&CK Round Two and How to Fix the Gaps

MITRE recently published the detailed results of their second round of tests. This test pitted APT29 malware and methods against 21 cybersecurity vendors. The MITRE testing is an excellent benchmark for comprehensively exercising Endpoint Protection (EPP) and Endpoint Detection & Response (EDR) tools in real-world scenarios where organizations find themselves under attack by Advanced Persistent Threats (APTs). MITRE describes the environments, methodology, and operation flow of their testing regime in great detail here. The raw results are available for review, and they have created a...

Leadership Brief

Incident Response Management

The probability of becoming a victim of a data breach is now higher than ever. The hyperconnected world and the ever-increasing complexity of modern IT systems and processes pose new challenges for IT staff.  All organizations must invest in an Incident Response Management plan. Preparation is essential and ensuring that everyone knows what to do can significantly reduce the impact of a cybersecurity incident.

Executive View

Adobe: Experience Cloud

When optimizing customer centricity and customer journeys across all touchpoints, automation is key. Various aspects have to be considered in order to create an individual and fit-for-purpose customer experience. Adobe’s Experience Cloud consists of various applications and services that cover many marketing-related areas, such as advertising, touchpoint management, personalization, data management, and analytics.

Webcast

KuppingerCole Analyst Chat: Questions to Ask Your Cloud Provider About Security

Alexei Balaganski and Matthias Reinwarth discuss the security challenges for enterprises moving to the cloud and explain why security in the cloud is still your responsibility.

Webinar

Sep 24, 2020: Application Access Governance for SAP Environments and Beyond

For many enterprises, SAP systems are an essential part of their corporate IT infrastructure, storing critical business information and employee data. SAP systems have traditionally been a major focus area for auditors. It is therefore essential that all existing SAP systems are covered by an effective solution for managing risks, including managing access controls and SoD controls, and implementing adequate Access Governance.

Webcast

KuppingerCole Analyst Chat: An Overview of Enterprise Information Protection

Anne Bailey and Matthias Reinwarth talk about the technologies that enable employees working remotely or from home access sensible corporate information from personal devices without compromises between productivity and security.

Leadership Brief

The Information Protection Life Cycle and Framework: Dispose

The modern economy is driven by information. Digital Transformation is made possible by information. But most forms of information must be protected to create and maintain value. The Information Protection Life Cycle and Framework provides concepts to organize the discovery, protection, and disposition of information objects. This article is the final in the series introducing the Information Protection Life Cycle and Framework.

Market Compass

Endpoint Protection, Detection, and Response

The KuppingerCole Market Compass provides an overview of the products offerings in Endpoint Protection, Detection and Response.  The Endpoint Security space continues to see much innovation and some consolidation. The formerly separate products Endpoint Protection (EPP) and Endpoint Detection & Response (EDR) are increasingly coming together in the marketplace.

Webinar

Sep 08, 2020: Identity for All – Not for the Few

While digitalization is a major challenge for all kinds of enterprises, it is particularly hard for medium sized enterprises. For many years, medium sized enterprises have struggled to deploy Identity Management as well as Identity Governance (IGA) solutions and show true business value and a return on investment. This is largely due to the complexity of implementation and the level of configuration and customization to fulfill the requirements. As a result, many companies have deployed Access Management solutions like single sign-on only to find that while great for user convenience, they...

Webcast

We Need to Talk About Passwords – Urgently!

Passwords have been used for authentication for decades and continue to proliferate. Yet we know they create friction for users, slow down business productivity, and are a weak form of user authentication. Users are always forgetting them or use weak passwords that are easily cracked by hackers. Many organizations would love to lessen reliance on passwords but many passwordless solutions only provide a partial solution and do not solve the inherent weakness of passwords. Modern enterprises cannot cover the myriad of access use cases today with a passwordless solution alone.

Press Release

KuppingerCole Unveils Security Fabric Concept for Modernizing Cybersecurity Architecture

KuppingerCole has developed a paradigm for defining the building blocks of a comprehensive and future-proof cybersecurity architecture based on the concept of a “Security Fabric” to help firms modernize their approach to security and reduce the complexity of their security tools portfolio.

Webcast

KuppingerCole Analyst Chat: ITSM and IGA - How to Integrate Two Key Infrastructures Right

Matthias Reinwarth and Martin Kuppinger discuss the challenges of integrating IT service management with identity governance within an enterprise.

Webcast

Remote Work and IAM – A Unique Opportunity for Security Leaders

Nowadays, Identity and Access Management (IAM) is undeniably the first line of defense for organizations worldwide. It enables employees to securely access applications while enhancing control and transparency. But IAM is also on the change. It is already more than just the traditional employee IAM. Digital business requires advanced identity services, well beyond the human identities. The segregation between various dimensions of IAM is blurring. IAM today treads the line between providing security and acting as a business enabler. It has left behind the notion of being "just IT" and...

Webcast

KuppingerCole Analyst Chat: Vendor Consolidation in Cybersecurity

Matthias Reinwarth and Jonh Tolbert discuss the ongoing consolidation of the cybersecurity market and talk about its reasons and potential consequences.

Executive View

Clear Skye IGA: IGA on the ServiceNow NOW platform

Clear Skye IGA differs from common IGA implementations by running on the ServiceNow NOW platform and providing full integration into ServiceNow capabilities. It thus bridges the gap between ITSM and IGA allowing for fast and efficient implementation of IGA capabilities for organizations already using ServiceNow.

Blog

Decentralized Identity Could Become a Reality, but Blockchain May Not Be a Part of It

Decentralized Identity is a concept that may not be mainstream yet, but it is a term that embodies the sentiment that many individuals feel regarding the control they wish they had over their personal data. The public has become increasingly more vocal about the misuse of their data, and global regulation has responded to this outcry with the GDPR, CCPA, ePrivacy Directive, and more. While this grants some control over some aspects of user data, there is an assumption that underpins these privacy regulations: that personal data can be held and used by an entity other than the owner....

Webcast

Security Fabric: Building a Secure Future With a Flexible IT Architecture

IT security is of central importance to companies. There are many requirements that must be met so that users with different roles and rights can use the various computers and networks securely and efficiently.

Blog

IBM Cloud for Financial Services

On July 22nd, 2020 IBM announced their IBM Cloud for Financial Services – what is this, why have IBM taken this step, and what does this announcement mean? Financial Services Compliance Challenges One recurring challenge for all organizations is complying with the ever-increasing number of laws and regulations. When IT services are delivered on-premises organizations often believe that this ensures the oversight, control and visibility needed to ensure and prove compliance. This is not the case with cloud-delivered services where there is a shared responsibility model and less...

Webinar

Sep 01, 2020: Designing and Establishing a Mature PAM Ecosystem for Reducing Risk in Your Organisation

What makes a PAM strategy different from enterprise password management or Identity Access Management? What are the first actions you should take to protect your privileged accounts in the shortest amount of time? And, how has the definition of “PAM Basics” changed as the industry and cyber risks have evolved?

Webinar

Oct 15, 2020: Privacy Compliance That Empowers Instead of Hinders

Protecting user privacy has become much more complicated as of late. Organizations must optimize consent rates while ensuring compliance with ever-changing global regulations and frameworks. They must look critically at their own processes to identify gaps or failures to meet privacy regulations. And organizations must find ways to effectively manage consumer requests, meticulously document processing activities and data transfers, and stay on top of a rapidly evolving regulatory landscape. Challenging, yes. But absolutely necessary.

Blog

Oracle Delivers on Earlier Cloud Promises

Back in February (oh, how time flies! Just to think that it was right before the beginning of the COVID-19 pandemic…) I wrote a blog post looking at Oracle’s ambitious plans for developing its cloud strategy and expanding its worldwide infrastructure footprint. The post was titled “Will 2020 Be the Year of Oracle Cloud?” and just five months later the company has already demonstrated that it does not just finally have a promising vision for Oracle Cloud, but also a strong commitment to...

Webinar

Sep 29, 2020: The Evolution of Encryption: Getting Ready for the Quantum Watershed

The relentless move towards the digital transformation seems unstoppable. Organizations must secure their trust and reputation in the face of increasing attacks, advances in technology, increased regulation and compliance, and the continued shift to the cloud and cloud services. Unfortunately, not a single week goes by without another large-scale data breach or leak reported by the media – it seems that a company of any size or industry can fall victim to insufficient or ineffective data protection controls.

Webcast

Dinçer Sidar: Unlocking the Potential of CX: IAM Practices for Corporate Clients

Banking products have become commodities; the only way to stand out from competition is to offer differentiating customer experience. Both retail and corporate clients expect personal, easy, and smart solutions from their banks. Identity & Access Management plays an essential role in this equation – offering high level of security without compromising on customer experience is the main challenge.

In this keynote session, Dinçer Sidar will talk about the changing customer expectations and deep dive into IAM practices and learnings for corporate banking clients.

Webcast

Dr. Torsten Lodderstedt: Identity Assurance with OpenID Connect

OpenID Connect has become a leading standard for providing relying parties with identity information. With a growing global adoption, OpenID Connect faces new use cases, like eGovernment, telecommunications, and health applications, where just providing identity information is not enough. Instead, the identity provider (IDP) needs to explicitly attest the verification status of the claims delivered. More precisely, it must distinguish verified from unverified claims and provide information about the verification itself: What data was verified? How was that checked and according to which...

Webcast

Katryna Dow: The Future Proof CIAM Bridge

Over the past few years, we have seen significant innovation in CIAM solutions, particularly when it comes to privacy and consent. In parallel, the distributed world of Self Sovereign Identity and Verified Credentials are gaining traction and adoption.

What if there was a way to have both? This session will focus on the work Meeco has been doing to bridge the existing world and the emerging world via OpenID Connect. It will include practical use cases that support multi-stakeholder eco-systems and enable customer experiences that build trust and manage compliance.

Webcast

Richard Meeus: Balancing Customer Experience and Security with CIAM

The pandemic has accelerated consumer adoption of digital channels, like online shopping, home delivery, and telehealth with  30% [of consumers planning] to shop more online in the future . As the world adjusts to a new normal, brands must create the high quality, scalable online experiences consumer demand. In this 20-minute keynote session, Akamai Senior Technology and Strategy Director Richard Meeus and Senior Director of Product Management Drew Ward will expand on consumer trends catalyzing digital transformation and dive into: Customer identity and access management...

Webcast

Interview: Implications of Recent Court Ruling on EU-US Data Protection Umbrella Agreement

Hours ago the EU Court ruled that the Privacy Shield called EU-US Data Protection Agreement is invalid, while it considers Standard Contractual Causes to be valid. Also, intersting in this context is the US Cloud Act. This may be of some impact to existing and future transcontinental relationships and the usage of US-based services within the EU. In this interview, Annie Bailey and Mike Small will discuss these new developments and implications.

Webcast

KC Virtual Awards

Webcast

KuppingerCole Analyst Chat: Data Management and Data Lineage - The Foundation for Big Data Governance and Security

Matthias Reinwarth and Martin Kuppinger talk about governance and security of data across a variety of sources and formats and the need for maintaining data lineage across its complete life cycle.

Webcast

George Fletcher: Vectors of Identity: A Model for Better User Experience

In many identity flows today, the user experience is the same regardless of the operation the user is trying to perform. This often means that from the user's perspective, they have a binary experience; either they are already logged and are NOT challenged, or they are not logged in and are challenged. The concepts of this talk go beyond "adaptive authentication" in that "authentication strength" is only one of the vectors being considered. This talk will define a set of identity "vectors" that can be used to provide better user experiences across the full life-cycle of user identity and...

Webcast

Panel: Customer Identities are Critical – How Can Businesses Build Trust and a Privacy-Centric CIAM Strategy?

Digital trust is what sets brands apart from their competitors. Taking and storing customer data is a duty of care, and brands cannot afford data breaches or compromises. To gain digital trust, leading brands need an airtight data protection strategy that gives customers control of their personal data without compromising user experiences. The strategies by which companies collect, store, use, and manage consumer profiles are under growing scrutiny from regulators, malicious actors, and the consumers themselves. Join this thought-provoking discussion about the value of customer identities...

Webcast

Panel: Addressing the Customers' „Pain Points“ - CIAM for Better Security and Compliance

In the digital-first environment, the threat of identity cybercrime is higher than ever. It is imperative for all the players to offer their customers frictionless, personalized and secure experience which can be quite challenging particularly when dealing with a large number of identities. Offering the more refined customer experience, understanding your customer without compromising security and compliance is not an easy feat. In this panel, our speakers will discuss the main critical points that need to be taking into account while enabling seamless customer identity...

Press Release

KuppingerCole Honors BMW’s IAM for Digital Transformation

KuppingerCole Analysts AG has named the Bavarian car manufacturer BMW as the winner in the category of IAM for Digital Transformation in its annual recognition of industry excellence in IAM and security projects.

Webcast

Martin Ingram: Customer IAM (CIAM) and Digital Transformation

  • How does Digital Transformation change how we deliver Customer IAM?
  • What have I learned as we have embraced Digital Transformation?
  • How can CIAM help deliver on the promise of Digital transformation?
  • How CIAM will become a business enabler in the future

Webcast

KuppingerCole Analyst Chat: A Cybersecurity Reference Architecture for Your Security Fabric

Christopher Schuetze and Matthias Reinwarth discuss a security architecture blueprint that implements the concept of Security Fabric.

Webcast

Matthias Reinwarth: Convergence - Integrating CIAM into Enterprise Architectures

Consumer Identity Management (CIAM) ensures privacy, consent management, security, personalization and user experience for external users, especially consumers and customers. Although the drawbacks of building yet another data silo are obvious, many organizations still view CIAM as an isolated system. But this ignores significant potential. Matthias Reinwarth talks about the range of opportunities that can be gained by converging CIAM into an overall IAM concept, but also by integrating CIAM into broader cybersecurity and marketing infrastructures.

Webcast

Yvo van Doorn: 3 Things You Need to Know About Your Customers’ Identities

Hear how a global retail giant, who’s online customers number in the hundreds of millions, has used Identity and Access Management to create a better, safer experience for their customers. Often seen as a checkbox item, at the end of the to-do list when it comes to developing, scaling and innovating applications and services, identity management and it’s often complex requirements impact a number of areas - from the overall software architecture, to data compliance, to the data you gather, and want to gather on your customers, to IT security and more. This presentation...

Blog

The Latest Twitter “Hack” Raises Inconvenient Questions

It looks like the whole world is currently talking (at least, tweeting) about the latest large-scale Twitter hack. High profile accounts of the likes of Barack Obama, Joe Biden, Bill Gates, and Jeff Bezos, as well as companies like Apple or Uber, were suddenly promoting a cryptocurrency scam. At first, they referred to a specific crypto-related website, but as it was quickly taken down, the hackers switched to spreading multiple Bitcoin addresses, asking people to send money to them to get a double amount of their investment back. Even though this type of scam is nothing new and should...

Virtual Event

Sep 15, 2020: Identity Governance & Administration and Next Generation Access

Digital transformation has made it possible for the Organisations to become more effective and more efficient in developing new products and the ways of working, at the same time Organizations now face many challenges to their digital security. The increased connectivity needed to support mobile employees, to integrate business partners into internal processes and to get closer to their customers has increased digital risks. Protecting the digital assets, the systems, and applications in this complex hybrid IT environment requires a well-thought-out understanding of risks and...

Executive View

Auth0 Platform

Auth0 provides a flexible platform that can be used for Consumer Identity and Access Management (CIAM), Business-to-Employee (B2E), and Business-to-Business (B2B) use cases. Auth0’s platform solutions are highly customizable to meet a variety of business requirements with a developer-centric focus.

Webcast

Endpoint Protection Made Easy With Privilege Management

Endpoint detection and response (EDR) solutions monitor endpoint and network events and record the information in a central database. There, the information is subjected to further analysis, detection, investigation, reporting, and alerting. While EDR solutions may be a good start to protect endpoints, they are by no means sufficient. Instead, Endpoint Privilege Management (EPM) solutions must be integrated to protect the systems from within.

Webinar

Sep 14, 2020: The Fast Track to Optimized Operations With IAM-as-a-Service

When IAM projects stall it is usually due to budget or timeline constraints as well as a lack of automation that can be leveraged by operations team to accelerate IAM processes and IAM modernization. Also, IAM operations and administration teams are often too busy with low-value tasks or lack the skills and expertise for rapid planning and implementation of IAM initiatives. In the long run, this puts overall digital initiatives of the company on hold. But the rapidly evolving digital landscape requires IAM teams to be productive and agile.

Leadership Brief

Wie wir Passwörter loswerden – Noch Heute

Die IT-Sicherheits-Community ist sich schon lange einig, dass Passwörter ein Problem sind, weil sie einfach zu entwenden und im Endeffekt anfällig für menschliche Fehler sind. Dieser Leadership Brief befasst sich damit, wie Organisationen ihre allgemeine Sicherheit verbessern können, indem sie sich über die Abhängigkeit von Passwörtern im Klaren werden und sich darauf vorbereiten, auf alternative Authentifizierungsmethoden umzusteigen.

Market Compass

Dynamic Authorization Management

The KuppingerCole Market Compass provides an overview of the product or service offerings in a selected market segment. This Market Compass covers the Dynamic Authorization Management market and provides a comparison of the main product offerings. Dynamic Authorization externalizes access control decisions to a centrally-managed authorization service that evaluates access policies in real-time to permit or deny a user’s access request to resources.

Analyst Advice

Business Resilience Management (Crisis Roadmap for Beginners)

Business Resilience Management is key to business survival in the face of rapidly changing IT, cyber threat, and regulatory environments.

Webcast

Interview with Peter Gyongyosi

Webcast

Paul Fisher: Trends and Findings From the 2020 PAM Leadership Compass

The PAM market has never been so dynamic and competitive as it reacts to changes in demands from organizations grappling with the effects of digital transformation on security and compliance. The findings from this year’s KuppingerCole PAM Leadership Compass reflect this dynamism as the vendors innovate across the board and add much needed functionality. Join Paul Fisher, Senior Analyst at KuppingerCole, as he discusses the findings from the report and what they mean for PAM in your own organization.

Webcast

Didier Cohen: Forget About Complex PAM Projects: Now’s the Time for Quick, Easy and TCO-efficient Privileged Access Management

As organizations are quickly advancing into the digital transformation, there is a growing need to secure access to critical infrastructure assets. IT security leaders have identified the need for a Privileged Access Management solution but, as their infrastructures expand and are increasingly subjected to cyber threats, they too often struggle with deployment and operational challenges. This conference will highlight how modern solutions can adapt to the evolving needs that IT leaders have to address by providing scalable deployment, operational simplicity, and reduced total cost of...

Webcast

Michael Dullea: Zero Trust Requires Comprehensive Privileged Access Management

Are you trying to implement a Zero Trust architecture in your environment?  A critical component of Zero Trust is making sure you cover your privileged users which these days go well beyond system administrators. Join Michael Dullea, Head of Product Management for Symantec PAM, as he discusses how the combination of proxy-based and agent-based privileged access management approaches offer complementary capabilities needed to achieve zero trust access to the accounts that hold the keys to your kingdom.  Understand why the traditional proxy-based approach just isn't good enough,...

Webcast

Panel - Digital Trends, Risks and Rewards - Achieving Control of Privilege Accounts in the Digital Enterprise

Webcast

Alpha Barry: Implementing PAM in Practice – Lessons Learned in an Industrial Company

In this talk, Alpha will discuss the often arduous way from buying and initially implementing a PAM solution to achieving significantly improved security as a program target. He will share lessons learned about necessary changes to IT infrastructure architecture and operational processes to ensure maximum impact of a PAM project. Overcoming organizational resistance to the new processes and tools is equally important. Alpha will explain what to expect, and leave the audience with some best practice ideas to engage and involve stakeholders in IT operations and general management.

Webcast

KuppingerCole Analyst Chat: Consent Management Done Right

Graham Williamson and Matthias Reinwarth talk about consent: what does it mean for identity professionals, service providers or lawyers and how to reconcile all those different views in modern IAM environments.

Webcast

Adam Drabik: Importance of Identity & Access Management and other Aspects of Cybersecurity in Post-Covid-19 World

The session will be about threat landscape tips from the practitioners.

Webcast

Steve Wright: What’s So Special About This Data Anyway

The issues of data governance and ethics has plagued every government in the world in the last few months – why ?

What is the problem and opportunity of Big Data, AI, Machine Learning and the unique insights this provides to our society?

Why, after so many years do we fear the dark web, and what are the motivations of state based actors?

Webcast

Panel - The Future of Security & Why Prioritizing PAM is Important?

Webcast

Panel - How to Manage Modern Security Risks and the Important Role of PAM

Webcast

Peter Gyongyosi: What's the Next Generation in PAM?

Privileged Access Management (PAM) solutions have become essential for compliance and security. A wide range of PAM solution choices is available, with the next generation of solutions designed to address the entire PAM process, not just the individual PAM challenges. Next-gen solutions are also built to optimize business operations with automated processes, simplified deployment and easily integrate with existing environments. They take into consideration the way admins work, provide maximum transparency and remove the operational friction that was typical of first-gen solutions. Plus,...

Webcast

Ninad Chavan: Need for PAM for Secured User Access to Business Applications on Cloud

Considering the nature of business, EGI was proactively planning to implement a centralized solution that could: Monitor all the remote users (including business users) taking access to the target servers on Cloud infrastructure from external network Allow secured and seamless file transfer from development to production environments Enable a second factor authentication for users accessing core business applications PAM helped address the same with: Comprehensive monitoring and access policy management to control and manage user access to critical cloud resources...

Webcast

Martin Kuppinger: PAM: You're not alone. The interplay of PAM with Cybersecurity, IAM, and ITSM

Privileged Access Management (PAM) is essential to every business – just because every business is under attack, and privileged accounts are what (targeted) attacks are focusing on. Thus, there is a need for PAM, with organization, processes, policies, controls, and technology. But PAM must not be an isolated initiative. It is tightly linked to both cybersecurity and IAM initiatives, and there is also an interplay to ITSM. In his talk, Martin Kuppinger will look at how PAM relates to other areas and how to set up a comprehensive initiative that focuses on mitigating risks and...

Webcast

Working From Home Is Not Secure Without an Effective IAM

The past few months have not only been disruptive to business models, but also to the way many people work. Working from Home (WfH) is the new normal for many of us, but it comes with many challenges, for workers, for their managers, for the IT teams. One of the biggest challenges is finding the right balance between enabling WfH and security.

Webcast

KuppingerCole Analyst Chat: Getting Rid of the Password

Warwick Ashford and Matthias Reinwarth discuss the standards, technologies and organizational changes needed to finally get rid of the password-based authentication once and for all.

Leadership Brief

Security Fabric: A Methodology for Architecting a Secure Future

Work from home, bring your own device, a professional cyber-crime industry, IoT & OT. We all have to face these challenges while fullfilling a zoo of endless requirements. It is complex to keep the overview and the flexibility in our IT security services and the used toolset. Setting up the architecture with the concept of a Security Fabric helps to structure, to optimize and to improve the corporate Cybersecurity approach.

Blog

Imagining Future Regulations on AI – Similarities to the GDPR?

There are ongoing discussions from high-level expert groups from the EU Commission about what regulation of Artificial Intelligence – particularly the algorithms that process data – will look like. There is a high priority to not only create alignment with the GDPR but to add flexibility for future advancements so that a baseline level of data protection is always provided, even as new AI applications are implemented. There are many elements of the GDPR that are particularly worth looking closer at regarding algorithmic models for recommendations, predictions, and decisions....

Executive View

NRI Secure Technologies: Uni-ID Libra 2.4

Consumer Identity and Access Management (CIAM) is a rapidly growing market that offers a better user experience for the consumer and new challenges for the organization. NRI Secure’s Uni-ID Libra continues to innovate and provide the necessary components of a CIAM solution with a focus on the Japanese market.

Webinar

Oct 06, 2020: Multicloud Und Digitalisierung: Wie Sie Die Nutzung Im Griff Behalten

Die Rolle der Cloud für die Digitalisierung kann kaum überbewertet werden. Doch mit zunehmender Cloud-Nutzung sind Organisationen bezüglich der Zugriffskontrolle für Cloud-Plattformen wie AWS, Microsoft Azure und Google Cloud Platform in Verzug geraten. Zwar bieten diese Plattformen Unternehmen Agilität und beschleunigen Innovation durch neue Services wie Sprachverarbeitung oder konfigurierbare Dialogsysteme, doch oft fehlt es an der erforderlichen Kontrolle, um den Zugriff auf all diese Cloud-Ressourcen ordnungsgemäß zu regeln.

Webinar

Sep 10, 2020: Die Demokratisierung der Cybersicherheit

Im Laufe der vergangenen Jahrzehnte haben Unternehmen vielen Anstrengungen auf sich genommen, um ihre IT-Sicherheit zu verbessern und so ihre Daten und Netzwerke zu schützen. Eine Konsequenz daraus wird immer deutlicher sichtbar: CISOs und ihre Teams müssen sich um eine (zu) große Zahl an Produkten und Lösungen kümmern, die der Unternehmenssicherheit dienen sollen. Oft sorgt schon die schiere Masse an Lösungen für eine hohe Komplexität und jährlich steigende Gesamtbetriebskosten (TCO), wobei der Mehrwert für die Sicherheit durch eine immer höhere Zahl an Tools fraglich ist.

Webinar

Aug 25, 2020: The 3 Steps to Secure IAM Modernization

When organizations modernize their Identity and Access Management (IAM), they have three fundamental requirements: an understanding of current capabilities, a migration strategy to transform the IAM infrastructure and finally, the staff with the expertise to execute the plan. The challenges on the way from legacy IAM to a modern IAM infrastructure are manifold and should be considered beforehand.

Webinar

Sep 16, 2020: Zugriffsschutz für sensible Daten – mit Data Access Governance und Identity Governance

Ein Großteil der geschäftlichen Dokumente in Unternehmen ist in Dateiordnern auf Microsoft SharePoint, Box, Dropbox und Google Drive gespeichert. Da ist es keine Überraschung, dass diese Daten zu den neuen Zielen von Hackern geworden sind. Mit zunehmenden Compliance-Anforderungen wie DSGVO, TISAX oder PCI ist der Zugriffsschutz auf diese Dateien längst nicht mehr nur eine Option, sondern Vorschrift. Auch die Erfüllung der Vorgaben der ISO 270xx-Normen ebenso wie von KRITIS erfordert entsprechende Maßnahmen.

Webcast

KuppingerCole Analyst Chat: A Holistic View of Cybersecurity - Introducing the Security Fabric

Christopher Schuetze and Matthias Reinwarth introduce Security Fabric - a new architectural approach towards cybersecurity with the goal to achieve consistent and fully managed security across the whole corporate IT.

Webcast

KuppingerCole Analyst Chat: NDR - Network (Threat) Detection and Response

John Tolbert and Matthias Reinwarth talk about network detection and response solutions: what are the threats they are looking for and how they complement endpoint protection tools to ensure consistent protection against advanced attacks.

Webcast

Identity Für Alle – Nicht Nur Für Wenige: Identity Management Für Den Mittelstand

Die digitale Transformation ist eine globale Herausforderung für Unternehmen jeder Größe. Im Gegensatz zu großen Konzernen fehlt es kleinen und mittelständischen Unternehmen aber oft an Fachpersonal und finanziellen Ressourcen, um Transformationsprozessen und den notwendigen technischen Voraussetzungen ausreichend Aufmerksamkeit zu widmen.

Blog

Getting a Grip on Your Big Data – Informatica Announces Acquisition of Compact Solutions

Informatica just announced that they agreed to acquire Compact Solutions, a vendor of Enterprise Metadata Management with engineering and professional services being based out of Krakow, Poland. Compact Solutions core product is MetaDex, which enables full end-to-end visibility of data flows, especially around some complex data sources, and thus helps organizations in understanding, tracking, managing, and protecting data flows and increasing efficiency in their broader data and analytics landscape as well as making more efficient use of their data. Metadata Management: Knowing your data...

Executive View

Symantec Identity Governance and Administration

In the absence of a secure external perimeter Identity and Access Management has become fundamental to protecting corporate digital assets.  Identity Governance and Administration includes two core elements of IAM - Identity Provisioning and Access Governance - that are essential to enabling and securing digital transformation.  This report describes how Symantec Identity Governance and Administration meets these challenges.

Leadership Brief

The Information Protection Life Cycle and Framework: Secure

The modern economy is driven by information. Digital Transformation is made possible by information. But most forms of information must be protected to create and maintain value. The Information Protection Life Cycle and Framework provides concepts to organize the discovery, protection, and disposition of information objects. This article is the fourth in the series introducing the Information Protection Life Cycle and Framework.

Blog

What's the Next Generation in PAM?

Before there were PAM solutions everyone was given access to privileged accounts with little regard or control as to who had access to them, when they had access and what they did with that access. As security breaches started to rise and compliance regulations were written it was obvious that manual processes and home-grown approaches to manage privileged access weren't enough to secure your organization. First PAM solutions solved issues but were too inflexible That's when privileged management solutions popped up in the market. There were solutions for password management and...

Blog

Elements of a Disaster Operations Plan

If anyone in any organization was in any doubt about the importance of having a Disaster Operations Plan, that has surely changed since the outbreak of the Covid-19 pandemic. Some organizations have coped better than others, but every organization should either be working on developing a Disaster Operation Plan or on improving the one they already have by identifying where the plan did and did not work well. Design a plan based on resources you already have A Disaster Operation Plan is a crisis-specific plan that builds off what an organization should already have in place. The following...

Webcast

Workforce Continuity in a Time of Crisis

It is not only in times of crisis like the current coronavirus pandemic that companies need to adapt and respond quickly to changing circumstances to provide workers with remote access and deal with onboarding and deprovisioning contingent workers. Continually changing and increasing customer demands as well as workforce expectations to work remotely, flexibly and on the move are also driving the need to be able to grant appropriate, security and compliant access rights to employees in near-real time to prevent gaps in workflows, increase productivity and improve compliance. IAM...

Webcast

IAM Projects Stalling - Stakeholder Management

Blog

Cloud Security Posture Management Tools – What They Are and Why You Need One

Many security product vendors are now offering CSPM (Cloud Security Posture Management) as part of their portfolio - so what is CSPM and why might you need it?  In their race towards digital transformation, organizations are using cloud services to accelerate the development of new apps and improve efficiency. This provides many important business benefits but also increases the challenges of ensuring cyber-security and regulatory compliance. CSPM solutions are intended to provide a way to identify and control some of these risks.  They supplement CASBs (Cloud Access Security...

Webcast

KuppingerCole Analyst Chat: Functionalities at the Core of a Privileged Account Management System

Paul Fisher and Matthias Reinwarth continue talking about privileged access management, discussing the core capabilities of modern PAM solutions.

Leadership Brief

Leadership Brief: Enterprise Information Protection - 71036

The perimeter of the corporation has transformed into a much more fluid and permeable boundary than it once was. Sensitive information is now routinely accessed with personal and business devices by employees, and mass remote work further exacerbates this trend. Advanced methods for the protection of sensitive data are necessary. This Leadership Brief is an overview of the role that Enterprise Information Protection solutions play in the current working environment and covers the capabilities that such vendors should provide.

Webcast

KuppingerCole Analyst Chat: The Cargo Cult of Cybersecurity

Matthias Reinwarth and Alexei Balaganski talk about the reasons many companies are still failing to protect themselves from cyberattacks and data breaches even after spending so much on security tools.

Webcast

Minimizing Security Impacts of a Growing Remote Workforce

Many organisations are implementing remote working policies and need to quickly support an unprecedented increase in the number of remote employees. However, an expanding remote workforce can significantly increase the attack surface and have changed the threat model of the organisation overnight. Many remote access options are quick to implement but are not secure and organisations are trying to navigate the challenges of quickly, but securely, operationalising their remote employees. In their talk, Martin Kuppinger and Morey Haber explore the risks unsecure remote access...

Blog

Security Fabric: Investing in the Right Architecture for a Secure Future

Modern and hybrid operating models, Software-as-a-Service, regulatory requirements, working from home, various types of internal and external users, and the phenomenon of BYOD (bring your own device) are challenges we have to face today. Such challenges are constantly emerging, which demands a flexible approach. Often these flexible requirements result in many specific sub-solutions for particular problems. This causes the company to have no central overview of which services, which devices, and which applications are used and for what purpose. To challenge the internal IT teams even...

Executive View

Executive View: CSI tools - 80407

CSI tools provide a suite of solutions for managing access entitlements and risk in SAP environments. The solution come with a modern, web-based user interface and dashboarding. They deliver in-depth insight and support for managing entitlements at all levels and across all applications within common SAP environments.

Leadership Brief

Leadership Brief: The Information Protection Life Cycle and Framework: Contain and Recover - 80375

The modern economy is driven by information. Digital Transformation is made possible by information. But most forms of information must be protected to create and maintain value. The Information Protection Life Cycle and Framework provides concepts to organize the discovery, protection, and disposition of information objects. This article is the sixth in the series introducing the Information Protection Life Cycle and Framework.

Webinar

Jul 23, 2020: Remote Work and IAM – A Unique Opportunity for Security Leaders

Nowadays, Identity and Access Management (IAM) is undeniably the first line of defense for organizations worldwide. It enables employees to securely access applications while enhancing control and transparency. But IAM is also on the change. It is already more than just the traditional employee IAM. Digital business requires advanced identity services, well beyond the human identities.

Webcast

Agile GRC: Adapting to the Pace of Change in the Digital Era

In the digital era, the rapid rate of change in business, IT and regulatory environments is continually accelerating, making it extremely challenging for organizations to keep pace in terms of their governance, risk and compliance (GRC) capability without the right mindset and tools. The complexity and technical nature of access controls in SAP and other business applications, makes the GRC challenge even greater. The added complexity of many GRC solutions means that organizations struggle with a lack of business buy-in and accountability for access-related risk. A more agile...

Webcast

IAM Projects Stalling - No Big Picture in Mind

Webinar

Sep 30, 2020: How Security and Identity Fabrics Work to Help Improve Security

Many organizations struggle or even fail because they overcomplicate the implementation and extension of their cybersecurity toolset. Most do not have a central approach on security, and often use a set of tools that are not well-integrated with each other.

Webcast

Jonathan Neal: Identity and Security for Your Cloud Strategy

Join the conversation as we help you explore laying the foundation of identity and security into your cloud-first strategy.  If the following questions have crossed your mind, we're happy you found your way to this session.    A.   Business-critical apps are constantly being migrated to the cloud to keep up with business. How do I know who is accessing what and if it is appropriate? Can I eliminate persistent accounts and provide JIT access? B.   Native compliance controls are provided from each of my cloud providers making it difficult, inefficient, and...

Webcast

Daniele Catteddu: Cloud Governance and Risk Assessment

The rapid growth in both scope and market share, combined with the inherent complexity of cloud computing, seem to exceed the capabilities of existing governance and risk management approaches. As users, and the uses of cloud computing evolve, so must the supporting governance models. This includes the transformation and adaptation of governance and risk management programs into the company's culture, and the evolution of the skills and expertise of the IT and Security professionals.

Webcast

Eric Wolff: Understanding Best Practices for Cloud Key Lifecycle Management

Cloud Security best practices arise from the shared responsibility model for cloud computing, which states that customers are responsible for the security of data in the cloud. This session will cover the latest trends in cloud security, cloud provider shared security models, and the use of data encryption as a best practice. With cloud encryption key lifecycle management seen by many as a problem yet to be solved, the session will wrap with an overview of CipherTrust Cloud Key Manager from Thales.

Webcast

Amol Sawarkar: Cloud-First - Blessings for Continued Humanitarian Work

Moving to the cloud is a relatively settled concept today. We all knew benefits; But who thought someday, the same will offer to stay and work from home; that also 100%. This is a short tour to see why IFRC opted to embrace the cloud, challenges addressed, and derived benefits as well as continued efforts in optimizing further.

Webcast

Damir Savanovic: A CSA’s Perspective on Cloud Risk Management

Cloud computing is a proven and globally accepted enterprise delivery and operational technology model and with this growing market segment, also concerns regarding privacy, security and compliance are increasing. The rapid growth, combined with the inherent complexity of cloud computing, appears to be straining the capabilities of existing governance and risk management frameworks. In this presentation, I will question the perceived effectiveness of current governance and maturity in the use of risk management frameworks being applied to cloud computing.

Webcast

Eleni Richter: Public-Cloud, Private-Cloud, On-Prem: Impacts of Cloud Cover on IDM

Today we see variable amounts of cloud cover in IT. Promising business values now meet reality. We will take a closer look at the effects of public-cloud, private-cloud, and on-premise scenarios on workloads, costs, and risks. Since cloud-usage means enlarging the (attack) surface of the IT, we will focus on security and IDM.

Webcast

Mike Small: Cloud Backup and Disaster Recovery Why This Is an Essential Component of Digital Transformation

All organizations need to consider the risks related to the availability of their business-critical data and take appropriate measures to mitigate these risks.  In most cases this will involve investing in backup and disaster recovery products and services.  In today’s hybrid IT environment these must cover both on-premises and cloud delivered services in a consistent way. This session will cover KuppingerCole’s research into this area and summarize our Market Compass Cloud Backup and Disaster Recovery. 

Webcast

KuppingerCole Analyst Chat: Applying AI Governance

In a follow-up to an earlier episode, Matthias Reinwarth and Anne Bailey discuss practical approaches and recommendations for applying AI governance in your organization.

Webcast

Interview with Oliver Cheal and Paul D'Cruz

Webcast

Ankur Rastogi: Navigating the Journey to Cloud

Cloud is the foundation for any digital transformation. Most organizations now have cloud embedded not just in their IT strategy but also in their digital strategy. Cloud creates an opportunity to modernize an organization's application portfolio. While the benefits of migrating to cloud are well known, the journey to cloud comes with its own challenges and risks. If not planned properly, this can cause major headaches on the way. The session covers the benefits of a proper cloud strategy, how to set up a cloud journey and the risks that one must be ready to manage on the way.

Webcast

Oliver Cheal, Paul D'Cruz: How Has the IT Security Roadmap Changed in 2020 for Businesses?

Webcast

Martin Kuppinger: Cloud First – and Now? Operations, Integration, Security, Identity

In his Opening Keynote, Martin Kuppinger, Principal Analyst at KuppingerCole, will talk about the practical consequences of having a “cloud first” strategy in place. Declaring such a strategy is simple. Successfully executing it is the bigger beast to tame. Martin Kuppinger will look at the success factors for executing a “cloud first” strategy and identify what it needs in the organization, operations, integration, vendor selection, risk assessment, management, security, and identity. He also will look at the various levels of such cloud first strategies,...

Webcast

Gemma Whitehouse: IoT & Enterprise - Change a Brief Introduction to Challenges and Solutions

In this presentation Gemma will overview and discuss:

  • Broad innovation trends in finance
  • Insurtech and fintech examples
  • Consumer trends and challenger businesses
  • IoT and Insurtech
  • IoT and Insurtech and sector relevance
  • IoT and the product ecosystem - old and new
  • IoT and the product ecosystem - approach
  • Data, IoT and misconceptions, and pitfalls
  • Challenges for organizations implementing emerging tech
  • Organisational solutions

Webcast

Hristomir Hristov: Cloud Migration – an Obscure Journey on Its Own or a Well-Paved Road

A story based on personal experience of leading several companies to smooth cloud migration. We will look at some real-life tips & tricks. We will discuss how to choose the cloud provider and the cloud setup – single-cloud, multi-cloud, or hybrid cloud. We will talk about what does ‘cloud-readiness’ means and when it is achieved. Should we start with a Zero Trust Architecture? What are the possible approaches for cloud migration - pros and cons. After all, is a migration a one-off event or a continuous process?

Webcast

Panel - Governing Your Hybrid Cloud

This panel will discuss cloud governance challenges and describe practical solutions.

  • Governing the cloud service – what value is certification and how can you implement continuous governance?
  • Governing use of the cloud services – what tools do you need to implement controls?
  • How can you implement consistent access governance across the whole hybrid estate?
  • Do tools like CASB and CSPM really help?

Webinar

Sep 22, 2020: Information Protection in Cloud Services

Today’s economy is clearly driven by data. The most successful companies are those that can use this data to create useful information that enables them to get closer to their customers, to create new products and be more efficient. Cloud services are a key enabler in this, they allow the capture, storage, and exploitation of vast amounts of data without the need for capital expenditure. They enable the rapid development and deployment of new applications as well as the modernization of existing one.

Webcast

KuppingerCole Analyst Chat: When is a Security Product not a Security Product?

Matthias Reinwarth and John Tolbert talk about profound implications of security products not having their administrative interfaces sufficiently secured with technologies like multi-factor authentication.

Webcast

The Future of Privileged Access Management and Reducing Risk for Modern Digital Enterprises

While Privileged Access Management (PAM) must still fulfill its core function of protecting privileged accounts, the next generation of PAM solutions can do so much more for your organization. As organizations embrace cloud, hybrid-IT, DevOps, remote working, digital workplaces, RPA and other transformational technologies the role of PAM has changed to secure these trends at zero point. Privileged accounts are no longer the domain of administrators or super users but for users right across the organization – including non-human entities such as applications and machines.

Market Compass

Market Compass: Enterprise Information Protection - 80217

The KuppingerCole Market Compass provides an overview of the product or service offerings in a certain market segment.  This Market Compass covers Enterprise Information Protection solutions. Because the perimeter of the corporation has changed to include personal and business devices, mass remote work, and increased collaboration, advanced methods for the protection of sensitive data have become necessary. This is an overview of the vendors that work to secure valuable assets – the sensitive data of an organization.

Blog

A Reckoning with Facial Recognition Technology and Responsibility

Several major players in the facial recognition market – IBM, Amazon, and Microsoft – have halted all sales of facial recognition technology (FRT) to police departments in the United States. Each of these companies made a statement regarding technology’s relationship to public safety. IBM CEO Arvind Kirshna sent an open letter to several US Senators and House Representatives, stating “IBM no longer offers general purpose IBM facial recognition or analysis software. IBM firmly opposes and will not condone uses of any technology…for mass surveillance, racial...

Webcast

Gain a Unified Business View With Enterprise Identity Management

Identity Governance and Administration (IGA) is continuing to evolve through more integrated Identity and Access Governance solutions. IGA products are often required to give deep integrations with other enterprise products and applications to deliver the expected business value, as well as a need for having one interface for IGA across the range of applications and services.

Webcast

IAM Projects stalling - Plan First, Then Execute

Webinar

Jul 22, 2020: Security Fabric: Building a Secure Future With a Flexible IT Architecture

IT security is of central importance to companies. There are many requirements that must be met so that users with different roles and rights can use the various computers and networks securely and efficiently.

Webinar

Sep 17, 2020: In an Age of Digital Transformation Managing Vendor and Partner Identity Is Critical

Organizations have been managing the identity and access of employees for many years to protect data and the overall security of the enterprise. However, the onset of digital transformation has driven a need for faster, cost-effective innovation and with it the increased utilization of third-party resources. Consequently, organizations have a greater need to manage third-party access to data, systems, and facilities. This includes contractors, vendors but also partners, affiliates, volunteers, and even service accounts and bots. Modern organizations are much more collaborative and open...

Webinar

Sep 09, 2020: Identity and Access Management Strategies That Grow With Your Business

For companies that don’t need a complex Identity Governance & Administration solution (IGA), account and group administration is still a priority. Every company needs a solution for at least baseline IAM (Identity and Access Management), that fits their current state but can also equip them to expand to Identity Governance and Privileged Access Management (PAM) when they are ready.

Webcast

KuppingerCole Analyst Chat: What's AI Governance and Why Do We Need It

Matthias Reinwarth and Anne Bailey talk about Artificial Intelligence and various issues and challenges of its governance and regulation.

Webcast

KuppingerCole Analyst Chat: IAM Requires a Solid Process Framework

Matthias Reinwarth and Christopher Schütze talk about the importance of processes to make your IAM projects successful.

Leadership Compass

Leadership Compass: Network Detection and Response - 80126

This report provides an overview of the market for Network Detection and Response tools (NDR) and provides you with a compass to help you to find the solution that best meets your needs. We examine the market segment, vendor service functionality, relative market share, and innovative approaches to providing NDR solutions.

Webinar

Jul 28, 2020: We Need to Talk About Passwords – Urgently!

Passwords have been used for authentication for decades and continue to proliferate. Yet we know they create friction for users, slow down business productivity, and are a weak form of user authentication. Users are always forgetting them or use weak passwords that are easily cracked by hackers. Many organizations would love to lessen reliance on passwords but many passwordless solutions only provide a partial solution and do not solve the inherent weakness of passwords. Modern enterprises cannot cover the myriad of access use cases today with a passwordless solution alone.

Webcast

IAM Projects Stalling - Quick Wins and Big Wins

Press Release

Cloud-First Strategy Crucial to Digital Transformation

For companies that want to digitally transform their business, a cloud-first strategy is crucial . I n addition to reducing costs and improving IT efficiency, delivering new products and service s from cloud-based infrastructure enables companies to be more flexible and responsive to changing business needs. 

Webcast

Ovidiu Ursachi: Return on Investment in Cybersecurity

Webcast

Panel: Managing Cyber Supply Chain Risks and Achieving Digital Business Resilience

Businesses face various risks when deploying external products and services. Among them is the possibility of cyber intrusion which can pose a major challenge to the company’s infrastructure and require a re-think of cybersecurity strategy. A well thought-out and properly structured management of a supplier base classified as trustworthy is just as much a part of this discipline as the use of standardized certification procedures for such products. In this panel we will discuss the importance of cyber supply chain risk management (C-SCRM) and its effect on resilience of a digital...

Webcast

Panel: From Threat to Opportunity - Cybersecurity in Times of Crisis

Ensuring business continuity is a challenge during times of crisis such as the pandemic caused by the Covid-19 virus. Companies were and are facing an increasing number of cyber-attacks which can cause damage to their finances, reputation, and growth. Today, most people continue to work from home, hence the attack surface is dramatically increased. In such trying times, the effective cybersecurity measures are of utmost importance. It is essential for businesses to understand that cybersecurity has become part of business continuity and modern, innovative approaches together with a high...

Webcast

Christopher Schuetze: Necessary Components of an Effective Cyber Supply Chain Risk Management (C-SCRM)

As the recent widely publicized revelations have shown, the risk of purchasing hard- and software with deliberately or accidentally built-in weaknesses is much higher than we could have estimated – but it is not the only element of Supply Chain Risk. Supply chains can only be as strong as their weakest link. In a world where enterprises must focus on what they can do best and outsource everything else, it is necessary to know these weak spots and to limit the risks occurring from them.

Webcast

Christopher Schuetze: Prepare & Invest Now – And Survive an Incident or a Breach Tomorrow

Webcast

Bernard Montel: Cyber Defense : The New Concept of iSOC - Where Identity and SOC Has Never Been Tighter

With the introduction of AI, machine learning and UEBA, the SOC objective is to detect abnormal behavior. More than ever Identity is the battleground in this new concept of iSOC.

During this keynote, you will learn how Identity Governance and SOC need to be tight and how to remediate when a threat is detected on a specific Identity with the concept of "Threat Aware Authentication".

Webcast

Matthias Canisius: Return to Base | The CISO's Guide to Preparing A COVID-19 Exit Strategy

While governments and public healthcare specialists are looking into the timing and manner of reopening the economy, it is clear that at some point in the hopefully not-too-distant future restrictions will be eased and businesses will return to normal operations. Returning to recently-vacated offices will certainly signify a return to normality, and for most, that will be a welcome relief after working from home for an extended period. However, just as the shift to working from home required organizations to adapt and act differently, so will the return to the office. In this...

Webcast

Jean-Christophe Gaillard: Cyber Security in the Midst of the COVID Crisis: Key Management Considerations for Large SMEs and Mid-Size Firms

In this session, you will hear from cyber security thought-leader and Corix Partners founder JC Gaillard. JC will discuss and deconstruct 6 cliches around cybersecurity in small and mid-size firms and why security matters more than ever in the light of the COVID crisis, before answering your questions.

Webcast

Filipi Pires: Security Predictions for 2020

The year 2020 will see a transition to a new decade. So will cybersecurity. Gone are the days of networks isolated behind a company firewall and a limited stack of enterprise applications. The current paradigm demands a wide variety of apps, services, and platforms that will all require protection. Defenders will have to view security through many lenses to keep up with and anticipate cybercrime mainstays, game changers, and new players. Tried-and-tested methods — extortion, obfuscation, phishing — will remain, but new risks will inevitably emerge. The increased migration to...

Webcast

Stefan Würtemberger: In the Crosshairs of Cyber Criminals – A Case Study by Marabu

In his talk, Stefan Würtemberger will discuss the caste study of Marabu's cyber-attack. He will address the necessary steps a company has to take after being attacked by cyber-criminals. He recommends calling in external cyber-specialists (expertise & protection of own resources) and filing a complaint with the police. Furthermore, he suggests dividing your forces well a working week > 100 h does not last long. A well-documented infrastructure helps when using external forces.

Webcast

Barry McMahon: Harnessing Identity to Position Security as a Business Enabler

Security teams were already going through a fundamental shift in how they protect the business, even before the acceleration to remote working due to Covid-19. Given that Identity and Access Management (IAM) is now undeniably the first line of defense for organisations worldwide, how can security leaders turn the challenges, both legacy and new, into opportunities to mitigate risk and add value to the business? And all this in a way that will elevate the position, and change the perception, of security at the same time? Based on a recent study Barry McMahon from LastPass looks at the...

Webcast

Dr. Mariarosaria Taddeo: Is Artificial Intelligence in Cybersecurity Trustworthy or Deceivable?

Applications of artificial intelligence (AI) for cybersecurity tasks are attracting greater attention from the private and the public sectors. Estimates indicate that the market for AI in cybersecurity will grow from US$1 billion in 2016 to a US$34.8 billion net worth by 2025. The latest national cybersecurity and defence strategies of several governments explicitly mention AI capabili- ties. At the same time, initiatives to define new standards and certification procedures to elicit users’ trust in AI are emerging on a global scale. However, trust in AI (both machine learning and...

Webcast

Matthias Reinwarth: Optimizing Your Cybersecurity Spending: Where to Put Your Money During and After the Crisis?

Webcast

KuppingerCole Analyst Chat: PAM - What are Privileged Accounts

Matthias Reinwarth and Paul Fisher launch a new series of talks about privileged access management.

Webcast

KuppingerCole Analyst Chat: Identity Vetting - Dealing With the Wave of Fraud During the Pandemic

Matthias Reinwarth and John Tolbert discuss the latest "innovations" fraudsters are using during the pandemic crisis and the methods to mitigate them.

Leadership Compass

Leadership Compass: Unified Endpoint Management (UEM) - 70314

This report provides an overview of the market for Unified Endpoint Management (UEM) and provides you with a compass to help you to find the solution that best meets your needs. We examine the market segment, vendor service functionality, relative market share, and innovative approaches to providing UEM solutions.

Webcast

Cybersecurity Investment Priorities - Set Your Focus Right

Executive View

Executive View: ManageEngine PAM360 - 80140

In the last few years PAM has evolved into a set of targeted technologies that addresses some of the most urgent areas of business security in a period of rapid technological change. Digital transformation, Cloud, and Hybrid IT environments are putting new demands on PAM and vendors are responding to this challenge by adding new functionalities and capabilities to their solutions. This Executive View takes a closer look at ManageEngine PAM360, offered to the market by the US based company.

Executive View

Executive View: Hitachi ID Privileged Access Manager - 80142

Hitachi ID is a global IAM software provider. It offers Hitachi ID Privileged Access Manager (HiPAM) as its primary offering for the PAM market, along with the complementary Identity Manager and Password Manager products. In the last few years PAM has evolved into a set of targeted technologies that addresses some of the most urgent areas of business security in a period of rapid technological change. Digital transformation, Cloud, and Hybrid IT environments are creating new demands and modern PAM solutions are evolving to meet these challenges.

Leadership Brief

Leadership Brief: The Information Protection Life Cycle and Framework: Monitor and Detect - 80374

The modern economy is driven by information. Digital Transformation is made possible by information. But most forms of information must be protected to create and maintain value. The Information Protection Life Cycle and Framework provides concepts to organize the discovery, protection, and disposition of information objects. This article is the fifth in the series introducing the Information Protection Life Cycle and Framework.

Webcast

KuppingerCole Analyst Chat: Zero Trust from the Cloud

Matthias Reinwarth and Alexei Balaganski look at the potential alternatives to VPNs and security gateways.

Virtual Event

Sep 03, 2020: The Three Fundamentals to Enterprise Identity Success

Organisations of all sizes are recognizing the need for a modern enterprise identity program to help fast track digital transformation, cloud adoption and Zero Trust initiatives. In order to capture the full capabilities, benefits and security of a modern enterprise identity program, you need the integration of solutions that cover all users, permissions and privileges. Attend this virtual event to learn how the integration between Identity and Access Management, Identity Governance and Privileged Access Management can protect your critical systems and data, reduce risk and help you quickly...

Virtual Event

Aug 20, 2020: Advanced Privileged Access Management & New Trends

This virtual event is dedicated to advanced methodologies in Privileged Access Management. Expert speakers and panelists will talk about successfully securing and managing privileged access which is a tough task and is only getting harder to solve.

Webcast

Redefining IAM: Harnessing AI to Identify Risk at the Speed of Change

In an increasingly complex and rapidly changing business, IT and regulatory environment, traditional approaches to identity governance must evolve to keep up with the rate of change. Given the dynamic nature of today’s business, managing entitlements and conducting access reviews have become particularly challenging, for example.

Webcast

KuppingerCole Analyst Chat: How to Avoid Becoming a Phishing Victim During the Pandemic

Matthias Reinwarth and Martin Kuppinger explain how to protect your users from phishing attacks when they're all working from home...

Learn more about how to continue successful business with Senior Analyst Warwick Ashford's Analyst Advice on Business Resilience Management.

Executive View

Executive View: IBM Watson OpenScale - 80505

IBM Watson OpenScale a solution to enable the responsible monitoring and management of AI projects. The comprehensive attention to data management, analytics, model training, deployment, and model lifecycle management make Watson OpenScale a strong choice for enterprises.

Market Compass

Market Compass: Conversational AI Building Platforms - 80384

The KuppingerCole Market Compass provides an overview of the product or service offerings in a certain market segment. This Market Compass covers conversational AI building platforms with a focus on chatbot solutions. Such solutions are a common trend in marketing, sales, service management, human resources, and many other use cases.

Blog

Conversational AI Building Platforms (Market Compass Preview)

AI-based conversational interfaces developed plenty of hype for use cases within marketing, sales, and service management. Various types of solutions are on the market, offered by both small start-ups and large, international, established enterprises. More than a hype Conversational interfaces experienced hype in 2016, followed by some disillusionment in the next years, as many solutions were technical gadgets rather than delivering real value. This is about to change, as many solutions are more mature now - and implemented as a part of digitalization projects within marketing, sales, or...

Blog

The Role of Identity in Business Continuity Planning

When it’s “business as usual”, it seems strange to think about disruptions and disasters. With competing priorities and the pressure of everyday demands, planning for worst-case scenarios can feel alarmist and macabre. But as anyone experienced in disaster preparedness will tell you, the best time to prepare for unexpected disruptions to your business is before they happen. And in today’s digital workplace, the ability to support remote employees and ensure secure access to work resources is an essential component of a business continuity plan. Why a business...

Webcast

Never mind the robots, here’s the real AI

Matthias Reinwarth explains how to let machine learning add value to your organization.

Blog

Cybersecurity Investment Priorities - Portfolio Optimization

Webcast

Protect, Detect, Respond, Mitigate: A Modern Security Paradigm for Modern Enterprises

The traditional approach forces enterprises to deploy multiple additional security solutions – EPP, EDR or NDR among them – to try and close remaining gaps, leading to even higher strain on security analysts. Facing response times of hours if not days, companies turn to managed services that rely on the scale of the cloud to reduce the load but introduce additional operational and compliance challenges. What if there were a modern alternative to hoarding security tools, relying instead on a single unified platform with a single endpoint agent to perform all those functions,...

Webcast

Cybersecurity Investment Priorities - Portfolio Optimization

Webinar

Jun 30, 2020: Workforce Continuity in a Time of Crisis

It is not only in times of crisis like the current coronavirus pandemic that companies need to adapt and respond quickly to changing circumstances to provide workers with remote access and deal with onboarding and deprovisioning contingent workers.

Executive View

Executive View: Omada Identity Suite - 80506

Modern Identity Governance and Administration (IGA) solutions need to take traditional IGA further to meet today's customer requirements such as entitlement and onboarding automation or providing insight into access risks. Omada Identity Suite not only supports this with Access Governance and Identity Provisioning but also takes it a step further by giving an IGA best practices framework and implementation methodology.

Blog

KuppingerCole Analyst Chat: Enterprise Databases in the Cloud

Matthias Reinwarth and Alexei Balaganski talk about making the right choice of a database engine to power your next cloud project.

Webinar

Jul 15, 2020: Endpoint Protection Made Easy With Privilege Management

Endpoint detection and response (EDR) solutions monitor endpoint and network events and record the information in a central database. There, the information is subjected to further analysis, detection, investigation, reporting, and alerting. While EDR solutions may be a good start to protect endpoints, they are by no means sufficient. Instead, Endpoint Privilege Management (EPM) solutions must be integrated to protect the systems from within.

Blog

The New Normal Post Covid-19

As soon as national lockdowns began to limit the spread of Covid-19 it was clear that the world would never be the same again, and last week’s Microsoft Build conference has highlighted what some of those changes will be, starting with the event itself being fully virtual for the first time. Remote working set to increase longer-term While remote working was becoming increasingly popular in the run-up to the Covid-19 crisis, few organizations were well equipped to accommodate this. In the past two months, however, just about every organization has had to find a way of enabling...

Webcast

KuppingerCole Analyst Chat: Enterprise Databases in the Cloud

Matthias Reinwarth and Alexei Balaganski talk about making the right choice of a database engine to power your next cloud project.

Market Compass

Market Compass: Cloud Backup and Disaster Recovery - 71176

The KuppingerCole Market Compass provides an overview of the product or service offerings in a certain market segment.  This Market Compass covers solutions that provide backup, restore and disaster recovery of IT service data into the cloud in the context of the hybrid IT service delivery environment that is now commonly found in medium to large organizations.

Blog

KuppingerCole Analyst Chat: Zero Trust as a Concept for … Trust and Security

Matthias Reinwarth and Martin Kuppinger dispel a few myths about Zero Trust.

Executive View

Executive View: Microsoft Azure Active Directory - 80401

From small businesses to large enterprises, organizations today require a solid foundation for their Identity and Access Management (IAM) services. These services are increasingly delivered as cloud services or IDaaS (Identity as a Service). Microsoft Azure Active Directory (Azure AD) provides Directory Services, Identity Federation, and Access Management from the cloud in a single integrated solution with extensive integration opportunities.

Webcast

KuppingerCole Analyst Chat: Zero Trust as a Concept for … Trust and Security

Matthias Reinwarth and Martin Kuppinger dispel a few myths about Zero Trust.

Press Release

Berthold Kerl Named CEO of KuppingerCole

KuppingerCole Analysts AG, a leading global technology analyst firm providing insights & decision support for tech professionals, today announced that Berthold Kerl, former Managing Director & Global Head of Identity and Access / CISO EMEA at Deutsche Bank AG, has been named as Chief Executive Officer (CEO), commencing July, 1st, 2020. Co-Founders Martin Kuppinger and Joerg Resch will remain in their current functions as board members.

Press Release

Berthold Kerl wird CEO von KuppingerCole

Der Aufsichtsrat der KuppingerCole Analysts AG hat Berthold Kerl mit Wirkung ab 1. Juli 2020 zum Chief Executive Officer ernannt. Die Unternehmensgründer Martin Kuppinger und Jörg Resch bleiben dem Unternehmen in ihren derzeitigen Funktionen als Vorstandsmitglieder erhalten. Berthold Kerl kommt von der Deutsche Bank AG, wo er als CISO EMEA für Identity & Access unternehmensweit zuständig war.   

Blog

Microsoft Adding New Capabilities to Azure Active Directory

Over the past years, Microsoft has spent significant effort to make Azure Active Directory (Azure AD) the central platform for identities in Microsoft environments and beyond. Microsoft now announced several new capabilities that help to support further use cases. New features in Azure AD One of these is the support for FIDO2 security key sign in for hybrid environments, consisting of both Azure AD and on-premises Active Directory. FIDO2 as a standard allows using a variety of authenticators, including biometric authentication, with various applications. This extension allows for using a...

Executive View

Executive View: Ilantus Compact Identity - 80177

IAM is a complex challenge for businesses, comprising of various capabilities such as IGA (Identity Governance & Administration), Access Management, and Privileged Access Management. Deployment is shifting towards flexible models supporting a range of deployment options, including IDaaS (Identity as a Service). Ilantus Compact Identity is an IAM offering targeting businesses that are looking for a comprehensive, integrated solution that can run either on premises or in the Cloud.

Executive View

Executive View: SentinelOne Singularity Platform - 80139

Die integrierte Sicherheitsplattform von SentinelOne kombiniert Präventions-, Erkennungs-, Analyse- und Mitigierungsfunktionen mit dem autonomen KI-Agenten und ermöglicht so tiefe Einblicke und konsistenten Schutz für On-Premises-Endgeräte, virtualisierte Umgebungen und Cloud-Workloads.

Executive View

Executive View: SentinelOne Singularity Platform - 80139

SentinelOne’s integrated security platform combines prevention, detection, analysis, and mitigation capabilities with the autonomous AI agent to enable deep visibility and consistent endpoint security across on-premises devices, virtualized environments and cloud workloads.

Blog

Will Azure Arc Help Hybrid IT Customers to Find the Pot of Gold?

At Ignite in November 2019 Microsoft announced Azure Arc which is now in public preview. Azure Arc extends Azure Resource Manager capabilities to cover Linux and Windows servers, as well as Kubernetes clusters on any infrastructure across on-premises, and multi-cloud. In French “L’arc-en-ciel” is the word for rainbow so will Azure Arc help customers to find a much-needed solution to their hybrid multi-cloud management challenges? The Hybrid Management Challenge As well as on-premises IT services, most organizations are now using cloud services from multiple vendors, and...

Executive View

Executive View: Thycotic Access Controller - 80406

Thycotic is one of the world’s leading providers of Privileged Access Management (PAM) solutions. In the last few years PAM has evolved into a set of targeted technologies that addresses some of the most urgent areas of business security in a period of rapid technological change. Digital transformation, Cloud, and Hybrid IT environments are putting new demands on PAM. Against this backdrop, Thycotic has integrated three new Access Controller products into its portfolio of PAM solutions to meet these challenges.

Blog

KuppingerCole Analyst Chat: The Alphabet Soup of Security Analytics

Matthias Reinwarth and Alexei Balaganski discuss the plethora of acronyms for security analytics solutions: from SOC and SIEM to UEBA and SOAR.

Virtual Event

Aug 06, 2020: Future of Digital Identity: Self-Sovereign Identity & Verifiable Credentials

This virtual event is dedicated to SSI and the future of identity. One of the main challenges facing the broad implementation of SSI is integration and standardization, which will be addressed by speakers and panelists. Various best practice talks will also be part of the exciting agenda.

Webcast

Interview with Tim Barber

Webcast

KuppingerCole Analyst Chat: The Alphabet Soup of Security Analytics

Matthias Reinwarth and Alexei Balaganski discuss the plethora of acronyms for security analytics solutions: from SOC and SIEM to UEBA and SOAR.

Webcast

Panel: Overcoming Enterprise Challenges & Future-proofing Your IAM Strategy

The need for the robust IAM strategy, enabling higher efficiency and productivity, is greater than ever. There are many things to be considered when considering adopting a new IAM strategy which might be overwhelming and confusing to some extend. This panel will overview the most important trends in Identity and access management as well as discuss the potential future development of the IAM landscape. Refined IAM solutions in complex with a holistic approach is crucial to stay ahead of evolving security threats.

Webcast

David Doret: IAM Performance Measurement

IAM Performance Measurement In late 2018, a group of seasoned IAM professionals spent an evening discussing IAM challenges in a café. They shared a common frustration: the absence of a standardized Performance Measurement System (PMS) to monitor and compare the performance of IAM programs in organizations. Yet, as the old saying goes, you only get what you measure. They organized a series of workshops throughout 2019, worked hard and here it is: the foundations of a standardized IAM PMS have now been layed out. This not-for-profit project driven by passionate IAM experts is open...

Webcast

Ros Smith: Re-inventing Identity Management at the BBC

You don’t need to go to many Identity Management conferences to realise that Identity and Access Management projects are hard to implement and also that IAM is one of the least “technological” of the Security disciplines, with it being 10% technology and 90% business change. The BBC is currently meeting the challenge of IAM transformation head on.

Webcast

KC Virtual Awards: Category - Enterprise IAM

The KuppingerCole Virtual Awards Series 2020 honors outstanding Identity Management and Security projects, standards or people during the upcoming virtual conferences. Today's award category considers Enterprise IAM projects, including Identity Governance & Administration, Identity Federation, Privileged Access Management, and other technologies. These projects may cover all types of identities but should include employee identities and focus on managing hybrid environments. Join the live award ceremony as the KuppingerCole jury announces the Best Enterpise IAM Project winner.

Webcast

David Miles: How to Handle Massive Forced Change in Active Directory Accounts

The current healthcare crisis has drastically changed how and where work is done, and the way organizations operate. To get to this point, it was a battle for IT admins that oversee your Active Directory infrastructure.

Then what happens when this crisis is over? How can your organisation quickly and smoothly bounce back from the identity management challenges brought on all the forced change?

Webcast

Sylvie Vandevelde: Use Case: Belgian Mobile ID for Digital Inclusion

Public and private services are digitalizing their services and need to create solutions that are accessible to everyone. Customers are expecting more, and citizens want to interact with the public services in a smoother way.  Next to that, the sensitivity of information being exchanged online grows rapidly and data privacy is a real concern to many people. How can you build a digital society that is accessible, secure and respects privacy? What is the role of a digital ID?

Webcast

Adam Cooper: Digital Identity as a Building Block for Ethical Digital Economies

Governments are building huge identity systems because they need to plan service delivery, understand demographics and deliver essentials such as healthcare and education whilst building digital economies and addressing financial inclusion. They also have concerns over fraudulent activity, security and border control. These are conflicting issues with very different needs. Technology always moves faster than laws and government capacity is often behind the curve. Knowing what to implement, when and how is difficult when capacity is low. Digital economies need digital identity, as...

Webcast

Alyssa Kelber, Jon Lehtinen: Build Your Own IDaaS: Lessons from Year One

Build or buy? Do we have the staff, talent, & budget to operate a new security service if we decide to build? In this talk, Alyssa Kelber & Jon Lehtinen deconstruct the myth that you need large teams & expensive software to run cloud-native Identity-as-a-Service platforms for your enterprise. They will share their experience building their own at Thomson Reuters using commercial off the shelf software, containerization, and native cloud services, as well as the lessons learned, business impact & costs savings over the year since the service’s launch.

Webcast

Prof. Dr. David Chadwick: I Want COVID-19 Certificates But I Don't Want a DID

The W3C Verifiable Credentials Data Model is being used as the basis for creating standardised COVID-19 certificates of different types: vaccination, test and immunity certificates.  As the W3C Recommendation clearly states, "DIDs are a new type of identifier that are not necessary for verifiable credentials to be useful. Specifically, verifiable credentials do not depend on DIDs and DIDs do not depend on verifiable credentials." So why are most implementers insisting on building COVID-19 certificates with DIDs and blockchains? This talk will provide an answer to this question, and...

Webcast

Panel: Disruptive Role of Mobile Device Manufactures Within the Digital Identity Market

Webcast

Tim Barber: Creating an Innovative Identity Fabrics Structure

Every business today is faced with a digital transformative imperative. In a digital world, where everyone is connected to everything, secure access is key for employees, partners, customers and even things. Organizations are challenged however by the need for controlling and staying on top of constant change and at the same time allowing continuous innovation of both technology and business models. How do you keep up with the speed of change and the need for security?  In his keynote, Tim Barber will discuss the concept of Identity Fabrics - platforms that provide all...

Webcast

Nat Sakimura: No ID, No DX

Industrial revolutions share two common properties: 1) New Increasing Return Technological Paradigm and 2) New Funding Methods. In the first industrial revolution, they were the steam engine and the fiat money creation. The combination allowed the British to create a Global Empire capitalizing on the increasing return nature. The same pattern holds for the 4th industrial revolution as well. This time, it was the cyberspace and the money creation system called "Silicon Valley". This time, however, the land grab is not on the existing continent. It is on a newly formed 8th continent, also...

Webcast

Martin Kuppinger: Identity Fabrics - Delivering IAM for the Digital Business

Identity Management is on the change. It will never be the same again. It is already more than Employee IAM. The segregation between various parts of IAM is blurring. Digital business require advanced identity services, well beyond the human identities. Identity Fabrics are the model for your Future IAM. They are about a consistent set of capabilities and services in a modern architecture, supporting your business and IT use cases. They deliver the Identity Services for your new digital services, ready-to-use and supporting the time-to-value in the digital transformation of your business....

Webcast

Mathias Conradt: The Evolution of IAM: From Being a 'Bandaid' To a Strategy

For organisations that want to ensure safe, scalable and efficient access to their applications and services, identity is playing a bigger role than ever before. In this session, Mathias Conradt will discuss today’s digital environment and how digital transformation is moving up on the agenda for C-level, and what that means for IAM solutions. Particularly since the bar has been reset when it comes to remote working, online shopping, meeting and socialising. Mathias will explore how organisations have typically - and are now - approaching IAM adoption and implementation, focusing...

Virtual Event

Jul 16, 2020: Customer Identity & Marketing Automation

This virtual event offers a great opportunity to listen to discussions by experts from different industries dealing with CIAM and Marketing automation. Hear more about CIAM use cases for marketing and how to win customer trust by safeguarding their data. Enrich your knowledge to become better prepared for dealing with the challenges in this ever-changing environment.

Blog

KuppingerCole Analyst Chat: Cybersecurity Portfolio Optimization

Matthias Reinwarth and Christopher Schütze talk about how to efficiently identify and rate your investments into Cybersecurity. Free Analyst Advice:Business Resilience Management (Crisis Roadmap for Beginners)

Executive View

Executive View: Symantec Privileged Access Manager - 80331

Privileged Access Management (PAM) solutions are critical cybersecurity controls that address the security risks associated with the use of privileged access in organizations and companies. This report describes how Symantec Privileged Access Management meets these challenges.

Executive View

Executive View: Nexis Controle 3.4 - 80158

Nexis Controle 3.4 implements intelligent role and identity analytics while laying the foundation for strategic role lifecycle management as either a stand-alone solution or as a companion component to existing Identity and Access Management infrastructures.

Executive View

Executive View: One Identity Manager - 80310

One Identity Manager is one of the leading Identity and Access Governance (IAG) solutions. It builds on a sophisticated, consistent concept which allows for intuitive user experience, rapid customization and easy deployment. One Identity Manager is offering a rich toolset and framework to connect various target systems to its identity and access management solution.

Leadership Brief

How to Get Rid of Passwords - Today

The IT security community has long recognized that passwords are a problem because they are easily cracked or compromised and are ultimately susceptible to human failings. This leadership brief looks how organizations can improve overall security by addressing their reliance on passwords and prepare to move to alternative authentication methods.

Leadership Compass

Leadership Compass: Access Control Tools for SAP Environments - 80104

This report provides an overview of the market for Access Control Tools for SAP Environments and provides you with a compass to help you to find the solution that best meets your needs. We examine the market segment, vendor service functionality, relative market share, and innovative approaches to providing solutions that increase security in SAP Environments by restricting access, controlling break-glass access, and related capabilities.

Blog

Five Golden Rules for Efficient Virtual Collaboration

Beyond security and technology: Matthias Reinwarth leverages the experiences of KuppingerCole Analysts in doing advisory via electronic collaboration platforms and shares 5+1 golden rules for jumpstarting efficient cooperation.

Blog

3 Steps to Improve Your Cybersecurity with Enterprise Risk Management

If you start considering the topic of cybersecurity in your company, you’ll quickly realize that there are many facets. In traditional companies, IT has grown in parallel to meet the requirements in digitization and production in a timely manner. These traditional companies and their suppliers with physical products such as automobiles often have a somewhat higher degree of maturity in general Enterprise Risk Management, which only deals in part with IT-relevant risks. Companies that were founded more recently, or that offer their products or services on a purely digital level have...

Webinar

Jul 02, 2020: Identity für Alle – nicht nur für Wenige: Identity Management für den Mittelstand

Die digitale Transformation ist eine globale Herausforderung für Unternehmen jeder Größe. Im Gegensatz zu großen Konzernen fehlt es kleinen und mittelständischen Unternehmen aber oft an Fachpersonal und finanziellen Ressourcen, um Transformationsprozessen und den notwendigen technischen Voraussetzungen ausreichend Aufmerksamkeit zu widmen.

Webinar

Jun 18, 2020: The Future of Privileged Access Management and Reducing Risk for Modern Digital Enterprises

While Privileged Access Management (PAM) must still fulfill its core function of protecting privileged accounts, the next generation of PAM solutions can do so much more for your organization. As organizations embrace cloud, hybrid-IT, DevOps, remote working, digital workplaces, RPA and other transformational technologies the role of PAM has changed to secure these trends at zero point. Privileged accounts are no longer the domain of administrators or super users but for users right across the organization – including non-human entities such as applications and machines.

Webcast

Beating Fraudsters at Their Own Game With Fraud Reduction Intelligence Platforms

Fraud continues to be a major challenge for many organizations today. Industries such as finance, banks, payments, insurance, gaming, telecommunications, health care, etc. are dealing with increasing amounts of fraud and escalating sophistication of attacks. Account Takeovers (ATOs), synthetic fraud, and bots are a pervasive problem and continue to drain revenue from many businesses.

Webcast

Five Golden Rules For Efficient Virtual Collaboration

Beyond security and technology: Matthias Reinwarth leverages the experiences of KuppingerCole Analysts in doing advisory via electronic collaboration platforms and shares 5+1 golden rules for jumpstarting efficient cooperation.

Blog

Why BCM/BCRM and Cybersecurity Must Converge

Webcast

Why BCM/BCRM and Cybersecurity Must Converge

Press Release

KuppingerCole Brings Experts in Identity Management to Screens Around the World

Wiesbaden, May 12, 2020 – With the coronavirus putting plans for big events temporarily on ice, KuppingerCole will deliver the European Identity & Cloud Conference 2020 as a series of virtual events. The series kicks off on May 12 with a six-hour online event focusing on Identity Fabrics & the Future of Identity Management.

Whitepaper

Whitepaper: IAM: Globalization & Large-Scale Enterprise - 80130

Identity and Access Management (IAM) has never been more important or challenging in the face of a rapidly changing business, regulatory and IT environment. This is especially true for multinational companies that must comply with an ever-increasing number of security and privacy regulations. Service Layers delivers a managed IAM service using a scalable, customizable, component-based platform with a service-oriented architecture to support multi-instance deployments to meet the key IAM challenges facing global enterprises.

Leadership Compass

Leadership Compass: Privileged Access Management - 80088

Privileged Access Management (PAM) is one of the most important areas of risk management and security in any organization. Privileged accounts have traditionally been given to administrators to access critical data and applications. But, changing business practices, hybrid IT, cloud and other aspects of digital transformation has meant that users of privileged accounts have become more numerous and widespread. To reduce the risk of privileged accounts being hijacked or fraudulently used, and to uphold stringent regulatory compliance within an organization, a strong PAM solution is essential.

Webinar

Jun 25, 2020: Minimizing Security Impacts of a Growing Remote Workforce

Many organisations are implementing remote working policies and need to quickly support an unprecedented increase in the number of remote employees.

Blog

Converging IAM Solutions AND Reducing Complexity

IAM is no green field approach, but needs to evolve over time. Matthias Reinwarth explains how the Identity Fabrics paradigm can be deployed to move towards a more modern and capable IAM architecture while increasing efficiency.

Webinar

Jun 17, 2020: Gain a Unified Business View With Enterprise Identity Management

Identity Governance and Administration (IGA) is continuing to evolve through more integrated Identity and Access Governance solutions. IGA products are often required to give deep integrations with other enterprise products and applications to deliver the expected business value, as well as a need for having one interface for IGA across the range of applications and services.

Webcast

Converging IAM Solutions AND Reducing Complexity

IAM is no green field approach, but needs to evolve over time. Matthias Reinwarth explains how the Identity Fabrics paradigm can be deployed to move towards a more modern and capable IAM architecture while increasing efficiency.

Blog

KuppingerCole Analyst Chat: Incident Response Management

Christopher Schütze and Matthias Reinwarth explain the importance of having an incident response plan.

Webcast

KuppingerCole Analyst Chat: Incident Response Management

Christopher Schütze and Matthias Reinwarth explain the importance of having an incident response plan.

Blog

KuppingerCole Analyst Chat: How to Ensure Your Video Conference’s Security

Matthias Reinwarth and Martin Kuppinger discuss the measures necessary for securing your favorite online communication platform.

Webcast

KuppingerCole Analyst Chat: How to Ensure Your Video Conference’s Security

Matthias Reinwarth and Martin Kuppinger discuss the measures necessary for securing your favorite online communication platform.

Webcast

Digital Identities & Healthcare IAM: Balancing Efficiency in Clinical Workflows and the Need for Security & Privacy

IAM infrastructure is becoming increasingly critical to the business success of healthcare providers. This is driven in the first instance by digitization and connectivity of everything and the inevitable efforts of cyber-criminals to compromise the newly connected assets. At the same time, and especially in sectors like healthcare, whose business is based on the collection and use of lots of valuable consumer data, the public and governments are demanding more accountability for safeguarding and appropriate use of personal information.

Virtual Event

Jul 07, 2020: Privileged Access Management (PAM) for Your Enterprise

In this virtual event, KuppingerCole and other top experts in the industry will present crucial information on why companies need PAM and how PAM works best to prevent security breaches and credential thefts through defining and implementing the right strategy.

Blog

Creating an Innovative Identity Fabric Structure

To maintain competitive advantage, digital transformation is no longer a choice – it’s an imperative. The rapid shift to the cloud and as-a-service models has enabled organizations to offer more digital services and applications across a wider range of devices for their workforce and customers. In this increasingly connected world, managing digital identities and access in a secure and adaptable way is critical and needs to play an important role in your business strategy. Implementing identity services piecemeal every time you roll out a new digital service is expensive, slow,...

Blog

IBM Cloud Satellite Announcements

The idea behind cloud computing used to be simple – let the cloud service provider provide and manage the IT services and infrastructure while you get on with your business. However, reality got in the way and cloud computing has become yet another dimension in the complex web of IT service delivery. It is against this backdrop that the announcement of IBM Cloud Satellite at this year’s THINK conference needs to be judged. Public Cloud meets the real world The public cloud provides great flexibility for developers - allowing them to obtain the computing resources they need...

Blog

AI Governance: What to Consider

Webinar

Aug 04, 2020: Four Key Components Critical to the Future of Privileged Access Management

Privileged Access Management (PAM) has assumed a critical role in protecting the most valuable data and services within organizations from theft, loss, and unauthorized access. But as companies and other organizations have become more complex and embrace digital transformation, PAM is also taking on a core operational function to achieve better insight into data usage and contribute to agile working processes.

Webcast

AI Governance: What to Consider

Blog

The 5 Golden Rules of E-Payment

Anne Bailey gives you a list of golden rules to ensure security and compliance of electronic payments.

Webinar

Jun 23, 2020: Agile GRC: Adapting to the Pace of Change in the Digital Era

In the digital era, the rapid rate of change in business, IT and regulatory environments is continually accelerating, making it extremely challenging for organizations to keep pace in terms of their governance, risk and compliance (GRC) capability without the right mindset and tools.

Webinar

May 28, 2020: Redefining IAM: Harnessing AI to Identify Risk at the Speed of Change

In an increasingly complex and rapidly changing business, IT and regulatory environment, traditional approaches to identity governance must evolve to keep up with the rate of change. Given the dynamic nature of today’s business, managing entitlements and conducting access reviews have become particularly challenging, for example.

Webcast

The 5 Golden Rules of E-Payment

Anne Bailey gives you a list of golden rules to ensure security and compliance of electronic payments.

Blog

Microservices in Identity and Access Management

Webcast

Microservices in Identity and Access Management

Blog

KuppingerCole Analyst Chat: Making IAM Projects Succeed - The Importance of Project Management

Matthias Reinwarth and Graham Williamson are talking about managing IAM projects properly.

Webcast

KuppingerCole Analyst Chat: Making IAM Projects Succeed - The Importance of Project Management

Matthias Reinwarth and Graham Williamson are talking about managing IAM projects properly.

Leadership Compass

Leadership Compass: Identity Governance & Administration (IGA) - 80063

The Identity Governance and Administration (IGA) market is continuing to evolve through more integrated Identity Provisioning and Access Governance solutions that are now increasingly aided by intelligent features. This Leadership Compass will give an overview and insights into the IGA market, providing you a compass to help you find the products that can meet the criteria necessary for successful IGA deployments.

Executive View

Executive View: SailPoint Predictive Identity - 80124

SailPoint Predictive Identity is a SaaS platform that adds AI-based capabilities to IGA. These include analysis of access risks, recommendations for approving or revoking entitlements during access review, and automated optimization of access models, amongst others. The solution provides significant improvements in user experience of IGA, compared to traditional IGA approaches, while also delivering “explainable AI”, informing about why certain recommendations are given.

Blog

KuppingerCole Analyst Chat: The Dark Side of the API Economy

Matthias Reinwarth and Alexei Balaganski discuss the challenges of explosive API growth without proper security controls in place.

Webcast

KuppingerCole Analyst Chat: The Dark Side of the API Economy

Matthias Reinwarth and Alexei Balaganski discuss the challenges of explosive API growth without proper security controls in place.

Webcast

Access all Apps with Azure AD: A Single Identity Solution for Secure Access

Most businesses already rely on Azure Active Directory for secure, seamless access to Microsoft services like Office 365 and Azure. But with more applications being used than ever before, organizations are asking themselves what bigger role Azure Active Directory can play in securing their entire application ecosystem. Today, secure application access is a key challenge organizations face when implementing a Zero Trust strategy. Applications can live anywhere – in the cloud, on-premises, as a service, or on a mobile device – and are used from anywhere, at any time by...

Blog

Why IAM From the Cloud is the New Normal

Martin Kuppinger explains the benefits of Identity and Access Management delivered from the cloud.

Webcast

The Security & Identity Challenges of Modern IT: Agile IT & DevOps Done Right & Secure

Security and identity must evolve in order to support today’s IT. While traditional IT appears being rather simple to secure, current security risks necessitate a greater degree of agility: shifting to DevOps paradigms, implementing a CI/CD chain, running services in hybrid cloud environments (or wherever else). This requires a security angle on DevOps, which you might name DevSecOps. Such an approach includes security and identity as a service, which has been referred to in the past as Application Security Infrastructures. It requires adequate protection of both the DevOps tools...

Webcast

Why IAM From the Cloud is the New Normal

Martin Kuppinger explains the benefits of Identity and Access Management delivered from the cloud.

Blog

Security Should Not Become a "Business Disabler"

Webcast

Security Should Not Become a "Business Disabler"

Blog

KuppingerCole Analyst Chat: Making IAM Projects Succeed - Why You Need a Solution Architecture

Matthias Reinwarth and Graham Williamson are talking about designing an IAM project architecture.

Webcast

KuppingerCole Analyst Chat: Making IAM Projects Succeed - Why You Need a Solution Architecture

Matthias Reinwarth and Graham Williamson are talking about designing an IAM project architecture.

Blog

CoronaApp: Time to Act Now, Not to Talk

Kuppingercole's Principal Analyst Martin Kuppinger gives his opinion on problems and arguments surrounding various apps for tracking the spread of the virus. And privacy is not the biggest challenge here... You can watch his speech in English or in German below.

Blog

KuppingerCole Analyst Chat: Fraud Reduction Intelligence Platforms

Matthias Reinwarth and John Tolbert explain the meaning behind the term and talk about various factors that help identify fraudulent transactions in different industries.

Webcast

Managing a Crisis: Prepare for Weathering the Next Storm to Come

While the Covid-19 crisis is still in full effect, many businesses have mastered the first phase of disruption. Now, the time starts to plan for the future, at many levels – financials, business models, product strategies, and more. One of these topics must be Business Continuity & Resilience Management (BCRM), for being better prepared for weathering the next storm to come. And that will come, be it the next peak of Covid-19, be it a major natural disaster hitting your business, be it – and that is the one with the highest probability – a severe cyberattack. And...

Webcast

CoronaApp: Time to Act Now, Not to Talk

Kuppingercole's Principal Analyst Martin Kuppinger gives his opinion on problems and arguments surrounding various apps for tracking the spread of the virus. And privacy is not the biggest challenge here...

Webcast

KuppingerCole Analyst Chat: Fraud Reduction Intelligence Platforms

Matthias Reinwarth and John Tolbert explain the meaning behind the term and talk about various factors that help identify fraudulent transactions in different industries.

Executive View

Executive View: IBM Watson - 80232

IBM Watson is a computing platform that aims to meet the AI needs of any organization – those that wish to develop projects themselves, or those who wish to gain standard capabilities quickly. The comprehensive attention to data management, analytics, model training, deployment, and lifecycle management make the portfolio of IBM Watson products a strong choice for enterprises.

Webinar

Sep 02, 2020: Remote Workforce: How to Protect Yourself From Emerging Threats?

The outbreak of the COVID-19 pandemic has served as a catalyst for digitization in many companies and led to an increase in remote work and adoption of the bring your own device (BYOD) policy. Every device and digital service that employees use is a potential gateway into company networks and thus poses a security risk. The risks are magnified even more when privileged accounts enter the equation because they enable access to critical data. Given the immediacy and speed with which companies had to shift from office to remote work, security concerns were often neglected leading to an...

Leadership Brief

Leadership Brief: Mitigating Availability & Security Risks in Centralized Digital Workplace Delivery - 80223

Centralizing delivery of digital workplaces can bring cost, efficiency and productivity rewards but security and risk management must be baked in if availability is not compromised by cyber attacks or unexpected disruption.

Blog

Cybersecurity of Tomorrow: Delivered Entirely From the Cloud

As businesses embrace the Digital Transformation and become increasingly cloud-native, mobile and interconnected, the corporate network perimeter is gradually disappearing, exposing users to malware, ransomware, and other cyber threats. Traditional perimeter security tools no longer provide adequate visibility, threat protection, and scalability, nor can they offer convenience and productivity for users on the go. In a crisis, a cybersecurity strategy is a matter of survival The previous paragraph summarizes what KuppingerCole, along with many other industry experts, has been preaching...

Blog

Sind die BSI Richtlinien für Gesundheitsanwendungen richtig und ausreichend?

Nie war Digital Healthcare so wichtig wie heute, in Zeiten von COVID-19. Das Bundesamt für Sicherheit in der Informationstechnik (BSI) hat eine Richtlinie für sichere Anwendungen im Gesundheitswesen vorgestellt. Richtig und wichtig, auch Security by Design und Privacy by Design für die Vertraulichkeit sensitiver Daten. Nur: Ohne ausreichende Budgets wird es nicht funktionieren.

Virtual Event

Jun 16, 2020: Cloud First - Strategy & Roadmap

This KuppingerCole Virtual Event will help you navigate the tough decisions your company has to make in pursuing a cloud-first strategy and provide answers to complex questions to help identify a clear path ahead and ensure your business gains maximum benefit from a well-planned and carefully considered strategy.

Virtual Event

Jun 02, 2020: Cybersecurity & Enterprise Risk Management

In this Virtual Event, you will learn about current trends and developments in cybersecurity and how to minimize cyber risks in your enterprise.

Webcast

Die Krise bewältigen: So überstehen Sie den nächsten Sturm

Während die Covid-19-Krise noch in vollem Gange ist, haben viele Unternehmen die erste Phase des Umbruchs gemeistert. Jetzt ist es an der Zeit, auf vielen Ebenen – Finanzen, Geschäftsmodelle, Produktstrategien und mehr – für die Zukunft zu planen. Eines dieser Themen muss das Business Continuity & Resilience Management (BCRM) sein, um besser auf den nächsten Sturm vorbereitet zu sein. Und der wird kommen, sei es der nächste Anstieg von Covid-19, sei es eine große Naturkatastrophe, die Ihr Unternehmen trifft, oder sei es – und das...

Webcast

Sind die BSI Richtlinien für Gesundheitsanwendungen richtig und ausreichend?

Blog

Zero Trust Paradigm for the Future of Security

Martin Kuppinger explains the meaning behind the popular buzzword.

Webcast

Zero Trust Paradigm for the Future of Security

Martin Kuppinger explains the meaning behind the popular buzzword.

Executive View

Executive View: Soterion for SAP - 80113

Soterion for SAP is a GRC (Governance, Risk & Compliance) solution targeted at SAP environments and delivering major capabilities in that space. The solution is available as both on premises solution and in an as-a-service model. Soterion has put specific emphasis on delivering a solution for GRC and access control in SAP environments that is easy-to-use, coming with a business-friendly user interface.s

Whitepaper

Whitepaper: Fast Access Management in the Hybrid Cloud for SMBs - 80137

Moving to the cloud sets new challenges for managing access to critical IT environments for small and medium-size businesses (SMBs). These include managing access to multi-cloud services that are used on-demand but discarded when no longer needed, finding a scalable solution without big IT projects and costs, and managing administrative access with limited resources. At the same time, organizations must ensure subcontractors get the right level of privilege for the task at hand but don't walk away with access credentials. SMBs must also protect the company from privileged credential...

Webcast

AI Governance From a Practical Perspective

How can you ensure that your Artificial Intelligence project does not become a liability? An improper implementation, a socially insensitive data label, or negligent data management can easily lead to an auditing nightmare. What are the best practices to safely utilize and govern AI? This webinar highlights key considerations when implementing an AI application, particularly for use in IAM. Learn the key questions to ask when implementing an AI project so that governance and audits do not become an issue later.  Many AI projects falter or fail when they encounter a governance...

Blog

KuppingerCole Analyst Chat: Five Key Topics for Cybersecurity

Matthias Reinwarth and Martin Kuppinger identify the key topics for cybersecurity in the times of crisis. Get a complete overview on Business Resilience Management for free and read the Analyst Advice from Senior Analyst Warwick Ashford!

Webcast

KuppingerCole Analyst Chat: Five Key Topics for Cybersecurity

Matthias Reinwarth and Martin Kuppinger identify the key topics for cybersecurity in the times of crisis. Get a complete overview on Business Resilience Management for free and read the Analyst Advice from Senior Analyst Warwick Ashford!

Blog

KuppingerCole Analyst Chat: Beyond Prevention - the Bigger Picture of Cyber Security

Matthias Reinwarth and Christopher Schütze are taking a look at five different phases of cyber security.

Webinar

May 13, 2020: Beating Fraudsters at Their Own Game With Fraud Reduction Intelligence Platforms

Fraud continues to be a major challenge for many organizations today. Industries such as finance, banks, payments, insurance, gaming, telecommunications, health care, etc. are dealing with increasing amounts of fraud and escalating sophistication of attacks. Account Takeovers (ATOs), synthetic fraud, and bots are a pervasive problem and continue to drain revenue from many businesses.

Webcast

KuppingerCole Analyst Chat: Beyond prevention - The Bigger Picture of Cyber Security

Matthias Reinwarth and Christopher Schütze are taking a look at five different phases of cyber security.

Webcast

A Compass for Choosing the Right Fraud Reduction Intelligence Platform

Companies are turning to Fraud Reduction Intelligence Platforms to reduce account takeover (ATO), synthetic fraud, bots, and other forms of fraud, which continue to be a pervasive and revenue-draining problem across many industries.

Executive View

Executive View: Hitachi ID IAM Suite - 80399

Enterprise IAM suites today need to meet an ever-growing list of IT requirements, which includes process automation, self-service, and identity-related administration and governance capabilities. Hitachi ID offers a well-integrated all-in-one IAM package that can meet these enterprise business requirements.

Executive View

Executive View: Sophos Intercept X - 80227

Sophos Intercept X is an endpoint security solution that is powered by a deep learning neural network, anti-exploit techniques, and anti-ransomware technology to provide advanced detection for all types of threats, especially ransomware, fileless/in-memory malware and malware that exploits unknown vulnerabilities in operating systems and application software.
Sophos Intercept X also offers optional integrated Endpoint Detection and Response response capabilities as well as Managed Threat Response services.

Blog

AI Landscape: More Complicated Than You Might Have Thought

I’m by no means an AI expert. Sure, I’ve been following the topic with much curiosity ever since reading an article about thinking machines back in 1990. Also, having a degree in mathematics sometimes helps to understand certain technicalities behind product labels. Still, I’m neither an AI developer nor a data scientist – I’m just an industry analyst whose primary job is to understand what new technologies and services appear on the market and to explain them to people who know even less than I do… Dispelling Myths When it comes to the recent media...

Blog

What Role Is Artificial Intelligence Playing During the COVID-19 Pandemic?

Novel coronavirus has impacted almost every country in the world. Millions have been infected, while fatalities caused by Covid-19 recently exceeded 100 thousand. Governments, science institutions and private companies are, among other methods, using Artificial Intelligence to find optimal ways of tackling the pandemic. Searching for the cure Using AI for finding novel drugs is not new. For several years now, large pharmaceutical companies have been collaborating with start-ups and established vendors for faster and optimal search for the desired medicine. AI has even been used to find...

Blog

Why Adaptive Authentication is the Future

Martin Kuppinger explains adaptive authentication.

Blog

COVID-19 Contact Tracing: Privacy Is not the only Challenge

In the UK there are plans to use a mobile ‘phone app to trace people who have been in contact with someone who has COVID-19 to warn them to go into quarantine in order to slow the spread of the virus. This approach is reported to have been successful in other countries, but it has raised concerns over individual privacy and how the government might use the data. However, while data analytics and other techniques can help with the pandemic privacy is not the only challenge. Quarantine Works Plagues are not new, and history has taught us that the most effective response to a plague is...

Webcast

Why Adaptive Authentication is the Future

Martin Kuppinger explains adaptive authentication.

Whitepaper

Whitepaper: Enhanced Privilege Access Management Solutions - 80176

Privileged Access Management (PAM) is one of the most important areas of risk management and security in any organization. Changing business practices, agile software development and digital transformation has meant that PAM solutions need an enhanced set of features to reduce the risk of privileged accounts being hijacked in this more challenging operating environment.

Blog

KuppingerCole Analyst Chat: Setting Your Cybersecurity Priorities Right

Matthias Reinwarth and Martin Kuppinger explain what you could be doing wrong with regards to cybersecurity priorities.

Webcast

KuppingerCole Analyst Chat: Setting Your Cybersecurity Priorities Right

Matthias Reinwarth and Martin Kuppinger explain what you could be doing wrong with regards to cybersecurity priorities.

Blog

KuppingerCole Analyst Chat: Protecting Your Organization Against Ransomware

Matthias Reinwarth and Alexei Balaganski discuss the history of ransomware and the measures needed to protect yourself against it.

Executive View

Executive View: Indeed Certificate Manager - 80178

Indeed Certificate Manager is a platform for centralized management of enterprise public key infrastructures. Its modular, hardware-agnostic architecture and innovative remote management capabilities help reduce management costs, improve productivity, and strengthen your company’s overall security and compliance posture.

Leadership Brief

Leadership Brief: Managing Non-Human Identities - 80278

As digital transformation gains momentum, new types of digital identity are emerging and growing rapidly. Identity management has traditionally focused on human identities, but non-human identities are proliferating and must not be overlooked. This Leadership Brief looks the importance of managing non-human and human identities in the same way, and how to approach achieving that.

Webinar

Apr 22, 2020: Die Krise bewältigen: So überstehen Sie den nächsten Sturm

Während die Covid-19-Krise noch in vollem Gange ist, haben viele Unternehmen die erste Phase des Umbruchs gemeistert. Jetzt ist es an der Zeit, auf vielen Ebenen – Finanzen, Geschäftsmodelle, Produktstrategien und mehr – für die Zukunft zu planen.

Webinar

Apr 23, 2020: Managing a Crisis: Prepare for Weathering the Next Storm to Come

While the Covid-19 crisis is still in full effect, many businesses have mastered the first phase of disruption. Now, the time starts to plan for the future, at many levels – financials, business models, product strategies, and more.

Congress

May 18 - 21, 2021: European Identity & Cloud Conference 2021

Come to the place where the Digital Transformation is happening. The European Identity & Cloud Conference, held from May 12-15, 2020, offers a mixture of best practice discussions, visionary presentations, and networking opportunities with a future-oriented community. More than 800 thought leaders, leading vendors, analysts, executives, and end-users get together in Munich to be inspired by a list of world-class speakers.

Blog

IAM Projects Stalling – Too Tools-Centric

Martin Kuppinger explains the reasons why so many Identity and Access Management projects can stall or even fail.

Webcast

IAM Projects Stalling – Too Tools-centric

Martin Kuppinger explains the reasons why so many Identity and Access Management projects can stall or even fail.

Press Release

KuppingerCole Cancels EIC 2020 Due to Ongoing Coronavirus Pandemic

Wiesbaden, April 7, 2020 – KuppingerCole Analysts AG officially cancels EIC 2020 due to the ongoing coronavirus pandemic. "Although we couldn’t wait to host you, the safety and health of our speakers, partners, participants, and team is too precious to risk," say Board Member Joerg Resch. "We take the guidance of our public health authorities – global and local – to heart, and have made our decision based on their recommendations."

Advisory Note

Advisory Note: Emerging Technologies Fostering Digital Business Innovation: Utilities & Energy - 80265

The energy and utilities sector will need to adapt to new industry trends of digitalization, decentralization, and the advent of a new type of consumer: the prosumer. Smart grids are a more efficient offering for energy management, and new business models beyond the prosumer will require the partnership of different actors in the industry. Emerging technologies like artificial intelligence (AI), blockchain, and IoT have can contribute to achieving these goals, but they are most impactful as supportive technologies that enable a deeper company transformation.

Blog

PEPP-PT: Bridging the Gap Between COVID-19 Pandemic Control and Privacy by Design

The use of modern information technology, in particular mobile data, is seen as a central measure in containing the current pandemic. However, the Corona App, which is used in South Korea to track the chains of infection, uses a variety of data (GPS, surveillance cameras, credit card data) to track the movements of potentially infected people, and does so in complete disregard of the privacy of those affected. Access to personal mobility data, combined with information on actual infections and diseases, holds the promise of providing better insight into the pathways of infection and the...

Blog

KuppingerCole Analyst Chat: Cybersecurity in the Enterprises in the Age of WFH

Matthias Reinwarth and Martin Kuppinger are discussing the security challenges enterprises are now facing with the majority of employees working from home.

Webcast

KuppingerCole Analyst Chat: Cybersecurity in the Enterprises in the Age of WFH

Matthias Reinwarth and Martin Kuppinger are discussing the security challenges enterprises are now facing with the majority of employees working from home.

Blog

Cybersecurity Awareness Training: Die wichtigsten Punkte in fünf Minuten

Martin Kuppinger spricht über die wichtigsten Aspekte von Cybersecurity, die man als Nutzer beachten sollte.

Leadership Brief

Leadership Brief: The Information Protection Life Cycle and Framework: Control Access - 80372

The modern economy is driven by information. Digital Transformation is made possible by information. But most forms of information must be protected to create and maintain value. The Information Protection Life Cycle and Framework provides concepts to organize the discovery, protection, and disposition of information objects. This article is the third in the series introducing the Information Protection Life Cycle and Framework.

Executive View

Executive View: Vectra Cognito - 80230

Vectra Cognito is a Network Detection and Response (NDR) platform supported by threat research and Artificial Intelligence (AI) in the form machine learning (ML) and Deep Learning for analyzing enterprise network traffic on premise and in the cloud to detect and respond to malicious activity by adversaries, with threat investigation and threat hunting capability.

Executive View

Executive View: R&S®Trusted Gate von Rohde & Schwarz Cybersecurity - 80400de

Transparente, datenzentrische Sicherheit in nicht vertrauenswürdigen Infrastrukturen. Zuverlässige Kontrolle und Überwachung von sensiblen Informationen, die in öffentlichen Clouds und Kollaborationswerkzeugen (z.B. Microsoft Office 365, SharePoint, Teams) gespeichert sind. Virtualisierung, Verschlüsselung und Aufteilung von Daten, um eine sichere und bequeme Zusammenarbeit für Multi-Cloud-, firmeninterne und hybride Speicherumgebungen und echte Datensouveränität zu ermöglichen. 

Webcast

Cybersecurity Awareness Training: Die wichtigsten Punkte in fünf Minuten

Martin Kuppinger spricht über die wichtigsten Aspekte von Cybersecurity, die man als Nutzer beachten sollte.

Blog

IAM Projects Stalling – Too Big to Win

Martin Kuppinger explains the reasons why so many Identity and Access Management projects can stall or even fail.

Blog

Working Securely at Home During the Pandemic

Working securely at home during the pandemic As more people are working from home than ever before, there is an increasing demand for communication services. But security needs to be a key consideration as businesses adapt to a new way of working, as my colleagues John Tolbert, Matthias Reinwarth, and Alexei Balaganski have pointed out in their recommendations on responding to the Covid19 pandemic. The move to cloud is obvious For many organizations, meeting the challenges presented by the pandemic means making a quick move to the cloud, but as Matthias points out, this must be managed...

Webcast

IAM Projects Stalling – Too Big to Win

Martin Kuppinger explains the reasons why so many Identity and Access Management projects can stall or even fail.

Blog

KuppingerCole Analyst Chat: How to Protect Data in a Hostile World

Matthias Reinwarth and John Tolbert are talking about the challenges of data protection in modern times.

Webcast

KuppingerCole Analyst Chat: How to Protect Data in a Hostile World

In the first official episode of the KuppingerCole Analyst Chat podcast, Matthias Reinwarth and John Tolbert are talking about the challenges of data protection in modern times.

Blog

Was die IT in der Krise NICHT machen sollte

Martin Kuppinger spricht über die Dinge, die IT-Teams in der Krise in jedem Fall vermeiden sollten.

Leadership Brief

Leadership Brief: The Information Protection Life Cycle and Framework: Acquire and Assess - 80371

The modern economy is driven by information. Digital Transformation is made possible by information. But most forms of information must be protected to create and maintain value. The Information Protection Life Cycle and Framework provides concepts to organize the discovery, protection, and disposition of information objects. This article is the second in the series introducing the Information Protection Life Cycle and Framework.

Webcast

Was die IT in der Krise NICHT machen sollte

Martin Kuppinger spricht über die Dinge, die IT in jedem Fall in der Corona-Krise vermeiden sollte.

Blog

Top 5 Work from Home Cybersecurity Recommendations for Enterprises

Today, Lead Analyst John Tolbert gives his five work from home cybersecurity recommendations for enterprises.

Webcast

Top 5 Work from Home Cybersecurity Recommendations for Enterprises

John Tolbert is talking about the current situation with regards the pandemic crisis and the cybersecurity-related things to consider for enterprises.

Webcast

Data Sovereignty in Public Clouds

Just a few years ago, IT infrastructures resembled medieval fortresses: Firewalls, intrusion prevention systems and anti-virus programs were supposed to ward off attacks even before the attacker  could enter.

Blog

Die fünf wichtigsten Cybersecurity Maßnahmen für Unternehmen in Zeiten des Home Office

Martin Kuppinger spricht in seinem Video über die wichtigsten Cybersecurity-Maßnahmen für Unternehmen während der Corona-Pandemie.

Executive View

Executive View: IRM-Prot-On - 71313

Sharing enterprise information is both a security risk and a necessity of the modern enterprise. IRM-Prot-On of Groupo CMC is a strong provider of enterprise information protection services. The solution enables document and file protection, permissions management, and information classification.

Executive View

Executive View: Micro Focus Access Manager - 80311

The Micro Focus Access Manager counts amongst the established and mature solutions for Web Access Management and Identity Federation. Micro Focus is continuously improving the product, leveraging new technology and remaining responsive to client requirements for an agile and comprehensive solution to their access control requirements. Micro Focus Access Manager is a solution well-suited for supporting web services authentication requirements, federated authentication environments, and agile deployment scenarios.

Executive View

Executive View: R&S®Trusted Gate by Rohde & Schwarz Cybersecurity - 80400

Transparent, data-centric security for untrusted infrastructures. Reliable control and monitoring of sensitive information stored in public clouds and collaboration tools (e.g. Microsoft Office 365, SharePoint, Teams). Virtualization, encryption and fragmentation of data enabling secure and convenient collaboration for multi cloud, on-premises and hybrid storage environments and true data sovereignty.

Executive View

Executive View: CyberArk Privilege Cloud - 80122

Privileged Access Management (PAM) has evolved into a set of technologies that addresses some of the most urgent areas of cybersecurity today against a backdrop of digital transformation and industrial change. CyberArk Privilege Cloud is an as-a-service solution designed to protect and control privileged access across on-premises, cloud and hybrid infrastructures. It is part of a suite of solutions and technologies from one of the leaders in PAM.

Blog

Ransomware During the Pandemic Crisis

It is really astonishing how quickly the word “pandemic” has evolved from a subject of obscure computer games to the center of everyone’s daily conversations… However, when discussing the latest news about the coronavirus outbreak, one should not forget another pandemic that’s been causing massive damages to businesses, governments, and individuals around the world for several years already. Since its initial emergence in Eastern Europe about a decade ago, it has quickly evolved into one of the largest global cyberthreats, crippling hospitals and entire...

Webcast

Die fünf wichtigsten Cybersecurity Maßnahmen für Unternehmen in Zeiten des Home Office

Martin Kuppinger spricht über die wichtigsten Cybersecurity-Maßnahmen für Unternehmen während der Corona-Pandemie.

 

Blog

KuppingerCole Analyst Chat - Our New Regular Podcast

Today we're officially launching KuppingerCole Analyst Chat - our new soon-to-be-regular audio podcast. In the pilot episode Martin Kuppinger and I are discussing Identity & Access Management challenges so many are facing now while having to work from home. At the moment, you can subscribe to our podcast on Spotify or watch new episodes on our YouTube channel. Other platforms will follow soon. Stay tuned for more regular content from KuppingerCole analyst team!

Virtual Event

May 12, 2020: Identity Fabrics & the Future of Identity Management

With this Virtual Event, KuppingerCole will help you in defining a step-by-step approach to migrate from your legacy IAM to a future-proof Identity Fabric.

Webinar

Apr 29, 2020: Access all Apps with Azure AD: A Single Identity Solution for Secure Access

Most businesses already rely on Azure Active Directory for secure, seamless access to Microsoft services like Office 365 and Azure. But with more applications being used than ever before, organizations are asking themselves what bigger role Azure Active Directory can play in securing their entire application ecosystem.

Webinar

Jul 09, 2020: Working From Home Is Not Secure Without an Effective IAM

The past few months have not only been disruptive to business models, but also to the way many people work. Working from Home (WfH) is the new normal for many of us, but it comes with many challenges, for workers, for their managers, for the IT teams. One of the biggest challenges is finding the right balance between enabling WfH and security.

Webcast

Identity & Access Management Challenges - Work From Home Edition

Welcome to the pilot issue of the KuppingerCole Analyst Chat - our soon-to-be-regular podcast. Stay tuned for more episodes!

Leadership Brief

Leadership Brief: Typical Risks and Pitfalls for IGA Projects - 72580

As the number and types of digital identities proliferate in the digital era and the number of data protection regulations around the world continues to grow, the need for an effective Identity Governance & Administration (IGA) capability has never been greater. This leadership brief outlines common risks and pitfalls of enterprise IGA projects and how they can be avoided.

Whitepaper

Whitepaper: AI, Machine learning and Privileged Access Management - 80120

Choosing a PAM solution has become a complex, and potentially time consuming, decision for modern organizations but one they must get right. If trends such as customer identities or privileged accounts used by DevOps are to be managed securely, then the final purchasing decision rests on carefully selecting solutions with the right feature sets. New technologies such as machine learning and AI are now being added to PAM solutions.

Executive View

Executive View: iWelcome IDaaS and CIAM - 80328

iWelcome provides a mature Identity-as-a-Service platform with extensive support for B2C (Customer Identity & Access Management – CIAM) and B2B use cases with interfaces for end-users as well as app developers. As an EU-based company, iWelcome strives to fulfill regional requirements such as interoperability with various national IDs and GDPR compliance, and as such provides unparalleled consent management features. Although iWelcome provides a horizontal solution, it has a strong customer base in regulated industries.

Leadership Brief

Leadership Brief: Introduction to the Information Protection Life Cycle and Framework - 80370

Leadership Compass

Leadership Compass: Fraud Reduction Intelligence Platforms - 80127

This report provides an overview of the market for Fraud Reduction Intelligence Platforms and provides you with a compass to help you to find the solution that best meets your needs. We examine the market segment, vendor service functionality, relative market share, and innovative approaches to providing Fraud Reduction Intelligence Platform solutions.

Blog

AI and Healthcare

AI's role in reducing the impact of future pandemics As the coronavirus spreads fear and panic across the world, it’s perhaps timely to take a step back and consider the future of healthcare and how AI will help. But first let’s consider that the coverage and spread of the virus shows us precisely just why reliable data is needed to help us cope with new diseases. At time of writing, most official advice on coronavirus is not based on hard data led evidence on how the virus spreads, the best way to contain it, who is most vulnerable, what is the incubation period and so on....

Webinar

Apr 21, 2020: AI Governance From a Practical Perspective

How can you ensure that your Artificial Intelligence project does not become a liability? An improper implementation, a socially insensitive data label, or negligent data management can easily lead to an auditing nightmare. What are the best practices to safely utilize and govern AI?

Blog

Top 5 Work from Home Cybersecurity Recommendations for Enterprises

As the business world moves to rapidly enable work-from-home (WFH), enterprise IT teams need to shift resources and priorities to ensure that remote workers are protected. Already we see malicious actors adapting and targeting remote workers more. My colleague Alexei Balaganski published a list of recommendations for small businesses. The Situation CheckPoint reports 4,000 domains related to coronavirus have been registered since January 2020, of which 3% are malicious and 5% are suspicious. Phishing attacks are increasing, which aim to capture remote workers credentials. VPNs are...

Leadership Brief

Leadership Brief: Beyond Marketing: The Future of Customer Interaction - 80292

Customer interaction is much more than marketing—it comprises all touchpoints during the customer journey. And the borders are becoming more and more blurry as many areas, such as marketing, sales, service, support, and consultancy are part of customer experience (CX). Furthermore, technological aspects shape the future of customer interaction: artificial intelligence and the Internet of Things (IoT) are among the most important technological trends in the changing field of customer interaction.

Webinar

Apr 16, 2020: A Compass for Choosing the Right Fraud Reduction Intelligence Platform

Companies are turning to Fraud Reduction Intelligence Platforms to reduce account takeover (ATO), synthetic fraud, bots, and other forms of fraud, which continue to be a pervasive and revenue-draining problem across many industries.

Blog

5G and Identity

5G Identity and Authentication 5G is the next generation of cellular mobile communications intended to support the massive increase in capacity and connectivity that will be required for the future cloud of things and to provide the enhanced bandwidth needed for new mobile data services.  The security of both depend upon being to identify not only the people but also the things that are using the network services.  Organizations need to act now to take account of how 5G will impact on their identity and access management governance and processes. 5G identifiers First it is...

Buyer's Compass

Buyer's Compass: API Management and Security - 80215

The complexity and breadth of the challenges to discover, monitor and secure all APIs within your enterprise can be daunting. This KuppingerCole Buyer’s Compass will provide you with questions to ask vendors, criteria to select your vendor, and requirements for implementing consistent governance and security along the whole API lifecycle.

Blog

The DON’Ts of IT in the Times of Crisis

Truly we are living in interesting times (incidentally, this expression, commonly known as “the Chinese curse”, has nothing to do with China). Just a couple of weeks ago the world was watching China fighting the coronavirus outbreak as something that surely can never happen in other countries. Today Europe and the United States are facing the same crisis and we’re quickly coming to the realization that neither memes nor thoughts and prayers are going to help: many countries have already introduced substantial quarantine measures to limit social interactions and...

Blog

Home Office in the Times of Pandemic – a Blessing or a Curse?

One of the most interesting office work developments of the last 20-30 years, the home office has radically gained new relevance amid the developing coronavirus pandemic. With the goal of limiting the spread of the virus, many companies and employees must suddenly resort to the option of working entirely from home. This is not only self-evident but also urgently necessary and will support many companies in their continued existence at the same time. Home office as an immediate pandemic quarantine measure The advantages are clear: social contacts in real life will be reduced to a...

Blog

Malicious Actors Exploiting Coronavirus Fears

Security researchers are discovering a number of malicious attacks designed to exploit public fears around COVID-19, more commonly just called coronavirus. The attacks to date take two major forms: a map which looks legitimate but downloads #malware, and various document attachments that purport to provide health and safety information related to COVID-19. The coronavirus heat map may look legitimate, in that it takes information from Johns Hopkins University’s page, which is itself clean. However, nefarious actors have created a package for sale on the dark web called...

Virtual Academy KC Master Class

Apr 07, 2020: Business Resilience Management in a Pandemic Crisis 

Attend this KC Master Class to learn what actions you can take immediately to handle the current pandemic crisis. In a second stage, an in-depth course will help you bolster your business resilience in the future. In order to react to the current pandemic developments, this KC Master Class is conceptualized particularly flexible to fit your needs and time constraints.

Blog

Modernizing IAM Solutions Leveraging New Operating Models With the KuppingerCole Identity Fabric

Executive View

Executive View: Exabeam Security Management Platform - 80001

Exabeam is a highly modular platform for collecting, storing, managing and correlating security events across multiple IT systems, both on-premises and in the cloud, with integrated orchestration and automation capabilities to improve analysts’ productivity. It can augment an existing SIEM or completely replace it.

Webcast

Modernizing IAM solutions leveraging new operating models with the KuppingerCole Identity Fabric

Learn more about Legacy IAM and how to modernize IAM solutions leveraging new operating models with the KuppingerCole Identity Fabric.

Webcast

The Perils of Today’s Approach on Access Governance: Start Protecting Data at Source

Protecting sensitive, valuable data is a must for every organization. Ever-increasing cyber-attacks and ever-tightening regulations mandate businesses to take action. Unfortunately, the common approaches of IGA (Identity Governance and Administration) that focus on managing static entitlements for systems and applications fall short in really securing the data at risk. They fail in managing data in motion. They are static. They don’t manage the usage of data well. Not to speak of all the challenges in role management projects and around regular access reviews.

Executive View

Executive View: Atos DirX Identity - 80166

Atos DirX Identity is a mature offering for IGA (Identity Governance and Administration), delivering both leading-edge Identity Provisioning capabilities and a strong risk-based Access Governance feature set. Atos has made significant improvements when it comes to the ease and flexibility of customization and added a modern, responsive user interface together with RESTful interfaces.

Webinar

May 26, 2020: Protect, Detect, Respond, Mitigate: A Modern Security Paradigm for Modern Enterprises

The Antivirus has been proclaimed dead years ago – you’ve probably heard those stories many times. But did you realize that the EDR (Endpoint Detection and Response), which was once supposed to address all its shortcomings, isn’t doing well either? After all, with the sheer number and complexity of modern cyber threats, what’s the point of detecting each one if you have neither time nor qualified manpower to analyze and mitigate them before they turn into major disruptions?

Blog

High Assurance MFA Options for Mobile Devices

In recent years much of the focus in the authentication space has been on MFA, mobile devices, and biometrics. Many technical advances have been made which also serve to increase usability and improve consumer experiences. There are a few reasons for this. MFA Multi-factor authentication is the number 1 method to reduce ATO (account takeover) fraud and prevent data breaches. We all know password authentication is weak and the easiest way in for malicious actors. MFA has been mandated by security policy in many organizations and government agencies for years. MFA is now also required in...

Webcast

What Does the Future Hold for Passwordless Authentication and Zero Trust?

Enterprises of all types face a growing number of cyber threats today. Studies show that most data breaches begin with compromised passwords. Moreover, password management is expensive and not user-friendly. Enterprise workforce users are driving the consumerization of IT. They want the same kind of flexibility and ease-of-use from the authentication systems at work that they use at home; often, this means using mobile devices.

Leadership Brief

Leadership Brief: What to Consider When Evaluating Decentralized Identity? - 80451

Decentralized identity solutions that meet a range of enterprise use cases are on the market. Being a discerning consumer means knowing the right questions to ask. This Leadership Brief guides you through the critical aspects of decentralized identity solutions that are relevant to enterprise adoption.

Executive View

Executive View: Informatica CLAIRE Engine - 80391

Intelligent data management allows enterprises to identify, understand, and act upon trends in enterprise data and metadata, and is an essential addition to the digitized organization’s toolkit. Informatica’s CLAIRE is a AI and machine learning engine which powers its intelligent data platform that is built into Informatica’s data management products, and is a strong choice to address the data management needs of today.

Leadership Brief

Leadership Brief: Find Your Route from SIEM to SIP and SOAR - 80008

Security Information and Event Management (SIEM) platforms have been a key part of many enterprises’ cybersecurity infrastructures for over a decade. However, facing the growing number and sophistication of cyber threats, even the largest security operations centers built around them fail to respond to attacks in time. Are SIEMs a thing of the past already? This Leadership Brief provides some insights and recommendations.

Blog

Preparation Is Key: Where Prevention Ends, and Business Continuity and Incident Response Management Begins

Ensuring the availability of processes and services in the event of an incident or a cyber attack is a fundamental part of a company’s cybersecurity approach. Commonly used phrases when it comes to such cybersecurity strategies, are Incident Response Management (IRM) and Business Continuity Management (BCM). Both should be part of a company's cybersecurity strategy, but what is the difference, how are they connected, and at what point in time do they start? Identification and prevention are fundamental Every organization is under attack, and there is the risk of being hit by a major...

Advisory Note

Advisory Note: Business Continuity in the age of Cyber Attacks - 70361

Business continuity and cyber security remain largely in separate siloes. But changes in the IT and cyber threat landscapes mean there is an urgent need for organizations to alter their approach. This leadership brief identifies why there needs to be closer alignment and integration between business continuity and cyber security teams, and provides recommendations on how to achieve this to reduce the business impact of cyber attacks and ensure none is a business killer.

Webcast

Solving Problems in Privileged Access Management with Automation

While businesses race ahead with digital transformation, security and identity management are often being left behind. The complexity of modern organizations of all sizes has undermined the traditional concepts of privileged access management (PAM) and privileged account usage. Help desks and IT security teams are often too busy and understaffed to be able to give PAM the attention it deserves.

Leadership Brief

Leadership Brief: 10 Top Trends in IAM - 80335

Digital identities are at the core of Digital Transformation, Information Security and Privacy. It has never been more important for enterprises to ensure they have the capability to manage identities effectively in a rapidly changing business, regulatory and IT environment. This Leadership Brief looks at the main trends to help businesses evolve their Identity and Access Management (IAM) strategies to meet new, emerging and future requirements.

Blog

Compromise of IOTA

Turning a blind eye to security in favor of optimism If you have any take-away from reading KuppingerCole research, hopefully it is that APIs are a critical element to protect. This is true regardless of the industry. Even cryptocurrencies. IOTA, the blockchain-like cryptocurrency and transaction network was compromised in mid-February. The API access to the IOTA crypto wallet via a payment service was targeted and exploited for potentially two to three weeks. Approximately 50 accounts were compromised, leading to the eventual theft of around 2 million Euros. There is a risk in trusting...

Market Compass

Market Compass: Decentralized Identity: Blockchain ID & Self-Sovereign Identity Solutions - 80064

The KuppingerCole Market Compass provides an overview of product or service offerings in a certain market segment.  This Market Compass covers decentralized identity, specifically Blockchain Identity and Self-Sovereign Identity (SSI) solutions. This is a very dynamic space filled with visionary and innovative vendors that are applying decentralized identity to real enterprise use cases. Their development marks the entrance of blockchain technology into mainstream enterprise Identity and Access Management (IAM), and their progress will indicate the future evolution of digital identity.

Blog

5G - How Will This Affect Your Organization?

What is it that connects Covent Garden in London, The Roman Baths in Bath and Los Angeles? The answer is 5G mobile communications used by media organizations. On January 29th I attended the 5G Unleashed event at the IET in London. (The IET is the body that provides professional accreditation for Engineers in the UK). At this event there were several presentations describing real world use cases of 5G as well as deep dives into the supporting infrastructure. While 5G is being sold to consumers as superfast mobile broadband there is a lot more to it than that. It has the potential to impact...

Virtual Academy KC Master Class

Mar 18, 2020: Identity & Access Management (IAM) Essentials

In this KC Master Class you will get a deep understanding of the terms and concepts of Identity and Access Management (IAM). Our analysts will teach common use cases, the various types of technologies that are part of IAM, the interplay of IAM and other areas such as cybersecurity, IT Service Management, but also architecture and the organizational aspects such as policies, processes, and organization.

Leadership Brief

Leadership Brief: Explainable AI - 80362

One of the largest barriers to widespread machine learning (ML) adoption is its lack of explainability. Most ML models are not inherently explainable on a local level, meaning that the model cannot provide any reasoning to support individual decisions. The academic and private sectors are very active in developing solutions to the explainability issue, and this Leadership Brief introduces the main methods that make AI explainable.

Advisory Note

Advisory Note: Trends in Privileged Access Management for the Digital Enterprise - 71273

Privileged Access Management (PAM) is one of the most important areas of risk management and security in any organization. Privileged accounts have traditionally been given to administrators to access critical data and applications. But, changing business practices, agile software development and digital transformation has meant that privileged accounts have become more numerous and widespread. To reduce the risk of privileged accounts being hijacked or fraudulently used, and to uphold stringent regulatory compliance within an organization, an adequate PAM solution is essential.

Executive View

Executive View: Google's Cloud Identity - 80326

Identity as a Service (IDaaS) is fast becoming the new face of Identity and Access Management (IAM) with several vendors now delivering cloud based IAM services to support the growth in cloud-based applications in the enterprise. Google’s Cloud Identity provides access to many popular cloud applications and offers some endpoint management features.

Leadership Brief

Leadership Brief: Cybersecurity Trends & Challenges 2020 - 80502

2019 already has been a challenging year in cybersecurity. There have (again) been many severe cyberattacks and breaches, and there is no hope that this might change in 2020. Cyberattacks will continue to increase in frequency and perhaps severity, and the cyber risks to hyperconnected businesses will continue to grow. With everything and everyone being connected, the attack surface is expanding. This Leadership Brief will discuss the top 5 challenges and the top 5 trends that KuppingerCole sees for 2020, followed by recommendations to deal with those challenges.

Webinar

May 07, 2020: Digital Identities & Healthcare IAM: Balancing Efficiency in Clinical Workflows and the Need for Security & Privacy

IAM infrastructure is becoming increasingly critical to the business success of healthcare providers. This is driven in the first instance by digitization and connectivity of everything and the inevitable efforts of cyber-criminals to compromise the newly connected assets. At the same time, and especially in sectors like healthcare, whose business is based on the collection and use of lots of valuable consumer data, the public and governments are demanding more accountability for safeguarding and appropriate use of personal information.

Advisory Note

Advisory Note: Cyber Risk – Choosing the Right Framework - 80237

As organizations undergo Digital Transformation the business impact of cyber risks increases.  It is essential that organizations manage these risks.  There are several frameworks that organizations could adopt to help them to manage these risks, but they need guidance to choose which is right for them.  This report describes the main cyber risk management frameworks and identifies the factors that organizations should consider when choosing which one to use.

Leadership Brief

Leadership Brief: 5G Impact on Organizations and Security - 80238

5G is the next generation of cellular mobile communications. It will provide the capacity and connectivity required to industrialize IoT, Smart Cities and Smart Manufacturing. This report explains what it is and its likely impact on organizations and their security.

Blog

Ambient Intelligence Can’t Mature Without an Identity Protocol

Every day we are experiencing the intersection of IoT and AI. The interactions of users, sensors, robots, vehicles, smart buildings, and much more is creating a new status quo for digital experiences. This growing range of smart devices – both in the IoT sense and the intelligent AI sense – mean we are moving beyond a singular focus on the smartphone. This heightened immersion into increasingly distributed, decentralized digital networks is what KuppingerCole has termed “Ambient Intelligence”. The synergy of AI and IoT that Ambient Intelligence enables will be a key...

Leadership Brief

Leadership Brief: Leveraging Identity Fabrics on your way towards cloud based IAM - 80501

Webcast

Holen Sie sich das SIEM, das Sie schon immer wollten: intelligent, automatisiert, mit unbegrenzter Kapazität

Vor 15 Jahren wurden Security-Information-and-Event-Management-Produkte (SIEM) als die ultimative Lösung für alle Sicherheitsprobleme in Unternehmen gefeiert, und das nicht ohne Grund: Schließlich ist die zentrale Erfassung und Verwaltung sicherheitsrelevanter Daten über alle IT-Systeme eines Unternehmens hinweg eine wichtige Voraussetzung für eine schnelle Analyse und Reaktion auf Cyber-Bedrohungen. Auch heute noch sind SIEM-Plattformen weit verbreitet, um Security Operations Centers (SOC) in großen Unternehmen oder Managed Security Services für...

Webinar

Mar 26, 2020: Data Sovereignty in Public Clouds

Just a few years ago, IT infrastructures resembled medieval fortresses: Firewalls, intrusion prevention systems and anti-virus programs were supposed to ward off attacks even before the attacker  could enter.

Whitepaper

Whitepaper: Success in Digital Finance: Doing Digital Identities right for a positive Digital Experience - 80164

Success in Digital Finance is not a miracle, but a combination of having the right offerings and services, and delivering a seamless and modern digital experience to the customers. Digital Identities take a central role in such digital experience, from the identity verification and digital onboarding process to recurring authentication and efficient processes based on “electronic paper”, with signing, sealing, and so on. Oxyliom Solutions delivers an integrated platform that supports all parts of identity services for a modern digital experience in finance, supporting the...

Executive View

Executive View: ESET Enterprise Inspector - 80192

Enterprise Inspector is ESET’s Endpoint Detection & Response (EDR) solution. It currently runs on Windows with future plans to cover Linux, and Mac clients, collecting and analyzing information to help security analysts determine if malicious activities have occurred. The solution also allows for pre-configured remediation actions to be executed when certain conditions are met.

Blog

Top 5 Recommendations for Reducing Cyber Risks in 2020

The turn of the year has been an occasion for many cybersecurity news outlets to talk about trends and challenges in cybersecurity. Despite the importance of knowing what the trends and challenges are, we want to give you some hands-on recommendations to increase security for your company. Of course the following recommendations are just a selection out of many possible measures. We are happy to discuss with you in more detail the implications for your concrete business model. 1. Beyond detect, prevent, respond: recovery & Incident Response Management While AI helps in increasing...

Blog

Why C-SCRM Is Becoming so Essential for Your Digital Business

The current discussion around Huawei and whether or not it should be endorsed as a supplier for 5G mobile network hard- and software has reminded us on how dependent we are on the integrity and reliability of such manufacturers and how difficult it is to trust their products if they are closed source and proprietary or otherwise hard or impossible to examine. Due to its undisputed vicinity to the Chinese government, Huawei has come under suspicion primarily by the US authorities to provide undocumented access capabilities to Chinese intelligence agencies enabling them to globally wiretap...

Press Release

Heterogeneity of Web Application Firewalls Market Increases

For companies doing business with commercial partners and customers via web applications, it is business-critical to maintain and protect these web applications. Since companies have become increasingly dependent on web applications for doing business, the need for Web Application Firewalls (WAF) has increased as well.

Blog

Will 2020 Be the Year of Oracle Cloud?

Recently I had an opportunity to attend the Next Generation Cloud Summit, an event organized by Oracle in Seattle, WA for industry analysts to learn about the latest developments in Oracle Cloud strategy. This was the first Oracle’s analyst summit in Seattle and coincidentally my first time in the Cloud city as well… Apparently, that’s a legitimate nickname for Seattle for a few years already, since all notable cloud service providers are located there, with Google and Oracle joining AWS and Microsoft at their historical home grounds by opening their cloud offices in the...

Market Compass

Market Compass: Web Application Firewalls - 70324

The KuppingerCole Market Compass provides an overview of the product or service offerings in a specific market segment. This Market Compass covers Web Application Firewall (WAF) solutions that span the spectrum of on-premises, cloud, and hybrid IT delivery models.

Executive View

Executive View: PlainID Policy Manager - 80315

PlainID Policy Manager aims to be the single source of truth for all entitlements, coarse- or fine-grained in your enterprise, controlling secure access across all identities, systems, and applications with the help of centrally managed business-focused policies.

Blog

Moving Towards AI and IoT Solutions Beyond Machine Learning

Microsoft is currently running ads extoling the virtue of AI and IoT sensors in helping farmers produce more and better crops, with less waste and higher yields. Elsewhere in manufacturing, supply chain management is being transformed with digital maps of goods and services that reduce waste and logistical delays. In Finland, a combination of AI and IoT is making life safer for pedestrians. The City of Tampere and Tieto built a pilot system that automatically detects when a pedestrian is planning to cross the street at an intersection. Cameras at intersections accessed algorithms trained...

Webcast

Cybersecurity Trends and Challenges 2020

Digitalization evolves with the increased use of microcomputers in everyday objects like cars and smart fridges, but also in industrial applications. Therefore, communication between devices is growing accordingly. While connecting devices is supposed to make our lives easier, it poses a great challenge from a security standpoint. Every connection opens a potential backdoor for attackers to slip inside your network.

Blog

Three Critical Elements Required to Close the Cybersecurity Skills Gap

The status on cybersecurity is fairly clear: 82% of employers report that their cybersecurity skills are not enough to handle the rising number of cyber incidents (Center for Strategic & International Studies, 2019. The Cybersecurity Workforce Gap). There is a gap – a gap between the skills needed for strong cybersecurity, and the skills you actually have. It is an individual problem, but also an enterprise problem and a global problem. The vast majority of the world simply does not have the skills to keep up with the cyber risks that we know exist. Three Critical Elements to...

Executive View

Executive View: PingAccess - 80323

With the rising complexity of IT environments and the many integration points to consider, PingAccess provides a flexible architecture that includes Web and API Access Management, whether on-premises or in the cloud. Combining PingFederate with PingAccess offers a complete Web Access Management solution.

Online Boot Camp

Sep 03, 2020: Identity Fabric Boot Camp

With the concept of an Identity Fabric, KuppingerCole describes a paradigm for the Future of IAM, which allows serving different needs in a consistent manner. This boot camp will provide you with insights and recommendations on how to get to an IAM Program that is ready for the 2025 horizon and beyond, and that helps you in supporting the agility of your business.

Leadership Brief

Leadership Brief: Assessing the Maturity of Core AI Disciplines - 80390

There are several disciplines that contribute to the Artificial Intelligence field: Natural Language Processing, Machine Learning, Machine Reasoning, and others. This Leadership Brief addresses their varying maturity levels for enterprise use.

Advisory Note

Advisory Note: Why High-Profile Digital Transformation Initiatives Fail: How to do better - 80289

A growing number of organizations are adapting their products, processes and strategies to capitalize on the benefits of digital technology, but some high-profile Digital Transformation (DX) initiatives have failed despite heavy investments. This Advisory Note looks at some of the main reasons DX initiatives fail and provides recommendations for avoiding these common pitfalls to ensure DX initiatives are sustainable and deliver long-term strategic benefits as well as short-term operational efficiencies. 

Advisory Note

Advisory Note: KRIs and KPI for Cyber Security - 80239

This report provides selected Key Risk Indicators (KRI) for the area of Cyber security. These indicators are easy to measure and provide organizations with a quick overview of the relevant risks and how these are changing. The indicators can be combined into a risk scorecard which then can be used in IT management and corporate management. 

Blog

Taking One Step Back: The Road to Real IDaaS and What IAM Really Is About

Shifting IAM to Modern Architecture and Deployment Models There is a lot of talk about IDaaS (Identity as a Service) these days, as the way to do IAM (Identity and Access Management). There are also fundamental changes in technology, such as the shift to containers (or even serverless) and microservice architectures, which also impact the technology solutions in the IAM market. However, we should start at a different point: What is it that business needs from IAM? If we step back and take a broader perspective, it all ends up with a simple picture (figure 1): The job of IAM is to provide...

Virtual Academy KC Master Class

Feb 18, 2020: Incident Response Management

In this KC Master Class you learn how to react adequately when a cyberattack has occurred in your company. Our analysts will prepare you for this worst case scenario by showing you how to rate risks realistically and integrate these ratings into your general incident response strategy. This strategy should include incident detection, administering responsibilities within company staff, defining a communication strategy for internals and externals and gaining a deep understanding of recovery processes.

Executive View

Executive View: Cleafy Advanced Threat Detection & Protection - 80309

Cleafy is a real-time clientless application risk assessment, threat detection and prevention platform for online services in highly regulated industries. Providing protection against advanced targeted attacks for unmanaged endpoints, it can prevent payment fraud, transaction tampering, credential theft, and other risks.

Executive View

Executive View: Callsign Intelligence Driven Authentication - 80174

Callsign is a provider of an identity platform that integrates consumer onboarding, authentication, and fraud management in a well-thought-out manner. In contrast to other solutions, all capabilities are tightly integrated. The platform uses AI/ML for risk analysis and supports passive and continuous authentication. It is feature-rich and easy to use, with flexible support for creating, managing, and testing user journeys.

Blog

The C5:2020 - A Valuable Resource in Securing the Provider-Customer Relationship for Cloud Services

KuppingerCole has accompanied the unprecedented rise of the cloud as a new infrastructure and alternative platform for a multitude of previously unimaginable services – and done this constructively and with the necessary critical distance right from the early beginnings (blog post from 2008). Cybersecurity, governance and compliance have always been indispensable aspects of this. When moving to the use of cloud services, it is most important to take a risk-based approach. There is nothing like “just the cloud”. It is not a single model but covers a wide and constantly...

Webcast

Improve Security With Critical Infrastructures Requirements

Organizations or institutions that are essential for the public are called Critical Infrastructures (KRITIS = “Kritische Infrastrukturen”). As such, they are subject to comprehensive and strict legal regimes consisting of laws and regulations. Their failure or significant impairments result in sustained supply shortages, significant disruptions to public safety or other drastic consequences. Their protection and the safeguarding of the public require appropriate concepts, processes and technologies. Watch this webcast and learn how your organization can benefit from...

Executive View

Executive View: Onegini Connect - 80168

Onegini provides a compelling no-code cloud-delivered solution for Consumer Identity and Access Management (CIAM) and B2B IAM. Onegini is headquartered in the Netherlands, is expanding across Europe, and has global ambitions. They have expertise in EU regulations such as GDPR, PSD2 and other industry-specific regulations. They are positioning their product as a CIAM solution for financial, pension and insurance industries with a strong mobile differentiator.

Webinar

Mar 03, 2020: Solving Problems in Privileged Access Management with Automation

While businesses race ahead with digital transformation, security and identity management are often being left behind. The complexity of modern organizations of all sizes has undermined the traditional concepts of privileged access management (PAM) and privileged account usage. Help desks and IT security teams are often too busy and understaffed to be able to give PAM the attention it deserves.

Blog

The Next Best Thing After "Secure by Design"

There is an old saying that goes like this: “you can lead a horse to water, but you can’t make it drink”. Nothing personal against anyone in particular, but it seems to me that it perfectly represents the current state of cybersecurity across almost any industry. Although the cybersecurity tools are arguably becoming better and more sophisticated, and, for example, cloud service providers are constantly rolling out new security and compliance features in their platforms, the number of data breaches and hacks continues to grow. But why? Well, the most obvious answer is...

Leadership Brief

Leadership Brief: Six Key Actions to Prepare for CCPA - 80353

From January 1st, 2020, when the California Consumer Privacy Act (CCPA) came into force, the requirements for managing personal data have changed.  This report identifies six key actions that IT needs to take to prepare for compliance.

Leadership Brief

Leadership Brief: Top Ten Trends in Cybersecurity - 80336

This report outlines 10 important trends and technologies in cybersecurity that KuppingerCole believes will shape security policies and solutions choice for organisations in the years ahead. 

Blog

Quantum Computing and Data Security - Pandora's Box or a Good Opportunity?

Not many people had heard of Schroedinger's cat before the CBS series "The Big Bang Theory" came out. Dr. Sheldon Cooper used this thought experiment to explain to Penny the state of her relationship with Lennard. It could be good and bad at the same time, but you can't be sure until you've started (to open) the relationship. Admittedly, this is a somewhat simplified version of Schroedinger's thoughts by the authors of the series, but his original idea behind it is still relevant 100 years later. Schroedinger considered the following: "If you put a cat and a poison, which is randomly...

Blog

Applying the Information Protection Life Cycle and Framework to CCPA

The California Consumer Privacy Act (CCPA) became effective on January 1, 2020. Enforcement is slated to start by July 1, 2020. CCPA is complex regulation which does bear some similarities with EU GDPR. For more information on how CCPA and GDPR compare, see our webinar. Both regulations deal with how organizations handle PII (Personally Identifiable Information). CCPA intends to empower consumers to give them a choice to disallow onward sales of their PII by organizations that hold that information.  A full discussion of what CCPA entails is out of scope. In this article, I want to...

Whitepaper

Whitepaper: Healthcare IAM: Enhance the Clinical Workflow - 80163

The Healthcare sector faces the common challenges of all businesses today: digital transformation, cyber-security, and increasingly stringent regulations. But Healthcare also has unique challenges because clinical operations depend on continual access to customers’ most sensitive personal information and require life-or-death decisions on a daily basis. This environment demands digital-identity capabilities that enable fast, anywhere/anytime access to clinicians while satisfying growing requirements for security, privacy and compliance.

Executive View

Executive View: Informatica: Customer 360 - 80290

When optimizing customer centricity and customer engagement, data is an important resource. To ensure an ideal customer experience, various challenges across the customer lifecycle must be solved. Informatica’s Customer 360 solution is designed to manage data across the entire customer lifecycle in a highly flexible way to meet various customer scenarios.

Executive View

Executive View: Apigee Edge API Management Platform - 80307

Apigee offers a comprehensive platform to support end-to-end API management at every stage of API lifecycle. From API design to publication, productization, and monetization to monitoring and securing live endpoints – everything is managed centrally across on-premises, cloud-based and hybrid environments.

Leadership Brief

Leadership Brief: Robotic Process Automation - 80333

Robotic Process Automation (RPA) is a type of automation technology with the potential to transform the way businesses operate by automating manual tasks within business processes by implementing (software) “robots” to perform these tasks instead of humans. This leadership brief looks at the most appropriate applications of RPA and the biggest potential business benefits.

Webcast

API Management and Security: Don’t Trade Protection for Convenience

Once a purely technical concept created to make developers’ lives easier, Application Programming Interfaces (APIs) have evolved into one of the foundations of modern digital business. As companies are struggling to maintain their business agility, to react to the ever-changing market demands and technology landscapes, the need to deliver a new application or service to customers as quickly as possible often trumps all other considerations. Often, security becomes an afterthought at best or, even worse, it is seen as a nuisance and an obstacle on the road to success. While the...

Blog

RPA and AI: Don’t Isolate Your Systems, Synchronize Them

We already hear a lot about artificial intelligence (AI) systems being able to automate repetitive tasks. But AI is such a large term that encompasses many types of very different technologies. What type of solutions are really able to do this? Robotic Process Automation (RPA) configures software to mimic human actions on a graphic user interface (GUI) to carry out a business process.  For example, an RPA system could open a relevant email, extract information from an attached invoice, and input it in an internal billing system. Although modern RPA solutions are already relying on...

Executive View

Executive View: Oracle Identity Governance - 80157

As the market, technology, and regulation forces change, Oracle offers a comprehensive Identity Governance solution that can meet the ever evolving enterprise needs. Oracle Identity Governance (OIG) addresses compliance at scale within the more modern cloud environments.

Blog

Proper Patch Management Is Risk-Oriented

With regard to cybersecurity, the year 2020 kicks off with considerable upheavals. Few days ago, my colleague Warwick wrote about the security problems that arise with some of Citrix's products and that can potentially affect any company, from start-ups and SMEs to large corporations and critical infrastructure operators. Just a few hours later, NSA and many others reported a vulnerability in the current Windows 10 and Windows Server 2016 and '19 operating systems that causes them to fail to properly validate certificates that use Elliptic Curve Cryptography (ECC). This results in an...

Executive View

Executive View: Microsoft Azure AI Platform - 80233

The Microsoft Azure AI platform provides a comprehensive enterprise solution for designing and implementing customized AI solutions. The cloud and hybrid deployment options, modular AI services, and management tools make the platform a strong choice for an AI-on-demand solution.

Executive View

Executive View: Saviynt Security Manager for Enterprise IGA - 80325

Saviynt offers a comprehensive compliance-as-a-service platform providing Identity Governance and Management, Application Risk and Governance, Cloud Security, and Cloud PAM functionality. Designed to be deployed as a cloud, hybrid, or on-premise solution, the Saviynt Security Manager for Enterprise IGA helps customers demonstrate assured compliance using their access governance and risk intelligence capabilities.

Online Boot Camp

Aug 20, 2020: Privileged Access Management (PAM) Boot Camp

In the age of digital transformation, our organizations must constantly reinvent themselves by being agile and more innovative. Emerging technology initiatives such as the digital workplace, DevOps, security automation, and the Internet of Things continue to expand the attack surface of organizations as well as introduce new digital risks. To stay competitive and compliant, organizations must actively seek newer ways of assessing and managing security risks without disrupting the business. Security leaders, therefore, have an urgent need to constantly improve upon the security posture of...

Blog

Mitigate Citrix Vulnerability in Face of PoC Exploits

Despite a Citrix warning in mid-December of a serious vulnerability in Citrix Application Delivery Controller (ADC) and Citrix Gateway (formerly NetScaler and NetScaler Gateway), thousands of companies have yet to put in place the recommended mitigations. In the meantime, several proof of concept (PoC) exploits have been published on GitHub, making it extremely easy for attackers to gain access to networks and impersonate authorized users. Thousands of Citrix systems still vulnerable Initial estimates put the number of vulnerable systems at 80,000 in 158 countries. Researchers reported...

Executive View

Executive View: AWS Security Analytics Solutions - 80220

AWS provides a comprehensive suite of services to monitor for threats, misconfigurations and compliance violations across its portfolio, with all security alerts aggregated, organized and prioritized within AWS Security Hub – an extensible cloud security and compliance management platform.

Webinar

Apr 28, 2020: The Security & Identity Challenges of Modern IT: Agile IT & DevOps Done Right & Secure

Security and identity must evolve in order to support today’s IT. While traditional IT appears being rather simple to secure, current security risks necessitate a greater degree of agility: shifting to DevOps paradigms, implementing a CI/CD chain, running services in hybrid cloud environments (or wherever else). This requires a security angle on DevOps, which you might name DevSecOps.

Online Boot Camp

Nov 13, 2020: Incident Response Boot Camp

This boot camp will allow you to check your organization’s cyber incident response plan against best practices or help you to create a response plan if you don’t already have one! It will guide you to the best practices for responding to a cyber incident and the technologies that can help to reduce its impact. It will also help you to choose the kinds of partners that you may need when an incident occurs.

Leadership Brief

Leadership Brief: IAM for Robotic Process Automation: How to Avoid Security Challenges - 80383

Robotic Process Automation (RPA) is one of the trending topics in today’s IT environments. RPA promises to automate manual tasks within business processes by implementing (software) “robots” that perform these tasks instead of humans. Such software robots must have a digital identity, and the access rights of these robots must be kept under control for enforcing the Principle of Least Privilege and avoiding major security challenges. IAM for RPAs, therefore, must be carefully considered and planned.

Webinar

Mar 05, 2020: What Does the Future Hold for Passwordless Authentication and Zero Trust?

Enterprises of all types face a growing number of cyber threats today. Studies show that most data breaches begin with compromised passwords. Moreover, password management is expensive and not user-friendly. Enterprise workforce users are driving the consumerization of IT. They want the same kind of flexibility and ease-of-use from the authentication systems at work that they use at home; often, this means using mobile devices.

Webinar

Mar 10, 2020: The Perils of Today’s Approach on Access Governance: Start Protecting Data at Source

Protecting sensitive, valuable data is a must for every organization. Ever-increasing cyber-attacks and ever-tightening regulations mandate businesses to take action. Unfortunately, the common approaches of IGA (Identity Governance and Administration) that focus on managing static entitlements for systems and applications fall short in really securing the data at risk. They fail in managing data in motion. They are static. They don’t manage the usage of data well. Not to speak of all the challenges in role management projects and around regular access reviews.

Executive View

Executive View: F-Secure Rapid Detection & Response - 80182

Rapid Detection & Response is F-Secure’s Endpoint Detection & Response (EDR) solution. It runs on Windows and Mac clients, collecting and analyzing information to help security analysts determine if malicious activities have occurred. The solution also allows for pre-configured remediation actions to be executed when certain conditions are met and offers F-Secure expert service advice when needed.

Virtual Academy KC Master Class

Feb 04, 2020: PAM for the 2020s

Attend this KC Master Class to learn how to protect privileged accounts of your company. Based on many years of experience, KuppingerCole Analysts will deliver practical knowledge on password management and automatic rotation, enforcement of the least privilege principle, vulnerability identification, risk management, central analysis, session management and monitoring, and efficient, comprehensive auditing.

Blog

PAM Can Reduce Risk of Compliance Failure but Is Part of a Bigger Picture

The importance of privilege accounts to digital organizations and their appeal to cyber attackers has made Privilege Access Management (PAM) an essential component of an identity and access management portfolio. Quite often, customers will see this as purely as a security investment, protecting the company’s crown jewels against theft by organized crime and against fraudulent use by internals. More successful cyber-attacks are now enabled by attackers gaining access to privilege accounts. However, that is only part of the story. Organizations also must worry about meeting governance...

Webinar

Feb 18, 2020: Holen Sie sich das SIEM, das Sie schon immer wollten: intelligent, automatisiert, mit unbegrenzter Kapazität

Vor 15 Jahren wurden Security-Information-and-Event-Management-Produkte (SIEM) als die ultimative Lösung für alle Sicherheitsprobleme in Unternehmen gefeiert, und das nicht ohne Grund: Schließlich ist die zentrale Erfassung und Verwaltung sicherheitsrelevanter Daten über alle IT-Systeme eines Unternehmens hinweg eine wichtige Voraussetzung für eine schnelle Analyse und Reaktion auf Cyber-Bedrohungen.

Leadership Brief

Leadership Brief: Radically Lean: NoOps and Serverless Computing - 80305

Computing is continually getting leaner and becoming more like a utility as it moves increasingly further away from on-premise physical hardware by abstracting IT environments away from the underlying infrastructure. This trend towards NoOps computing that eliminates the need for operational teams to manage software and infrastructure has seen the introduction of Virtual Machines, Containers and Serverless Computing. This leadership brief identifies the most appropriate uses of Serverless Computing and provides recommendations on how to decide when this model is a good fit for a business.

Executive View

Executive View: Informatica Data Privacy Management - 80276

Informatica Data Privacy Management is an AI-enhanced unified data security platform for identifying, analyzing, quantifying and mitigating risk related to sensitive data to enable businesses to get the most out of company data and digital transformation processes without exposing the enterprise to increased risk. Data Privacy Management includes tools to identify and monitor sensitive data on premise and in the cloud as well as control who can access the data and how that data can be used. In addition to highlighting potential risks to improve security and ensure regulatory compliance,...

Blog

More SEs + TEEs in Products = Improved Security

Global Platform announced in 4Q2019 that more than 1 billion TEE (Trusted Execution Environment) compliant devices shipped in 2018, and that is a 50% increase from the previous year. Moreover, 6.2 billion SEs (Secure Elements) were shipped in 2018, bringing the total number of SEs manufactured to over 35 billion since 2010. This is good news for cybersecurity and identity management. TEEs are commonly found in most Android-based smartphones and tablets. A TEE is the secure area in the processor architecture and OS that isolates programs from the Rich Execution Environment (REE) where most...

Blog

The 20-Year Anniversary of Y2K

The great non-event of Y2K happened twenty years ago. Those of us in IT at that time weren’t partying like it was 1999, we were standing by making sure the systems we were responsible for could handle the date change. Fortunately, the hard work of many paid off and the entry into the 21st century was smooth. Many things have changed in IT over the last 20 years, but many things are pretty similar. What has changed? Pagers disappeared (that’s a good thing) Cell phones became smartphones IoT devices began to proliferate The cloud appeared and became a dominant computing...


Welcome to KuppingerCole

How can we help you

Send an inquiry

+49 211 237 077 33

Mo – Fr 8:00 – 17:00

Stay Connected

Spotlight

AI for the Future of Your Business Learn more

AI for the Future of Your Business

AI for the Future of your Business: Effective, Safe, Secure & Ethical Everything we admire, love, need to survive, and that brings us further in creating a better future with a human face is and will be a result of intelligence. Synthesizing and amplifying our human intelligence have therefore the potential of leading us into a new era of prosperity like we have not seen before, if we succeed keeping AI Safe, Secure and Ethical. Since the very beginning of industrialization, and even before, we have been striving at structuring our work in a way that it becomes accessible for [...]