Fellow Analyst

Paul Simmonds

Paul Simmonds is Fellow Analyst at KuppingerCole and also CEO of the Global Identity Foundation; he was previously the Global CISO for AstraZeneca, Global CISO for ICI, Head of Information Security with a high security web hosting provider and Global Information Security Manager at Motorola.

Paul co-founded the Jericho Forum and served on its board of management through its ten year existence. He is also the co-editor of the Cloud Security Alliance’s "Security Guidance for Critical Areas of Focus in Cloud Computing v3.0”. He’s been awarded both “Chief Security Officer of the Year” and "Best Security Implementation" at the SC Magazine Awards and is twice listed as one of Network World’s “most powerful people in networking".

Paul Simmonds sits on the global advisory board of a number of global companies, as well as the Executive Advisory Board of ISSA UK.

Latest publications

Webinar Recording
Cyber Resilience Through SOC Automation
March 08, 2023
Join experts from Kuppinger Cole Analysts and Palo Alto Networks as they discuss why automating as much as possible and providing information to enable analysts to make timely decisions should be a priority for SOC management. They will also explore the benefits of Security Orchestration,…
Die Automatisierung des SOC
February 23, 2023
SOAR, Security Orchestration, Automation and Response, ist das jüngste in einer Reihe von mit Security verbundenen Modewörtern, die sich auf dem Markt verbreiten. Obwohl SOAR erst in den letzten Jahren aufgekommen ist, entwickelt es sich schnell zu einem unverzichtbaren Werkzeug für Unternehmen.
Automating the SOC
January 19, 2023
SOAR, Security Orchestration, Automation and Response, is the latest in a line of security buzzwords to hit the market; and while SOAR may have only emerged in the last few years, it is fast becoming an essential tool for organizations.
Planning for a "Passwordless" future
July 16, 2021
Passwords have been beyond their "sell-by" date for over twenty years and managing the password lifecycle within an organisation comes at a large cost to any enterprise; passwords also form an attractive target for hackers and organised crime alike. Passwordless systems promise not only to…
Webinar Recording
The Path to Going Passwordless
July 07, 2021
Password-based authentication is no longer fit for purpose. Passwords are costly and difficult to manage, they result in poor user experiences, and they are easily compromised. This has been widely recognized for some time, but going passwordless is also challenging and continues to be…
Event Recording
Paul Simmonds: Why Your Business Needs a Strategic Approach to PAM
April 29, 2021
Often missed as a niche part of IT, “admin” access is the holy grail for the bad-guys attacking your business. Thus, its crucial to understand why a strategic approach to PAM and Credential management will improve your corporate security posture.  This talk will look…
Event Recording
Paul Simmonds: Alignment of Zero Trust with Business Strategy
February 18, 2021
Webinar Recording
Zero Trust for the Workforce
December 02, 2020
While the concept of zero-trust networking is nearly a decade old, the last few years have seen its popularity in industry discussions grow exponentially.
Cybersecurity Pen-Tests: Time to Get Smart About Testing?
June 14, 2019
One of my favorite stories is of a pen-test team who were brought in and situated next door to the SOC (Security Operations Centre); and after a week on-site they were invited for a tour of the SOC where they queried a series of alarms [that they had obviously caused] only to be told…
Event Recording
Paul Simmonds - From Network Protection to Data Security
December 18, 2018
"Zero Trust" is the latest security buzzword from the vendors marketing department; but what it actually means for you means should vary depending on your business requirements. Properly aligning security architecture to enable the business strategy of the organisation is the key to…
Webinar Recording
Zero Trust: Solving IT Security’s Identity Crisis
May 04, 2018
Although companies are constantly increasing their cybersecurity budgets, this does not seem to help much: each day we learn about new large-scale data breaches. Considering that over 80% of hacking-related breaches leverage compromised user credentials, it’s mindboggling why so many…
Webinar Recording
Prevent Data Breaches - Moving to a Modern Approach to Breach Avoidance in Three Steps
December 07, 2016
The biggest mistake you can make it assuming you cannot, or will never, be breached – the challenge for any company is to have a strategy that meets their risk appetite, security measures with a known ROI, a detection plan so that you know before your customers and a mitigation…