Paul Fisher

Lead Analyst
London / UK

Paul Fisher is a Senior Analyst who researches primarily on cybersecurity and identity and access management (IAM). He also studies trends in AI, IoT and data governance for different industry sectors including automotive. Paul is responsible for managing relevant quantitative research at KuppingerCole.

He has been an IT journalist and analyst since 1991. In that time, he served as editor in chief of several major IT and business titles in the UK.

Paul has worked as a communications consultant with IBM, HP Enterprise Security Services, Sky UK and other leading companies on data security and IT projects.

Recent research

Leadership Compass

CIEM & Dynamic Resource Entitlement & Access Management (DREAM) platforms

This report provides an overview of the market for platforms that support CIEM and DREAM environments and provides you with a compass to help find the solution(s) that best meets your needs. We examine the market segment, vendor service functionality, relative market share, and innovative…

Executive View

Microsoft Entra Permissions Management

As organizations adopt multi cloud infrastructures to support business workflows involving user and workload identities it's increasingly difficult to know who has access to what data across which platforms. It increases the risk of unauthorized identities having access to critical…

Executive View

ARCON Endpoint Privilege Management

The number of privileged requests made from endpoints has increased significantly in recent years, and more so since the pandemic. Those with traditional privileged access may now be working from home or remotely, while a new generation of users are requiring privileged access on a Just in…

Executive View

Indeed Privileged Access Manager

Indeed Identity is an Identity & Access Management (IAM) vendor founded in 2011. In recent years it has expanded into the Privileged Access Management (PAM) market with an entry level platform that covers basic PAM capabilities. This move reflects wider interest by other IAM vendors in the…

Executive View

Hitachi ID Bravura Privilege

Hitachi ID is a global IAM software provider, based in Canada. It offers Hitachi ID Bravura Privilege as its primary offering to the PAM market, along with the complementary Hitachi ID Bravura Identity product on a single platform and framework. In the last few years PAM has evolved into a…

Recent blog posts


Stop attackers enjoying a pick ‘n’ mix attack surface

We know that the way forward for business IT is to use multi-hybrid architectures for long term agility of operations. Such architectures will include multiple clouds for new services, on-prem stacks, edge devices, OT integration and much more. But while the need for multi-hybrid is clear,…


Complex Modern Business Needs Trusted IT Partners to Be Secure

In today’s business environment, companies have three major challenges – making a profit, finding great people, and staying ahead of the competition. That’s quite enough, but they also have major operational challenges with IT, cyber security, and compliance. For example,…


Microsoft’s Threat Intelligence Play is Good News for Customers in Fight Against Ransomware

This week, Microsoft made official its agreement to acquire Threat Intelligence vendor RiskIQ in a deal rumoured to be worth around $500m. It is not an unusual event; Microsoft has absorbed five businesses already in 2021, and usually it is to acquire a discrete technology it deems useful…


PAM Is Changing and You Need to Know Why

What is left to say about PAM that has not already been said? Well in my opinion, quite a lot – as I hope you find out when you join me at the forthcoming KCLive Event, Operationalizing Privileged Access Management. I talk to PAM vendors all the time and I believe it is a truly…


Time CISOs Stopped Trying to Speak to the Board?

I have been covering cybersecurity issues, first as a journalist then as an analyst, since 2006. In that 15 years I have heard the mantra that security is a boardroom issue hundreds of times. The subject has filled countless conference talks and media articles. It appears that the…

Recent videos


Analyst Chat #135: Can DREAM Help Me Manage My Multi-Hybrid Infrastructure?

The IT environments have become complex, and this will not stop as more technologies such as Edge Computing start to take hold. Paul Fisher looks at the full scope of entitlements across today's multi-hybrid environments. He explains how this new market segment between the cloud,…


Security and Compliance Benefits of Endpoint Privilege Management

As IT applications and endpoints proliferate, and enterprises shift to hybrid IT and hybrid working models, managing end user privileges is becoming very challenging, resulting in breaches, fraud, and undetected risky behavior. Enterprises need a way of governing end users wherever they are…


Multi-Cloud Permissions Management

Most businesses are adopting cloud services from multiple providers to remain flexible, agile, efficient, and competitive, but many do not have enterprise-wide control over and visibility of tens of thousands of cloud access permissions, exposing the enterprise to risk of security breaches.


Multi-Cloud Identity Governance 101

In an effort to cut costs, improve efficiencies, and cater for a mobile and remote workforce, businesses are adopting cloud services from multiple providers. This has created a host of challenges in managing identity and access across multiple clouds, and has introduced several risks that…


Dealing Effectively with Modern, Industrialized Cyber Threats

The cyber threat landscape has become very complex, with state-of-the-art intrusion, ransomware, and cryptocurrency mining tools now readily available through online stores and service providers, and an expanding attack surface due to increased cloud computing and remote working. Keeping…