Analyst/Advisor details

Paul Fisher Senior Analyst

London / United Kingdom

Email   

Paul Fisher is a Senior Analyst who researches primarily on cybersecurity and identity and access management (IAM). He also studies trends in AI, IoT and data governance for different industry sectors including automotive. Paul is responsible for managing relevant quantitative research at KuppingerCole.

He has been an IT journalist and analyst since 1991. In that time, he served as editor in chief of several major IT and business titles in the UK.

Paul has worked as a communications consultant with IBM, HP Enterprise Security Services, Sky UK and other leading companies on data security and IT projects.

Recent blog posts

Blog

PAM Is Changing and You Need to Know Why

What is left to say about PAM that has not already been said? Well in my opinion, quite a lot – as I hope you find out when you join me at the forthcoming KCLive Event, Operationalizing Privileged Access Management. I talk to PAM vendors all the time and I believe it is a truly…

Blog

Time CISOs Stopped Trying to Speak to the Board?

I have been covering cybersecurity issues, first as a journalist then as an analyst, since 2006. In that 15 years I have heard the mantra that security is a boardroom issue hundreds of times. The subject has filled countless conference talks and media articles. It appears that the…

Blog

AI and Healthcare

AI's role in reducing the impact of future pandemics As the coronavirus spreads fear and panic across the world, it’s perhaps timely to take a step back and consider the future of healthcare and how AI will help. But first let’s consider that the coverage and spread of the…

Blog

Moving Towards AI and IoT Solutions Beyond Machine Learning

Microsoft is currently running ads extoling the virtue of AI and IoT sensors in helping farmers produce more and better crops, with less waste and higher yields. Elsewhere in manufacturing, supply chain management is being transformed with digital maps of goods and services that reduce…

Blog

PAM Can Reduce Risk of Compliance Failure but Is Part of a Bigger Picture

The importance of privilege accounts to digital organizations and their appeal to cyber attackers has made Privilege Access Management (PAM) an essential component of an identity and access management portfolio. Quite often, customers will see this as purely as a security investment,…

Blog

VMware’s New Idea for Fixing Cybersecurity: Intrinsic Security

At VMworld Europe 2019, Pat Gelsinger, CEO of VMware said security is fundamentally broken and that the overabundance of vendors is making the problem worse. I’m not sure this is true. Gelsinger had some good lines: applications that are updated and patched on a regular basis should…


Recent research documents

Executive View

WALLIX Bastion

WALLIX Bastion is a PAM solution that offers the fundamentals of session management, password management and access management as well as more advanced features such as PEDM and privileged management for machines and applications. The product also provides detailed session recording,…

Leadership Compass

Privileged Access Management for DevOps

Privileged Access Management (PAM) is an important area of access risk management and identity security in any organization. Privileged accounts have traditionally been given to administrators to access critical data and applications. But, changing business practices, hybrid IT, cloud and…

Executive View

BeyondTrust Endpoint Privilege Management

Privileged Access Management (PAM), of which Endpoint Privilege Management (EPM) is a part, is an essential component in protecting organizations against cyber-attacks, ransomware, malware, phishing, and data leaks. No longer a tool for protecting admin accounts, privilege management now…

Market Compass

Digital Workplace Delivery Platforms

The KuppingerCole Market Compass Workplace Delivery covers solutions that assist organizations in managing applications and data that end users access from a “single pane of glass” interface. These can run on existing PC workstations and remote devices including smartphones and…

Executive View

Archer Integrated Risk Management

Today’s GRC solutions offer better alignment with corporate objectives, increased transparency, superior information risk management and more cost-effective compliance. This paper looks at the mature Archer Suite which offers a comprehensive range of solutions and features to assist…


Recent videos

Video

Analyst Chat #74: The Influence of PAM on WfH, and its Influence on PAM

Building on the first three podcast episodes of this series with Annie and Shikha, Paul Fisher and Matthias turn their attention to the Privileged Access Management aspect in the context of WfH and its Cybersecurity Threat Landscape. They look at the role PAM plays in the particular WfH…

Video

How Can Privileged Access Management Help Securing the Enterprise?

How can PAM technologies fit into a Zero Trust architecture and model? How could a PAM technology help us sleep better at night, as many are anxious about falling victim to an attack similar to the Solar Winds attack? Is there a future in deploying PAM in DevOps environments? And how can…

Video

Analyst Chat #60: The 2021 Trends in DevOps and Security

Although not really brand new, there are still a lot of interesting developments around DevOps when it comes to cybersecurity and more. Paul Fisher shares some trends and insights with Matthias and tells us what to expect in this rapidly evolving segment.

Video

Analyst Chat #54: Privileged Access in an Agile World - PAM for DevOps

The PAM market continues to evolve and many organizations are adopting the DevOps paradigm where critical access and sensitive accounts are required in fast moving and agile environments. Paul Fisher meets Matthias for this episode and shares his research on PAM for DevOps. They talk about…

Video

Operationalizing Least Privilege

Striking the balance between enabling users and administrators to be productive whilst protecting your sensitive systems and data is becoming ever more challenging. Attackers are often one step ahead of organizations, and even those with the most comprehensive security systems and controls…