Analyst details

Mike Small Senior Analyst

Stockport / UK

Experience:
40 years in IT industry
At KuppingerCole since 2009

Email    Blog    @MikeSmall64    Profile   

Roles & Responsibilities at KuppingerCole:

Mike Small has been a Distinguished Analyst at KuppingerCole since more than 4 years. His current focus is security and risk management in the Cloud.

Background & Education:

Mike is a member of the London Chapter of ISACA Security Advisory Group, a Chartered Engineer, a Chartered Information Technology Professional, a Fellow of the British Computer Society, and a Member of the Institution of Engineering and Technology. He has a first class honours degree in engineering from Brunel University.

  

Areas of coverage:

  • Cloud Provider Selection and Assurance
  • Information Security Program Maturity Assessments
  • Information Stewardship
  • Big Data

Professional experience:

Until 2009, Mike worked for CA (now CA Technologies Inc) where he developed the identity and access management strategy for distributed systems. This strategy led to the developments and acquisitions that contributed to CA‘s IAM product line.

Recent blog posts

Blog

GDPR and Financial Services – Imperatives and Conflicts

Over the past months two major financial services regulations have come into force. These are the fourth money laundering directive (4AMLD) and the Second Payment Services Directive (PSD II). In May this year the EU General Data Protection Regulation will be added. Organizations within the…

Blog

EBA Rules out Secure Open Banking?

On January 30th in London I attended a joint workshop between OpenID and the UK Open Banking community that was facilitated by Don Thibeau of OIX. This workshop included an update from Mike Jones on the work being done by OpenID and from Chris Michael Head of Technology, OBIE on UK Open…

Blog

UK Open Banking – Progress and Challenges

On January 13th, 2018 a new set of rules for banking came into force that open up the market by allowing new companies to offer electronic payment services. These rules follow from the EU Directive 2015/2366 of 25 November 2015 that is commonly referred to as Payment Services Directive II…

Blog

McAfee Acquire Skyhigh Networks

McAfee ,  from its foundation in 1987 ,  has a long history in the world of cyber-security.  Acquired by Intel in 2010, it was spun back out ,  becoming McAfee LLC ,  in April 2017 .   According to the  announcement  on April…

Blog

Grizzly Steppe – What Every Organization Needs to Do

On December 29 th, the FBI together with CERT finally released a Joint Analysis Report on the cyber-attacks on the US Democratic Party during the US presidential election.  Every organization, whether they are based in the US or not, would do well to read this report and to ensure…

Blog

What Value Certification?

In the past weeks, there have been several press releases from CSPs (Cloud Service Providers) announcing new certifications for their services.  In November, BSI announced that Microsoft Azure had achieved Cloud Security Alliance (CSA) STAR Certification. On December 15 th , Amazon…


Recent research documents

Advisory Note

Advisory Note: How to Assure Cloud Services - 72563

This report is one of a series of documents around the use of cloud services.  It identifies how standards as well as, independent certifications and attestations can be used to assure the security and compliance of cloud services.

Executive View

Executive View: SAP HANA Platform Security - 70272

SAP HANA Platform securely supports the IT applications and services needed by organizations to achieve digital transformation as well as the traditional IT systems of record. It offers a high - performance database through in - memory processing and provides enterprise grade security…

Executive View

Executive View: Symantec CloudSOC™ - 70615

Many organizations are using cloud services, but the use of these services is often poorly governed. Cloud Access Security Brokers (CASBs) provide functionality to discover the use of the cloud, to control which cloud services can be accessed and to protect the data held in these services.…

Executive View

Executive View: STEALTHbits® Products Overview - 70270

Securely governing access is increasingly important to ensure compliance as well as to defend against cyber-crime. STEALTHbits’ products provide a comprehensive set of solutions to address IT security risks covering Active Directory, Data Access Governance, Privileged Access…

Executive View

Executive View: Entrust IdentityGuard for Enterprise - 71321

Securely authenticating users is a major problem given the increasing threats from cyber-crime. Entrust IdentityGuard for Enterprise provides a comprehensive solution for enterprises to select and manage the way in which organizational users are authenticated to access both physical and…


Recent webcasts

Webcast

GDPR: The Six Critical Steps to Compliance and Brand Differentiation

From May 2018 when the upcoming EU GDPR (General Data Protection Regulation) comes into force, the requirements for managing personal data will change. Companies collecting such information from their customers will have to adapt to fundamental changes both in the very definition of…

Webcast

GDPR Compliance Countdown to Adequacy – Minimum Preparation to be Compliant

With less than a year to go before EU GDPR (General Data Protection Regulation) comes into force your organization needs to be ready to comply with these requirements that demand better controls over how it uses and manages the personal data that it holds. The scope of this regulation is…

Webcast

Enabling Cloud Access While Ensuring Security and Compliance

The cloud and mobile revolutions have changed the way we work and the very nature of IT. But these advances have also created immense new challenges and risks to security, data protection and compliance. In order to address these risks the Cloud Access Security Broker (CASB) market has…

Webcast

How to easily expand Identity & Access Management to the Cloud

Many large enterprises operate with a glut of access security platforms and tools that each service a specific silo of applications and resources. Most are proprietary, and many have expensive and time-consuming agent-based architectures. In addition, because they are usually very tightly…

Webcast

Big Data – Bigger Risks?

Big Data technologies were invented to store and rapidly process the vast amount of data available today into useful “Smart” Information. What is common across these technologies is that their initial aims are focused on data processing capabilities rather than security and…


How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00

Stay Connected

Spotlight

Privacy & the European Data Protection Regulation Learn more

Privacy & the European Data Protection Regulation

The EU GDPR (General Data Protection Regulation), becoming effective May 25, 2018, will have a global impact not only on data privacy, but on the interaction between businesses and their customers and consumers. Organizations must not restrict their GDPR initiatives to technical changes in consent management or PII protection, but need to review how they onboard customers and consumers and how to convince these of giving consent, but also review the amount and purposes of PII they collect. The impact of GDPR on businesses will be far bigger than most currently expect. [...]

News