Mike Small

Senior Analyst
Stockport / UK

Experience:
40 years in IT industry
At KuppingerCole since 2009
Email    Blog    @MikeSmall64    Profile   

Roles & Responsibilities at KuppingerCole:

Mike Small has been a Distinguished Analyst at KuppingerCole since more than 4 years. His current focus is security and risk management in the Cloud.

Background & Education:

Mike is a member of the London Chapter of ISACA Security Advisory Group, a Chartered Engineer, a Chartered Information Technology Professional, a Fellow of the British Computer Society, and a Member of the Institution of Engineering and Technology. He has a first class honours degree in engineering from Brunel University.

  

Areas of coverage:

  • Cloud Provider Selection and Assurance
  • Information Security Program Maturity Assessments
  • Information Stewardship
  • Big Data

Professional experience:

Until 2009, Mike worked for CA (now CA Technologies Inc) where he developed the identity and access management strategy for distributed systems. This strategy led to the developments and acquisitions that contributed to CA‘s IAM product line.

Recent research

Executive View

AWS Elastic Disaster Recovery

Data resilience and disaster recovery solutions are an essential element of business continuity plans and, as organizations go through digital transformation and become more dependent upon their IT services, the need for data resilience has grown. These solutions must not only support…

Leadership Brief

EU NIS2 Directive

Every organization needs to take steps to ensure their cyber resilience and this updated directive provides a useful framework for this. This report provides a summary of the technical obligations that NIS2 places on organizations together with recommended actions. This directive places…

Executive View

Arcserve Unified Data Resilience

Data resilience solutions are an essential element of business continuity plans and, as organizations go through digital transformation and become more dependent upon their IT services, the need for data resilience has grown. These solutions must not only support today’s hybrid multi-cloud…

Leadership Brief

Cyber Hygiene: The Foundation for Cyber Resilience

Most cyber incidents result from poor cyber hygiene. To avoid these, organizations must make sure that all the routine tasks needed to keep their systems, data, and applications safe are performed regularly and completely. This means creating a culture where everyone across the organization…

Executive View

Oracle Security Zones

Poorly managed security controls within a cloud services tenant’s resources are increasingly the cause of security incidents and compliance failures. Today’s dynamic infrastructure and development methodologies need a dynamic approach to cyber security. This report reviews Oracle Security…

Recent blog posts

Blog

How Does Using Cloud Services Alter Risk

I am often asked “does using a cloud service alter risk?” I always reply to this question with “well it depends”. Every organization has its own set of circumstances, and the answer needs to take these into account. It is also important to think about how the…

Blog

Digital Transformation - Multi-Cloud and Multi-Complex

Organizations are going through a digital journey to exploit the digital systems to create new services, get closer to their customers and to improve efficiency. This process has been accelerated by the COVID pandemic where survival depended upon being able to change. This has led to a…

Blog

Prepare, Prevent and Protect

Is your Digital Supply Chain your weakest Link? In the 1950’s the Lyons restaurant chain in the UK built their own computer and wrote all the applications that they needed to manage and optimize their operations. This was called LEO – Lyons’ Electronic Office. …

Blog

When will Ransomware Strike? Should you Hope for the Best or Plan for the Worst

Why Backup and Disaster Recover is ever more important In May 2021, the Irish health Service (HSE) was hit by a ransomware attack. According to the BBC this caused substantial cancellations to outpatient services and staff having to resort to paper-based systems. The service was still…

Blog

Log4j – How Well Did You Perform?

Over the past few weeks since this vulnerability was made public much has been written by many on what your organization should do about it.  This is not the end of the story; Apache has already released 3 patches for related vulnerabilities, and you need to be ready for the next one…

Recent videos

Video

Why Data Resilience Is Key to Digital Transformation

As companies pursue digital transformation to remain competitive, they become more dependent on IT services. This increases the potential business impact of mistakes, natural disasters, and cyber incidents. Business continuity planning, therefore, is a key element of digital transformation,…

Video

Analyst Chat #145: How Does Using Cloud Services Alter Risk?

The question whether using a cloud service alters risk is not simple to answer. Mike Small sits down with Matthias and explains, that every organization has its own set of circumstances, and the answer needs to take these into account. He explains the important factors to look at, and what…

Video

Analyst Chat #142: Cyber Resilience: What It Is, How to Get There and Where to Start - CSLS Special

A key issue for many companies beyond technical cybersecurity is cyber resilience. This refers to the ability to protect data and systems in organizations from cyber attacks and to quickly resume business operations in the event of a successful attack. Martin Kuppinger, Mike Small, and John…

Video

Managing Cyber Risk in a Hybrid Multi-Cloud IT Environment

Today’s IT environments blend applications and services from multiple public cloud networks, private clouds and on-prem networks, making it difficult to view and inventory assets deployed across complex hybrid networks, and keep track of the security risks. Organizations need to find…

Video

The Changing Scope of the NIS 2 EU Directive

The NIS Directive aimed at achieving a common standard of network and information security across all EU Member States, with a focus on operators of essential services, is scheduled for an update. Suppliers of utilities, healthcare, transport, communications, and other services need to know…