Analyst details

Mike Small Senior Analyst

Stockport / UK

Experience:
40 years in IT industry
At KuppingerCole since 2009

Email    Blog    @MikeSmall64    Profile   

Roles & Responsibilities at KuppingerCole:

Mike Small has been a Distinguished Analyst at KuppingerCole since more than 4 years. His current focus is security and risk management in the Cloud.

Background & Education:

Mike is a member of the London Chapter of ISACA Security Advisory Group, a Chartered Engineer, a Chartered Information Technology Professional, a Fellow of the British Computer Society, and a Member of the Institution of Engineering and Technology. He has a first class honours degree in engineering from Brunel University.

  

Areas of coverage:

  • Cloud Provider Selection and Assurance
  • Information Security Program Maturity Assessments
  • Information Stewardship
  • Big Data

Professional experience:

Until 2009, Mike worked for CA (now CA Technologies Inc) where he developed the identity and access management strategy for distributed systems. This strategy led to the developments and acquisitions that contributed to CA‘s IAM product line.

Recent blog posts

Blog

McAfee Acquire Skyhigh Networks

McAfee ,  from its foundation in 1987 ,  has a long history in the world of cyber-security.  Acquired by Intel in 2010, it was spun back out ,  becoming McAfee LLC ,  in April 2017 .   According to the  announcement  on April…

Blog

Grizzly Steppe – What Every Organization Needs to Do

On December 29 th, the FBI together with CERT finally released a Joint Analysis Report on the cyber-attacks on the US Democratic Party during the US presidential election.  Every organization, whether they are based in the US or not, would do well to read this report and to ensure…

Blog

What Value Certification?

In the past weeks, there have been several press releases from CSPs (Cloud Service Providers) announcing new certifications for their services.  In November, BSI announced that Microsoft Azure had achieved Cloud Security Alliance (CSA) STAR Certification. On December 15 th , Amazon…

Blog

AWS re:Invent 2016 Blog

In the last week of November I attended the AWS re:Invent conference in Las Vegas – this was an impressive event with around 32,000 attendees. There were a significant number of announcements at this event; many were essentially more of the same but bigger, better based on what…

Blog

Democratized Security

At the AWS Enterprise Security Summit in London on November 8 th , Stephen Schmidt, CISO at AWS gave a keynote entitled “Democratized Security” .  What is Democratized Security and does it really exist?  Well, to quote Humpty Dumpty from the book Alice in…

Blog

Be careful not to DROWN

On March 1 st OpenSSL published a security advisory CVE-2016-0800 , known as “DROWN”. This is described as a cross-protocol attack on TLS using SSLv2 and is classified with a High Severity. The advice given by OpenSSL is: “We strongly advise against the use of SSLv2…


Recent research documents

Executive View

Executive View: STEALTHbits® Products Overview - 70270

Securely governing access is increasingly important to ensure compliance as well as to defend against cyber-crime. STEALTHbits’ products provide a comprehensive set of solutions to address IT security risks covering Active Directory, Data Access Governance, Privileged Access…

Executive View

Executive View: Entrust IdentityGuard for Enterprise - 71321

Securely authenticating users is a major problem given the increasing threats from cyber-crime. Entrust IdentityGuard for Enterprise provides a comprehensive solution for enterprises to select and manage the way in which organizational users are authenticated to access both physical and…

Advisory Note

Advisory Note: KRIs and KPI for Access Governance - 72559

This report provides selected Key Risk Indicators (KRI) for the area of Access Governance. These indicators are easy to measure and provide organizations with a quick overview of the relevant risks and how these are changing. The indicators can be combined into a risk scorecard which then…

Executive View

Executive View: VeriClouds CredVerify™ - 72567

Securely authenticating users remains a thorny problem and VeriClouds CredVerify service can provide a useful additional level of assurance.  There are many approaches, products and services for user authentication however, the CredVerify service is unique in what it offers.  

Leadership Compass

Leadership Compass: Cloud Access Security Brokers - 72534

How do you ensure secure and compliant access to cloud services without losing the agility and cost benefits that these services provide? This report gives you an overview of the market for Cloud Access Security Brokers and a compass to help you to find the product that you need.


Recent webcasts

Webcast

GDPR: The Six Critical Steps to Compliance and Brand Differentiation

From May 2018 when the upcoming EU GDPR (General Data Protection Regulation) comes into force, the requirements for managing personal data will change. Companies collecting such information from their customers will have to adapt to fundamental changes both in the very definition of…

Webcast

GDPR Compliance Countdown to Adequacy – Minimum Preparation to be Compliant

With less than a year to go before EU GDPR (General Data Protection Regulation) comes into force your organization needs to be ready to comply with these requirements that demand better controls over how it uses and manages the personal data that it holds. The scope of this regulation is…

Webcast

Enabling Cloud Access While Ensuring Security and Compliance

The cloud and mobile revolutions have changed the way we work and the very nature of IT. But these advances have also created immense new challenges and risks to security, data protection and compliance. In order to address these risks the Cloud Access Security Broker (CASB) market has…

Webcast

How to easily expand Identity & Access Management to the Cloud

Many large enterprises operate with a glut of access security platforms and tools that each service a specific silo of applications and resources. Most are proprietary, and many have expensive and time-consuming agent-based architectures. In addition, because they are usually very tightly…

Webcast

Big Data – Bigger Risks?

Big Data technologies were invented to store and rapidly process the vast amount of data available today into useful “Smart” Information. What is common across these technologies is that their initial aims are focused on data processing capabilities rather than security and…


How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00

Stay Connected

Spotlight

Privacy & the European Data Protection Regulation Learn more

Privacy & the European Data Protection Regulation

The EU GDPR (General Data Protection Regulation), becoming effective May 25, 2018, will have a global impact not only on data privacy, but on the interaction between businesses and their customers and consumers. Organizations must not restrict their GDPR initiatives to technical changes in consent management or PII protection, but need to review how they onboard customers and consumers and how to convince these of giving consent, but also review the amount and purposes of PII they collect. The impact of GDPR on businesses will be far bigger than most currently expect. [...]

News