Analyst/Advisor details

Mike Small Senior Analyst

Stockport / UK

40 years in IT industry
At KuppingerCole since 2009

Email    Blog    @MikeSmall64    Profile   

Roles & Responsibilities at KuppingerCole:

Mike Small has been a Distinguished Analyst at KuppingerCole since more than 4 years. His current focus is security and risk management in the Cloud.

Background & Education:

Mike is a member of the London Chapter of ISACA Security Advisory Group, a Chartered Engineer, a Chartered Information Technology Professional, a Fellow of the British Computer Society, and a Member of the Institution of Engineering and Technology. He has a first class honours degree in engineering from Brunel University.


Areas of coverage:

  • Cloud Provider Selection and Assurance
  • Information Security Program Maturity Assessments
  • Information Stewardship
  • Big Data

Professional experience:

Until 2009, Mike worked for CA (now CA Technologies Inc) where he developed the identity and access management strategy for distributed systems. This strategy led to the developments and acquisitions that contributed to CA‘s IAM product line.

Recent blog posts


Digital Transformation - Multi-Cloud and Multi-Complex

Organizations are going through a digital journey to exploit the digital systems to create new services, get closer to their customers and to improve efficiency. This process has been accelerated by the COVID pandemic where survival depended upon being able to change. This has led to a…


Prepare, Prevent and Protect

Is your Digital Supply Chain your weakest Link? In the 1950’s the Lyons restaurant chain in the UK built their own computer and wrote all the applications that they needed to manage and optimize their operations. This was called LEO – Lyons’ Electronic Office. …


When will Ransomware Strike? Should you Hope for the Best or Plan for the Worst

Why Backup and Disaster Recover is ever more important In May 2021, the Irish health Service (HSE) was hit by a ransomware attack. According to the BBC this caused substantial cancellations to outpatient services and staff having to resort to paper-based systems. The service was still…


Log4j – How Well Did You Perform?

Over the past few weeks since this vulnerability was made public much has been written by many on what your organization should do about it.  This is not the end of the story; Apache has already released 3 patches for related vulnerabilities, and you need to be ready for the next one…


A Sovereign Cloud Is About More Than Just Privacy

Using cloud services has now become an essential component of digital transformation.  However, the dominant cloud service providers are not European and, following the recent Schrems II judgment, transferring personal data to these services has become increasingly problematic. This…


Google Cloud Digital Sovereignty Announcement

On September 8 th , 2021 Google and T-Systems announced their intention to build and deliver sovereign cloud services for German enterprises, the public sector, and healthcare organizations.  So, what are a sovereign cloud services and why does this announcement matter? Sovereign…

Recent videos


Protecting the Business From Software Supply Chain Threats

Recent events such as the SolarWinds and Kaseya compromises by malicious actors have demonstrated the need to focus significantly more on software supply chain security. According to a report from ENISA, supply chain attacks are increasing, with 66% of attacks focusing on source code and…


Analyst Chat #118: A first look at the new Trans-Atlantic Data Privacy Framework

On March 25th, 2022 the European Commission and the US government announced a new agreement governing the transfer of data between the EU and the US. Mike Small and Annie Bailey join Matthias to have a first look as analysts (not lawyers) at this potential milestone for data privacy…


Analyst Chat #110: Cloud Backup and Disaster Recovery Done Right

The importance of efficient and secure cloud backup and recovery is often underestimated. Mike Small explains these two disciplines to Matthias and looks at the market of available solutions on the occasion of his recently published Leadership Compass. He also provides valuable guidance on…


Managing Risk in Ever-Changing As-a-Service Environments

In the infrastructure and platform-as-a-service worlds, application developers are the new infrastructure superstars. With concepts ranging from containers to infrastructure-as-code, we are experiencing a paradigm shift in how tightly coupled application code and the related infrastructure…


Analyst Chat #85: Hybrid IT 4 - Hyperconverged, Edge and Cloud in a Box

This episode concludes the four-part series on hybrid IT. To wrap things up, Mike Small and Matthias focus on the latest developments in hybrid infrastructures, between containers, hyperconverged, edge and cloud in a box.