Analyst details

John Tolbert Lead Analyst

Seattle / USA

Email    Blog    @john_tolbert_kc    Profile   

Background:

John is a senior analyst at KuppingerCole, with internationally recognized expertise in cybersecurity and identity management. John has consulted for national governments, and has 20 years of experience working in Aerospace, Defense, Manufacturing, and Financial industries.  John was honored as an OASIS Distinguished Contributor in 2014, and as an Associate Technical Fellow at Boeing in 2011.  In addition to working with OASIS, he has also participated in Kantara Initiative, Transglobal Secure Collaboration Program (TSCP), the FIDO Alliance.  He has numerous technical security publications, and is a frequent speaker at cybersecurity and identity management events.

 

Areas of expertise:

  • Identity and access management
  • Attribute-based access controls
  • Identity federation
  • Mobile security
  • Data classification and Data Loss Prevention
  • Cloud-based Marketing Technologies
  • B2C & B2B 
  • Marketing Automation

Recent blog posts

Blog

Administrative Security in Security Products

At KuppingerCole, cybersecurity and identity management product/service analysis are two of our specialties. As one might assume, one of the main functional areas in vendor products we examine in the course of our research is administrative security. There are many components that make…

Blog

The Need for Speed: Why the 72-hour breach notification rule in GDPR is good for industry

The EU’s General Data Protection Regulation (GDPR) will force many changes in technology and processes when it comes into effect in May 2018.  We have heard extensively about how companies and other organizations will have to provide capabilities to: Collect explicit…

Blog

CIAM Vendor Gigya to be Acquired by SAP Hybris

This past weekend we learned that Gigya will be acquired by SAP Hybris.  California-based Gigya has been a top vendor in our CIAM Platforms Leadership Compass reports . Gigya offers a pure SaaS CIAM solution, and has one of the largest customer bases in the market.  SAP’s…

Blog

Recapping CIW Seattle 2017

Last week we completed the opening dates on the Consumer Identity World Tour in Seattle.  To kick off the event, the Kantara Initiative held a one-day workshop to showcase the work that they do.  Kantara is an international standards organization which develops technical…

Blog

The Return of Authorization

Authorization is one of the key concepts and processes involved in security, both in the real world as well as the digital world.  Many formulations of the definition for authorization exist, and some are context dependent.  For IT security purposes, we’ll say authorization…

Blog

GDPR vs. PSD2: Why the European Commission Must Eliminate Screen Scraping

The General Data Protection Regulation (GDPR) and Revised Payment Service Directive (PSD2) are two of the most important and most talked about technical legislative actions to arise in recent years.  Both emanate from the European Commission, and both are aimed at consumer protection.…


Recent research documents

Whitepaper

Whitepaper: Airlock: Meeting PSD2 Challenges with Ergon Airlock Suite - 70328

The Revised Payment Service Directive (PSD2) will drive many changes in technical infrastructure at financial institutions across Europe.  Banks and other financial service providers must quickly prepare for PSD2. Ergon’s Airlock Suite provides foundational technical capabilities…

Executive View

Executive View: Janrain Suite - 70845

Janrain provides a complete solution for Consumer Identity and Access Management (CIAM). Janrain is a pioneer in the field, creating the category of CIAM and developing the popular “ social login” authentication method .

Leadership Brief

Leadership Brief: Why Adaptive Authentication Is A Must - 72008

Adaptive Authentication, or the practice of varying authentication methods based on runtime evaluation of risk factors, is a requirement for accessing applications, resources, devices, networks, and even cyber-physical systems.

Executive View

Executive View: Ubisecure Identity Server - 70838

Ubisecure Identity Server is an integrated consumer identity and access management suite for on-premise deployment. Ubisecure Identity Cloud is for cloud-based deployments. Ubisecure features strong federation capabilities and the ability to leverage some bank and national IDs.

Executive View

Executive View: PlainID - 70358

PlainID offers an authorization solution that provides Policy Based Access Control (PBAC) for common on-premise, SaaS, and even homegrown applications. PlainID’s scalable technology enables customers to easily externalize authorization decisions from applications, achieving higher…


Recent webcasts

Webcast

Revised Payment Service Directive: Understanding Its Technical Requirements for a Smooth and Secure Customer Experience

When PSD2 takes effect, banks across the European Union will be required to expose their core banking functions to these TPPs via APIs. It is imperative that banks begin now to build and lock down APIs in preparation for PSD2. We will take a look at the Open Banking APIs as well as some…

Webcast

The 8 Critical Areas of Consumer Identity and Access Management to Prepare for in 2018

Many organizations are currently looking into deploying their own CIAM programs, because they recognize CIAM’s potential to provide better marketing insights, improve customer registration experience and increase security. However, in the light of the upcoming data protection…

Webcast

The Crucial Role of Identity in Securing Industrial IoT

As more and more consumers, businesses, public sector companies and even whole countries are embracing the Digital Transformation, smart devices of all types are proliferating in all areas of our daily lives. It is safe to say, however, that, after the initial rush of making every device in…

Webcast

John Tolbert - The CIAM Solutions Market

KuppingerCole's Lead Analyst John Tolbert presents the findings from a recently published Leadership Compass on CIAM solutions

Webcast

Customer Identity Management (CIAM) - Building the Foundations for a Next-Level User Experience

Consumer identity and access management solutions have emerged in the recent years to meet evolving business requirements. CIAM is bringing value to the organizations regarding higher numbers of successful registrations, customer profiling, authentication variety, identity analytics, and…


How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00

Stay Connected

Spotlight

Privacy & the European Data Protection Regulation Learn more

Privacy & the European Data Protection Regulation

The EU GDPR (General Data Protection Regulation), becoming effective May 25, 2018, will have a global impact not only on data privacy, but on the interaction between businesses and their customers and consumers. Organizations must not restrict their GDPR initiatives to technical changes in consent management or PII protection, but need to review how they onboard customers and consumers and how to convince these of giving consent, but also review the amount and purposes of PII they collect. The impact of GDPR on businesses will be far bigger than most currently expect. [...]

News