Analyst details

Graham Williamson Director APAC / Senior Analyst

Brisbane / Australia

Experience:
25 years in IT industry
At KuppingerCole since 2013

Email    Profile   

Roles & Responsibilities at KuppingerCole:

Graham is a director of KuppingerCole (Asia Pacific) Pte Ltd headquartered in Singapore.

He is an Analyst in the areas of Identity-as-a-Service, Dynamic Authorisation Control and Privacy.

Background & Education:

Graham has consulted in the Identity Management sector for 15 years. He is the author of the book “Identity Management: A Primer”.

Graham holds a bachelor of Applied Science degree from the University of Toronto and an MBA degree from Bond University.

     

Areas of coverage:

  • Identity and Access Management
  • Federated Authentication
  • Entitlements Management
  • Dynamic Authorisation Control
  • Attestation and Governance
  • Privacy and Resource Protection

Professional experience:

Graham has practical experience in the identity management and access control industry having completed assignments in the academic, government and large corporate industry sectors across three continents.

Graham Williamson is a director of KuppingerCole (Asia Pacific) Pte Ltd headquartered in Singapore.

Graham has practical experience in the identity management and access control industry having completed assignments in the academic, government and large corporate industry sectors across three continents. He is an Analyst in the areas of Identity-as-a-Service, Dynamic Authorisation Control and Privacy.

Recent blog posts

Blog

Cybersecurity is in Crisis

Intel Security recently released an in-depth survey of the cybersecurity industry, looking at causal agents of the low availability of people with training and professional accreditation in computer security. The global report titled “Hacking the Skills Shortage” concludes:…

Blog

Comment: Know and Serve Your Customer

‘Know your customer’ started as an anti-money laundering (AML) initiative in the financial industry. Regulators insisted that banks establish a customer ‘due-diligence’ processes to ensure that all bank accounts could be traced back to the entities that owned them.…

Blog

Stack creep - from the network layer to the application layer

Last year saw an unprecedented interest in protection of corporate data. With several high-profile losses of intellectual property organisations have started looking for a better way. For the past 30 years the bastion against data loss has been network devices. We have relied on routers,…

Blog

IoT in industrial computer systems (ICS)

IoT, the Internet of Things, covers a wide range of technologies. My Fitbit e.g. is an IoT device, it connects to my smartphone which formats the data collected on my movements. Also, vehicles that communicate with diagnostic instruments and my home thermostat that I can control via the…

Blog

Adaptive Policy-based Access Management (APAM)

Attribute-based Access Control (ABAC ) has been with us for many years; it embodies a wide range of systems that control access to protected resources based on attributes of the requesting party. As the field has developed there are three characteristics that are most desirable in an ABAC…

Blog

OT, ICS, SCADA – What’s the difference?

Operational Technology (OT) refers to computing systems that are used to manage industrial operations as opposed to administrative operations. Operational systems include production line management, mining operations control, oil & gas monitoring etc. Industrial control systems…


Recent research documents

Executive View

Executive View: Microsoft Security Suite - 72541

A comprehensive approach to data protection – one that combines all aspects of computing infrastructure– rather than the point products that comprise many organization’s cybersecurity environment, is a decided plus, provided the overall goal is achieved.

Advisory Note

Advisory Note: Plant Automation Security - 71560

Industrial Computer Systems (ICS) are increasingly coming under attack as hackers are realizing the economic and reputational benefit of a successful operations technology system compromise. Organizations seeking to exploit their plant automation systems to drive business processes are…

Executive View

Executive View: Deep Identity - 71453

Managing provisioning into an identity repository is a basic organizational process that varies remarkably between organizations. Some companies have a highly functional process that minimizes manual input and maximizes efficiency. Others have very manual processes that are costly and open…

Executive View

Executive View: Auth0 Authentication Service - 71325

A perennial problem for programmers is the need to authenticate users. In some cases, there is no infrastructure to support access control and in many cases there is no single identity repository of user data to be used as an authentication source. In a federated environment there are…

Executive View

Executive View: AirWatch Content Locker - 71505

For organizations trying to provide an attractive user experience while protecting corporate information, the continuing rise in popularity of mobile devices, connecting from both inside and outside the corporate network, is a trend that can be frustrating. For organizations with…


Recent webcasts

Webcast

Blockchain - How to Separate the Hype from Reality

Blockchain has taken the world by storm since the inception of Bitcoin. While the primary interest has been in the financial and insurance industry sector Blockchain technology has wider application. This webinar will describe the technology and separate the hype from reality, looking at…

Webcast

Data Loss Prevention Best Practice

The first step in protecting intellectual property and sensitive information is to classify it. This can be accomplished manually via author classification or automatically via content filtering. Some tools simplify the process and provide greater governance.

Webcast

Enforcing Fine Grained Access Control Policies to Meet Legal Requirements

Attribute Based Access Control (ABAC) solutions provide an organization with the power to control access to protected resources via a set of policies. These policies express the increasingly complicated legal and business environments in which companies operate these days. However, due to…

Webcast

The Future of Federation

Federated authentication is the bedrock of secure Cloud access control. It enables organisations to extend their business operations beyond their network boundaries and join identity repositories from multiple sources and access multiple service providers using the same authentication environment.

Webcast

Enabling Cloud Governance

While many organisations have good governance over their on-premise identity and access management environment with authentication monitoring and attestation reporting this too often gets relegated to the “too-hard” basket when it comes time to migrating the Cloud services.


How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00

Stay Connected

Spotlight

Learn more

Security Operations Center

Today, the Security Operations Center (SOC) is at the heart of enterprise security management. It is used to monitor and analyze security alerts coming from the various systems across the enterprise and to take actions against detected threats. However, the rapidly growing number and sophistication of modern advanced cyber-attacks make running a SOC an increasingly challenging task even for the largest enterprises with their fat budgets for IT security. The overwhelming number of alerts puts a huge strain even on the best security experts, leaving just minutes for them to decide whether an [...]

News