Cloud Security Services, Brokers & Tools

Enhancing Cloud Security Standards: A Proposal for Clarifying Differences of Cloud Services with Respect to Responsibilities and Deployment

Widely used cloud security standards define general security measures/controls for securing clouds while not differentiating between the many, well-known implementations that differ with respect to the Service and/or Deployment Model they implement. Users are thus lacking guidance for…

"The Great Resignation" Combined with an Explosion in IT Complexity - How Can IT Weather this Perfect Storm?

Enabling Digital Identity Ecosystems

Panel | Decentralized, Global, Human-Owned. The Role of IDM in an Ideal (If there is One) Web3 World

The Internet had been created without an identity layer, leaving it to websites and applications to take care for authentication, authorization, privacy and access. We all know the consequences - username and password still being the dominant paradigm and, even more important, users not…

In Transition - From Platforms to Protocols

Only a few years ago the identity ecosystem seemed to be ‘set’ with little chance for change or dislocation of the large federated identity providers. Today the entire identity technology ecosystem is in flux. What will emerge? OIDC? OIDC/SIOP? DIDComm? Join us for a discussion…

Insights from India’s Data Empowerment & Protection Architecture

Digital Identities and IoT – How to leverage OIDC and OAuth 2.0 for the best user experience and security! IAM-related experiences from the automobile and home appliances sector.

Cyber-Securing the Digital Industry

Trust is a Team Sport, and Like all Good Sports it has Rules

Trust is not just technical, and it’s not just derived from a process or an organisation. The need for Trust is also variable based on the risk involved in a transaction or the risk appetite of the service provider. Sometimes trust is almost irrelevant. Digital doesn’t make…

Privacy = Data Protection + X

Data Protection is a very basic and profound concept of translating privacy as a human right into the digital sphere. But is it enough? and are our current approaches the right ones? In this panel we will try to find answers on how we can translate privacy into the (metaverse) future.

Global AI Ethics and Governance

Recent years have seen significant Artificial Intelligence (AI) development across all domains of business and society. This panel aims to bring attention to societal impacts of AI – benefits and challenges, by bringing thought leaders and practitioners from different parts of the…

Reducing Complexity - Increasing Agility: How to Deliver Value With Hybrid & Multi-Clouds

Reducing the Species in your Cybersecurity Zoo

Solving "The Right to be Forgotten" for Blockchains

"The Right to be Forgotten" presents a conundrum to builders of blockchain solutions, because the focus of most blockchains is to create an indelible, permanent record. This makes "The Right to be Forgotten" appear irreconcilable with blockchains. I will present a solution to "The Right to…

Knowing differences between Cyber Resistance and Cyber Resilience

You've probably heard about Cyber Resilience, but what should be the differences between the two terms in the context of Cybersecurity? Cyber Resistance is the same or not?. During this presentation, we will be understanding the differences between Cyber Resistance and Cyber resilience,…

Closing Keynote & Announcement of EIC 2022 Gamification Winners

Enabling MFA and SSO for IoT and Constrained Devices

OT Patch Management Best Practices

Navigating the OT World – Selecting a Solution to Suit

Inside the Mind of a Hacker – From Initial Access to Full Domain Admin

Ethical Hacker Joseph Carson will demonstrate a real-world use case of how a cyber adversary gains an initial foothold in your network through compromised credentials and then elevates control and moves laterally to identify and exfiltrate your critical data. He will share insights into how…

The impact of decentralized identity solutions in the marketplace, insights and lessons

Long theorized as the solution to the verification problem on the internet, decentralized identity has now achieved lift-off in the marketplace. In this workshop, we’ll explain who’s interested, why, and what we learned building a series of solutions for global enterprises in…

Panel | Protocols, Standards, Alliances: How to Re-GAIN the Future Internet from the Big Platforms

In talking about a "Post Platform Digital Future", it is all about a Vision, or better: mission to not let the current platform dominance grow any further and create the foundations for a pluralistic digital society & business world where size would not be the only thing that matters.…

Panel | How to improve customer IAM and CIAM

Connecting 10.000+ mobility companies and multi million customers

How to innovate your Identity Governance and Administration program

The Holcim EMEA digital center has received the EMEA innovation award in 2021 from their IGA program.

Enterprise Domain Annotation based Segregation of Duties strategies

Panel | B2B IAM

Best Practice: CIAM as Business Enabler for Digital Transformation

The SolarWinds Hack and the Executive Order on Cybersecurity Happened - It Is Time to Prepare

Again and again, I am asked how one can start with the topic of security in an agile project environment. What are the essential first steps, and what should you focus on at the beginning? Of course, this raises the question of suitable methodologies and tools. At the same time, the…

Panel | Turning (Distributed) Workforce Challenges into Productivity Gains

Customer Identity & Access Management (CIAM) has made us learn about reducing friction in the way customers access and consume our services, and to add value to the relationship. It is time now to apply CIAM learnings to workforce identity. 

Signing in the Rain: HTTP Message Signatures and Web Security

HTTP is an amazingly powerful protocol, and it's the lifeblood of the internet today. On the surface, it seems to be a simple protocol: send a request to a server and get back a response, and everything's structured in useful ways. HTTPS adds the TLS protocol to secure the connections…

Privacy Enhancing Mobile Credentials

The Kantara Initiative is developing a standard and requirements so that organizations can demonstrate to their stakeholders that their commitments to privacy and data protection go beyond transactional and technical trust. At the end of the day people trust, or don't trust, organizations…

Credentials and Privacy - History and New Kinds of Cards

David will talk aboout a new technology that allows the person owning a public key to prove that they have memorized a passphrase, from which they could at any time easily compute the private key. One example use is for votexx.org elections, which are conducted remotely without polling…

The Identity R/Evolution

The identity r/evolution is ongoing. For a while it seemed that not much has changed since Kim Cameron spearheaded the discussion about “ The Laws of identity ”. New technologies like Privacy-ABC based on ZKP were ready to provide the user with control over how much personal…

Panel | The Future of Corporate Directories in the Cloud Era. Will they Survive?

In this session we will have a look at traditional corporate directy systems and discuss wether, how and where they will survive a cloud first stragey. Do we still need a corporate directory? If so, what are or will be their role compared to oter centralized directories like Azure…

Your Journey to the Cloud: Can you Finally Replace Active Directory?

In this session, we will answer a question that everyone is asking: "Can we really get rid of Active Directory in the cloud era?". In the conversations with many CISOs and CTOs, the future of Active Directory was constantly being questioned and we could see a lot of confusion about what…

Implementing SSI using the existing web infrastructure

SSI and Verifiable Credentials are the latest development in identity management. They offer many benefits over existing federated identity management systems. Unfortunately some proponents of SSI are mandating that companies implement decentralised identifiers (DIDs) and blockchains in…

Verifiable Credentials on the front line

Learn how businesses are using verifiable credentials, decentralized orchestration and blockchain identity to reduce fraud, increase privacy and improve user experience. See real-world examples of production ready solutions from one state’s Department of Education and other public…

IGA in the Financial Industry - Implementing IAM

Field report from a compliance-driven implementing of a full-blown IGA system at a German finance corporation.

Remote onboarding with Verifiable Credentials

Many companies are engaging in remote onboarding and need to adopt new methods of identity verification that can be done digitally. While new forms of ID verification are most prevalent today with Financial Services as a means of performing Know-Your-Customer regulations, there is nascent…

Designing an European Identity Wallet: An overview of UI and UX aspects

The European Identity Wallet will be made available to all Europeans by the different Member states as part of the revised eIDAS regulation. In this talk Adrian Doerk will provide an overview of how a potential user interface (UI) might look like and will illustrate common…

Game Theory: Will it put your mind at ease, or make you doubt your decision on where to run an IAM solution?

Digital Identity in Travel (and beyond): a public-private affair

Interoperability Between Global Identity Networks

Human-Centric Identity

Security vs experience. Platform vs best of breed. Fast vs thorough. The identity technology world forces us to make trade-offs. These difficult decisions are an endless exercise in technical and logistical nuances like developer and IT resources, product licenses, integrations, and…

Cloud 3.0: Decentralizing Cloud Storage with Web 3.0 and Analyzing Security Threats

We are in the mid of one of the most significant revolutions in the cloud and identity ecosystem since the last decade. With the dynamic transformation from Web2.0 to Web3.0, both the cloud as well as the identity ecosystem embrace themselves for a change in the way we perceived security.…

The Balance Between Decentralization and Efficiency

Currently, lots of topics are fast-moving in crypto. There is still a gap to be closed between non-crypto businesses and the application of blockchain technology. It is PolyCrypt's vision to realize the true power of decentralization – bringing privacy, speed, scalability and user…

Identity is the New Perimeter: How to Discover, Mitigate and Protect Identity Risks

Two decades of digital transformation and cloud migration have been slowly eroding the traditional network perimeter and with the past two years of transition to more remote work, the walls have come tumbling down. Privileged credentials from access tools (like VPN and RDP) that have been…

Securely Identifying Mobile Apps

Today's open standards ensure that when a user chooses to login, the user’s authentication is protected and only delivered to the mobile app that initiated the authentication. However, how does the Authorization Server identify or verify the invoking app? This talk will look at the…

Drivers for Identity & Access Management in the Financial Industries

Identity & Access Management is a key requirement from banning regulations. At Creditplus, a new IAM solution was implemented recently. Drivers for IAM as well as the overall design of the new solutions are presented in this talk.

Bridging Traditional IGA with Cloud Native Authorization

IGA vendors often point to ABAC vendors when asked how authorization should actually be enforced and ABAC vendors point in the direction of IGA vendors when asked where all that context information is coming from. The talk will shed some light on how the grey area between IGA and cloud…

Protocol Independent Data Standards for Interoperability

Panel | CIAM and Customer Data Platforms

Cyber Security Architectures in a Hybrid World

A practical approach to cyber security architectures: In a hybrid ecosystem we have not only to find a suitable security model for IT but also for OT like in production environments. And after all cloud services are adding another dimension of complexity. We will take a short look at the…

Vampires & Cybersecurity: Using Deception to Increase Cyber Resilience

This presentation will explore adding deception as a component of a security-in-depth strategy to increase cyber resilience (in case the garlic, crosses, and wooden stakes are not effective). We will discuss whether you should invite attackers into your network. Much like with vampires,…

The Unique Challenges of Identity M&A in High-Growth Organizations

Mergers and acquisitions amongst large, globally-distributed organizations are notoriously complex, error-prone, and resource consuming. But did you know that merging smaller organizations comes with its own set of unique issues and risks? One year ago, Okta announced its acquisition of…

Friends don’t let Friends Centralize Authorization Enforcement

Hybrid Central/Decentralized Identity: Deployment Strategies for SSI

The disruptive changes in the SSI paradigm will not be effortlessly adopted by the industry worldwide without technological enablers. Indeed, before transitioning to a fully decentralized ecosystem, standard enterprise IAM solutions and canonical IGA disciples will need to adapt and…

There is No Consensus About Consent

Unified Endpoint Management: Practical Considerations

Panel | PAM

PAM I^3 - Implementation, Integration and Intelligence about Privileged Access Management

A look at how 5 of Canada’s biggest financial institutions have tackled the challenge of Privileged Access Management.  Sharing similar requirements all went down paths of successful deployments of technologies to protect their clients, and workforce while providing a more…

PAM for the People

The cyberssecurity approaches and strategies that works well for a multinational with a large and well funded cybersecurity department may not be as applicable for a mid sized company where the security department may be a single person. Still if the partner company that delivers the…

Proofing your Success: Defining & Measuring Meaningful Metrics for IAM

Trimming down User Access Governance to its Essentials

Securing access to data and applications has become a cornerstone of any modern cybersecurity strategy. In the IAM market, user access governance projects have a history of incurring multi-year roll-outs and requiring specialized personnel, making many companies shy away and bear…

Cloud Security Standards: Expectations, Benefits and Use Case

The Future of Digital ID in South Africa

Building Secure, Trusted and Interoperable Self-sovereign Identity with OpenID Connect

Joni Brennan and Allan Foster

Progress and lessons on the establishment of Digital Identity in UK

Preserving Privacy in Identity-Aware Customer Applications

  As customer identity programs mature, they bring new opportunities and risks. In the rush to launch new customer experiences, personal data is over-exposed and over-replicated. The default is to ship all identity attributes, to all systems, on every request in order to make access…

Zero Trust and the Business – why you have to align with the application owners!

Challenges for Women in Identity and Security

It is well known that women face various challenges when working in the IT industry. These challenges lead to the fact that only about 20% of employees in IT are women. The situation in security and identity is even worse, as some studies have shown. "Women in Identity" is a global…

What if your digital twin misbehaves?

The concept of the digital twin comes originally from the Industry 4.0 domain with the idea of having a digital representation of real-life objects or processes. The representation of the digital twin consists of the physical object, the virtual product, and the connections between those.…

Quo vadis, SSI? – Self-sovereign Identity on route to production

Self-sovereign identity (SSI) has reached the in-between stage: more than a concept, not yet fully deployed. This is where the work can get the most gruesome and exhausting, but also the most creative and rewarding. While the dedicated W3C standards are reaching maturity levels, we see…

Self-Sovereign Identity for Legal Entities and their Representatives globally

If it’s not Simple, Scalable and Agile, it’s not Modern IGA

All Other Identities - The Risk That Is Hiding in Plain Sight

For the last 30 years  virtually every  company, agency and organization has been forced to accept the risks associated with identity management and control for third parties and  all  the other identities that  are not  directly addressed by today's workforce or customer access management…

Making SSI accessible: IOTA technology, solutions and projects

Traditional identity and access management solutions built so far on the trust for selected identity providers and their adoption from an ecosystem of identity owners and identity verifiers. The decentralized identity paradigm is disrupting these ecosystems and required more…

Qualified electronic signatures in times of the eIDAS2-wallet - a Nordic-Baltic perspective

When dealing with digital identity, emphasis is often put on the identification and authentication part. An equally important aspect is digital signing (or more broadly: electronic signing). Qualified electronic signatures have the same legal status as handwritten signatures in the EU. In…

Kubernetes and Crossplane at Deutsche Bahn

This session will be about the journey of Kubernetes and Crossplane at Deutsche Bahn, to provide platform consumers with access to a unified API for deployments, infrastructure provisioning and applications in a manner that is independent from the cloud, addressing compliance and…

Deploying Open Policy Agent (OPA) at Scale and in Production

OPA is a fast rising star in the Authz market. In this deep dive we will cover lessons learned and best practice from early adopters on how to deploy OPA at scale and in production. How can you ensure consistent polices, how do you test and life cycle policies, how do connect with external…

Identity Management in a Web 3.0 World

The third iteration of the Web, Web 3, aims to put more control over web content in users’ hands. It promises to be built on blockchain, eliminating all big intermediaries, including centralized governing bodies. The vision for a Web3 world is for people to control their own data and…

An ecosystem for trusted identities

Enterprise Identity: A case study of the EU Gaia-X project

Gaia-X Federation Services is a European project that promotes innovation through data sharing and represents the next generation of the data infrastructure ecosystem. To see how we bring about an open, transparent, and secure digital ecosystem, we thus share a practical example and working…

Transatlantic SSI Interoperability: Building the Identity Layer for the Internet

Many decentralized identity infrastructures and ecosystems around the world are emerging, but how can we get to true global interoperability, where my digital identity works seamlessly across borders and across different use cases? Two of the most prominent initiatives in the digital…

Panel | IGA for Successfully Managed Identities

Access Control - The new Frontier

Creative Disruption: How Web 3 Models are Capturing Markets & Customers

Web 3 businesses are gaining traction. Data and metrics around customers and markets show growing usage, early adoption and huge growth potential. Currently, these businesses built on decentralized networks are separate from traditional web 2 platforms. Will the 2 paths converge? Will there…

The Omniverse SWOT

Our headlines and podcasts are filled with the promise of web3. Positioned as a digital utopia that will foster and reward creativity whilst righting the wrongs of data equity. This new world, fusing our physical and digital – will be more immersive, collaborative and experiential…

Global Trust Frameworks Interoperability

GAIN Insight

In this session, Daniel Goldscheider will give an overview on GAIN, the standards behind, and use cases. 

Panel | GAIN Interoperability

Panel | The Pieces of Modern Authorization - Whats Happening in the Market

Creating a Seamless Access Experience with the Digital Double

Today, seamless access experiences are crafted based on identity fundamentals such as single sign-on, multi-factor authentication, passwordless authentication, self-service portals, and federated access. But, is this enough for the next epoch of digital applications, metaverse, and Web…

Latest Developments in CIAM

Consumer identity is still a hot topic in IAM in general. CIAM has experienced a great deal of technological innovation in the last five years, and much of the innovation in CIAM has found its way into B2B and B2E IAM solutions through the "consumerization of IT". KuppingerCole is updating…

Key Requirements for Next Generation MFA

In this talk you will learn how MFA can be a foundation for your Zero Trust Initiative

The Changing Cyber Threat Landscape and its impact on IAM (II)

The Role of Identity & Access Management for Ransomware Resilience

Identity in Polyglot Cloud Environments

What Does It Mean to Package Ethics Into a Technology Stack?

SASE vs. Zero Trust: Perfect twins or antagonists?

The concepts behind Zero Trust and SASE are not new, but recent developments in technological capabilities, changes in the way people are working, accelerated adoption of cloud and Edge computing, and the continued evolution of cyberthreats have resulted in both rising in…

Demystifying Zero Trust

“It’s about the journey, not the destination” they said. “It’s basically just Don’t Trust But Check, what’s the real difference?” they said. “ What’s the big deal?” They said. Zero trust has been the panacea to…

Zero Trust at Siemens: Where the impossible and the doable shake hands

Two years ago, Siemens started a still going on process to change its security architecture to Zero Trust. Not an easy task for a company that big, widespread, and divers in products. In this session program leads Thomas Müller-Lynch and Peter Stoll are talking about what …

Zero Trust and Software Supply Chain Security: Must-do’s for Every Organization

Panel | Digital Identity & Web3- Rethinking Business Models

Experience is What Counts, Orchestration is How you Get There

Reinventing the Network with Zero Trust to Stop External Network Attacks

What Ails Enterprise Authorization

Continued advances in authentication technology have made the "identity" part of "identity and access management" more manageable over the years. Access management on the other hand, is still very much a "wild-west" landscape. As enterprises move to a zero-trust network access model, access…

OpenID SSE, CAEP and RISC - Critical standards that enable Zero-Trust security

Zero-trust security relies heavily on the ability for independently owned and operated services to dynamically adjust users’ account and access parameters. These adjustments are based on related changes at other network services, such as identity providers, device management services…

What Supports Zero Trust in the Enterprise?

When we think of Zero Trust, we often discuss how it can support and improve your security posture, defense-in-depth strategies, and architecture -- but what supports Zero Trust? This discussion will focus on other IT / Security strategies, methodologies, and business practices that can…

The Path to Zero Trust by Securing Privileged Identities

Attacks on identity and privileged access pathways are relentless, with the stakes of a cyber-breach never higher. Securing privileged identity within your organisation has never been more important as it is the foundation of a successful Zero Trust implementation. Zero Trust is built on…

Dealing with Multi-Cloud, Multi-Hybrid, Multi-Identity: Recommendations from the Field

From A to B - How Decentralized Technologies Are Changing Collaboration Between the Public and Private Sector

The world of modern urban mobility is full of - unused - opportunities. To get to their destination, people can use public transportation, take a cab or rent an e-scooter. But many options also means many providers. Anyone who uses more than one of the aforementioned forms of…

Panel | Introducing Open Policy Agent (OPA) for Multicloud Policy and Process Portability

With over 120 million downloads, and users like Netflix, Zalando and GS,  the open source project Open Policy Agent has quickly become the de facto standard for Authorization. In this session, KuppingerCole´s Alejandro Leal will discuss with  Jeff Broberg, Gustaf…

How organizations can make and save money with decentralized identity

In this talk John will present one way of modelling the potential value propositions for the parties (people and organisations) in decentralised identity models. Using real world examples of products and systems, he’ll use the model to consider their value propositions, and whether…

Making Digital Identity Enable Your Organization's Cloud/Digital Transformation

The Empowered Consumer and the Next Era of Digital Identity

A Story About Convenient Security

Promoting Cyber Resilience through Identity and Zero Trust

Resilience is defined as the dynamic process of encompassing positive adaptation within the context of adversity. Organizations today are under constant siege from any number of security threats. The only path to weathering this ongoing storm is to learn to intelligently adapt…

Give me 10 minutes, I'll give you the truth about verified Identities

The strategic building blocks of the composable enterprise: Concepts & technologies

This session is a continuation of the opening keynote by Martin Kuppinger on the future Composable Enterprise. Together we take a look at what powers the composable enterprise and which concepts and technologies can contribute to building a composable enterprise. KuppingerCole proposes…

How to use the framework of a Trusted Data Ecosystem to simplify building decentralized identity solutions

Decentralized identity is an incredibly flexible technology that solves fundamental problems in the way we manage digital communication. But this capacity to do more than one thing at once  can be a source of confusion: How do I actually build a decentralized or self-sovereign…

The Changing Cyber Threat Landscape and its impact on IAM (I)

Demystifying CIEM for an Effective Multi-Cloud Security Enablement

As digital business pushes organizations towards an accelerated multi-cloud adoption, CIEM (Cloud Infrastructure Entitlements Management) emerges as a strong enabler for securing access and entitlements across an increasingly distributed cloud environment. Traditional PAM and IGA tools…

Panel | Multi-Cloud Agility Must-Haves

With a highly prioritized digital tranfsformation towards a composable enterprise, it will be inevitable to work with multi-cloud solutions to achieve the level of agility and flexibility required. If it was to avoid vendor lock-in or to consequently go for best-of-breed solutions - in this…

Security Improvement Through Visibility of Changes in Hybrid/Multi-Cloud Environments

Performing accidentally wrong or intentionally bad configuration changes by administrators, scripts or systems can lead to serious security vulnerabilities or unintentional visibility or leakage of data. This applies to on-premises systems, but especially to systems and applications in…

Dissecting Zero Trust, a real life example

After his presentation on Strategic and Tactical approaches for Zero Trust, in this presentation Fabrizio will breakdown the components of a Zero Trust implementation and highlight what a company needs to implement it. Fabrizio will also cover use-cases like legacy or cloud-based applications.

Panel | The Stack, the Stack, the Stack: How Trust over IP is Enabling Internet-Scale Digital Trust

The internet was designed without a trusted identity layer to connect physical entities to the digital world. This layer is now emerging in the form of decentralized digital identity systems (aka self-sovereign identity or “SSI”) based on digital wallets and digital…

Panel | Assessing the Cybersecurity Impact of Russia’s Invasion of Ukraine

Russia’s invasion of Ukraine has tectonic consequences for citizens and businesses across the world. An expectation of normalcy post the pandemic has been replaced with fears of increased gas prices and supply chain disruptions. Attackers are expected to leverage the context to carry…

Plan A: Reduce Complexity in your Cloud Native Environment (there is no Plan B)

Organizations with an advanced cloud migration program have hit a roadblock. TO successfully navigate the adoption of compartmentalized code, in order to reap the benefits of improved agility and reduced costs, The CISO must embrace automated deployment and gain control over APIs.

Panel | Cloud Infrastructure Entitlement Management (CIEM): Managing Your Cloud Scale Risk with an Identity Defined Security Approach

CIEM adopts a zero trust approach to Identity and Access Management (IAM) for cloud infrastructures, making access risks visible and avoidable. In this panel session 

Certificate Based Authentication in a Cloud Native Environment - a Migration Journey from Handcrafted XML Signing to OpenID Connect

During this best practice session we will present you with hands-on experience from one of our financial services industry customers. The company used a handcrafted xml signature mechanism to authenticate their business partners when initiating machine-to-machine communication to…

Denmark's 2022 brand new eID solution

Practicalities of Identity Proofing for Authentication

Siemens AG: Real-World Enterprise IAM at Scale

In today´s unpredictable business environment where change is the normal, it has become critical to have a manageable and scalable Identity & Access Management program in place. In this Best Practice Presentation, Leonardo Morales will talk about the challenges and his learnings…

Implementing Multi-Region Identity Identifiers and IAM

Building a robust CIAM foundation, fit for the dynamic financial market

As organizations are recovering from the pandemic, many of them embark on a digital transformation at high-speed. Investments to drive online business, powered by customer insights and an attractive user experience, yet secure and compliant to rules and…

Panel | Deliver on the Promise of an Identity Fabric: The Power of Data

Digital identities of consumers, customers, business partners, employees, but also devices, things, or services are at the core of the digital business.  Unfortunately, most digital identities reside in siloes. Building a modern Identity Fabric that delivers seamless yet secure and…

The Importance of a Centralized Access Management System

The ICaaS (Identity Component as a Service) approach for taking control of customer experience

Panel | MFA usage in enterprise

There are so many ways enterprises could benefit from using Multi-Factor Authorization (MFA). Benefits include identity theft prevention, secure devices, lower breach risks, to name just a few. But why are so many businesses still not using MFA? Perhaps because it is too complex and…

Panel | Centralized vs. Decentralized: Pros, Cons, Use Cases

IAM-Suites for Medium-Sized/Mid-market Organizations

OAuth DPoP (Demonstration of Proof of Possession): How to Not Let Attackers Steal your OAuth Token

Most OAuth deployments today use bearer tokens – tokens that can be used by anyone in possession of a copy of them, with no way to distinguish between legitimate uses of them and those that stole them and used them for nefarious purposes. The solution to this is proof-of-possession…

IAM 2025: Integrated, Agile, Flexible. Decentralized?

Times are challenging, probably more than during the last few decades, with a pandemic that seems to never ending, homeoffice workers who don´t want to return, some frightening growth rates on the dark side of digital with ransomware everywhere and nation-state intellectual…

A Learning Agenda for Federal Identity

We’re Gonna Need an even Bigger Boat: How Pervasive Digital Transformation, Nation State Actors, and Open Code Repositories Mandate a Reinvention of Identity

A Blueprint for Achieving a Passwordless Reality

Password-related attacks increased by a staggering 450% in 2020, with over 1.48 billion records breached worldwide. Meanwhile, the average cost of a password reset exceeds $50 USD. We all know that passwords fail to deliver adequate Zero-Trust security and cause unnecessary friction for…

Panel | Identity Fabrics: The Mesh and the Factory for Identity Services

Identity Fabrics as a concept has established itself as a common paradigm for defining and implementing the identity services needed by organizations to provide seamless, yet secure and controlled access of everyone and everything to every type of service, regardless whether its legacy or…

The State of Passwordless Authentication

The FIDO Alliance has made tremendous strides in its mission to change the nature of authentication with stronger, simpler and passwordless authentication. Join this session to get find out the state of passwordless authentication from the FIDO lens, including a sneak peak at major news…

The 'Credentials-first Mobile-first' Identity Ecosystem

This is a new development in the world and touches on mDL, Verifiable Credentials, decentralized identity, and personal data topics. A forward-looking presentation about what the world might look like, the foundational changes represented by this change, and some current and potential…

Fraud Reduction Intelligence Platforms - an Overview

Trends in Enterprise Authentication

Panel | The Future of Authentication

European Identity & Cloud Awards Ceremony

Once again, analysts from KuppingerCole come together to showcase outstanding Identity Management and Security projects, standards and people. The winners will be honored live on stage during the award ceremony.

SSI Market Size (and opportunity in web3.0) and use cases

Who is this new beast, which widespread technology is going to be used everywhere from banking to metaverse, travel to healthcare? The technology that has no limits in its application across sectors is equally welcome in centralised and decentralised worlds. Meet, self-sovereign…

The CASE for a Vehicle Lifecycle Ledger

Mobility-as-a-service is changing the way people move. From mobility based on driving your own car, it is converging to the consuming of various services using multiple modes of transportation. Ranging from eScooters, bicycles, ride-sharing to car-sharing, ride-hailing and public transport.

Identity Ecosystems for a Better Customer Experience

Portable, verifiable and, most importantly, reusable representations of personal data can enable high-touch, high-trust and low-cost engagement between customers and networks of complementary service providers. The EU is already adjusting to the opportunities of Self-Sovereign Identity, but…

The Value Paradox: The 3 Inflections of IGA

Cardea: verifiable credentials for health information go open source

As an incubator for innovation in air travel, Aruba has chosen to use verifiable digital credentials to manage entry requirements and health testing for travel to the island. This decentralized, open-source technology, which provides secure authentication while preserving traveler…

Drone Pilot Credentialing for Air Safety

Drone operations are estimated to bring €10bn/yr to the EU economy by 2035. A critical e-Government issue is the ability to fly drones in regulated airspace around airports. Unauthorised drone operations in the flightpath of passenger aircraft can endanger lives and cause…

The Digital Identity Shake-up we’ve been waiting for: How to Survive, and how to Thrive

A Key Milestone towards CBDC Wallets - The eIDAS 2.0 Payment-Authorising Wallets

The presentation to be made by Stéphane Mouy (SGM Consulting - France) and Michael Adams (Quali-Sign - UK) will focus on the forthcoming eIDAS 2.0 digital identity wallets (DIWs) and the payment use case. DIWs will allow users to share high LoA identity and status credentials to…

SSI, NFTs, ENS & Co - Trends and Adoption of Decentralized Identity in 2022

Goal of this Deep Dive: Listeners will leave with a solid understanding of different approaches to decentralized identity like Self-Sovereign Identity (SSI) and Non-Fungible Token (NFTs), Ethereum Name Service (ENS) their adoption (based on real use cases) their impact on…

Panel | Best Practices for Implementing Zero Trust

The “zero trust” approach to cybersecurity has been gaining momentum in recent years, as both corporations and government agencies have struggled with how to enhance security given the de-emphasis on the network perimeter. For the most part, the…

Why KYC Isn’t Enough

Panel | Overcoming SMS OTP: Secure passwordless MFA with your mobile phone

Welcome to EIC 2022

Identity. Security. Decentralized. The Future of IT in the Age of Change

The future of the enterprise is changing. In the Digital Age, much is different than it has been in the past. The focus must be on agility in business models and delivery, innovation, and reliability in delivering to the customers. This requires a shift in focus, in all areas, including IT.…

Future Government: Transforming Public Services to Be More Agile and Innovative

Advocating for Decentralised Identity in Europe: 7 Lessons Learnt

Model, Measure, Manage - The Journey to Autonomous Security in a Hybrid Multi-Cloud World

We cannot manage what we cannot measure.

Digital Identity and Privacy: Stories from the Frontline

As the pace of digitalization gathers momentum, organizations are witnessing a dramatic increase in the number of digital identities. These identities interact with systems and applications relentlessly to perform day-to-day IT tasks. Nevertheless, maintaining the privacy of this data is a…

Dynamic Authorization in Zero Trust Architecture

New Face, Who Dis? Privacy vs Authentication in a World of Surveillance

Facial recognition technology is evolving rapidly, presenting the benefits and dangers that innovation always does. Will it provide reliable biometric authentication, or will it erode personal privacy? We’ll examine the current landscape from both a policy and a technical…

Pre-Conference Workshop | The IAM Experience Your Users Really Deserve

Organisations that are being targeted by SaaS and B2B companies might struggle when it comes to building a smooth and quick process of authentication for their users. Issues with business needs, such as user organisation within a specific target business, separate branding, access control…

I'm None of your Business

Pre-Conference Workshop | Standards Matter. Trustworthy use of Identity and Personal Data

The world has changed because of COVID. More fraud is taking place. More misuse of identity is occurring. To combat the rise in fraud and to mitigate risk, the Kantara Initiative offers a 3rd party conformity assessment program.

Privacy and Data Protection. What is this Thing Called Privacy?

Tribute to Kim Cameron: Privacy & the 7 Laws of Identity

Last November, the creator of the 7 Laws of Identity, Digital ID thought leader and focal point of a Global Identity Community, Kim Cameron, passed away. He not only left us with an uncountable number of unforgettable moments. He also left us with those 7 laws of Identity, a set of…

Pre-Conference Workshop | How OpenID Standards are Enabling Secure & Interoperable Digital Identity Ecosystems

OpenID Foundation Workshops provide technical insight and influence on current digital identity standards while also enabling a collaborative platform to openly address current trends and market opportunities. The OpenID Foundation Workshop at EIC includes a number of presentations focused…

Pre-Conference Workshop | IAM, the Cloud, and GDPR - Why you will fail on GDPR without a strong IAM posture

Privacy: The Real Cost

Privacy is one of the most challenging aspects to protect in identity solutions. The entities that stand to gain the most from surveilling users can use convenience as a bargaining chip. Users understand and appreciate convenience, but they often don't appreciate the costs of loss of…

It's the Relationship, Stupid

The New Digital Identity Wallet for all Europeans: Latest Amendments

An impactful 73 pages proposal for amending the 2014 e-IDAS regulation was made in June last year, a.o. providing EU wide wallets for national e-ID’s. Market consultations and impact assessments have been concluded early 2022 and the European Parliament discussed the proposal with…

CISO Panel | Securing the Composable Enterprise

As if it all came together on the foundations of an agile, fully decentralized enterprise, embracing the API economy to deliver results through assembling and combining pre-packaged business capabilities. AI-driven, automated, everything delivered on-demand, providing the best possible user…

Journey to the North: Canadian Perspectives and Progress on Digital Identity

Policy Based Access Control for Cloud-Native Applications

As companies shift to cloud-native applications, the complexity of a microservices framework can be daunting. When applications are built in a cloud-native stack, authorization is also infinitely more complex. Crucially, Open Policy Agent (OPA) decouples policy from code, enabling the…

Google is Buying Mandiant to Boost Customer Protection Against Multi-Cloud Threats

Yesterday, Google has announced its intent to acquire Mandiant, a leading provider of cybersecurity defense and response services, for $5.4 billion – the company’s second-largest acquisition to date. When the deal is closed, Mandiant will join Google Cloud, further expanding its…

Analyst Chat #104: Edge Computing

Senior Analyst Graham Williamson joins Matthias from down under to talk about edge computing. Starting from the definition and relevant use cases, they focus on where the edge brings value. They discuss what the key criteria for a successful deployment are and what needs to be looked at to…

CSLS Speaker Spotlight: Martin Kuppinger on Cloud Security

Martin Kuppinger, Principal Analyst at KuppingerCole, will give a presentation entitled Cloud Security 2025 – Perspective & Roadmap on Thursday, November 11 from 11:00 am to 11:20 am at Cybersecurity Leadership Summit 2021. To give you a sneak preview of what to expect, we asked…

CSLS Speaker Spotlight: Joe Sullivan on Securing the Cloud

Joe Sullivan, Chief Security Officer at Cloudflare, Inc., will give a presentation entitled Securing the Cloud - From the Inside Out on Thursday, November 11 from 15:40 pm to 16:00 pm at Cybersecurity Leadership Summit 2021. To give you a sneak preview of what to expect, we asked Joe some…

A Sovereign Cloud Is About More Than Just Privacy

Using cloud services has now become an essential component of digital transformation.  However, the dominant cloud service providers are not European and, following the recent Schrems II judgment, transferring personal data to these services has become increasingly problematic. This is…

CSLS Speaker Spotlight: Deutsche Telekom CSO Thomas Tschersich on His Cybersecurity Predictions for 2022

Thomas Tschersich, Chief Security Officer at Deutsche Telekom, served as an advisor in the preparation for the Cyber Council Panel on Cybersecurity Predictions 2022 which will see CISOs, CIOs, and CSOs discuss next year's cybersecurity threatscape on Wednesday, November 10 from 09:30 pm to…

Google Cloud Digital Sovereignty Announcement

On September 8th, 2021 Google and T-Systems announced their intention to build and deliver sovereign cloud services for German enterprises, the public sector, and healthcare organizations.  So, what are a sovereign cloud services and why does this announcement matter? Sovereign Cloud…

May 10 - 13, 2022: European Identity and Cloud Conference 2022

After more than a decade of successful events in Munich, the European Identity and Cloud Conference will move to Berlin in 2022. For the first time, Europe’s leading identity conference will gather the finest experts from around the world in Germany’s capital.

Analyst Chat #85: Hybrid IT 4 - Hyperconverged, Edge and Cloud in a Box

This episode concludes the four-part series on hybrid IT. To wrap things up, Mike Small and Matthias focus on the latest developments in hybrid infrastructures, between containers, hyperconverged, edge and cloud in a box.

IT-Herausforderungen in der Digitalen Transformation

Um die Herausforderungen zu meistern, werden oft verschiedene Initiativen gestartet, die zu einer kostspieligen und komplexen IT-Security-Infrastruktur führen. Mit dem SASE-Modell (Secure Access Service Edge) kann die Komplexität reduziert und die Kosten für die…

Analyst Chat #84: Hybrid IT 3 - Managing and Governing

Part three of the four-part series on hybrid IT looks at approaches to appropriately manage and evolve hybrid architectures. Mike Small and Matthias put the focus not only on technical management, but also on appropriate governance in particular.

Optimizing the Cloud Strategy for Successful Transformation

Confidential Computing and Why This Matters for Cloud

Segmenting Enterprise Cloud Services

CCAK - Aim for the Clouds

The knowledge and skills gap in the cybersecurity industry is a problem that has been identified and discussed for the past 20 years. However, with the rapid acceleration of technology development, the skills gap seems to worsen as time goes by and may soon become a systemic deficiency. In…

Panel: Ensuring Efficient and Secure Collaboration on Cloud

Expert Chat: Interview with Invited Expert

Creating a Collaborative and Secure Software Development Lifecycle

Attendees will learn what steps to take to build collaboration in the software development lifecycle - and it goes far beyond tools.  How to put in place a strategy that fosters continuous improvement of the security posture.  A guide for how any organisation can get started,…

Managing Cloud and Container Security Risk

 Modern cloud apps are built using CI/CD and run as containerized microservices. Do you have effective security and compliance controls in place? Legacy tools can't shift security left, validate configurations and compliance, or provide detection and response for production workloads.…

A Cloud for all Seasons

Even though the pandemic has been the main driver for digital workplace productivity as a strategic requirement, this topic will not go away after it is over. The Digital Business workforce needs to be “anywhere-enabled”. In order to support this Secure & Flexible…

Analyst Chat #83: Hybrid IT 2 - The Challenges

Mike Small and Matthias continue their four-part series on hybrid IT, looking at the increasing complexity: they look at multiple dimensions of the challenges that come with deploying and operating hybrid IT architectures.

Analyst Chat #82: Hybrid IT 1 - The Basics

This is the kickoff of a four-part series of podcast episodes around hybrid IT. Mike Small and Matthias explore the fundamentals of modern architectures between the cloud and the traditional data center.

A Cloud for All Seasons

The Coming Storm On April 28th, 2021 the European Data Protection Board announced that The Portuguese Data Protection Authority (CNPD) ordered INE (National Institute for Statistics) to suspend the sending of personal data from the Census 2021 to the United States. CNPD has issued a…

Analyst Chat #78: DNS and DNS Security

Some internet services are so deeply woven into the core infrastructure, that they are just taken for granted or even ignored in our daily digital life. One example is the Domain Name System. Alexei and Matthias discuss the basics of DNS, look at current cybersecurity threats targeted at…

Cloud Codes of Conduct Get the EU Green Light, but More Is Still Needed

Green Light On May 20th, 2021 it was announced that the EU Cloud Code of Conduct had received official approval by the Belgian Data Protection Authority, following the positive opinion issued by the European Data Protection Board.  At the same time, the European Data Protection…

Remote-Angestellte mit starker Authentifizierung schützen

Hacker schlagen Kapital aus Unsicherheit, Angst, Ablenkung, Isolation und Verwirrung. Die Verlagerung auf Remote-Arbeit hat viele dieser Eigenschaften, daher ist es entscheidend, das Vertrauen der Benutzer wiederherzustellen. Die Schulung der Mitarbeiter ist unerlässlich, schützt…

IGA in the Cloud without Compromise

There is no single right way to do cloud-based identity and access management (IAM) services. Not only is every organization at a different place in their journey, but each will prioritize cloud benefits differently. Therefore, no matter where you are on your cloud journey, modular and…

May 20, 2021: Remote-Angestellte mit starker Authentifizierung schützen

Hacker schlagen Kapital aus Unsicherheit, Angst, Ablenkung, Isolation und Verwirrung. Die Verlagerung auf Remote-Arbeit hat viele dieser Eigenschaften, daher ist es entscheidend, das Vertrauen der Benutzer wiederherzustellen. Die Schulung der Mitarbeiter ist unerlässlich, schützt aber nicht…

Jul 07, 2021: Cloud Strategy Optimization - Ensuring Efficient and Secure Collaboration on Cloud

Join the KCLive Event on Cloud Strategy Optimzation to learn how to develop a state-of-the-art cloud strategy for your business.

Symphony Technology Group (STG) Acquires McAfee Enterprise Business

STG announced that they intend to acquire McAfee’s enterprise business for around $4B. The McAfee brand will continue to operate and focus on consumer cybersecurity. STG will pick up MVISION, Global Threat Intelligence, database security, unified endpoint security, CASB, CSPM, CWPP,…

Business Continuity and the Cloud

On Wednesday March 10th at 1am in the morning a fire started that destroyed a major data centre that provides cloud services from OVHcloud. Thankfully no one was injured but this should be a wake up call for cloud service users to check that they have factored the use of cloud services into…

IT-Sicherheitsberatung hinter den Kulissen: Die Top 5 Herausforderungen, die Cloud Modelle mit sich bringen

Der Bedarf nach Cloud-Lösungen ist heute so stark wie nie zuvor. In den letzten Monaten konnten wir weltweit eine steigende Akzeptanz von Cloud Plattformen und Cloud-Diensten beobachten. Sogar die Deutsche Bahn verlagert ihre komplette IT in die Cloud.

Data Security in the Cloud

Join our Analyst Mike Small and Paul Hampton, Product Manager at Thales Security as they talk about the importance of securing data in the cloud.

Jan 27, 2021: IT-Sicherheitsberatung hinter den Kulissen: Die Top 5 Herausforderungen, die Cloud Modelle mit sich bringen

Der Bedarf nach Cloud-Lösungen ist heute so stark wie nie zuvor. In den letzten Monaten konnten wir weltweit eine steigende Akzeptanz von Cloud Plattformen und Cloud-Diensten beobachten. Sogar die Deutsche Bahn verlagert ihre komplette IT in die Cloud.

Nov 09 - 11, 2021: Cybersecurity Leadership Summit 2021

The Cybersecurity Leadership Summit brings together top security leaders to discuss latest trends and developments in the cyber space. CSLS goes beyond IT troubleshooting and primarily focusses on the managerial aspects of cybersecurity. The COVID-19 pandemic has unequivocally accelerated…

The Role of Data-Centric Security in the Cloud

As modern businesses across all verticals continue their rapid digitalization, the need to store, process and exchange data securely is becoming an essential factor for any company. However, this is particularly challenging for high-tech companies dealing with highly-sensitive R&D data.

Information Protection in Cloud Services

Today’s economy is clearly driven by data. The most successful companies are those that can use this data to create useful information that enables them to get closer to their customers, to create new products and be more efficient. Cloud services are a key enabler in this, they allow…

Zugriffsschutz für sensible Daten – mit Data Access Governance und Identity Governance

Damit Sie besagte Vorschriften rechtzeitig erfüllen können, ist es notwendig, sensible Daten zu erkennen und zu klassifizieren, unabhängig davon, wo sie sich befinden. Vor einer Cloud-Migration müssen Sie die Kritikalität von Daten verstehen und definieren, welche…

GCP Trust, Security and Compliance

In their race towards digital transformation, organizations are using cloud services to accelerate the development of new apps and improve efficiency. They allow new applications to be rapidly developed, existing applications to be modernized and deployed without additional capital spend.…

Sep 28, 2020: The Role of Data-Centric Security in the Cloud

As modern businesses across all verticals continue their rapid digitalization, the need to store, process and exchange data securely is becoming an essential factor for any company. However, this is particularly challenging for high-tech companies dealing with highly-sensitive R&D data.

Analyst Chat #36: Questions to Ask Your Cloud Provider About Security

Alexei Balaganski and Matthias Reinwarth discuss the security challenges for enterprises moving to the cloud and explain why security in the cloud is still your responsibility.

Oracle Delivers on Earlier Cloud Promises

Back in February (oh, how time flies! Just to think that it was right before the beginning of the COVID-19 pandemic…) I wrote a blog post looking at Oracle’s ambitious plans for developing its cloud strategy and expanding its worldwide…

Sep 16, 2020: Zugriffsschutz für sensible Daten – mit Data Access Governance und Identity Governance

Ein Großteil der geschäftlichen Dokumente in Unternehmen ist in Dateiordnern auf Microsoft SharePoint, Box, Dropbox und Google Drive gespeichert. Da ist es keine Überraschung, dass diese Daten zu den neuen Zielen von Hackern geworden sind. Mit zunehmenden Compliance-Anforderungen wie DSGVO,…

Identity Für Alle – Nicht Nur Für Wenige: Identity Management Für Den Mittelstand

Die digitale Transformation ist eine globale Herausforderung für Unternehmen jeder Größe. Im Gegensatz zu großen Konzernen fehlt es kleinen und mittelständischen Unternehmen aber oft an Fachpersonal und finanziellen Ressourcen, um Transformationsprozessen und den…

Cloud Security Posture Management Tools – What They Are and Why You Need One

Many security product vendors are now offering CSPM (Cloud Security Posture Management) as part of their portfolio - so what is CSPM and why might you need it?  In their race towards digital transformation, organizations are using cloud services to accelerate the development of new…

Sep 22, 2020: Information Protection in Cloud Services

Today’s economy is clearly driven by data. The most successful companies are those that can use this data to create useful information that enables them to get closer to their customers, to create new products and be more efficient. Cloud services are a key enabler in this, they allow the…

Analyst Chat #18: Zero Trust from the Cloud

Matthias Reinwarth and Alexei Balaganski look at the potential alternatives to VPNs and security gateways.

KuppingerCole Analyst Chat: Enterprise Databases in the Cloud

Matthias Reinwarth and Alexei Balaganski talk about making the right choice of a database engine to power your next cloud project.

The New Normal Post Covid-19

As soon as national lockdowns began to limit the spread of Covid-19 it was clear that the world would never be the same again, and last week’s Microsoft Build conference has highlighted what some of those changes will be, starting with the event itself being fully virtual for the first…

Jul 02, 2020: Identity für Alle – nicht nur für Wenige: Identity Management für den Mittelstand

Die digitale Transformation ist eine globale Herausforderung für Unternehmen jeder Größe. Im Gegensatz zu großen Konzernen fehlt es kleinen und mittelständischen Unternehmen aber oft an Fachpersonal und finanziellen Ressourcen, um Transformationsprozessen und den notwendigen technischen…

Cybersecurity of Tomorrow: Delivered Entirely From the Cloud

As businesses embrace the Digital Transformation and become increasingly cloud-native, mobile and interconnected, the corporate network perimeter is gradually disappearing, exposing users to malware, ransomware, and other cyber threats. Traditional perimeter security tools no longer provide…

Sep 13 - 16, 2021: European Identity and Cloud Conference 2021

The European Identity and Cloud Conference returns fully digitalized, reacting to the global pandemic. We have collected a lot of experience in virtual conferencing throughout 2020 to be able to offer you a safe and hygienic event experience – on-site, virtual, and hybrid.

The DON’Ts of IT in the Times of Crisis

Truly we are living in interesting times (incidentally, this expression, commonly known as “the Chinese curse”, has nothing to do with China). Just a couple of weeks ago the world was watching China fighting the coronavirus outbreak as something that surely can never happen…

Will 2020 Be the Year of Oracle Cloud?

Recently I had an opportunity to attend the Next Generation Cloud Summit, an event organized by Oracle in Seattle, WA for industry analysts to learn about the latest developments in Oracle Cloud strategy. This was the first Oracle’s analyst summit in Seattle and coincidentally my first…

The Next Best Thing After "Secure by Design"

There is an old saying that goes like this: “you can lead a horse to water, but you can’t make it drink”. Nothing personal against anyone in particular, but it seems to me that it perfectly represents the current state of cybersecurity across almost any industry. Although…

Regulatory Compliance a Potential Driver of Cloud Migration

Newly announced AWS offerings of Access Analyzer, Amazon Detective and AWS Nitro Enclaves discussed in my last blog post, further round out AWS’s security services and tools such as Amazon GuardDuty that continuously monitors for threats to accounts and workloads, Amazon Inspector that…

Breaches and Regulations Drive Better Security, AWS re:Invent Shows

The high proportion of cyber attacks enabled by poor security practices has long raised questions about what it will take to bring about any significant change. Finally, however, there are indications that the threat of substantial fines for contravening the growing number of data protection…

The First Step to Cloud Is Not Technical – an AWS Perspective on Cloud Migration

As usual, Amazon Web Services (AWS) is making a slew of announcements at its reinvent conference in Las Vegas, and as expected, the key ones related to making it easier for organizations to move workloads to the cloud, keep data secure and get more value out of their data with services…

Security vs Convenience: In the Cloud, it’s Still Your Choice and Your Responsibility

Social logins are extremely popular. Instead of going through a process of creating a new account on another website, you just click on the “Continue with Facebook” or “Sign in with Google” button and you’re in. The website in question can automatically pull the…

Nov 09 - 11, 2020: Cybersecurity Leadership Summit 2020

In order to follow the footsteps of digital and technological advancements, have yourself prepared for the future and gain critical knowledge on emerging trends, KuppingerCole Analysts holds its second Cybersecurity Leadership Summit (#CSLS20) virtually, offering the remarkable world-class…

Meet the Next-Generation Oracle

Oracle OpenWorld 2019 has just wrapped yesterday, and if there is a single word that can describe my impressions of it, that would be “different”. Immediately noticeable was the absence of the traditional Oracle Red spilling into the streets around the Moscone Center in San…

Security Vendor Imperva Reports a Breach

Imperva, a US-based cybersecurity company known for its web application security and data protection products, has disclosed a breach of their customer data. According to the announcement, a subset of the customers for its cloud-based Web Application Firewall solution (formerly known as…

VMware to Acquire Carbon Black and Pivotal, Aims at the Modern, Secure Cloud Vision

Last week, VMware has announced its intent to acquire Carbon Black, one of the leading providers of cloud-based endpoint security solutions. This announcement follows earlier news about acquiring Pivotal, a software development company known for its Cloud Foundry cloud application platform,…

Don’t Blame the Cloud for Capital One’s Troubles

After the recent Capital One breach, some commentators have suggested that cloud security is fundamentally flawed. Like many organizations today, Capital One uses Amazon Web Services (AWS) to store data, and it was this that was targeted and successfully stolen. In the case of Capital One…

Privileged Access Management Needs a New Approach

As organizations accelerate their digitalization efforts to stay relevant and competitive in the marketplace, they must evaluate and embrace technologies that can not only support the enablement of their digitalization efforts but can also support the speed, scale and security required for…

Security in the Age of the Hybrid Multi Cloud Environment

The way is clear for the hybrid multi-cloud environment! With an increase in cloud services, the mitigation of cyber risks within such environments becomes paramount. The value of traditional security tools for cloud applications is very limited and the misconfiguration of cloud platforms…

M&A Activity in Cybersecurity and IAM

It seems almost every week in cybersecurity and IAM we read of a large company buying a smaller one. Many times, it is a big stack vendor adding something that may be missing to their catalog, or buying a regional competitor. Sometimes it’s a medium-sized technology vendor picking up a…

Jul 16, 2019: Privileged Access Management Needs a New Approach

As organizations accelerate their digitalization efforts to stay relevant and competitive in the marketplace, they must evaluate and embrace technologies that can not only support the enablement of their digitalization efforts but can also support the speed, scale and security required for…

Jul 03, 2019: Security in the Age of the Hybrid Multi Cloud Environment

The way is clear for the hybrid multi-cloud environment! With an increase in cloud services, the mitigation of cyber risks within such environments becomes paramount. The value of traditional security tools for cloud applications is very limited and the misconfiguration of cloud platforms is…

May 17, 2019: Hybrid and Secure Cloud Boot Camp

Who's the Best Security Vendor of Them All?

This week I had an opportunity to visit the city of Tel Aviv, Israel to attend one of the Microsoft Ignite | The Tour events the company is organizing to bring the latest information about their new products and technologies closer to IT professionals around the world. Granted, the Tour…

Nov 12 - 14, 2019: Cybersecurity Leadership Summit 2019

In order to follow the footsteps of digital and technological advancements, have yourself prepared for the future and gain critical knowledge on emerging trends, KuppingerCole Analysts holds its second Cybersecurity Leadership Summit (#CSLS19) in Berlin, Germany, offering the remarkable…

Top 5 CISO Topics for 2019

Where to put your focus on in 2019