Security Information and Event Management

Leadership Compass

Security Orchestration Automation and Response (SOAR)

This report provides an overview of the SOAR market and a compass to help you find a solution that best meets your needs. We examine the SOAR market segment, product/service functionality, relative market share, and innovative approaches to providing SOAR solutions.

Video

KC Open Select: Your #1 Shortlisting Tool

Discover and Compare Cybersecurity Solutions for Free Optimize your decision-making process with the most comprehensive and up-to-date market data available. Configure your individual requirements to find the right vendor for your business or follow the best practice recommendation of…

Blog

How to Find the Best IT Solution for Your Business

Every company has different needs. These will depend on company size, location, products they offer, not to mention the current infrastructure in place. Unfortunately, there is not a solution that “fits them all”, and the high maturity of the IT market leads to numerous…

Video

Analyst Chat #154: 2022 Wrapped Up - Major Trends in IAM and Cybersecurity

Another year gone already! It's time to take a look back at 2022. Martin Kuppinger and Matthias talk about what happened in the past year and identify top trends in IAM and Cybersecurity. They go beyond technology but also look at processes and business models. By this, they also…

Blog

CSLS 2022 Is a Wrap

Video

Recap Cybersecurity Leadership Summit 2022

Video

Key Findings on Malign Information, Misinformation, and Cyberattacks

Ksenia Iliuk, Head of Research at Detector Media, Ukraine tells us about some key findings of their research in the media landscape of Ukraine. Find out what she has to say about Telegram and what it has to do with #cybersecurity .

Video

Analyst Chat #149: The Top 5 Cybersecurity Trends - Looking Back at CSLS 2022

Deep Fakes, AI as friend and foe, Business Resilience, Mis-, Dis- and Malinformation: The Cybersecurity Leadership Summit has taken place in Berlin and covered all of this and much more. Martin Kuppinger and Matthias look back on the event and identify their Top 5 Trends from CSLS2022 in…

Video

On the Charge: Securing the Energy Sector

The economic value represented by the energy industry makes utilities an attractive target for cybercriminals. An expansive attack surface coupled with strong interdependencies between physical and digital infrastructure makes utilities an interesting case study for cybersecurity…

Video

Who the @!%# Is User1?!

The explosion of  connected things and  remote work  is presenting digital enterprises with both opportunities and challenges. In today’s distributed workscape, people are  the  new  perimete r and  identity is the  new  key.…

Video

Protecting Infrastructure in an Exposed Environment

Video

Continuous Zero Trust Transformation using a Value and Risk Driven Approach

For big companies like Mercedes, there is no generic zero trust implementation to deliver the values for customer, workforce, suppliers and logistics.  It is unlikely to have a greenfield implementation as there is a rich fundament of processes, technologies and business uses cases…

Video

Strategic Approaches to Secure Industrial Control System Environments

 

Video

UNECE R 155: Security-by-Design for the Automotive Supply Chain and In-Vehicle Cybersecurity

 

Video

Sustainable Vulnerability Management: Case Study by KuppingerCole

For any large company, regulated or not, it is essential to have a mechanism or process for detecting vulnerabilities. For this purpose, various scanners exist that can automatically scan the company's IT assets for known and new vulnerabilities. However, this is where the big challenge…

Video

Future-Proof Network Detection & Response for IT & OT – Made in Switzerland

Video

The Blueprint for a Cyber-Safe Society: How Denmark provided eIDs to citizens and business

Implementing digital solutions enabling only using validated digital identities as the foundation for all other IAM and cybersecurity measures is the prerequisite to establish an agile ecosystem of commerce and corporation governed by security, protection, management of…

Video

A Picture is Worth a Thousand Lies: Deepfakes or AI-Generated Synthetic Media

Imagine deepfake footage of a CEO engaging in bribery, a politician committing a sexual assault just a few days before an election, or soldiers committing atrocities on foreign soil. In our current environment, where conspiracy theories thrive, deepfakes could lead to catastrophic…

Video

Exploring the role of Endpoint Security in a Ransomware Resilience Plan

Ransomware attacks continue to increase in frequency and severity. Every organization needs a ransomware and malware resilience plan. Three major components of such plans should include deploying Endpoint Security solutions, keeping computing assets up to date on patches, and backing up…

Video

Only Those Who Know the Dangers Can Protect Themselves

How do cyber criminals go about a hacking attack and how easy is it to capture sensitive data? As the saying goes, "Keep your friends close, but your enemies closer," we take a look at how hackers and social engineers work with social pentester Graham Stanforth.

Video

Rethinking Cybersecurity From the Human Element Point of View

Over simplifying, IT security means defending the IT systems from threats procured by cybercriminals. Their targets are, for example, the manipulation of systems, the extorsion or exfiltration of data, and the interruption or alteration of services. However, what happens if we have humans…

Video

Know Your Enemy and Know Yourself, How to Win at Cyber Warfare and Turn You People From the Weakest Link to a Defence Mechanism

“If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.” …

Video

Awareness?! How to Make It Work in a Low-Tech Environment

Video

Panel | Cyber Hygiene Best Practices: Why Does It Matter?

Security of users, data, devices and networks is orchestrated via a set of precautionary cyber measures called  cyber hygiene.  Enterprises today deal wih a sheer volume users, data and devices, often distributed across complex cloud/hybrid environments – making cyber…

Video

How a Shoemaker Stole the City Treasury and Ended up as a Social Engineering Legend

Cyber Security traditionally has been seen as the domain of Technology, with an expectation that the solution for cyber resilience has to be provided by IT – and we happily accepted this challenge and delivered numerous software and hardware solutions, design and development…

Video

Best Practices to Protect your APIs and Accelerate your DevOps Journey.

Video

Cyber Hygiene Is the Backbone of an IAM Strategy

When speaking about cybersecurity, Hollywood has made us think of hooded figures in a dark alley and real-time cyber defense while typing at the speed of light. However, proper cyber security means, above all, good, clean and clear security practices that happen before-hand and all day,…

Video

Assessing your Cybersecurity Tools Portfolio: Optimize Cost, Increase Security

Most organizations don’t suffer from a lack of cybersecurity tools. They suffer from the cost and administrative burden of running too many of these. They suffer from the lack of integration. They suffer from the lack of skills in optimally configuring the tools and analyzing the…

Video

Cyber Warfare - A Reality Check

Cyber Warfare and Disinformation have been heavily weaponized since Russia´s full-scale Invasion of Ukraine and even before, aiming at destabilizing the free part of the world. It is the "synergy of the evil" between cyber warfare and MDM (Misinformation, Disinformation,…

Video

How the Current Crisis could become a Catalyst for Various Transformations

Video

Standards & Regulatory Frameworks Are Static, Security Isn't

Current frameworks from Cyber Essentials in the UK, to the NIST Cyber Security Framework, HIPPA, PCI-DSS and even ISO27002:2022 often take at least 18-24 months to agree by their governance bodies. The world is much faster moving that that, the fact many regulatory frameworks will take…

Video

Security Automation Strategies to Succeed or Fail: You Choose

This presentation will explore why companies need security automation. We will look at how companies can ensure success (and how to ensure failure). Leveraging professional experience and doctoral research into security automation, the presenter will examine the keys to successful security…

Video

Exercising Your Cyber Crisis Plans

Video

NIS2 Directive – What It Is and Why You Need to Prepare

Video

Panel | Best Practices for Implementing Enterprise Security Automation for Threat Detection and Intelligence

As the intensity and sophistication of cyber-attacks continues to increase amidst an uncertain threat landscape, enterprises are actively looking to embrace security automation as a potential solution. With machine learning developments maturing at a rapid pace, security automation…

Video

Effects of Malware Hunting in Cloud Environments

Video

Ask Just Anything

Video

Managing the Cyber Security Technical Debt: How did we get there? And what to do about it?

This presentation will explore why companies need security automation. We will look at how companies can ensure success (and how to ensure failure). Leveraging professional experience and doctoral research into security automation, the presenter will examine the keys to successful security…

Video

Debunking Common Myths About XDR

Video

Panel | Overcoming vulnerabilities around Human Factors

Human factors continue to be a weak link in enterprise defence strategies. This panel session will explore vulnerabilities around human factors and will look into security initiatives that have a valuable impact on the ability of enterprises to mitigate risk and optimize their cybersecurity…

Video

CSLS Wrap Up and Closing Keynote

Video

The Changing Face of Resilience

Resilience has been changing over the last 15-20 years, where we now accept and acknowledge the various types of reslience an organisation should be responding to. This session will explore how security has moved from a focus on just protection to faster detection and response. It will aso…

Video

Welcome to CSLS 2022

Video

Security Automation: Realizing Business Benefits, Without Adding Headcount

The next generation of cyber threats have arrived and there aren’t enough security people or budgets to handle the growing volume and complexity. This presentation will explore why organizations — and not just their security teams — need security automation. We…

Video

Risk-Based Cyber Reporting Best Practices

Cybersecurity reporting is a critical mechanism to ensure effective commincation of significant security issues across different levels of your organization - from software architects to the Board. Yet, reporting today is far from being a formality and does not comprehensively highlight an…

Video

Quantum Computers: The Ultimate Opponent for Data Protection

Video

Workshop | Strategy, Risk, and Security: Building Business Resilience for Your Organization

Every business should be equipped to understand for itself what most threatens and endangers its business model. This is the starting point for preparation measures for disruptions and crises that, if not properly managed, can endanger and even kill organizations as a whole.…

Video

Workshop | Break the Kill Chain – An Intelligence-Led Model to Cyber Defence

Video

Workshop | From Asset Management to Asset Intelligence: Crossing the CAASM

As the sprawl of devices, device types, and solutions continues to skyrocket, environments only grow more complex. But there's good news: asset management has evolved. Today’s “asset intelligence” moves from a spreadsheet approach to an API-driven, always up-to-date…

Video

Workshop | Implementation of a Risk Class Model Within Access Management

In this workshop, we will show you how to implement a risk class-based approach within access management with little effort in order to achieve the highest level of control, compliance and transparency in your own organization. All the necessary rules and templates (e.g., for password…

Video

Panel | Misinformation – Disinformation – Malinformation (MDM): The Next Big CISO Challenge?

Even though MDM has had a long history during war and times of high tension,  the digital era has been increasing reach and potential impact of weaponized misinformation. Sophisticated tools such as machine learning mechanisms and software bots is opening a huge battlefield for…

Video

Successfully tackling your Digital Supply Chain Risk

In this talk, Martin Kuppinger, Principal Analyst at KuppingerCole Analysts, will provide insights on Digital Supply Chain Risk. He will look at the areas of risks, from secure partner onboarding to software supply chain security and others. He will look at prominent examples and common…

Video

Building Resilience After a Major Incident

This presentation will explore resilience measures to be taken immediately after a major incident.

Video

Resilience and the Need for Privacy

This presentation will explore the role of privacy in building enterprise resilience.

Video

Model to Quantify Cyber Security Risks

Get a model and recommendations to quantify cyber security risks including the costs of fines, contractual compensations, service credits, and loss of income. The use of heatmaps with qualitative criteria and arbitrary cocktails of threat and control efficiency data prevents the secure…

Video

Learn How SD Worx Turned Its Cybersecurity Strategy Into a Business Enabler

Video

Panel | Getting Started on Your Zero Trust Journey

As organizations continue to grapple with security issues, a 'zero-trust' approach to cybersecurity has been touted as a potential solution to enhance enterprise security. However, taking on Zero Trust architectures can be an overwhelming experience for even the most seasoned cybersecurity…

Video

CISO Talk: Cloud as a Security Enabler

More organizations are now moving to the cloud.  From a security perspective – refactoring the applications provides a major opportunity to improve security posture.  This session explores how the right approach towards can save time, increase inherent security, and ensure…

Video

Reducing Complexity – Introducing a Practical Model for Security Classifications

Building and running cyber security in both worlds modern cloud security in combination and legacy on premises introduces extra complexity.  Some of the well known security patterns and models are not applicable in cloud systems while the modern security models like zero trust barely…

Video

SASE v/s Zero Trust: Going Beyond Buzzwords

The concepts behind Zero Trust and SASE are not new, but recent developments in technological capabilities, changes in the way people are working, accelerated adoption of cloud and Edge computing, and the continued evolution of cyberthreats have resulted in both rising in prominence.  …

Video

How to Build a Trusted Digital World Through Collaboration

Thanks to cybersecurity technologies such as Privilege Access Management and security concepts like Zero Trust, we now have the capacity to secure all digital access, from the cloud to IoT. Digital access in software and hardware must be secure by design to minimize risk as much as…

Video

Microshard Technology: An Enabler for GDPR/Schrems II Compliance

This session will examine the ruling of 16 July 2020, where the Court of Justice of the European Union (the Court) in its Case C-311/18 Data Protection Commissioner v Facebook Ireland and Maximillian Schrems (called “Schrems II case”) invalidated the EU-US Privacy Shield…

Video

Let’s Think Zero Trust – for IT, OT and Products

Over the past two years, Siemens has been on a mission to protect a global enterprise through the highest Zero Trust standards, and this journey is far from over. In this session, program lead Thomas Müller-Lynch share his experiences on the road to Zero Trust readiness of all…

Video

Zero Trust Journey, How We Moved from an Immature Organization to Zero Trust

This is the story of our journey to Zero Trust, from the initial analysis to its technical and effective implementation. As many organizations our starting point was not the best one (lack of proper asset management, mixed permissions, etc) but when we started to work on a Zero Trust…

Video

Zero Trust Is Table Stakes, Zero Knowledge Is the Next Evolution

Zero trust has been around in one shape or form in security for many years, usually under different names like the "Principle of least privilege" or "Mandatory Access Control'. It exists for a good reason, and needs to be re-enforced. But for any cloud native vendor, Zero Trust should be…

Video

Enterprise Access Control for Zero Trust

With many privileges to manage within an organization, authorization within an Enterprise can be a challenge. As capabilities in any organization are often in a state of constant change and growing complexity, implied trust can easily creep into authorization frameworks and policies leading…

Video

Exploring the Impact of Cybersecurity Regulations in the Digital World

The European Commission is working on various legal initiatives for the European Union related to the digitial world, and they are in various states of being adopted. This presentation gives an overview on these, and a looks into the content matter they cover. What are the most important…

Video

Lessons Learned: Responding to Ransomware Attacks

The last year has seen almost two-thirds of mid-sized organizations worldwide experiencing an attack. Managing ransomware attacks requires significant patience, preparedness and foresight – Stefan shares his experience managing the ransomware attack on Marabu Inks, his key learnings…

Video

R.O.N. - Return on Negligence – The Impact of Cybercrime

The cost of doing nothing is something that today we have to factor into many aspects of our lives.  Inaction hurts and we’ll briefly talk about the 6 degrees of separation for the connected areas that are impacted by Cybercrime.  There is more at risk than what can be…

Video

New Security Fundamentals: Five Things CISOs and CTOs Should Consider

The old saying goes, ‘The more things change, the more they stay the same”. This has never been more true than today in the modern CTO and CISO’s life. As technology evolves, the attack surface and actors adapt. Are they really different? Or are they the same…

Video

Panel | Looking into the International and German Governmental Cybersecurity Architecture

From Christina Rupp’s initial talk, we have seen that Germany’s governmental cybersecurity architecture is a complex ecosystem. In this Panel Session, we will discuss challenges and requirements of European institutional cybersecurity architectures and how such architectures…

Video

Government's Role in Providing a Secure Framework for Digital Transformation

This keynote will explore the role of government in providing a secure framework for digital transformation.

Video

Panel | Leadership Outlook: What Are the Key Attributes of the Next-Gen CISO?

In this exclusively curated panel session, top CISOs from across the world reflect on where they find themselves today, explore trends that will define the cyber ecosystem over the next decade and highlight the core attributes required for future CISOs to maneuver through the challenges…

Video

Security in the Face of Change: Past Lessons & Prospects for Our Future

The convergence of organizational decentralization, digitization, and global i nstability have raised the need to secure vital infrastructure. Can we learn from the past? Can we prioritize and plan future scenarios?  Join Elastic as we share insights and lessons from building…

Video

Why Threat Intelligence is Losing its Edge and How to Overcome Noise Overload

Video

Germany's Cybersecurity Architecture and How it is Linked to International Actors

Christina Rupp has co-authored a publication of the Stiftung Neue Verantwortung, a Berlin based Think-Tank exploring the intersection of technology and society, on Germany’s Cybersecurity Architecture. In her introductory talk, she will provide insights into the development and…

Video

Pools of Identity: Best Practices Start With Personal Password Behavior

Video

The European Cybersecurity Competence Center (ECCC) and the Future of Cybersecurity in Europe

Video

The Art of Becoming a Multifaceted CISO

The challenges to information security in companies are increasing every year. The focus is on serious attacks against small and large companies and the urgent need to protect their own information. It is no longer sufficient to view the protection of corporate information in a…

Video

Software Bill of Material - a Way to Prevent Black Swan Events?

SBOM offers multiple ways of getting under the covers of your and other provider's software resilience. Implemented properly, SBOM not only increases code and library transparency with a a much better chance to catch hidden software flaws much more quickly and potentially ahead of your…

Video

Achievement Unlocked: Navigating the Labyrinth of Cyber Leadership

The role of a CISO has expanded beyond technical competence and compliance – an uncertain threat landscape calls for a technically competent leader with strategic oversight across the board, from engaging with multiple stakeholders to manage and get buy-in for cyber resilience…

Video

CISO Panel | Mitigating State Sponsored Attacks in Cyber-Space

Attackers are expected to leverage the uncertain geopolitical landscape to carry out advanced cybercrime attacks, leaving businesses susceptible to intrusions that could have potential second and third-order effects on their operations. In this panel session, leading CISOs provide a…

Blog

Preventing Supply Chain Attacks

  What are your top 3 cybersecurity priorities? And have they changed much in recent years? So, my top three cybersecurity priorities haven't actually really changed over the years. They actually changed in content and severity but not over all. So, a major concern, of course, are…

Blog

What We Can Learn from DeFi and Crypto Exchange Attacks

Some attacks on decentralized finance (DeFi) platforms are financial in nature – the manipulation of token prices in the Mango Market attack for example. However, many other attacks are much more mundane but with an important lesson – best practices in cybersecurity are always…

Blog

Do You Really Need a VPN?

It looks like we are halfway through the Cybersecurity Awareness Month of October already, and I thought it might be the appropriate time to talk about VPNs. Again. Haven’t we talked about them enough, you might ask? Every time KuppingerCole analysts bring up the topic of Zero…

Blog

The Importance of SME’s Cybersecurity

Complete the following sentence: “Cybersecurity is... / is not...” Cybersecurity is... Cybersecurity is really hard. One of the things that I think we should never forget, we exist in an imperfect world. Security controls are varied and complex, and we face every day a…

Executive View

Micro Focus ArcSight

ArcSight is a modern SIEM solution that provides an advanced security analytics platform for storing, analyzing, and visualizing information from multiple sources and converting it into actionable intelligence. The ArcSight platform allows users to identify security threats, manage incident…

Blog

Is It Possible to Recover After a Cyberattack?

Unfortunately, every organization is vulnerable to a cyberattack. We have seen in the last years a considerable increase in cybercrime and the negative impact that it causes on businesses. The obvious consequences are financial, but that is just the tip of the iceberg. There are several…

Blog

Cyber-Crisis Becomes an Opportunity for Insurers

The pandemic changed our lives in many ways, some good and some bad. However, one impact has been that that cyber-attacks are more prevalent than ever before.  Every organization across all industry sectors is now a target of cyber-crime. It seems like every day another cyber-security…

Video

Analyst Chat #144: What Cybercrime Can Really Mean to Your Business

Cybersecurity often seems like a dry subject. And as long as it is practiced successfully, its benefits can only be seen in the absence of damage. However, Marina Iantorno, who is taking part in the Analyst Chat for the first time, will discuss the actual risks associated with inadequate…

Blog

Countering State-Sponsored Cyber Attacks

  What makes Nation State Actors so special compared to other threat actors? I think it's important to understand the differences between the different threat actor groups, I think is super important for a CISO. Those are usually seen as the following. We have the insiders, on the…

Blog

Cyber Hygiene: Common Problems & Best Practices

To maintain their health and well-being, people are practicing personal hygiene routines on a regular basis. These routines are continuous and never completed. By taking proactive measures, people aim to protect their health against potential diseases and disorders. Analogically,…

Video

Analyst Chat #141: What Defines Modern Cybersecurity Leadership

How do you implement modern cybersecurity leadership between compliance, threat protection, privacy and business enablement? To answer this question, Matthias invited the CEO of KuppingerCole Analysts, Berthold Kerl, who was and is active in various roles as a leader in cybersecurity.…

Blog

The Importance of Standards in the IT Security Industry

Is the security sector served well by the standards, regulations, and frameworks we have? The security industry has been around for a good few years and we've understood the importance of standards. If you look at the way that standards, frameworks, and regulations work, it does take…

Blog

Human Factor in Cybersecurity: The Weakest Link?

The Human Factor Cybercriminals often exploit our human vulnerabilities and psychological elements to steal credentials and gain unauthorized access. Since phishing and social engineering attacks are primarily targeted at people, the human factor continues to be an important element CISOs…

Video

The 3 Essentials of a Cyber Leader

How can the Cybersecurity Leadership Summit help you become a great digital leader? Raj Hegde, Product Manager, tells us what the 3 core qualities of the digital leaders of the future are, and how you can strengthen them by joining us on 8-10 November in Berlin.

Blog

The 3 Essentials of a Cyber Leader

Digital leaders face new challenges: a volatile political situation, an uncertain economic climate, and a new paradigm in the way their employees work. Raj explains how we identified the core qualities cyber leaders need in our times and how the Cybersecurity Leadership Summit was designed…

Leadership Brief

EU NIS2 Directive

Every organization needs to take steps to ensure their cyber resilience and this updated directive provides a useful framework for this. This report provides a summary of the technical obligations that NIS2 places on organizations together with recommended actions. This directive places…

Blog

Speaking in Cybersecurity: My Recollection!

During my studies and the subsequent first years of my career, I was already always someone who liked to share knowledge with others and present interesting topics. This is not the only reason why my profession has developed in the direction of IT consulting. In fact, in consulting, "being…

Webinar

Oct 11, 2022: A Zero Trust Approach to Cyber Resilience

Security in many organizations is not evolving fast enough to keep up with business transformation, including migration to the cloud and to Industry 4.0. These changes, while essential to remain competitive, bring fresh security risks. A new approach is needed to ensure cyber resilience.

Executive View

Microsoft Entra Permissions Management

As organizations adopt multi cloud infrastructures to support business workflows involving user and workload identities it's increasingly difficult to know who has access to what data across which platforms. It increases the risk of unauthorized identities having access to critical…

Video

Effective Threat Detection for Enterprises Using SAP Applications

Determined cyber attackers will nearly always find a way into company systems and networks using tried and trusted techniques. It is therefore essential to assume breach and have the capability to identify, analyze, and neutralize cyber-attacks before they can do any serious…

Leadership Brief

Cyber Hygiene: The Foundation for Cyber Resilience

Most cyber incidents result from poor cyber hygiene. To avoid these, organizations must make sure that all the routine tasks needed to keep their systems, data, and applications safe are performed regularly and completely. This means creating a culture where everyone across the organization…

Blog

Arrival of the Digital Services Act (DSA)

The Digital Services Act (DSA), along with the Digital Market Act (DMA) are initiatives from the European Union Commission, proposed in December 2020 and agreed upon in April 2022. The main goal is to provide and ensure an accountable online environment in the EU, and regulate the…

Market Compass

Security Operations Center as a Service (SOCaaS)

The KuppingerCole Market Compass provides an overview of the product or service offerings in a certain market segment. This Market Compass covers the Security Operations Center-as-a-Service (SOCaaS) market that continues to develop in response to demand for security monitoring, analysis,…

Blog

Web 3.0 Creates a World Without Perimeters

Web and the metaverse is a trendy topic, so it is even nicer to enjoy a more nuanced view of the subject. An optimistic but still realistic sneek peak of our digital future. Katryna Dow from Meeco will elaborate on the challenges of Web3 in her Keynote The Omniverse SWOT on Thursday, May 12,…

Blog

The European Identity & Cloud Conference Celebrates Its 15th Edition – Time for Looking Back

As one of the founders of KuppingerCole Analysts, I’m also an EIC (European Identity & Cloud Conference) veteran. Looking back to the start in 2007, a lot has changed since then, but the core of EIC is what it has been from the very beginning: A conference that provides both…

Blog

Public-Private Cooperation in Cyberspace

Managing business in today's geopolitical context In the face of a geopolitical crisis, concerns are growing about the threat of cyber-attacks to global supply chains and private organizations, which are already in a precarious state due to the Covid-19 pandemic. When a crisis occurs,…

Webinar

Jun 28, 2022: Effective Threat Detection for Enterprises Using SAP Applications

Determined cyber attackers will nearly always find a way into company systems and networks using tried and trusted techniques. It is therefore essential to assume breach and have the capability to identify, analyze, and neutralize cyber-attacks before they can do any serious damage.

Blog

Software Supply Chain Risks: How to re-assess when there is a ban?

Over the past 16 months, Software Supply Chain Risks have risen to a top concern of CISOs, caused by several software supply chain attacks as well as major risks induced by vulnerabilities in extensively used standard software components, specifically Log4j/Log4shell. Understanding and…

Blog

Prepare, Prevent and Protect

Is your Digital Supply Chain your weakest Link? In the 1950’s the Lyons restaurant chain in the UK built their own computer and wrote all the applications that they needed to manage and optimize their operations. This was called LEO – Lyons’ Electronic Office.  Today,…

Buyer's Compass

Security Operations Center as a Service (SOCaaS)

The Security Operations Center-as-a-Service (SOCaaS) market continues to develop in response to demand for security monitoring, analysis, detection, response, and improvement recommendations either instead of or as a supplement to permanent on-premises SOCs. This KuppingerCole Buyer's…

Webinar

Apr 26, 2022: The Machine Monitoring Mandate

Governments world-wide are increasingly worried about the social unrest that could result from a cybersecurity compromise of critical infrastructure. This has highlighted the fact that the underlying operational technology (OT) is often inadequately protected, and that this must change.

Video

Analyst Chat #111: From SIEM to Intelligent SIEM and Beyond

A comprehensive cybersecurity strategy typically includes the use of modern, intelligent Security Information and Event Management (SIEM) platforms. These go far beyond simply aggregating and analyzing log files. Alexei Balaganski outlines the latest market developments based on his…

Leadership Compass

Intelligent SIEM Platforms

This report is an overview of the market for modern, intelligent Security Information and Event Management (SIEM) platforms and provides you with a compass to help you to find the solution that best meets your needs. We examine the market segment, vendor service functionality, relative…

Blog

Adding Bread to the Sandwich: Beyond MITRE D3FEND

Commissioned by HCL Software Over the past years, various frameworks and models for defending against cyber-attacks have been published. A popular one is the NIST CSF (Cybersecurity Framework), another one is MITRE D3FENDTM. Both have overlaps and differ in other areas. But, when looking…

Blog

Google Cloud Advances Security Capabilities by Acquiring SOAR Vendor Siemplify

Yesterday, Google has announced that it has acquired Siemplify, a well-known provider of security orchestration, automation and response (SOAR) solutions, for an undisclosed amount. The stated strategic goal of this acquisition is to “change the rules on how organizations hunt, detect,…

Blog

Log4j – How Well Did You Perform?

Over the past few weeks since this vulnerability was made public much has been written by many on what your organization should do about it.  This is not the end of the story; Apache has already released 3 patches for related vulnerabilities, and you need to be ready for the next one…

Video

Analyst Chat #106: 2021 - A Retrospective

Paul Fisher and Matthias present their very subjective summary of a really special and, in particular, especially challenging past year, 2021. They cannot do without the word 'pandemic' after all, but they also try to reach a first perspective on the year 2022 from the past 12 months.

Hybrid Event

Nov 08 - 10, 2022: Cybersecurity Leadership Summit 2022

For the 5th time, the Cybersecurity Leadership Summit brings together cybersecurity executives, analysts, and top CISOs from global players like Mercedes-Benz, Deutsche Bank, Nordea, Bank of Montreal, Deutsche Bahn, E.ON, Siemens, and Mastercard to help delegates drive decision-making…

Video

Analyst Chat #102: Impressions and Insights From the CSLS 2021

From November 9th to 11th, the Cybersecurity Leadership Summit 2021 took place in Berlin and virtually online. The Monday after, Martin Kuppinger and Matthias sat together to talk about some first impressions and insights from this event. The recordings and slide decks are available…

Blog

CSLS Speaker Spotlight: Martin Kuppinger on Cloud Security

Martin Kuppinger, Principal Analyst at KuppingerCole, will give a presentation entitled Cloud Security 2025 – Perspective & Roadmap on Thursday, November 11 from 11:00 am to 11:20 am at Cybersecurity Leadership Summit 2021. To give you a sneak preview of what to expect, we asked…

Blog

CSLS Speaker Spotlight: Joe Sullivan on Securing the Cloud

Joe Sullivan, Chief Security Officer at Cloudflare, Inc., will give a presentation entitled Securing the Cloud - From the Inside Out on Thursday, November 11 from 15:40 pm to 16:00 pm at Cybersecurity Leadership Summit 2021. To give you a sneak preview of what to expect, we asked Joe some…

Blog

CSLS Speaker Spotlight: Stefan Würtemberger on Successful Cyberattacks

Stefan Würtemberger, Vice President Information Technology at Marabu Inks, will give a presentation on the impact of cyber attacks on businesses entitled And Suddenly It Burns Without Fire on Wednesday, November 10 from 10:10 am to 10:30 am at Cybersecurity Leadership Summit 2021. To…

Blog

CSLS Speaker Spotlight: Vodafone's Andrzej Kawalec on Ransomware

Andrzej Kawalec, Head of Cybersecurity at Vodafone Business, will give a presentation entitled Ransomware: What Happens When the Tech Stops? on Thursday November 11 from 09:30 pm to 09:50 am at Cybersecurity Leadership Summit 2021. To give you a sneak preview of what to expect, we asked…

Blog

CSLS Speaker Spotlight: MasterCard's Donnie Wendt on Machine Learning in Cybersecurity

Donnie Wendt, Principal Security Researcher at MasterCard, will give a presentation entitled Machine Learning: Cybersecurity’s Friend & Foe on Wednesday, November 10 from 14:20 pm to 14:40 pm at Cybersecurity Leadership Summit 2021. To give you a sneak preview of what to expect,…

Blog

CSLS Speaker Spotlight: Deutsche Telekom CSO Thomas Tschersich on His Cybersecurity Predictions for 2022

Thomas Tschersich, Chief Security Officer at Deutsche Telekom, served as an advisor in the preparation for the Cyber Council Panel on Cybersecurity Predictions 2022 which will see CISOs, CIOs, and CSOs discuss next year's cybersecurity threatscape on Wednesday, November 10 from 09:30 pm to…

Blog

CSLS Speaker Spotlight: Oliver Carr on Maximizing the Value of Security

Oliver Carr, cybersecurity evangelist and strategist will discuss the Maximizing the Value of Security on Wednesday, November 10 from 12:00 pm to 12:20 pm at Cybersecurity Leadership Summit 2021. To give you a sneak preview of what to expect, we asked Oliver some questions about his…

Blog

Complex Modern Business Needs Trusted IT Partners to Be Secure

In today’s business environment, companies have three major challenges – making a profit, finding great people, and staying ahead of the competition. That’s quite enough, but they also have major operational challenges with IT, cyber security, and compliance. For example,…

Blog

CSLS Speaker Spotlight: KC Analyst Alexei Balaganski on the Human Factor in Cybersecurity

Alexei Balaganski, Lead Analyst and Chief Technology Officer at KuppingerCole will discuss the Human Factor in Cybersecurity on Wednesday, November 10 from 11:00 am to 13:00 pm in the first track at Cybersecurity Leadership Summit 2021. To give you a sneak preview of what to expect, we…

Blog

CSLS Speaker Spotlight: Twitter CISO Rinki Sethi on Transforming Security Culture

Rinki Sethi, Vice President and CISO at Twitter will discuss Transforming Security Culture in a Fireside Chat on Wednesday, November 11 starting at 17:40 pm at Cybersecurity Leadership Summit 2021. To give you a sneak preview of what to expect, we asked Rinki some questions about her…

Video

Analyst Chat #96: How to Combine Security And Convenience (EIC 2021 Special)

While moderating and speaking at KuppingerCole's flagship EIC 2021 event in Munich, Matthias also took the opportunity to sit down one-on-one with his fellow analysts in the conference studio for some EIC special analyst chat episodes. In the third and final special episode, Martin…

Blog

IT for the Digital Age: Introducing BASIS – Business-Driven Agile Secure IT as a Service

A paradigm for unified delivery of IT services to the business demand, based on automated, policy-based management, and supported by the unification of heterogeneous multi-cloud multi-hybrid IT environments following a services-based approach. Businesses need to reinvent themselves…

Video

Analyst Chat #92: How the Cybersecurity Market Is Evolving

Cybersecurity is one of the areas where virtually every business will need to invest because of ever-growing cyber risks and ever-tightening regulations, and in the post-Covid era, the cybsersecurity market continues to evolve and grow, having gained even greater importance. Warwick Ashford…

Video

Analyst Chat #88: What (and why) is XDR?

XDR (eXtended Detection & Response) solutions are an emerging category of security tools that are designed to consolidate and replace multiple point solutions. John Tolbert and Alexei Balaganski join Matthias and share their views on this market, the existing offerings, and how it might…

Blog

Dark Side Ransomware Attacks

Last week Colonial Pipeline, one of the largest pipelines in the US, was hit by a ransomware attack from the Dark Side cybercrime group. While many pertinent specifics about the attack are not known, FireEye and US Cybersecurity and Infrastructure Security Agency (CISA) have shed some light…

Blog

Why Digital Trust Is at the Top Of CXOs’ Agenda… Even if They Don’t Realise It

When thinking about the C-suite’s priorities, people tend to focus on growth, security, digital transformation or, more recently, keeping a remote workforce running. All of these aspects are important to keep the business profitable, remain at the forefront of innovation, maintain…

Video

Die Angriffsfläche Ihres Unternehmens aus den Augen eines Hackers

Mit zunehmender Digitalisierung und der Nutzung von Cloud-Services steigt das Angriffspotenzial auf die digitale Infrastruktur von Unternehmen. Hacker nutzen neuste Technologien, um Schwachstellen ausfindig zu machen und starten mit diesem Wissen Ihre Angriffe.

Video

Analyst Chat #73: Cybersecurity Vulnerabilities of Remote Work

Shikha Porwal and Matthias Reinwarth have a coffee conversation over the security risks of working remotely. They talk through the vulnerabilities of a home network, and touch base with the pandemic related end point security threats, employee behavior and finally, Zero trust.  

Video

Analyst Chat #72: WfH Global Technology Trends 2021

Annie and Matthias continue their conversation on the COVID-related trends in 2021. They conversate about different technology and internet usage trends, and also mention some potential topics that will become more prominent in the future as a learning from these trends.

Video

Jochen Fischer: SAP Applications Under Attack! How to Enforce the Three Lines of Defense

Video

Hernan Huwyler: Security and Governance Done Right

Video

Marco Hammel: How to Avoid Costly SAP Security Pitfalls. Why to Make Security Start With People and Not With Tools

Video

Analyst Chat #71: Cybercriminal Behavior in the COVID Era

While the world tries to cope up with the on-going pandemic, cybercriminals have got their hands on a gold mine. Annie and Matthias sit down again to chat about the overall picture of cyberattacks, including COVID-related lures.

Blog

OneTrust Acquisition of Convercent

OneTrust, provider of data privacy, security, and governance solutions has announced that it will acquire Convercent, an enterprise GRC solution with an ethics and compliance portal. Slotting itself as a strategic acquisition, the two companies will be aligning and merging their products to…

Blog

Time CISOs Stopped Trying to Speak to the Board?

I have been covering cybersecurity issues, first as a journalist then as an analyst, since 2006. In that 15 years I have heard the mantra that security is a boardroom issue hundreds of times. The subject has filled countless conference talks and media articles. It appears that the message…

Blog

Why Enterprises Are Choosing SOAR for SOCs

Security Orchestration, Automation, and Response (SOAR) platforms are attracting a lot of attention from many organizations, from enterprises to government agencies and even those on the upper end of Small-to-Mid-Sized Businesses (SMBs). The reason for this is clear: the cybersecurity…

Blog

Symphony Technology Group (STG) Acquires McAfee Enterprise Business

STG announced that they intend to acquire McAfee’s enterprise business for around $4B. The McAfee brand will continue to operate and focus on consumer cybersecurity. STG will pick up MVISION, Global Threat Intelligence, database security, unified endpoint security, CASB, CSPM, CWPP,…

Video

Analyst Chat #62: The SOCaaS Market Segment - A First Look

The Security Operations Center-as-a-Service (SOCaaS) market has emerged and continues to develop in response to demand for security monitoring, analysis, detection, response, and improvement recommendations either instead of or as a supplement to permanent on-premises SOCs. KuppingerCole…

Blog

Ivanti’s Zero Trust Journey

Ivanti has completed its acquisition of MobileIron and Pulse Secure. Ivanti, headquartered in Salt Lake City, had its roots in desktop management (LANDESK), evolved into endpoint and patch management, and had added full IT asset, service, and workspace management, as well as IAM…

Video

Zero Trust for the Workforce

While the concept of zero-trust networking is nearly a decade old, the last few years have seen its popularity in industry discussions grow exponentially.

Blog

We Are Detective: Data Scientists to the Rescue for Cybersecurity and Governance

If the line "We are detective" only reminds you of "guilty pleasure" radio songs from the 1980s, despite the fact that you are responsible for cybersecurity or compliance in your company, then you should read on. In any case, you probably should read on because this is a trend that is…

Hybrid Event

Nov 09 - 11, 2021: Cybersecurity Leadership Summit 2021

The Cybersecurity Leadership Summit brings together top security leaders to discuss latest trends and developments in the cyber space. CSLS goes beyond IT troubleshooting and primarily focusses on the managerial aspects of cybersecurity. The COVID-19 pandemic has unequivocally accelerated…

Whitepaper

Geistiges Eigentum schützen und gleichzeitig geschäftliche Agilität ermöglichen mit R&S®Trusted Gate von Rohde & Schwarz Cybersecurity

Viele Branchen, insbesondere diejenigen, die einerseits zusammenarbeiten und Informationen austauschen und andererseits mit streng vertraulichen Informationen und staatlicher Wirtschaftsspionage umgehen müssen - wie z.B. die Biowissenschaften, die Pharmaindustrie oder die Biotechnologie - ,…

Blog

Cybersecurity Awareness – Are We Doing Enough?

It’s October and it means that we are having the European Cybersecurity Month again. ECSM is the European Union’s annual campaign dedicated to promoting cybersecurity among EU citizens and organizations. To be completely honest, I do not remember it being much of a thing in…

Advisory Note

Architecting your Security Operations Centre

A security operations centre (SOC) is a dedicated team, usually operating 24x365, to detect and respond to cybersecurity incidents within your organisation that potentially affect your people and systems. Architecting your SOC properly in terms of technology, processes, people and a close…

Video

The Role of Data-Centric Security in the Cloud

As modern businesses across all verticals continue their rapid digitalization, the need to store, process and exchange data securely is becoming an essential factor for any company. However, this is particularly challenging for high-tech companies dealing with highly-sensitive R&D data.

Video

Die Demokratisierung der Cybersicherheit

Im Laufe der vergangenen Jahrzehnte haben Unternehmen vielen Anstrengungen auf sich genommen, um ihre IT-Sicherheit zu verbessern und so ihre Daten und Netzwerke zu schützen. Eine Konsequenz daraus wird immer deutlicher sichtbar: CISOs und ihre Teams müssen sich um eine (zu)…

Webinar

Dec 01, 2020: Zero Trust for the Workforce

While the concept of zero-trust networking is nearly a decade old, the last few years have seen its popularity in industry discussions grow exponentially.

Blog

10 Use Cases for Universal Privilege Management

Even before COVID-19 entered our lexicon, privileged access management (PAM) was widely recognized as a foundational cybersecurity technology. In recent years, almost every cyberattack has involved compromised or misused privileges/privileged credentials. Most malware needs privileges to…

Blog

AI-Powered Data for All – Informatica's Acquisition of GreenBay Technologies

Informatica has just announced that they have made another acquisition this summer: GreenBay Technologies, a startup focused on AI and machine learning. Read about their July 2020 acquisition here. GreenBay Technologies brings CloudMatcher to Informatica’s Intelligent Data Platform…

Blog

A Look at NIST’s Zero Trust Architecture

NIST, the US National Institute for Standards and Technology, recently released SP 800-207 Zero Trust Architecture. The NIST special publication examines the principles of and motivations for ZTA, as well as implementation considerations, security concerns, and suggestions for improvements…

Webinar

Sep 28, 2020: The Role of Data-Centric Security in the Cloud

As modern businesses across all verticals continue their rapid digitalization, the need to store, process and exchange data securely is becoming an essential factor for any company. However, this is particularly challenging for high-tech companies dealing with highly-sensitive R&D data.

Video

Remote Work and IAM – A Unique Opportunity for Security Leaders

Nowadays, Identity and Access Management (IAM) is undeniably the first line of defense for organizations worldwide. It enables employees to securely access applications while enhancing control and transparency. But IAM is also on the change. It is already more than just the traditional…

Video

Analyst Chat #33: Vendor Consolidation in Cybersecurity

Matthias Reinwarth and Jonh Tolbert discuss the ongoing consolidation of the cybersecurity market and talk about its reasons and potential consequences.

Video

Security Fabric: Building a Secure Future With a Flexible IT Architecture

IT security is of central importance to companies. There are many requirements that must be met so that users with different roles and rights can use the various computers and networks securely and efficiently.

Blog

The Latest Twitter “Hack” Raises Inconvenient Questions

It looks like the whole world is currently talking (at least, tweeting) about the latest large-scale Twitter hack. High profile accounts of the likes of Barack Obama, Joe Biden, Bill Gates, and Jeff Bezos, as well as companies like Apple or Uber, were suddenly promoting a cryptocurrency…

Webinar

Sep 10, 2020: Die Demokratisierung der Cybersicherheit

Im Laufe der vergangenen Jahrzehnte haben Unternehmen vielen Anstrengungen auf sich genommen, um ihre IT-Sicherheit zu verbessern und so ihre Daten und Netzwerke zu schützen. Eine Konsequenz daraus wird immer deutlicher sichtbar: CISOs und ihre Teams müssen sich um eine (zu) große Zahl an…

Video

Analyst Chat #25: The Cargo Cult of Cybersecurity

Matthias Reinwarth and Alexei Balaganski talk about the reasons many companies are still failing to protect themselves from cyberattacks and data breaches even after spending so much on security tools.

Blog

Security Fabric: Investing in the Right Architecture for a Secure Future

Modern and hybrid operating models, Software-as-a-Service, regulatory requirements, working from home, various types of internal and external users, and the phenomenon of BYOD (bring your own device) are challenges we have to face today. Such challenges are constantly emerging, which demands…

Webinar

Jul 23, 2020: Remote Work and IAM – A Unique Opportunity for Security Leaders

Nowadays, Identity and Access Management (IAM) is undeniably the first line of defense for organizations worldwide. It enables employees to securely access applications while enhancing control and transparency. But IAM is also on the change. It is already more than just the traditional…

Video

Analyst Chat #23: When is a Security Product not a Security Product?

Matthias Reinwarth and John Tolbert talk about profound implications of security products not having their administrative interfaces sufficiently secured with technologies like multi-factor authentication.

Webinar

Jul 22, 2020: Security Fabric: Building a Secure Future With a Flexible IT Architecture

IT security is of central importance to companies. There are many requirements that must be met so that users with different roles and rights can use the various computers and networks securely and efficiently.

Video

Cybersecurity Investment Priorities - Set Your Focus Right

Blog

Cybersecurity Investment Priorities - Portfolio Optimization

Video

Cybersecurity Investment Priorities - Portfolio Optimization

Blog

Microsoft Adding New Capabilities to Azure Active Directory

Over the past years, Microsoft has spent significant effort to make Azure Active Directory (Azure AD) the central platform for identities in Microsoft environments and beyond. Microsoft now announced several new capabilities that help to support further use cases. New features in Azure AD…

Blog

KuppingerCole Analyst Chat: The Alphabet Soup of Security Analytics

Matthias Reinwarth and Alexei Balaganski discuss the plethora of acronyms for security analytics solutions: from SOC and SIEM to UEBA and SOAR.

Video

Analyst Chat #14: The Alphabet Soup of Security Analytics

Matthias Reinwarth and Alexei Balaganski discuss the plethora of acronyms for security analytics solutions: from SOC and SIEM to UEBA and SOAR.

Video

Analyst Chat #13: Cybersecurity Portfolio Optimization

Matthias Reinwarth and Christopher Schütze talk about how to efficiently identify and rate your investments into Cybersecurity.

Blog

3 Steps to Improve Your Cybersecurity with Enterprise Risk Management

If you start considering the topic of cybersecurity in your company, you’ll quickly realize that there are many facets. In traditional companies, IT has grown in parallel to meet the requirements in digitization and production in a timely manner. These traditional companies and their…

Blog

Why BCM/BCRM and Cybersecurity Must Converge

Video

Why BCM/BCRM and Cybersecurity Must Converge

Blog

KuppingerCole Analyst Chat: How to Ensure Your Video Conference’s Security

Matthias Reinwarth and Martin Kuppinger discuss the measures necessary for securing your favorite online communication platform.

Video

Analyst Chat #11: How to Ensure Your Video Conference’s Security

Matthias Reinwarth and Martin Kuppinger discuss the measures necessary for securing your favorite online communication platform.

Blog

Security Should Not Become a "Business Disabler"

Video

Security Should Not Become a "Business Disabler"

Blog

CoronaApp: Time to Act Now, Not to Talk

Kuppingercole's Principal Analyst Martin Kuppinger gives his opinion on problems and arguments surrounding various apps for tracking the spread of the virus. And privacy is not the biggest challenge here... You can watch his speech in English or in German below.

Video

CoronaApp: Time to Act Now, Not to Talk

Kuppingercole's Principal Analyst Martin Kuppinger gives his opinion on problems and arguments surrounding various apps for tracking the spread of the virus. And privacy is not the biggest challenge here...

Blog

Cybersecurity of Tomorrow: Delivered Entirely From the Cloud

As businesses embrace the Digital Transformation and become increasingly cloud-native, mobile and interconnected, the corporate network perimeter is gradually disappearing, exposing users to malware, ransomware, and other cyber threats. Traditional perimeter security tools no longer provide…

Blog

Sind die BSI Richtlinien für Gesundheitsanwendungen richtig und ausreichend?

Nie war Digital Healthcare so wichtig wie heute, in Zeiten von COVID-19. Das Bundesamt für Sicherheit in der Informationstechnik (BSI) hat eine Richtlinie für sichere Anwendungen im Gesundheitswesen vorgestellt. Richtig und wichtig, auch Security by Design und Privacy by Design…

Blog

Zero Trust Paradigm for the Future of Security

Martin Kuppinger explains the meaning behind the popular buzzword.

Blog

KuppingerCole Analyst Chat: Five Key Topics for Cybersecurity

Matthias Reinwarth and Martin Kuppinger identify the key topics for cybersecurity in the times of crisis. Get a complete overview on Business Resilience Management for free and read the Analyst Advice from Senior Analyst Warwick Ashford!

Video

Analyst Chat #6: Five Key Topics for Cybersecurity

Matthias Reinwarth and Martin Kuppinger identify the key topics for cybersecurity in the times of crisis. Get a complete overview on Business Resilience Management for free and read the Analyst Advice from Senior Analyst Warwick Ashford!

Blog

KuppingerCole Analyst Chat: Beyond Prevention - the Bigger Picture of Cyber Security

Matthias Reinwarth and Christopher Schütze are taking a look at five different phases of cyber security.

Video

Analyst Chat #5: Beyond prevention - The Bigger Picture of Cyber Security

Matthias Reinwarth and Christopher Schütze are taking a look at five different phases of cyber security.

Blog

AI Landscape: More Complicated Than You Might Have Thought

I’m by no means an AI expert. Sure, I’ve been following the topic with much curiosity ever since reading an article about thinking machines back in 1990. Also, having a degree in mathematics sometimes helps to understand certain technicalities behind product labels. Still,…

Blog

KuppingerCole Analyst Chat: Setting Your Cybersecurity Priorities Right

Matthias Reinwarth and Martin Kuppinger explain what you could be doing wrong with regards to cybersecurity priorities.

Video

Analyst Chat #4: Setting Your Cybersecurity Priorities Right

Matthias Reinwarth and Martin Kuppinger explain what you could be doing wrong with regards to cybersecurity priorities.

Blog

KuppingerCole Analyst Chat: Cybersecurity in the Enterprises in the Age of WFH

Matthias Reinwarth and Martin Kuppinger are discussing the security challenges enterprises are now facing with the majority of employees working from home.

Video

Analyst Chat #2: Cybersecurity in the Enterprises in the Age of WFH

Matthias Reinwarth and Martin Kuppinger are discussing the security challenges enterprises are now facing with the majority of employees working from home.

Blog

Was die IT in der Krise NICHT machen sollte

Martin Kuppinger spricht über die Dinge, die IT-Teams in der Krise in jedem Fall vermeiden sollten.

Video

Was die IT in der Krise NICHT machen sollte

Martin Kuppinger spricht über die Dinge, die IT in jedem Fall in der Corona-Krise vermeiden sollte.

Blog

Top 5 Work from Home Cybersecurity Recommendations for Enterprises

Today, Lead Analyst John Tolbert gives his five work from home cybersecurity recommendations for enterprises.

Video

Data Sovereignty in Public Clouds

Just a few years ago, IT infrastructures resembled medieval fortresses: Firewalls, intrusion prevention systems and anti-virus programs were supposed to ward off attacks even before the attacker  could enter.

Video

Top 5 Work from Home Cybersecurity Recommendations for Enterprises

John Tolbert is talking about the current situation with regards the pandemic crisis and the cybersecurity-related things to consider for enterprises.

Blog

Die fünf wichtigsten Cybersecurity Maßnahmen für Unternehmen in Zeiten des Home Office

Martin Kuppinger spricht in seinem Video über die wichtigsten Cybersecurity-Maßnahmen für Unternehmen während der Corona-Pandemie.

Video

Die fünf wichtigsten Cybersecurity Maßnahmen für Unternehmen in Zeiten des Home Office

Martin Kuppinger spricht über die wichtigsten Cybersecurity-Maßnahmen für Unternehmen während der Corona-Pandemie.  

Blog

Top 5 Work from Home Cybersecurity Recommendations for Enterprises

As the business world moves to rapidly enable work-from-home (WFH), enterprise IT teams need to shift resources and priorities to ensure that remote workers are protected. Already we see malicious actors adapting and targeting remote workers more. My colleague Alexei Balaganski published a…

Blog

Malicious Actors Exploiting Coronavirus Fears

Security researchers are discovering a number of malicious attacks designed to exploit public fears around COVID-19, more commonly just called coronavirus. The attacks to date take two major forms: a map which looks legitimate but downloads #malware, and various document attachments that…

Video

Holen Sie sich das SIEM, das Sie schon immer wollten: intelligent, automatisiert, mit unbegrenzter Kapazität

Vor 15 Jahren wurden Security-Information-and-Event-Management-Produkte (SIEM) als die ultimative Lösung für alle Sicherheitsprobleme in Unternehmen gefeiert, und das nicht ohne Grund: Schließlich ist die zentrale Erfassung und Verwaltung sicherheitsrelevanter Daten…

Webinar

Mar 26, 2020: Data Sovereignty in Public Clouds

Just a few years ago, IT infrastructures resembled medieval fortresses: Firewalls, intrusion prevention systems and anti-virus programs were supposed to ward off attacks even before the attacker  could enter.

Blog

Top 5 Recommendations for Reducing Cyber Risks in 2020

The turn of the year has been an occasion for many cybersecurity news outlets to talk about trends and challenges in cybersecurity. Despite the importance of knowing what the trends and challenges are, we want to give you some hands-on recommendations to increase security for your company.…

Blog

Why C-SCRM Is Becoming so Essential for Your Digital Business

The current discussion around Huawei and whether or not it should be endorsed as a supplier for 5G mobile network hard- and software has reminded us on how dependent we are on the integrity and reliability of such manufacturers and how difficult it is to trust their products if they are…

Video

Cybersecurity Trends and Challenges 2020

Digitalization evolves with the increased use of microcomputers in everyday objects like cars and smart fridges, but also in industrial applications. Therefore, communication between devices is growing accordingly. While connecting devices is supposed to make our lives easier, it poses a…

Blog

Three Critical Elements Required to Close the Cybersecurity Skills Gap

The status on cybersecurity is fairly clear: 82% of employers report that their cybersecurity skills are not enough to handle the rising number of cyber incidents (Center for Strategic & International Studies, 2019. The Cybersecurity Workforce Gap). There is a gap – a gap between…

Virtual Academy KC Master Class

Feb 18, 2020: Incident Response Management

In this KC Master Class you learn how to react adequately when a cyberattack has occurred in your company. Our analysts will prepare you for this worst case scenario by showing you how to rate risks realistically and integrate these ratings into your general incident response strategy. This…

Blog

The C5:2020 - A Valuable Resource in Securing the Provider-Customer Relationship for Cloud Services

KuppingerCole has accompanied the unprecedented rise of the cloud as a new infrastructure and alternative platform for a multitude of previously unimaginable services – and done this constructively and with the necessary critical distance right from the early beginnings (blog post from…

Video

Improve Security With Critical Infrastructures Requirements

Organizations or institutions that are essential for the public are called Critical Infrastructures (KRITIS = “Kritische Infrastrukturen”). As such, they are subject to comprehensive and strict legal regimes consisting of laws and regulations. Their failure or significant…

Blog

The Next Best Thing After "Secure by Design"

There is an old saying that goes like this: “you can lead a horse to water, but you can’t make it drink”. Nothing personal against anyone in particular, but it seems to me that it perfectly represents the current state of cybersecurity across almost any industry. Although…

Blog

Quantum Computing and Data Security - Pandora's Box or a Good Opportunity?

Not many people had heard of Schroedinger's cat before the CBS series "The Big Bang Theory" came out. Dr. Sheldon Cooper used this thought experiment to explain to Penny the state of her relationship with Lennard. It could be good and bad at the same time, but you can't be sure until you've…

Blog

Proper Patch Management Is Risk-Oriented

With regard to cybersecurity, the year 2020 kicks off with considerable upheavals. Few days ago, my colleague Warwick wrote about the security problems that arise with some of Citrix's products and that can potentially affect any company, from start-ups and SMEs to large corporations and…

Webinar

Feb 18, 2020: Holen Sie sich das SIEM, das Sie schon immer wollten: intelligent, automatisiert, mit unbegrenzter Kapazität

Vor 15 Jahren wurden Security-Information-and-Event-Management-Produkte (SIEM) als die ultimative Lösung für alle Sicherheitsprobleme in Unternehmen gefeiert, und das nicht ohne Grund: Schließlich ist die zentrale Erfassung und Verwaltung sicherheitsrelevanter Daten über alle IT-Systeme…

Blog

More SEs + TEEs in Products = Improved Security

Global Platform announced in 4Q2019 that more than 1 billion TEE (Trusted Execution Environment) compliant devices shipped in 2018, and that is a 50% increase from the previous year. Moreover, 6.2 billion SEs (Secure Elements) were shipped in 2018, bringing the total number of SEs…

Blog

The 20-Year Anniversary of Y2K

The great non-event of Y2K happened twenty years ago. Those of us in IT at that time weren’t partying like it was 1999, we were standing by making sure the systems we were responsible for could handle the date change. Fortunately, the hard work of many paid off and the entry into the…