Zero Trust

Analyst Chat #86: Zero Trust Means Zero Blind Spots

The path toward a Zero Trust architecture to improve cybersecurity for modern enterprises in a hybrid IT landscape often seems overly complex and burdensome. Alexei Balaganski is this week's chat partner for Matthias and he draws attention to an often overlooked benefit of such an…

Zero Trust Through Identity-Based Segmentation

As workers become more mobile and workloads move into the cloud, the traditional model of enforcing security at the network perimeter becomes ineffective. A Zero Trust model of strict identity verification and access control for every user or workload offers an alternative that secures data…

Zero Trust Means Zero Blind Spots

The traditional model of enforcing security at the network perimeter is no longer effective. The nature of the corporate network is changing with mobile and cloud computing. A Zero Trust model offers an alternative that secures data while ensuring it is accessible to employees, regardless…

Access Management Trends Towards a Zero-Trust Paradigm

Organizations around the world have been rapidly modernizing their access management infrastructures in response to increased cyber-attacks and data breaches, enactment of security and privacy regulations, and a shift to remote working. Access management modernization is quick shift away…

Technological Approaches to a Zero Trust Security Model

The traditional model of enforcing security at the network perimeter is no longer valid as employees, devices and workloads move outside the corporate network. A Zero Trust model offers an alternative that secures data while ensuring it is accessible from wherever employees are working. But…

Cloud Codes of Conduct Get the EU Green Light, but More Is Still Needed

Green Light On May 20th, 2021 it was announced that the EU Cloud Code of Conduct had received official approval by the Belgian Data Protection Authority, following the positive opinion issued by the European Data Protection Board.  At the same time, the European Data Protection…

Finding Your Path to Zero Trust

As users, devices and application workloads move outside the corporate network, the traditional model of enforcing security at the network perimeter is no longer effective. A Zero Trust model offers an alternative that secures data while ensuring it is accessible to employees, regardless of…

Panel: No Zero Trust Without Strong IAM - What You Need in IGA and Beyond for Enabling Zero Trust

Martin Kuppinger: Modern IGA Capabilities & Zero Trust Identity

IGA in a World of Zero Trust

Zero Trust is a key paradigm for cybersecurity today, used well beyond the security circles. The goal is building cybersecurity that “never (blindly) trusts”, but “always verifies.” This traditionally meant verifying Who has access to What resource. In the past, the…

Analyst Chat #73: Cybersecurity Vulnerabilities of Remote Work

Shikha Porwal and Matthias Reinwarth have a coffee conversation over the security risks of working remotely. They talk through the vulnerabilities of a home network, and touch base with the pandemic related end point security threats, employee behavior and finally, Zero trust.  

Maturing a Zero-Trust Strategy for the Extended Enterprise

In the digital era, a 20th century perimeter-based approach to security is no longer appropriate or effective in securing the modern extended enterprise. Instead, a more flexible, identity-based approach is required that can be implemented at every layer of IT, from devices and networks to…

Analyst Chat #64: Applying The Zero Trust Principle To The Software Supply Chain

Martin Kuppinger is one of the founders and the principal analyst of KuppingerCole and he is steering the overall development of the topics covered in KC's research, events and advisory. He joins Matthias to talk about the importance of extending Zero Trust to cover software security, for…

Insights of a CISO: Interview with Thomas Malta

Panel - Zeroing in on Zero Trust: A Paradigm Shift in Cybersecurity

Dimitri Lubenski, Dr. Jan Herrmann: The Role of IAM within Zero Trust Architectures at Siemens

Rebecca Nielsen: What is Strong Authentication in a Zero Trust Environment

Scott Rose: Zero Trust 101

Filipi Pires: Trust or Not Trust? Is there new mindset about CyberSecurity using Zero Trust?

Henk Marsman: From Trust to Zero - Lessons from Halfway in a Large Enterprise Environment

Panel - Zero Trust in the Enterprise

Eleni Richter: Zero Trust Use Cases

Roger Halbheer: Zero Trust - Security Through a Clearer Lens

Join us to understand how Zero Trust transforms your security strategy and makes you more resilient to a range of attacks. We will share a roadmap for leaders, architects, and practitioners, as well as talk about some quick wins and incremental progress on this journey.

Paul Simmonds: Alignment of Zero Trust with Business Strategy

Expert Chat: Interview with Stefan Würtemberger

Matthias Reinwarth: Zero Trust for Reducing the Risks of Security Incidents

John Tolbert: Zero Trust for Reducing the Risks of Security Incidents

Bryan Meister: Navigating Enterprise Enablement and Zero Trust

The Next Level of Zero Trust: Software Security and Cyber Supply Chain Risk Management

The recent SolarWinds incident has shed a light on an area of cybersecurity that is not frequently in focus. Better said, it is “again has shed a light”, if we remember the Heartbleed incident that happened back in 2014. Back then, my colleague Alexei Balaganski wrote in a blog…

Zero Trust: We’re Nowhere Near the End of the Story Yet

Oh, how time flies! It seems that the whole story of Zero Trust as a revolutionary concept for designing computer networks began just yesterday, but it’s been over a decade already. In fact, the very idea that was later somewhat awkwardly named “de-perimeterization” was…

The Evolution of Access Control

The purpose of an identity management system is to support access control to an organization’s sensitive systems and protected resources. Contemporary access control has progressed from static entitlements, still used in many organisations. Not only manual interventions are necessary…

The Non-Zero Elements of Zero Trust

The ongoing SolarWinds incident illustrates that the much-lauded Zero Trust security paradigm is, in fact, based on trust. Zero Trust is about authenticating and authorizing every action within a computing environment. It is putting the principle of least privilege into action. In an ideal…

Making Zero Trust Work With the NIST Framework

There’s lots of hype around Zero Trust Security in the context of our changing mobile and cloud-centric working environments. Moving towards a modern and agile Zero Trust security concept is essential in today's mobile first, work-securely-from-anywhere world.

Feb 17, 2021: Making Zero Trust a Reality

Join the KCLive Event on Zero Trust on February, 17, 2021 to gain expert insights that help you to successfully implement Zero Trust in your organization.

Ivanti’s Zero Trust Journey

Ivanti has completed its acquisition of MobileIron and Pulse Secure. Ivanti, headquartered in Salt Lake City, had its roots in desktop management (LANDESK), evolved into endpoint and patch management, and had added full IT asset, service, and workspace management, as well as IAM…

Zero Trust for the Workforce

While the concept of zero-trust networking is nearly a decade old, the last few years have seen its popularity in industry discussions grow exponentially.

Analyst Chat #56: The Project Road Towards Zero Trust - What to Do and Where to Start

This podcast has already looked at the Zero Trust concept as a challenging architectural paradigm for security and an important component of modern and future-oriented security architectures from various angles. This time Christopher and Matthias focus on a phased project approach towards…

Cisco Zero Trust Security

Cisco’s approach towards Zero Trust combines several foundational access policy solutions for securing your workforce, workloads and workspace with a broad range of additional security products to ensure complete visibility, protection, and compliance throughout the whole enterprise.

Analyst Chat #55: What Keeps Organizations From Adopting Zero Trust

The Zero Trust concept comes with the promise to adequately secure our modern, hybrid IT world at any time and any place. Manufacturers, consultants and even analysts agree as rarely as they do that this changed architectural paradigm is an important component of modern and future-oriented…

The Interplay between Zero Trust and IAM

Martin Kuppinger and Danna Bethlehem, Director of Product Marketing at Thales discuss their perspectives on the interplay of Zero Trust and Identity and Access Management.

Jan 26, 2021: The Evolution of Access Control

The purpose of an identity management system is to support access control to an organization’s sensitive systems and protected resources. Contemporary access control has progressed from static entitlements, still used in many organisations. Not only manual interventions are necessary to…

Data-Driven Decision Making for Identity Security

Symantec Enterprise: With more informed decisions comes more automated security. In today’s Zero Trust world, where the principle of least privilege is ubiquitous, enterprises are struggling to balance security while simultaneously enabling a highly agile business environment. There…

Dec 16, 2020: Making Zero Trust Work With the NIST Framework

There’s lots of hype around Zero Trust Security in the context of our changing mobile and cloud-centric working environments. Moving towards a modern and agile Zero Trust security concept is essential in today's mobile first, work-securely-from-anywhere world.

Dec 01, 2020: Zero Trust for the Workforce

While the concept of zero-trust networking is nearly a decade old, the last few years have seen its popularity in industry discussions grow exponentially.

Analyst Chat #41: NIST’s Zero Trust Architecture

John Tolbert and Matthias Reinwarth look at SP 800-207, the NIST special publication on Zero Trust architecture and discuss how it aligns with KuppingerCole's own vision of this topic (spoiler: it does align very well!)

A Look at NIST’s Zero Trust Architecture

NIST, the US National Institute for Standards and Technology, recently released SP 800-207 Zero Trust Architecture. The NIST special publication examines the principles of and motivations for ZTA, as well as implementation considerations, security concerns, and suggestions for improvements…

We Need to Talk About Passwords – Urgently!

Passwords have been used for authentication for decades and continue to proliferate. Yet we know they create friction for users, slow down business productivity, and are a weak form of user authentication. Users are always forgetting them or use weak passwords that are easily cracked by…

Jul 28, 2020: We Need to Talk About Passwords – Urgently!

Passwords have been used for authentication for decades and continue to proliferate. Yet we know they create friction for users, slow down business productivity, and are a weak form of user authentication. Users are always forgetting them or use weak passwords that are easily cracked by…

Analyst Chat #18: Zero Trust from the Cloud

Matthias Reinwarth and Alexei Balaganski look at the potential alternatives to VPNs and security gateways.

KuppingerCole Analyst Chat: Zero Trust as a Concept for … Trust and Security

Matthias Reinwarth and Martin Kuppinger dispel a few myths about Zero Trust.

Analyst Chat #15: Zero Trust as a Concept for … Trust and Security

Matthias Reinwarth and Martin Kuppinger dispel a few myths about Zero Trust.

Access all Apps with Azure AD: A Single Identity Solution for Secure Access

Most businesses already rely on Azure Active Directory for secure, seamless access to Microsoft services like Office 365 and Azure. But with more applications being used than ever before, organizations are asking themselves what bigger role Azure Active Directory can play in securing their…

Zero Trust Paradigm for the Future of Security

Martin Kuppinger explains the meaning behind the popular buzzword.

Zero Trust Paradigm for the Future of Security

Martin Kuppinger explains the meaning behind the popular buzzword.

Apr 29, 2020: Access all Apps with Azure AD: A Single Identity Solution for Secure Access

Most businesses already rely on Azure Active Directory for secure, seamless access to Microsoft services like Office 365 and Azure. But with more applications being used than ever before, organizations are asking themselves what bigger role Azure Active Directory can play in securing their…

What Does the Future Hold for Passwordless Authentication and Zero Trust?

Enterprises of all types face a growing number of cyber threats today. Studies show that most data breaches begin with compromised passwords. Moreover, password management is expensive and not user-friendly. Enterprise workforce users are driving the consumerization of IT. They want the…

Mar 05, 2020: What Does the Future Hold for Passwordless Authentication and Zero Trust?

Enterprises of all types face a growing number of cyber threats today. Studies show that most data breaches begin with compromised passwords. Moreover, password management is expensive and not user-friendly. Enterprise workforce users are driving the consumerization of IT. They want the same…

Executive View: Akamai Zero Trust Security - 80054

Akamai’s Intelligent Edge Platform offers a broad range of access management, threat protection, and application security services that will support you in your journey to Zero Trust, making it safe, scalable and easy to manage – delivered entirely from the cloud.

The Passwordless Enterprise: Building A Long-Term Zero Trust Strategy

“The password is dead.” We have heard this statement for at least a decade, yet even in 2019, data breaches based on stolen user credentials continue to dominate the headlines. Why do passwords so stubbornly refuse to die?

Jul 11, 2019: The Passwordless Enterprise: Building A Long-Term Zero Trust Strategy

“The password is dead.” We have heard this statement for at least a decade, yet even in 2019, data breaches based on stolen user credentials continue to dominate the headlines. Why do passwords so stubbornly refuse to die?

Building Trust by Design

Trust has somehow become a marketing buzzword recently. There is a lot of talks about “redefining trust”, “trust technologies” or even “trustless models” (the latter is usually applied to Blockchain, of course). To me, this has always sounded……

Solving New Authentication Challenges While Finding Parity Between User Experience and Security

In an increasingly hostile world, where you don't know who to trust, companies still need to be able to deliver trusted, personalized experiences for users, without making them jump through hoops to prove who they are.

Oct 08 - 10, 2019: CyberNext Summit 2019

Cybersecurity is shifting toward more distributed and dynamic models. Decentralized security infrastructure brings its challenges and opportunities. CyberNext Summit (#CNS19) will focus on the capabilities needed to achieve security in such a distributed environment, especially in the…

Jan 15, 2019: Solving New Authentication Challenges While Finding Parity Between User Experience and Security

In an increasingly hostile world, where you don't know who to trust, companies still need to be able to deliver trusted, personalized experiences for users, without making them jump through hoops to prove who they are.

Zero Trust Reality Check: Secure Access for Hybrid IT

Workforce mobility and widespread adoption of distributed data center and cloud environments have introduced significant access control complexities and threats. Organizations are questioning the efficacy of conventional, perimeter-based defenses and are now evaluating a “trust but…

Buying Into Zero Trust? What You Need to Consider to Be Successful

As organizations take on the digital transformation, trends such as mobility, proliferation of SaaS applications and cloud infrastructure are driving up the number of connected entities and devices increasing the attack surface. With the spate of recent acquisitions in the market looking to…

Making Sense of the Top Cybersecurity Trends

With each passing year, the CISO’s job is not becoming any easier. As companies continue embracing the Digital Transformation, the growing complexity and openness of their IT infrastructures mean that the attack surface for hackers and malicious insiders is increasing as well. Combined…

Nov 15, 2018: Zero Trust Reality Check: Secure Access for Hybrid IT

Workforce mobility and widespread adoption of distributed data center and cloud environments have introduced significant access control complexities and threats. Organizations are questioning the efficacy of conventional, perimeter-based defenses and are now evaluating a “trust but verify”…

Sep 27, 2018: Making Sense of the Top 5 Latest Cybersecurity Trends

Let’s face it: with each passing year, the CISO’s job is not becoming any easier. As companies continue embracing the Digital Transformation, the growing complexity and openness of their IT infrastructures mean that the attack surface for hackers and malicious insiders is increasing as well.…

Oct 11, 2018: Buying Into Zero Trust? What You Need to Consider to Be Successful

As organizations take on the digital transformation, trends such as mobility, proliferation of SaaS applications and cloud infrastructure are driving up the number of connected entities and devices increasing the attack surface. With the spate of recent acquisitions in the market looking to…

Dr. Torsten George - Zero Trust: Solving IT Security’s Identity Crisis

Although companies are constantly increasing their cybersecurity budgets, this does not seem to help much: each day we learn about new large-scale data breaches. Considering that over 80% of hacking-related breaches leverage compromised user credentials, it’s mindboggling why so many…

Zero Trust: Solving IT Security’s Identity Crisis

Although companies are constantly increasing their cybersecurity budgets, this does not seem to help much: each day we learn about new large-scale data breaches. Considering that over 80% of hacking-related breaches leverage compromised user credentials, it’s mindboggling why so many…

May 03, 2018: Zero Trust: Solving IT Security’s Identity Crisis

Although companies are constantly increasing their cybersecurity budgets, this does not seem to help much: each day we learn about new large-scale data breaches. Considering that over 80% of hacking-related breaches leverage compromised user credentials, it’s mindboggling why so many…