Governance, Organization & Policies

Conference

CyberNext Summit 2019

Cybersecurity is shifting toward more distributed and dynamic models. Decentralized security infrastructure brings its challenges and opportunities. CyberNext Summit (#CNS19) summit will focus on the capabilities needed to achieve security in such a distributed environment, especially in the…

Congress

European Identity & Cloud Conference 2019

Come to the place where the Digital Transformation is happening. The European Identity & Cloud Conference, held from May 14-17, 2019, offers a mixture of best practice discussions, visionary presentations, and networking opportunities with a future-oriented community. More than 800 thought…

Blog

Cybersecurity Leadership Summit Berlin 2018 - Review

This month we launched our Cybersecurity Leadership Summit in Berlin. A pre-conference workshop entitled “Focusing Your Cybersecurity Investments: What Do You Really Need for Mitigating Your Cyber-risks?” was held on Monday. The workshop was both business-oriented and technical…

Webcast

Zero Trust Reality Check: Secure Access for Hybrid IT

Workforce mobility and widespread adoption of distributed data center and cloud environments have introduced significant access control complexities and threats. Organizations are questioning the efficacy of conventional, perimeter-based defenses and are now evaluating a “trust but…

Webcast

Fine-Grained Policy-Based Access Control: Why & How?

Mastering authorization is critical for modern organizations with multiple user constituencies, applications, and data types. Authorization has become a crucial part of security infrastructures and can no longer be considered just another feature of existing IAM solutions. Instead,…

Leadership Brief

Leadership Brief: Mit den VAIT zu einer transparenteren Versicherungs-IT - 79081

Mit dem im Juli 2018 final vorgelegten Dokument „Versicherungsaufsichtliche Anforderungen an die IT“ (VAIT) gibt die BaFin (Bundesanstalt für Finanzdienstleistungsaufsicht) Versicherungsunternehmen konkretere Vorgaben für die Umsetzung ihrer Geschäftsprozesse…

Webinar

Nov 15, 2018: Zero Trust Reality Check: Secure Access for Hybrid IT

Workforce mobility and widespread adoption of distributed data center and cloud environments have introduced significant access control complexities and threats. Organizations are questioning the efficacy of conventional, perimeter-based defenses and are now evaluating a “trust but verify”…

Blog

Intelligente Governance jenseits von Auditoren und regulatorischen Anforderungen

Es kann viele Gründe geben, warum ein Unternehmen eine Initiative zur Verbesserung seiner Informationssicherheit ergreift. Es gibt jedoch einen spezifischen Grund, der sich immer wieder wiederholt: "Weil die Auditoren das sagen, müssen wir....". Die Realität und die hieraus…

Blog

Intelligent Governance Beyond Auditors and Regulatory Requirements

There can be many reasons why a company takes an initiative to improve its information security. However, there is one specific reason that repeats itself time and again: "Because the auditors say that, we have to..." The reality and the resulting logic have so far often been as follows:…

Webcast

Prepare for PSD2 with Strong Customer Authentication, Fraud Risk Management and Open Banking APIs

Banks will soon have to comply with the Revised Payment Service Directive, commonly called "PSD2." The directive will introduce massive changes to the payments industry and radically alter the user experience for customers of European banks by allowing third party payment service providers…

Webinar

Oct 18, 2018: Fine-Grained Policy-Based Access Control: Why & How?

Mastering authorization is critical for modern organizations with multiple user constituencies, applications, and data types. Authorization has become a crucial part of security infrastructures and can no longer be considered just another feature of existing IAM solutions. Instead,…

Whitepaper

Whitepaper: Preparing for PSD2 technical requirements using RSA solutions - 79062

The Revised Payment Service Directive (PSD2) will drive many changes in technical infrastructure at financial institutions across Europe.  Banks and other financial service providers must quickly prepare for PSD2. RSA provides foundational technical capabilities in their SecurID,…

Executive View

Executive View: TechDemocracy Intellicta - 70362

A software platform designed to achieve a holistic assessment of an organization’s cybersecurity, compliance, risk and governance status by establishing risk governance, resilience and protection from cyber threats through the deployment of a standards-based risk governance framework.

Advisory Note

Advisory Note: Big Data Security, Governance, Stewardship - 72565

An ever-increasing number of devices, sensors and people are connected to the global internet and generate data.  The analysis of this data can help organizations to improve their effectiveness and make better decisions.  However, there are concerns over the trustworthiness of the…

Webinar

Sep 13, 2018: Prepare for PSD2 with Strong Customer Authentication, Fraud Risk Management and Open Banking APIs

Banks will soon have to comply with the Revised Payment Service Directive, commonly called "PSD2." The directive will introduce massive changes to the payments industry and radically alter the user experience for customers of European banks by allowing third party payment service providers…

Executive View

Executive View: One Identity Safeguard - 79042

One Identity is one of the leading vendors in the field of IAM. With their recent acquisition of Balabit and the integration of their Privilege Management offerings into the Safeguard product portfolio, the company positions itself among the leaders in the Privilege Management market,…

Executive View

Executive View: RSA® Identity Governance and Lifecycle - 71052

RSA Identity Governance and Lifecycle is a complete solution for managing digital identities and their access, both inside and outside the enterprise. The RSA solution covers all aspects of governance from attestations to policy exceptions and identity lifecycle, from provisioning to…

Advisory Note

Buyer's Guide: Hybrid Cloud Services - 72562

Organizations now commonly use multiple cloud services as well as on premises IT. This KuppingerCole Buyer’s Guide focusses on IaaS services. It will provide you with questions to ask vendors, criteria to select your vendor, and the requirements for successful deployments. This report…

Webcast

Cloud IGA: Built for Hybrid Reality

Conventionally, Identity Governance and Administration (IGA) products have been developed and deployed with a focus on on-premise IT systems and applications. While IAM leaders were still struggling with IGA solutions to deliver effective identity administration and access governance, the…

Webcast

Policy-Based Access Management – A Reliable Foundation for Your Next-Generation Unified IAM

As companies adopt numerous new technologies and establish new communications channels with their partners, suppliers or even customers, the amounts of sensitive information that’s stored across on-premises systems and cloud services are growing exponentially, and the task of managing…

Blog

Will Your Security Solutions Violate GDPR?

As the May 25th, 2018 GDPR enforcement date approaches, more and more companies are actively taking steps to find, evaluate, and protect the personally identifiable information (Personal Data) of EU persons. Organizations that do business with EU persons are conducting data protection impact…

Webcast

Martin Kuppinger - Microservices Architectures: Making IAM Hybrid

In recent times, an increasing number of vendors announced a migration of their products towards microservices architectures. Some renovate their existing on premises IAM tools, others build new solutions with a new architectural approach. Factually, the idea isn’t that new, but the…

Webcast

European Identity & Cloud Awards Ceremony

European Identity & Cloud Awards Ceremony

Webcast

Prof. Dr. Heiko Beier - Is it Facebook's End Game? Why Social Networks as we know them Today will not Survive

The real problem behind the recent Facebook scandal is not primarily that a company like Cambridge Analytica has "gained" access to the personal information of millions of Facebook users and misused them for political manipulation. It is the business model of social networks itself: Letting…

Webcast

Ian Glazer - Our Secret Strengths: The Skills of an Identity Professional

An identity and access management professional is more than just her knowledge of federation protocols, her ability to build user provisioning policies, or her talent in deploying social sign-up. Although we inherently know that it takes other skills to be a successful identity…

Webcast

Naresh Persaud - How to Enable Trust with Interoperable & Shared Credentials

The focus of digital identity for consumers and enterprise is to remove silos, minimize redundant effort, enable better collaboration and provide a foundation for regulatory compliance. The challenge is that shared credentials for both commercial and public-sector organizations will require…

Webcast

Dr. Torsten George - Zero Trust: Solving IT Security’s Identity Crisis

Although companies are constantly increasing their cybersecurity budgets, this does not seem to help much: each day we learn about new large-scale data breaches. Considering that over 80% of hacking-related breaches leverage compromised user credentials, it’s mindboggling why so many…

Webcast

Joy Chik - Planning for Tomorrow: Connecting Identities for People, Processes, and Things

Social, economic and technological changes are creating urgent new requirements for enterprise identity that enable interconnected digital systems. These new use cases require a governance framework that is consistent, integrated and efficiently managed. It also needs to provide increased…

Webcast

Tim Hobbs - What Connects DevOps & IAM

IAM products are highly configurable systems tailored to the diverse needs of customer environments and applications. Modern applications require short development cycles and IAM systems that can be adjusted at the same pace. Modern data centers are configuration-driven, resilient…

Webcast

Jeff Jonas - Do you Know What You Know About the Data Subject?

GDPR obligates organizations to provide data subjects with access to their personal data. To comply, companies must be able to answer a seemingly innocuous but frighteningly difficult question: What do we know about the data subject? Further, organizations must respond to Data Subject…

Webcast

Mo Ahddoud - SGN Securing Shared Credentials at The Heart of Digital Transformation

The future of IT security will depend on CISOs who are brave enough to build a new security model that is both innovative and unconventional. Gas distribution company, SGN, is blazing a trail that every company can follow. As a UK, critical infrastructure company SGN’s cloud-first…

Webcast

Dr. Sridhar Muppidi - Identity Meets Fraud Protection to Establish Digital Trust

In this session, we will introduce a framework to establish digital trust based on capabilities from fraud protection and Identity. This will quickly and transparently establish a trusted, frictionless digital relationship for your customers, employees, and business partners. The session…

Webcast

Christopher Spanton - Blockchain and the Business of Identity

Identity and Access Management (IAM) within an enterprise environment presents complex challenges for any business. While new technologies, such as blockchain, have the potential to help solve some of these challenges, today bringing blockchain into solution oriented discussions can merely…

Webcast

Martin Kuppinger - The Future Model of Identity: Blockchain ID and the Digital Transformation

Distributed Ledger Technologies ("Blockchain") are the foundation for the most disruptive changes to business we are either already observing or that are on the road to becoming a reality. Based on these technologies, both new business models and fundamental changes to established models…

Webcast

Prof. Dr. Hans Ulrich Buhl - Unchaining Blockchain

Blockchain is much more than the technology behind its still most successful application – the Bitcoin. One of its key attributes is the immutable storage of information. Besides other applications, this enables trustful online business between two or more individuals – without…

Webcast

Ralf Oestereich - We will Disrupt You

We will Disrupt You - Are AI, Blockchain, IoT a Blessing or Curse for an Insurance Company?

Webcast

Drs. Jacoba C. Sieders - Digital Identities and Blockchain: Experiments and Use Cases @ ABNAMRO

ABNAMRO runs over 30 blockchain experiments, also involving digital identity capabilities. Co-operation has been set –up across various coalitions, and use cases are running a lot wider than just the banking and payments industry. Academia, building-, and shipping industries are also…

Webcast

Kim Cameron - The Laws of Identity on the Blockchain

Keynote at the European Identity & Cloud Conference 2018

Webcast

Patrick Parker - The AI and Robotic Process Automation Revolution and the Upcoming Redesign of IAM

The AI and Robotic Process Automation revolutions are in full swing with record growth in both sectors as well as an explosion of new startups in this space. Not to be left behind, existing vendors are rushing to heed the call of AI and automation by sprucing up there existing product…

Webcast

Jason Rose - Realizing the full potential of Consumer Identity

Customer Experience is Everything and Everything is Digital. Digital transformation is now the center of marketing, advertising and sales strategy across every industry and region, with today’s consumers demanding a seamless and relevant experience across online and offline channels…

Webcast

Jackson Shaw - Fire Safety and Cyber-Security – Smoke Detectors are Not Enough

It takes most businesses over 6 months to detect a breach on their network. And while smoke detectors are proven to halve the death rate by fire, saving thousands of lives each year, detection is sometimes too late to prevent many buildings from burning to the ground. So imagine if it…

Webcast

Eve Maler - The Evolution of Identity and its Importance for our Digital Lives

Identity is as old as mankind and adapted very well to its changing environments. From a simple look that determines who you are to a high frequency of multi-factor vehicle-to-vehicle authentication in autonomous driving - with Digital Transformation, Identity in digital form has become the…

Webcast

Carmine Auletta - Identity & Digital Trust

Trust is essential for a society to function. It’s even more critical in a digital society where transactions take place between parties that can only rely on each other supplied digital Identity. eIDAS Regulation provides – for the first time – a clear, universal and…

Webcast

Lukas Praml - Your Mobile Identity: Blockchain Ain't no Swiss Army Knife

Digital identity solutions are very wide spread and everybody is using them on a day to day basis. Mainly it can be distinguished between state issued IDs/eIDs which lack usability and are therefore not as successful as hoped and self-claimed or self-established eIDs (sometimes stored in…

Executive View

Executive View: StealthDEFEND® - 70366

Cyber-attacks often involve a complex process, including an insider threat element, which exploits compromised or illicit user credentials to gain access to data. StealthDEFEND is the real time file and data threat analytics component of the STEALTHbits’ Data Access Governance Suite. 

Webinar

Jun 07, 2018: Cloud IGA: Built for Hybrid Reality

Conventionally, Identity Governance and Administration (IGA) products have been developed and deployed with a focus on on-premise IT systems and applications. While IAM leaders were still struggling with IGA solutions to deliver effective identity administration and access governance, the…

Blog

RSA’s 2018 Conference Starts Bi-Polar and Ends with a Minor Breach

It is a world of great turmoil and considerable fear amidst incredible human progress. No wonder the RSA keynotes seemed bi-polar - mixing fear one moment, hope and inspiration the next.  RSA opened with a somber act from rapper poet Kevin Olusola to the conference theme: "Now…

Webinar

Jun 05, 2018: Policy-Based Access Management – A Reliable Foundation for Your Next-Generation Unified IAM

As companies adopt numerous new technologies and establish new communications channels with their partners, suppliers or even customers, the amounts of sensitive information that’s stored across on-premises systems and cloud services are growing exponentially, and the task of managing secure…

Blog

Without Prosecution, There Is No Protection

The Equifax data breach saga continues to unfold. In late 2017, the company admitted it had suffered significant data loss starting in March of last year. There were likely multiple data theft events over a number of months. At some point in May, they notified a small group of customers but…

Blog

BAIT: Clearer Guidelines as a Basis for More Effective Implementation

If legal laypersons (as I am) read legal texts and regulations, they often miss clear and obligatory guidelines on how to implement them in practice. This is not least due to the fact that laws are generally designed to last and are not directly geared to concrete measures. This type of…

Blog

FIAM – Fake Identity and Access Management

Just when you thought we had enough variations of IAM, along comes FIAM. Fake digital identities are not new, but they are getting a lot of attention in the press these days. Some fake accounts are very sophisticated and are difficult for automated methods to recognize. Some are built using…

Webcast

Holistic Approach to Cyber Risk Governance in the GDPR Era

Pressured by the Digital Transformation, corporate networks are becoming increasingly complex, spanning across multiple geographical locations and technology platforms. Unfortunately, even as companies are becoming more open to the outside world, different business units within the same…

Advisory Note

Advisory Note: Security Organization Governance and the Cloud - 72564

The cloud provides an alternative way of obtaining IT services that offers many benefits including increased flexibility as well as reduced cost.   This document provides an overview of the approach that enables an organization to securely and reliably use cloud services to…

Webcast

Faktor Mensch: Wie man das schwächste Glied der IT-Infrastruktur Ihres Unternehmens schützt

Obwohl der Markt mit einer großen Anzahl von Sicherheitslösungen reagiert und die Budgets für Cybersicherheit ständig wachsen, scheinen sich viele Unternehmen immer noch auf den Schutz von Endgeräten und Netzwerken zu konzentrieren. Sie übersehen dabei das…

Blog

Make Things Happen Rather Than Watch Things Happen With Vendor-Provided Compliance Solutions

In May 2017, my fellow KuppingerCole analyst Mike Small published the Executive Brief research document entitled “Six Key Actions to Prepare for GDPR” (then and now free to download). This was published almost exactly one year before the GDPR takes full effect and outlines six…

Executive View

Excutive View: Imprivata - 71514

On October 24, 2017, Imprivata significantly enhanced their healthcare-focused enterprise SSO offering with Identity Provisioning and Access Governance capabilities acquired from Caradigm. With that offering they are broadening their portfolio while remaining focused on the healthcare…

Whitepaper

Whitepaper: GDPR Herausforderungen mit Delphix meistern - 70368

Mit der neuen Datenschutz-Grundverordnung (GDPR) führt die EU strenge Kontrollen bezüglich der Verarbeitung personenbezogener Daten von EU-Bürgern sowie hohe Geldstrafen bei Nicht-Einhaltung eben dieser ein. Die Compliance der Grundverordnung erfordert kostenintensive…

Whitepaper

Whitepaper: Meeting GDPR Challenges with Delphix - 70368

GDPR introduces stringent controls over the processing of PII relating to people resident in the EU with high penalties for non-compliance.  Compliance requires costly controls that can be justified for processing of PII with direct business benefits.  However, using PII for…

Webcast

How to Make Your IAM Program a Success

The best way to ensure the success of your company’s IAM program is to follow in the footsteps of organizations whose programs have proven successful, learn from their leading IAM experts and avoid common mistakes. KuppingerCole has compiled a list of recommendations and best…

Webcast

The Evolution of Identity Governance: From Basic Compliance to Federated Security Assurance

As the number of business applications across different platforms and environments is rapidly growing, the resulting complexity and heterogeneous nature of modern corporate IT infrastructures makes storing, analyzing and protecting this critical business information an incredibly…

Webinar

Mar 13, 2018: Faktor Mensch: Wie man das schwächste Glied der IT-Infrastruktur Ihres Unternehmens schützt

Um im hart umkämpften und sich ständig verändernden globalen Markt bestehen zu können, sind Unternehmen gezwungen, ständig neue Technologien und Plattformen einzuführen, die unweigerlich zu einer erheblichen Erhöhung der Komplexität ihrer IT-Infrastrukturen führen. Da sensible Geschäftsdaten…

Webinar

Mar 15, 2018: Holistic Approach to Cyber Risk Governance in the GDPR Era

As we are getting closer to the dreaded May 25th deadline, when the General Data Protection Regulation will come into force, many companies are still struggling with implementing effective risk assurance programs that constitute a key requirement for any sensible cybersecurity and compliance…

Webinar

Feb 20, 2018: The Evolution of Identity Governance: From Basic Compliance to Federated Security Assurance

Whenever people are talking about the Digital Transformation, they usually think about modern technologies like cloud computing. However, although adopting new technologies is important for staying relevant and competitive in the rapidly changing market, this transformation primarily…

Leadership Brief

Leadership Brief: A Practical Approach to Enterprise Security Architecture (ESA) - 70222

An enterprise security architecture (ESA) is a critical component to an enterprise architecture (EA) that describes how IT services, processes, and technologies should be protected given a customer’s unique business, security, and compliance requirements.

Webinar

Feb 22, 2018: How to Make Your IAM Program a Success

Identity and Access Management (IAM) is one of the most important and challenging disciplines, involving multiple departments and systems across the enterprise and requiring constant communication between the business and IT. Without IAM, it is difficult to mitigate access risks, to comply…

Discover KuppingerCole

KuppingerCole Select

Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.

Blog

Blog

AWS re:Invent Impressions

This year’s flagship conference for AWS – the re:Invent 2018 in Las Vegas – has just officially wrapped. Continuing the tradition, it has been bigger than ever – with more than 50 thousand attendees, over 2000 sessions, workshops, hackathons, certification courses, a huge expo area, and, of course, tons of entertainment programs. Kudos to the organizers for pulling off an event of this scale – I can only imagine the amount of effort that went into it. I have to [...]

Stay Connected

Latest Insights

Hot Topics

Become a Client

Learn more about becoming a Client

Contact Us

Call Us

+49 211 2370770
Mo - Fr 8:00 - 17:00