Latest videos

Analyst Chat #154: 2022 Wrapped Up - Major Trends in IAM and Cybersecurity

Dec 19, 2022

Another year gone already! It's time to take a look back at 2022. Martin Kuppinger and Matthias talk about what happened in the past year and identify top trends in IAM and Cybersecurity. They go beyond technology but also look at processes and business models. By this, they also provide an outlook to what to expect in 2023. With this episode, the Analyst Chat goes into a short Christmas break. We'll return on January 16th.

Watch

Implementing Zero Trust With Privileged Access Management Platforms

Dec 16, 2022

There is no debate about the fact that ransomware is the fastest-growing kind of cybercrime. Due to their wide range of access rights and thus potential ransom leverage, privileged accounts are at the top of the target list for cybercriminals. Therefore, organizations need to pay special attention to securing these kinds of accounts.

Watch

Unifying the Perspectives - Application Access Governance

Dec 13, 2022

The application landscape in organizations is getting more and more complex. Applications from vendors are more plentiful - or they differ very much from each other - and the combination of on-prem and cloud applications is no longer unusual. It's easy to lose track of all the different risks that are coming with that. Application access governance helps in unifying the different security perspectives. Martin sat down with Keri Bowman from Saviynt to take a deeper look into this topic.

Watch

Analyst Chat #153: Passwordless and Biometrics - Balancing UX with Security and Privacy

Dec 12, 2022

Alejandro and Matthias continue their conversation about passwordless authentication. This time, the topic is the use of biometrics (and possible security and privacy concerns related to their use) as an authentication factor.

Watch

Access Management: Managing Your Risk

6 videos

Playlist

Unify Identity and Security to Block Identity-Based Cyber Attacks

Dec 07, 2022

Compromised credentials are a top cyber-attack method. Identity-based attacks are on the rise, it is therefore vital that businesses can detect the misuse of enterprise identities to block attackers from getting unfettered insider access to IT systems and data. But that can be challenging in today’s distributed, hybrid, and multi-cloud business IT environment.

Watch

Video

Recap Cybersecurity Leadership Summit 2022

Dec 06, 2022

Watch

Analyst Chat #152: How to Measure a Market

Dec 05, 2022

Research Analyst Marina Iantorno works on determining market sizing data as a service for vendors, service providers, but especially for investors. She joins Matthias to explain key terms and metrics and how this information can be leveraged for a variety of decision-making processes.

Watch

Secure DevOps: Key to Software Supply Chain Security

Nov 30, 2022

In the modern world of flexible and remote working, it is useful for software engineers to be able to access and update source code from anywhere using any device, but the SolarWinds supply chain attack showed that it is essential to track every change for security and compliance reasons.

Watch

Analyst Chat #151: Identity Governance and Administration

Nov 28, 2022

Identity Governance and Administration (IGA) combines the traditional User Access Provisioning (UAP) and Identity and Access Governance (IAG) markets. Nitish Deshpande joins Matthias for the first time on the occasion of the publication of the Leadership Compass IGA 2022 , which he has created. They both have a look at this evolving and fascinating market segment.

Watch

Don’t Delay, Get Ready for a New Digital World Today

Nov 25, 2022

Like many other countries, digitization is a strategic priority in Germany, where there is a concerted effort to digitize public services. German banks and insurance companies are also digitalizing their customer journeys. Other organizations need to do the same, or risk losing competitive advantage in the digital era.

Watch

Key Findings on Malign Information, Misinformation, and Cyberattacks

Nov 24, 2022

Ksenia Iliuk, Head of Research at Detector Media, Ukraine tells us about some key findings of their research in the media landscape of Ukraine. Find out what she has to say about Telegram and what it has to do with #cybersecurity .

Watch

You Deserve a Better Security Testing Experience

Nov 23, 2022

To remain competitive, businesses are embracing digital transformation, adopting cloud services and agile software development. But this is creating opportunities for attackers because most organizations lack the skills, knowledge, and expertise to match attackers’ ability to find and exploit vulnerabilities. There needs to be a shift in the way organizations conduct security testing.

Watch

Analyst Chat #150: Clear and Present Danger - Ransomware Threats to Healthcare Providers

Nov 21, 2022

Only a week has passed since John Tolbert, our Cybersecurity Research Director, spoke at CSLS about ransomware and how to combat it. Today, he reports on specific threats posed by ransomware attacks to the healthcare industry, particularly in the US. But in the end, these are just examples of the threats against any user of IT. Links to the mentioned ransomware attacks: Medibank Common Spirit Lake Charles Health System (US) Helpful documents for cybersecurity in healthcare: CISA - Stop ransomware MITRE - MEDICAL DEVICE CYBERSECURITY

Watch

Effective IAM in the World of Modern Business IT

Nov 18, 2022

Digital Transformation promises lower costs, and increased speed and efficiency. But it also leads to a mix of on-prem and cloud-based IT infrastructure, and a proliferation of identities that need to be managed in a complex environment. Organizations adopting a Zero Trust approach to security must find a way to overcome these challenges.

Watch

Making Passwordless Authentication a Reality: The Hitchhiker’s Guide

Nov 16, 2022

In this webinar, Bojan Simic, founder and CEO at HYPR, and Martin Kuppinger, Principal Analyst at KuppingerCole Analysts, will share their insights and experience on what to consider when moving towards passwordless authentication, and making this a reality.

Watch

Analyst Chat #149: The Top 5 Cybersecurity Trends - Looking Back at CSLS 2022

Nov 14, 2022

Deep Fakes, AI as friend and foe, Business Resilience, Mis-, Dis- and Malinformation: The Cybersecurity Leadership Summit has taken place in Berlin and covered all of this and much more. Martin Kuppinger and Matthias look back on the event and identify their Top 5 Trends from CSLS2022 in Cybersecurity and beyond.

Watch

Cybersecurity Leadership Summit 2022

74 videos

Playlist

Cyber Hygiene Is the Backbone of an IAM Strategy

Nov 10, 2022

When speaking about cybersecurity, Hollywood has made us think of hooded figures in a dark alley and real-time cyber defense while typing at the speed of light. However, proper cyber security means, above all, good, clean and clear security practices that happen before-hand and all day, everyday. This is particularly true for Identity and Access Management, which is a component of every domain within Cyber Security, and it's identified as a cause for more than 80% of data breaches. IAM is rarely about white-hat hackers counter-attacking an ongoing intrusion. It's mainly about a set of good...

Watch

Welcome to CSLS 2022

Nov 10, 2022

Watch

Panel | Misinformation – Disinformation – Malinformation (MDM): The Next Big CISO Challenge?

Nov 09, 2022

Even though MDM has had a long history during war and times of high tension, the digital era has been increasing reach and potential impact of weaponized misinformation. Sophisticated tools such as machine learning mechanisms and software bots is opening a huge battlefield for creating and spreading manipulated information at scale even for those with limited technical skills. From nation state attacks through organized crime down to that one single customer who feels treated unwell – they all can use such tools. What does this trend mean for your organization and what ist he...

Watch

Analyst Chat #148: How to Improve Security with Passwordless Authentication

Nov 07, 2022

"Passwordless authentication" has become a popular and catchy term recently. It comes with the promise of getting rid of the risk associated with passwords, however, organizations will add a significant layer to the overall security of their IT infrastructure. Research analyst Alejandro Leal rejoins Matthias to explain how this can be achieved in reality with today's products and services. He gives an overview of the market, the technologies and recent developments in this area.

Watch

Protecting Web Applications Amid Severe Staff Shortages

Nov 03, 2022

Organizations are more dependent than ever on web applications for doing business with partners and customers, which means that protecting web applications has become business critical. But many companies are facing severe skills shortages exacerbated by the “Great Resignation”, and web application security is particularly hard hit. Automation is key to overcoming this challenge.

Watch

Analyst Chat #147: How To Manage Your Clients, From Customers and Citizens to B2B and B2B2C

Oct 31, 2022

CIAM solutions are designed to address specific technical requirements that consumer-facing organizations have that differ from traditional “workforce” or Business-to-Employee (B2E) use cases. John Tolbert has revisited this market segments for the updated Leadership Compass CIAM and provides an update to the analyst chat episode 58 from December 2020. Cybersecurity Leadership Summit takes place on November 8 – 10 in Berlin and online. Join us there .

Watch

Better Business With Smooth and Secure Onboarding Processes

Oct 28, 2022

In the modern world of working, organizations need to digitally verify and secure identities at scale. But traditional IAM and CIAM strategies can’t identity-proof people in a meaningful way in the digital era. Finding an automated digital identity proofing system that is passwordless and provides strong authentication, is essential.

Watch

Frontier Talk

Identity, Company Building and the Metaverse | Frontier Talk #10 - Lasse Andresen

Oct 27, 2022

In this milestone episode, Raj Hegde sits with Lasse Andresen – Founder and CEO of IndyKite to explore company building, the metaverse, and identity applications beyond security. Tune in to this episode to learn about Lasse’s inspiring journey since founding ForgeRock, his playbook for building dynamic teams from scratch, and his thoughts on where the identity ecosystem is heading. All of this and much more on episode 10 of the Frontier Talk podcast!

Watch

Advanced Authorization in a Web 3.0 World

Oct 26, 2022

Business and just about every other kind of interaction is moving online, with billions of people, connected devices, machines, and bots sharing data via the internet. Consequently, managing who and what has access to what in what context, is extremely challenging. Business success depends on finding a solution.

Watch

Analyst Chat #146: Do You Still Need a VPN?

Oct 24, 2022

Virtual Private Networks (VPNs) are increasingly being promoted as an essential security tool for end users. This is not about the traditional access to corporate resources from insecure environments, but rather about privacy and security protection, but also about concealing one's actual location on the Internet. Alexei analyzes the operation and effectiveness of these tools and explains his view on the question of whether VPNs are really needed for security and privacy. Cybersecurity Leadership Summit takes place on November 8 – 10 in Berlin and online. Join us there .

Watch

Why Data Resilience Is Key to Digital Transformation

Oct 21, 2022

As companies pursue digital transformation to remain competitive, they become more dependent on IT services. This increases the potential business impact of mistakes, natural disasters, and cyber incidents. Business continuity planning, therefore, is a key element of digital transformation, and must cover business-critical data and applications.

Watch

A Winning Strategy for Consumer Identity & Access Management

Oct 19, 2022

Success in digital business depends largely on meeting customers’ ever-increasing expectations of convenience and security at every touchpoint. Finding the best strategy to achieve the optimal balance between security and convenience without compromising on either is crucial, but can be challenging.

Watch

Analyst Chat #145: How Does Using Cloud Services Alter Risk?

Oct 17, 2022

The question whether using a cloud service alters risk is not simple to answer. Mike Small sits down with Matthias and explains, that every organization has its own set of circumstances, and the answer needs to take these into account. He explains the important factors to look at, and what organizations should understand when assessing their risks in a cloud and hybrid world. Cybersecurity Leadership Summit takes place on November 8 – 10 in Berlin and online. Join us there .

Watch

Implementing Modern and Future-Proof PAM Solutions

Oct 14, 2022

Privilege Access Management (PAM) is changing, driven by the move of most businesses from on-prem IT applications and infrastructure to the cloud, resulting in a multi-could, multi-hybrid IT environment. This has resulted in a proliferation of privileged identities that need to be managed.

Watch

A Zero Trust Approach to Cyber Resilience

Oct 13, 2022

Security in many organizations is not evolving fast enough to keep up with business transformation, including migration to the cloud and to Industry 4.0. These changes, while essential to remain competitive, bring fresh security risks. A new approach is needed to ensure cyber resilience.

Watch

Analyst Chat #144: What Cybercrime Can Really Mean to Your Business

Oct 10, 2022

Cybersecurity often seems like a dry subject. And as long as it is practiced successfully, its benefits can only be seen in the absence of damage. However, Marina Iantorno, who is taking part in the Analyst Chat for the first time, will discuss the actual risks associated with inadequate IT security and how they affect organizations specifically. Cybersecurity Leadership Summit takes place on November 8 – 10 in Berlin and online. Join us there .

Watch

Driving Innovation With Identity Fabrics

8 videos

Playlist

A DevSecOps Maturity Model for Secrets Management

Oct 07, 2022

Recent high-profile software supply chain attacks have highlighted the importance of security in the DevOps environment. But this can be challenging because DevOps teams are at the forefront of digital transformation and use agile techniques to deliver applications quickly, often not following traditional paths of identity management.

Watch

How to Move from Legacy IAM to Future-Proof Identity Fabric

Oct 06, 2022

As enterprises adopt new ways of collaboration and working, the area that has seen some of the biggest impact is the evolution of identity metadata to support improved and secure forms of access to IT infrastructure and services. Yet, this is still the most underrepresented aspect in target design conversations for most Identity Management programmes. As we move towards IAM 2.0 with the panes of evolution changing from what our approaches were in the pre-pandemic world, there is an opportunity for us to build our programmes based on sound Identity fabrics thereby leveraging the true power...

Watch

Breaking the Ransomware Attack Chain

Oct 05, 2022

At some point, any business connected to the internet is likely to become a victim of a ransomware because they are relatively easy and inexpensive to carry out, but potentially yield large payouts for cybercriminals. The best way of tackling this threat is to know how to break the attack chain.

Watch

Analyst Chat #143: Vulnerability Management: Emergency Patching and How to Deal with "Zero Days"

Oct 03, 2022

Sometimes Vulnerability Management has to take care of current threats very quickly: Christopher Schütze is today's guest in this episode and explains which processes are necessary when a system needs to be updated very quickly, for example because there is a current threat, e.g. a "zero day" attack actively being exploited or a vendor recommends an update....

Watch

Taking the Risk Out of Key Digital Business Enablers: APIs

Sep 30, 2022

Application Programming Interfaces (APIs) are among the foundations of modern digital business. APIs are found everywhere due to a rapid growth in demand to expose and consume APIs to enable new business models and connect with partners and customers, but APIs are also a security risk that businesses can’t afford to ignore.

Watch

Ensuring the Security of Microsoft Active Directory and Azure AD

Sep 28, 2022

In the face of increasing cyber-attacks by cybercriminals and nation-states, most organizations are investing in filling in the gaps in their cyber defenses, but as the landmark SolarWinds supply chain breach showed, securing Microsoft Active Directory (AD) is vital, but often overlooked.

Watch

Analyst Chat #142: Cyber Resilience: What It Is, How to Get There and Where to Start - CSLS Special

Sep 26, 2022

A key issue for many companies beyond technical cybersecurity is cyber resilience. This refers to the ability to protect data and systems in organizations from cyber attacks and to quickly resume business operations in the event of a successful attack. Martin Kuppinger, Mike Small, and John Tolbert will explore this important topic at the Cybersecurity Leadership Summit in Berlin. For this special episode of Analyst Chat, they join Matthias for a virtual panel discussion to identify key actions on the path to a cyber resilient enterprise.

Watch

A Comprehensive Approach to Solving SaaS Complexity

Sep 23, 2022

As businesses adopt cloud-based services as part of digital transformation programs to enable flexible working, boost productivity, and increase business agility to remain competitive, many IT and security teams are finding it challenging to gain oversight and control over the multitude of Software as a Service (SaaS) applications.

Watch

Cybersecurity-Teams mit Managed Detection Response stärken

Sep 21, 2022

Organisationen, die die Digitalisierung ihrer Businessprozesse versäumen, werden es in naher Zukunft schwer haben, wettbewerbsfähig zu bleiben. Mit zunehmender Digitalisierung steigen aber auch die Cyberrisiken, weil die Verlagerung von Dienstleistungen in die Cloud und die zunehmende Unterstützung von mobilem und dezentralem Arbeiten die Bedrohungsflächen rapide vergrößert. IT-Sicherheitsteams haben nicht zuletzt wegen geringer Budgets und mangelndem Know-How Mühe, Bedrohungen zu erkennen, darauf zu reagieren und sie einzudämmen, zumal diese zunehmend von staatlicher Seite ausgehen und mit...

Watch

Analyst Chat #141: What Defines Modern Cybersecurity Leadership

Sep 19, 2022

How do you implement modern cybersecurity leadership between compliance, threat protection, privacy and business enablement? To answer this question, Matthias invited the CEO of KuppingerCole Analysts, Berthold Kerl, who was and is active in various roles as a leader in cybersecurity. Together they explore questions such as how important the knowledge of basic cybersecurity technologies is and what the necessary management tasks are in an organization?

Watch

Zero Trust Is Driving the Evolution of Authorization

Sep 16, 2022

Verifying what specific applications, files, and data that a human or non-human entity has access to, is at the heart of cybersecurity in the face of increasing theft of data for espionage or other criminal purposes. Authorization, therefore, is extremely important to security, but it is also key to boosting brand trust and improving user experience.

Watch

Becoming a Better Privileged Access Manager

6 videos

Playlist

Managing Cyber Risk in a Hybrid Multi-Cloud IT Environment

Sep 14, 2022

Today’s IT environments blend applications and services from multiple public cloud networks, private clouds and on-prem networks, making it difficult to view and inventory assets deployed across complex hybrid networks, and keep track of the security risks. Organizations need to find a way to improve visibility, identify and prioritize risks, and maintain cyber resiliency.

Watch

Analyst Chat #140: Debunking the Myth of the Human Being the Biggest Risk in Cybersecurity

Sep 12, 2022

It is always easy to blame people, i.e. users, for data breaches and ransomware attacks. But is that really still true today? Martin Kuppinger and Matthias discuss this cybersecurity myth and finally defend users against unjustified accusations. Meet us at the Cybersecurity Leadership Summit !

Watch

Analyst Chat #139: Verified Identity Providers

Sep 05, 2022

Verified identity refers to digital identities that have been verified to describe a real-world identity in digital form. A growing range of service providers support organizations to achieve this for customers, citizens and employees alike. Annie Bailey rejoins Matthias and gives an overview of what "Providers of verified identity" are and which types of services and benefits beyond mere verification should be considered. The Leadership Compass is available here .

Watch

Analyst Chat #138: Jumpstart Your Zero Trust Strategy With Zero Trust Network Access (ZTNA) Solutions

Aug 22, 2022

Zero Trust is rapidly gaining popularity as a modern alternative to traditional perimeter-based security. While it is (rightfully) mainly considered a concept rather than a product, a new market segment has developed. Those solutions apply this concept to network-based access to existing applications and other systems by creating a logical identity- and context-based overlay over existing (and presumed hostile) networks. Alexei Balaganski has examined this new market for KuppingerCole Analysts research and talks to Matthias about how this can speed up ZT deployments.

Watch

Analyst Chat #137: What Is CDP and What Benefit Does It Add to Consumer-Centric Identity Ecosystems?

Aug 15, 2022

Customer Data Platforms (CDP) are a fairly new addition to the pool of consumer identity centric management solutions. KuppingerCole Fellow Analyst Roland Bühler joins Matthias for the first time and he explains the full picture of consumer identity and detail what differentiates CDPs from other solutions, such as DMP, CRM or Marketing Automation Solutions. Here are the links to the documents that Matthias and Roland are talking about: Customer Data Platforms , Machine Customers - The Impact of Customer Bots on Customer Journeys

Watch

Analyst Chat #136: Why Securing Microservices Isn’t as Straightforward as You Might Think

Aug 08, 2022

Microservices are increasingly becoming the new normal for enterprise architectures, no matter where they are deployed. Alexei Balaganski and Matthias discuss why doing this properly is essential and which aspects need to be considered, way beyond just talking about transport encryption or API security.

Watch

Analyst Chat #135: Can DREAM Help Me Manage My Multi-Hybrid Infrastructure?

Aug 01, 2022

The IT environments have become complex, and this will not stop as more technologies such as Edge Computing start to take hold. Paul Fisher looks at the full scope of entitlements across today's multi-hybrid environments. He explains how this new market segment between the cloud, on-premises, privileged accounts, and DevOps has developed and what DREAM means in this context.

Watch

The 3 Essentials of a Cyber Leader

Jul 29, 2022

How can the Cybersecurity Leadership Summit help you become a great digital leader? Raj Hegde, Product Manager, tells us what the 3 core qualities of the digital leaders of the future are, and how you can strengthen them by joining us on 8-10 November in Berlin.

Watch

Security and Compliance Benefits of Endpoint Privilege Management

Jul 29, 2022

As IT applications and endpoints proliferate, and enterprises shift to hybrid IT and hybrid working models, managing end user privileges is becoming very challenging, resulting in breaches, fraud, and undetected risky behavior. Enterprises need a way of governing end users wherever they are working and protecting a growing number of endpoints.

Watch

Multi-Cloud Permissions Management

Jul 27, 2022

Most businesses are adopting cloud services from multiple providers to remain flexible, agile, efficient, and competitive, but many do not have enterprise-wide control over and visibility of tens of thousands of cloud access permissions, exposing the enterprise to risk of security breaches.

Watch

Analyst Chat #134: How Self-Sovereign Identities Will Influence Public Services

Jul 25, 2022

Europe is on a "Path to a Digital Decade", which envisions 80% of EU citizens using a digital ID card by 2030. A part of that journey will be self-sovereign identities. Research Analyst Alejandro Leal joins Matthias to continue their discussion on the digital transformation in public services. Self-sovereign identities, the new eIDAS regulation, and the impact of both on how interactions between citizens and the state will change, are a controversial topic in the public discussion as well.

Watch

Analyst Chat #133: Leadership Compass Web Application Firewalls

Jul 18, 2022

Web Application Firewalls (WAF) have been around for quite some time to protect web applications through the inspection of HTTP traffic. But with a changing nature of web applications and the ever changing threats landscape they nee to evolve constantly. Richard Hill sits down with Matthias to explain newest developments in the market of WAFs, that is demanding increasingly for intelligent solutions.

Watch

You Can Only Protect and Govern the Data You Know About

Jul 15, 2022

Data is widely recognized as the lifeblood of the modern enterprise. However, the exponential rate at which it is being generated means that it is crucial that organizations have the capability to manage it effectively to ensure its confidentiality, integrity, and availability.

Watch

Dark Web Monitoring - CYFIRMA on an Undercover Mission

Jul 14, 2022

With CYFIRMA's products, you can take a look at your business through the eyes of a cybercriminal. But to know what they know, they need to take steps into the dark side of the World Wide Web. Osman interviews Kumar Ritesh from CYFIRMA about their work on the Dark Web.

Watch

Multi-Cloud Identity Governance 101

Jul 13, 2022

In an effort to cut costs, improve efficiencies, and cater for a mobile and remote workforce, businesses are adopting cloud services from multiple providers. This has created a host of challenges in managing identity and access across multiple clouds, and has introduced several risks that need to be addressed urgently.

Watch

Analyst Chat #132: Digital Transformation for the Public Sector

Jul 11, 2022

Imagine paying your taxes digitally on your mobile phone by using your digital ID that is also used for easily applying for a parking permit online. Sounds like the future? In Estonia, this has been a reality for 20 years. Research Analyst Alejandro Leal joins Matthias for the first time for the Analyst Chat. They talk about the changing landscape of citizen-facing government processes and the impact of the digital transformation on the public sector, how Estonia can be a role model and what we can learn from their limitations.

Watch

DevOps Tools: Securing the Software Supply Chain

Jul 08, 2022

Following the SolarWinds and Kaseya supply chain attacks, security of the DevOps tools chain with all the related components has shifted to the center of attention. There is a lot to do around securing code and CI/CD tools, as well as the execution environments. But it all starts with protecting secrets such as keys, certificates, and even passwords.- each one of these can provide access to large amounts of critical information.

Watch

The Future of Identity & Access Management

5 videos

Playlist

Erfolgreiche IAM-Projekte: Von Best Practices Lernen

Jul 06, 2022

Häufig beginnt die Suche nach einer Identity-Lösung mit einem ganz konkreten Schmerzpunkt im Unternehmen. Ein nicht bestandener Compliance-Audit wegen überhöhter Zugriffsberechtigungen, technische Probleme, wegen komplexer Systeme frustrierte User und eine Überforderung des Helpdesk mit Berechtigungsanforderungen und Passwort-Resets sind nur einige der vielen möglichen Ursachen. Selbst nach einer erteilten Budgetfreigabe für die Anpassung der IAM-Landschaft sind die Hürden vielfältig.

Watch

How CYFIRMA Puts Threat Intelligence Into Practice

Jul 05, 2022

Do you know what information about your company is out there and can be used by cybercriminals? What are they interested in? Are they actually targeting your company and planning to exploit it? These are many questions that you may want to consider answering. After all, part of a good defense strategy is knowing your enemy. Kumar Ritesh wanted to solve this challenge and founded CYFIRMA to help others with a complete, comprehensive view, on one platform. Learn more about how they help you look through the eyes of cybercriminals.

Watch

Analyst Chat #131: How to protect your OT and IoT from Cybersecurity Threats

Jul 04, 2022

Graham Williamson has teamed up with John Tolbert to research the current state of the Operational Technology (OT) and Industrial Control Systems (ICS) sectors. They documented the ability of the main industry players to support a coordinated approach to detecting, responding to, and recovering from, cybersecurity attacks and intrusions. Graham joins Matthias to provide insight into this market on the occasion of the publication of the Market Compass Cybersecurity for Industrial Control Systems.

Watch

Maximizing the Benefits of Customer Identity & Access Management

Jul 01, 2022

CIAM solutions often come packed with features that could be used to improve consumer experiences, which is key to success in the digital era. However, in most cases, organizations that deploy CIAM products or use cloud-hosted CIAM services are under-utilizing the capabilities, which leads to poor customer experiences.

Watch

Dealing Effectively with Modern, Industrialized Cyber Threats

Jun 30, 2022

The cyber threat landscape has become very complex, with state-of-the-art intrusion, ransomware, and cryptocurrency mining tools now readily available through online stores and service providers, and an expanding attack surface due to increased cloud computing and remote working. Keeping data secure while ensuring its availability to legitimate users has become extremely challenging.

Watch

Effective Threat Detection for Enterprises Using SAP Applications

Jun 29, 2022

Determined cyber attackers will nearly always find a way into company systems and networks using tried and trusted techniques. It is therefore essential to assume breach and have the capability to identify, analyze, and neutralize cyber-attacks before they can do any serious damage.

Watch

Analyst Chat #130: Leadership Compass Endpoint Protection, Detection and Response (EPDR)

Jun 27, 2022

The previously distinct but now converged fields and product lines of Endpoint Protection (EPP) and Endpoint Detection & Response (EDR) are covered in the brand new KuppingerCole Analysts Leadership Compass on EPDR (Endpoint Protection Detection & Response). Lead Analyst John Tolbert joins Matthias to give a sneak peek into this market segment and shares some results of the evaluation as well.

Watch

Managing Complexity: How to Define an Enterprise Cybersecurity Fabric That Delivers

5 videos

Playlist

IAM Projects Done Right

Jun 22, 2022

Delivering effective IAM is not always easy, and around half of IAM projects run into difficulties and stall. While opting for IAM that is delivered as a service is a potential solution, not all offerings are equal. Finding a service with the right combination of well-integrated capabilities is crucial to success.

Watch

Analyst Chat #129: Market Compass Secure Collaboration

Jun 20, 2022

Secure Collaboration solutions focus on enabling data-centric security to facilitate virtual collaboration. Annie Bailey talks with Matthias about this market segment that provides increasingly flexible, interoperable, and therefore even more secure solutions.

Watch

Trends, Innovations and Developments in the CIAM Market

Jun 15, 2022

Consumer Identity and Access Management (CIAM) is an emerging market with a strong demand for solutions. Especially with the increasing digitization of the workplace, the market is growing and there are more and more vendors entering this market. Our analyst John met with Sadrick Widmann from cidaas, one of the leading IAM solutions in Europe, to talk about the importance and relevance of CIAM.

Watch

The Changing Scope of the NIS 2 EU Directive

Jun 15, 2022

The NIS Directive aimed at achieving a common standard of network and information security across all EU Member States, with a focus on operators of essential services, is scheduled for an update. Suppliers of utilities, healthcare, transport, communications, and other services need to know what changes are coming and what they need to do to comply.

Watch

Analyst Chat #128: Characteristics of Future IT

Jun 13, 2022

Martin Kuppinger and Matthias conclude their conversation about the opening keynote Martin held at EIC 2022 in Berlin. They look at how future IT will look like and how the overall transformation towards this future state can be managed.

Watch

Effective Cyber Risk Quantification Through Automation

Jun 07, 2022

Continual high-profile cyber incidents demonstrate beyond a doubt that cyber risks exist, but most organizations struggle to quantify cyber risk in a useful way. There is an urgent need for IT security leaders to find a common way to express cyber risk in monetary terms, that business leaders understand to enable effective risk management and security investment.

Watch

Analyst Chat #127: Leadership and Challenges in a Changing World

Jun 06, 2022

Martin Kuppinger and Matthias discuss topics from the opening keynote Martin held at EIC 2022 in Berlin. They start with the role of leaders and decision makers in a consistently changing global environment.

Watch

Why Architects Should Rethink Authorizations

Jun 02, 2022

In the digital era, organizations are increasingly interacting online with contractors, partners, and customers. Traditional role-based authorization frameworks are not designed to provide these external identities with the right access to resources, services, and apps. A new approach is required.

Watch

Fixing the Way the World Logs In

Jun 01, 2022

Passwords are quickly and easily compromised, they are costly and difficult to manage, and they result in poor user experiences. Many organizations are looking for alternatives, but find it challenging to identify appropriate passwordless and phishing resistant authentication solutions that are simple, effective, and secure.

Watch

Analyst Chat #126: Leadership Compass Identity Fabrics

May 30, 2022

The Identity Fabric paradigm manifests an important cornerstone of the KuppingerCole Analysts AG research and advisory. Products in that area cover a wider range of capabilities including Access Management and IGA, and beyond. Martin Kuppinger joins Matthias to provide more details about this evolving market sector, and on which vendors and which products/services to watch.

Watch

Effective Identity Access Governance in Hybrid SAP Environments

May 27, 2022

Increased cyber threats and regulatory requirements for privacy and security make staying on top of user roles and access rights in hybrid IT environments more important and challenging than ever, which means it’s important to understand the real risks and how to mitigate them effectively with modern GRC capabilities.

Watch

Analyst Chat #125: Leadership Compass Access Management

May 23, 2022

Access Management refers to the group of capabilities targeted at supporting an organization's access management requirements traditionally found within Web Access Management & Identity Federation solutions, such as Authentication, Authorization, Single Sign-On, Identity Federation. Richard Hill joins Matthias for the first time to talk about this topic and the recent developments in that area as reflected in his Leadership Compass on Access Management.

Watch

Making Zero Trust a Reality: Basing Decisions on Valid Identity Data

May 20, 2022

Cloud computing and mobile workforces have resulted in an expanding attack surface and a complex web of identify information. This means that traditional perimeter-based security models are no longer effective. A Zero Trust model of strict access control for every user and device enables businesses to be connected and secure, but an effective identity-focused approach is essential.

Watch

Analyst Chat #124: Market Compass "Policy-Based Access Management"

May 17, 2022

Shortly before EIC, Graham Williamson and Matthias sat together virtually and discussed the recent publication of the Market Compass on "Policy Based Access Management". In this episode Graham gives a great introduction in this evolved market segment and talks about hybrid and cloud-native use cases. They hint at several sessions on policy-based and cloud-native access control at EIC as well, so for those interested in learning even more on modern authorization, either the Market Compass itself or the EIC recordings are perfect starting points after listening to/watching this episode.

Watch

Impressions from the European Identity and Cloud Conference 2022

May 17, 2022

Watch

Attendees at the European Identity and Cloud Conference 2022

May 17, 2022

Watch

Panel | Protocols, Standards, Alliances: How to Re-GAIN the Future Internet from the Big Platforms

May 13, 2022

In talking about a "Post Platform Digital Future", it is all about a Vision, or better: mission to not let the current platform dominance grow any further and create the foundations for a pluralistic digital society & business world where size would not be the only thing that matters. To get there, we need open Standards, Protocols and Alliances that help individuals, as well as businesses of any size, to participate in a digital future inside the metaverse and beyond - just like trade unions helped the working class during the industrial revolution to fight for their rights. In this...

Watch

Panel | Turning (Distributed) Workforce Challenges into Productivity Gains

May 12, 2022

Customer Identity & Access Management (CIAM) has made us learn about reducing friction in the way customers access and consume our services, and to add value to the relationship. It is time now to apply CIAM learnings to workforce identity.

Watch

Panel | Multi-Cloud Agility Must-Haves

May 11, 2022

With a highly prioritized digital tranfsformation towards a composable enterprise, it will be inevitable to work with multi-cloud solutions to achieve the level of agility and flexibility required. If it was to avoid vendor lock-in or to consequently go for best-of-breed solutions - in this cloud expert panel we will discuss approaches to manage multi-clouds efficently and to avaid increased complexity.

Watch

European Identity & Cloud Awards Ceremony

May 11, 2022

Once again, analysts from KuppingerCole come together to showcase outstanding Identity Management and Security projects, standards and people. The winners will be honored live on stage during the award ceremony.

Watch

European Identity and Cloud Conference 2022

190 videos

Playlist

Modern Identity Management: Security Without Compromising Usability

May 04, 2022

In the digital age, effective customer, partner, and employee identity and access management (IAM) is essential to enable secure online transactions, collaboration, and other interactions. But finding the right balance between security and usability has traditionally been challenging and required compromise. However, this is changing.

Watch

Analyst Chat #123: Market Compass - Security Operations Center as a Service

May 02, 2022

SOCaaS (Security Operations Center as a Service) is a growing trend in cybersecurity, where core security functions are uniformly delivered to enterprises from the cloud. Warwick Ashford explored this in a recently published Market Compass and provides an overview of his findings.

Watch

The Machine Monitoring Mandate

Apr 27, 2022

Governments world-wide are increasingly worried about the social unrest that could result from a cybersecurity compromise of critical infrastructure. This has highlighted the fact that the underlying operational technology (OT) is often inadequately protected, and that this must change.

Watch

Analyst Chat #122: How to Deal with the Increase and Complexity in Consumer Fraud

Apr 25, 2022

John Tolbert and Matthias discuss the question of whether companies in retail, finance, healthcare, insurance, etc. are really able to keep up with the scale and sophistication of attacks aimed at committing fraud? Are they considering FRIP solutions for specific use cases?

Watch

Passwords: Dead, but Not Gone

Apr 22, 2022

Organizations are looking to eliminate passwords because they are costly and difficult to manage, they result in poor user experiences, and they are easily compromised, enabling 81% of breaches. But despite these efforts, many passwords remain unsecured. These passwords can still be compromised, and must be managed to mitigate the risk.

Watch

Passwordless Customer Authentication: Reduce Friction and Increase Security

Apr 19, 2022

Acquiring and retaining customers is key in the modern world of e-commerce, but this can be challenging if creating and accessing accounts is difficult. Online traders need to find ways of turning authentication into a competitive edge by reducing friction and improving security.

Watch

Analyst Chat #121: Increasing the Adoption of MFA and Risk-based Authentication

Apr 18, 2022

A recently published study shows that the use of strong authentication in enterprise environments is at a very low level. John Tolbert explains this finding to Matthias and together they discuss how to find a way out of this situation.

Watch

Policy Based Access Control for Cloud-Native Applications

Apr 13, 2022

As companies shift to cloud-native applications, the complexity of a microservices framework can be daunting. When applications are built in a cloud-native stack, authorization is also infinitely more complex. Crucially, Open Policy Agent (OPA) decouples policy from code, enabling the release, analysis, and review of policies without impacting availability or performance.

Watch

Analyst Chat #120: Leadership Compass Container Security

Apr 11, 2022

Securing containers along their lifecycle and wherever they are deployed is a cybersecurity challenge. And it is a new topic for KuppingerCole Analysts. Alexei Balaganski joins Matthias to talk about the just recently completed Leadership Compass on Container Security.

Watch

Protecting the Business From Software Supply Chain Threats

Apr 08, 2022

Recent events such as the SolarWinds and Kaseya compromises by malicious actors have demonstrated the need to focus significantly more on software supply chain security. According to a report from ENISA, supply chain attacks are increasing, with 66% of attacks focusing on source code and 62% exploiting customer trust in suppliers. This is a risk organizations can’t afford to ignore.

Watch

Analyst Chat #119: Composable Enterprises

Apr 04, 2022

Martin Kuppinger gives Matthias one of these rare insights into the process of creating and delivering the next great opening keynote of an event. With EIC 2022 being already in sight in May 2022 in Berlin, they talk about the composable enterprise and more perceived or actual buzzwords, and how to make sense of this in a business context.

Watch

Understanding the Unified Endpoint Management (UEM) Market

Mar 31, 2022

Business IT environments continue to undergo rapid and continual change as businesses seek to improve productivity and efficiency by adopting cloud-based services and enabling employees to work on a wide range of mobile devices. But this has in turn created opportunities for attackers.

Watch

Analyst Chat #118: A first look at the new Trans-Atlantic Data Privacy Framework

Mar 30, 2022

On March 25th, 2022 the European Commission and the US government announced a new agreement governing the transfer of data between the EU and the US. Mike Small and Annie Bailey join Matthias to have a first look as analysts (not lawyers) at this potential milestone for data privacy between the European and the US regions.

Watch

An Agile Approach to Customer Identity and Access Management (CIAM)

Mar 25, 2022

Business success in the digital era depends on delivering seamless and secure customer experiences. Failure to do so can easily result in abandoned shopping carts, fraudulent transactions, and regulatory fines. However, delivering exceptional experiences and keeping pace with the speed of business is challenging.

Watch

Zeroing in on Zero Trust

9 videos

Playlist

Practical Zero Trust: From Concepts to Quick Wins to a Strategy

Mar 23, 2022

So, you’ve heard a lot of impressive things about Zero Trust, and how implementing it in your organization should solve most of your security problems, especially these days, when people still primarily have to work remotely. Now you would like to start with Zero Trust as soon as possible, but still unsure how to separate truth from fiction and how to turn theory into practical steps? Then you are at the right event! But before jumping to specific technologies in later presentations, we have to address some common misconceptions and dispel a couple of myths. Most importantly, we...

Watch

Siemens – heading towards our Zero Trust Vision and how we measure the implementation status

Mar 23, 2022

Getting a global IT company Zero Trust ready is a huge challenge. And now imagine you have to do that plus hundreds of factories, trains, and other machines as well as tools. Siemens is already in the middle of that enormous process. To give you an insight how to cope with such a challenge, Thomas Mueller-Lynch and Peter Stoll will share today how important their target vision is. how they want to reach that vision – and why they know they never will. how they measure their progress on defined KPIs.

Watch

And Now What? How to Approach Zero Trust for Success

Mar 23, 2022

Fabrizio has been working on Zero Trust Architectures since 2017. In this talk, he will show how to approach a Zero Trust initiative (or program) in the most successful way. The presentation will touch on both strategical and tactical approaches and what needs to be considered for each.

Watch

Identity as the Key to Zero Trust Maturity

Mar 23, 2022

Okta’s vision is to enable everyone to safely use any technology. Trust is critical to our business and our customers' success. Markus Grüneberg will speak about the modern digital identity and how to use them to build a robust security strategy. In this keynote he will present among maturity stages Okta's role model for Zero Trust.

Watch

Panel | Best Practices to Get Started on Your Zero Trust Journey

Mar 23, 2022

As organizations continue to grapple with security issues, a 'zero-trust' approach to cybersecurity has been touted as a potential solution to enhance enterprise security. However, taking on Zero Trust architectures can be an overwhelming experience for even the most seasoned cybersecurity professionals. This panel session features security leaders who go beyond network principles reliant on the “never trust, always verify” philosophy to focus on effective deployment of a Zero Trust strategy at your organization.

Watch

Interview with Eleni Richter

Mar 23, 2022

Watch

Pitfalls in the Road to Zero Trust

Mar 23, 2022

Zero trust promises better security in a highly interconnected world, but many of the tenets of zero trust are contradictory to entrenched practices and ideas. Getting beyond MFA into a true zero trust environment isn't an incremental change, it's a radical restructuring of how resources are secured and accessed. Encrypt everything - True end to end encryption means that data packets can't be inspected for malware in between the source and destination. Are your endpoints ready? Can your policies adapt? Micro-segmentation - Preventing lateral movement of an attacker...

Watch

Standards and Zero Trust

Mar 23, 2022

While many in our industry see Zero Trust as the new security architecture paradigm that will increase security program effectiveness, reduce entropy of security architectures, and finally bring the advances in information security that were promised by de-perimeterization over a decade ago, the lack of standards around what ZTA actually is present a potential barrier to adoption. This talk will : discuss why standards are critical in the Zero Trust area provide an overview of the standards landscape around zero trust describe the benefits to user organizations...

Watch

Enterprise Readiness for Zero Trust

Mar 23, 2022

Preparing to embark on the Zero Trust journey for your Enterprise users can be daunting. Discussed will be a consolidated review of objectives, resources, policies, and other considerations required to honestly assess your current organization and plan your strategy for gracefully embracing zero trust for your workforce.

Watch

EIC Blog | Interview with Tatsuo Kudo

Mar 22, 2022

Watch

Analyst Chat #117: Practical Zero Trust

Mar 21, 2022

This time Alexei Balaganski and Matthias look at practical approaches to actually implementing Zero Trust for specific, real-life use cases. On this occasion, they also finally unveil the connections between Zero Trust and Feng Shui.

Watch

Zero Trust: Putting Theory Into Practice

Mar 18, 2022

Now is the time to implement the Zero Trust security model because the traditional model of enforcing security at the network perimeter is no longer effective. However, moving from theory into practice can be challenging unless you start with a key element like effective endpoint management.

Watch

Analyst Chat #116: Putting GAIN to the Test

Mar 14, 2022

GAIN (the Global Assured Identities Network) is entering a new phase. On March 2, the technical proof-of-concept group was launched to actually test the concepts. Annie Bailey and Matthias have a look at the list of participants, the agenda, and the potential outcomes of this PoC. And provide a sneak peek at more about GAIN at the upcoming EIC 2022 in Berlin in May.

Watch

Eliminate Passwords With Invisible Multi-Factor Authentication

Mar 11, 2022

A high proportion of data breaches and ransomware attacks exploit stolen credentials. Eliminating passwords with multifactor authentication is an effective way to reduce the risk of unauthorized access to company networks, systems, SaaS applications, cloud infrastructure, and data. But not all MFA systems are created equal.

Watch

Analyst Chat #115: From Third-Party Cookies to FLoC to Google Topics API

Mar 07, 2022

Online tracking is a highly visible privacy issue that a lot of people care about. Third-party cookies are most notorious for being used in cross-site tracking, retargeting, and ad-serving. Annie Bailey and Matthias sit down to discuss the most recently proposed approach called „Topics API“.

Watch

Enabling Full Cybersecurity Situational Awareness With NDR

Mar 02, 2022

Effective cyber defense depends on detecting, preventing, and mitigating threats not only on desktops, laptops and servers, but also on the network, in the cloud, and in OT, ICS and IoT, which is where Network Detection & Response (NDR) solutions come into play. Support for a security operations (SecOps) approach is essential as remote working becomes commonplace.

Watch

Frontier Talk

The Story is the Strategy | Frontier Talk #9 - Mike Kiser

Mar 01, 2022

In this episode, Raj Hegde is joined by Mike Kiser - Director of Strategy and Standards at SailPoint to explore the relevance of #storytelling in enterprise and to help you become a world-class business communicator. Tune in to this episode to learn about storytelling frameworks, the power of #curiosity, reading a room, narrative arcs, etc. Find your voice via episode 9 of the Frontier Talk podcast! Subscribe to Frontier Talk! Apple Podcasts: https://podcasts.apple.com/podcast/frontier-talk/id1561982846 Spotify:...

Watch

Analyst Chat #114: Access Control Solutions for SAP Solutions

Feb 28, 2022

Access control tools for application environments, which include SAP in particular, but also a growing number of other business applications, are becoming increasingly important for compliance and cybersecurity. They also serve as a basis for granting proper access to employees efficiently. Martin Kuppinger and Matthias look at this market segment and at new, innovative solutions, on the occasion of very recent research that has just been published.

Watch

Die Rolle von Identity Security bei Zero Trust

Feb 25, 2022

„Zero Trust“ ist heute für die meisten CISOs ein regelmäßiges Gesprächsthema. Im Kern geht es bei Zero Trust um das Prinzip der kontinuierlichen und sorgfältigen Zugriffskontrolle an mehreren Stellen für alle Benutzer beim Zugriff auf Netzwerk- und Systemressourcen ebenso wie Daten. Das ist erst einmal nichts Neues, bringt jedoch eine neue Fokussierung für die Frage, was und wie man IT-Sicherheit und Identity Security umsetzt. Zugriff muss mehr, detaillierter und besser gesteuert und kontrolliert werden.

Watch

Analyst Chat #113: Data Catalogs and Metadata Management

Feb 21, 2022

Data catalogs and metadata management solutions help capture and manage data from all enterprise data sources to enable the use of that data and support data governance and data security initiatives. This interesting and growing market segment is the topic this week when Martin Kuppinger and Matthias sit down for the Analyst Chat podcast.

Watch

Analyst Chat #112: Licensing Strategies for Vendors and Customers

Feb 14, 2022

The conclusion of a tool choice process is usually the consideration of commercial aspects, i.e. software costs and licensing. Martin Kuppinger and Matthias look at this central aspect and discuss different approaches to make different offers comparable, but also give recommendations to vendors on how they can make decisions easier for their potential customers.

Watch

Zero Trust: Now Is the Time and PBAC Is Key

Feb 11, 2022

Now is the time to implement the Zero Trust security model because the traditional model of enforcing security at the network perimeter is no longer effective with users, devices and workloads moving outside the corporate network, but success depends on understanding the essential components of a Zero Trust Architecture.

Watch

Analyst Chat #111: From SIEM to Intelligent SIEM and Beyond

Feb 07, 2022

A comprehensive cybersecurity strategy typically includes the use of modern, intelligent Security Information and Event Management (SIEM) platforms. These go far beyond simply aggregating and analyzing log files. Alexei Balaganski outlines the latest market developments based on his recently published Leadership Compass on "Intelligent SIEM Platforms" and explains the differences to other market segments together with Matthias.

Watch

Analyst Chat #110: Cloud Backup and Disaster Recovery Done Right

Jan 31, 2022

The importance of efficient and secure cloud backup and recovery is often underestimated. Mike Small explains these two disciplines to Matthias and looks at the market of available solutions on the occasion of his recently published Leadership Compass. He also provides valuable guidance on what a strategy and its successful implementation can look like in this area.

Watch

A Delegated Model for B2B Access Management

Jan 26, 2022

In the digital age, collaboration is becoming more dynamic and integrated than ever before. External partners often require specific information, and therefore need access to internal systems. Providing efficient processes to manage partners is key to building a strong partner network.

Watch

Analyst Chat #109: From IT GRC to Integrated Risk Management Platforms

Jan 24, 2022

The three biggest threats to business resilience are IT Risk, Compliance Risk, and Vendor Risk. Integrated Risk Management Platforms address these risks. KuppingerCole's Lead Analyst Paul Fisher has analyzed this market segment recently and he joins Matthias to talk about recent developments and the market in general.

Watch

New Methods to Accelerate Endpoint Vulnerability Remediation

Jan 21, 2022

IT endpoints are no longer just workstations and servers confined to corporate headquarters, branch offices, customer sites, and data centers, they can now be just about anything located anywhere, from employee homes to airports, hotels and in the cloud. But every endpoint represents a potential entry point for cyber attackers, and needs to be managed.

Watch

Analyst Chat #108: Privacy and Consent Management

Jan 17, 2022

"Privacy and Consent Management" is an exciting topic in a continuously changing market. Annie Bailey has just completed her latest Leadership Compass, which researches this market segment. To mark the release of this document, she joined Matthias for an Analyst Chat episode where she talks about the innovations and current developments. In A Nutshell In the episode 108 “Privacy & Consent Management” Matthias hosts Anne Bailey. Q: “From a definition point of view, what do we need to think of when we talk about privacy and consent management?”...

Watch

Are You Ready for Security Automation?

Jan 14, 2022

Security Orchestration, Automation & Response (SOAR) tools are the latest in the evolution of automated cyber defenses and are set to become the foundation of modern Security Operations Centers (SOCs). But SOAR is not only for large enterprises. The benefits for smaller organizations should not be overlooked.

Watch