KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
Learn all you need to know about the future of information security today!
Data, People and Software security: how does them relate to the GDPR security principles? In this new attack landscape, network-centric security is no longer enough because threats come from inside and outside the network. Oracle Identity SOC is an identity-centric, context-aware intelligence and automation framework for security operations centers, backed by advanced user behavior analytics and machine learning to spot compelling events that require automated remediation.
An Expert Stage presentation at the European Identity and Cloud Conference 2017
In this session Denis explains how insurance companies such as Unive, AEGON, VGZ and many others leverage Consumer IAM (CIAM) and a secure API Architecture for Mobile Apps to actually transform to a digital Insurer. Denis discusses the importance of a secure infrastructure including governance and shares his lessons learned.
We’ve reached an interesting crossroads in identity management, as it transitions from being a niche area of interest to a major pillar in corporate IT. Balancing competing but complementary concerns of security, innovation and privacy requires a rethink of how we’ve traditionally used identity in IT. Invisible Identity is an architectural and functional imperative to make identity simply disappear from people’s sight, moving into the background as a silent protector and enabler. But this move is fraught with challenges, whether they be concerns about privacy or choices of technology. To help navigate these waters successfully, this talk will present the 4 Core Principles of Invisible Identity that provide a framework to help guide organizations on the road to adopting an identity-based security model - one that never loses focus on the symbiotic partnership between security and usability.
The Identity & Access Management we have known is changing rapidly. In addition to users, IAM should factor in applications, devices & things; It must evolve with digital business in mind; It must handle the complexity for monitoring and controlling access to not only demonstrate compliance but also to mitigate cyber risks. IAM should allow us to apply continuous learning, reasoning and human interact-ability. This will enable us to better handle the dynamic and ever growing requirements of today’s IAM.
Why can’t you simply trust your employees to do the right thing? What benefit to the business comes from technical security controls? In this session, we will realistically consider which projects can reduce risk most quickly, which layers of security are most important, and how things like privilege management, vulnerability control, over-communicating, and reducing the attack surface can help.
Blockchains possess unique properties that can be used to build systems that significantly impact our world. Perhaps no area of utilization, besides raw value exchange, is as intriguing as decentralized identity. In this talk we will discuss how blockchain-anchored decentralized identity can be used as a substrate for secure, user-centric apps and services.
IoT is a new digital channel to provide more products and services. However Security, Privacy and Consent in such environment are a major concern. To provide a secure interaction we need a “Holistic Identity” strategy, where identities represent humans, devices, things and their relationships; and privacy and consent management are also part of the strategy. Without Identity there are no security nor privacy, and this goes for all kind of entities! To implement a Digital Transformation strategy, it is necessary to provide more channels to face customers and citizens. The IoT is the perfect channel to interact with the end user and its environment, however this needs to be done in a secure way.
As the identity industry has grown it has become more valuable to all stakeholders: our customers, our enterprises, and our employees. With this growth identity professionals have become more valuable as well, and we have recognized this increase in value by starting to professionalize our industry. Attackers, too, have noticed identity’s increased value, specifically the value of identity systems, and have begun turning identity systems meant to deliver value into weapons used to cause harms both large and small.
Today, Identity is a fast moving technology that attracts an unprecedented amount of attention from business leaders, investors and entrepreneurs. At times, it seems like only two things are moving faster (1) business expectations and (2) marketing noise. Being able to recognize true innovation and accelerate its adoption is critical to success, but it’s also incredibly hard. It requires a strategy that considers the unique challenges posed by Identity systems, the forces driving the market’s development of future capabilities, the risk posed by the new technology, and the mitigations available to you. This talk will discuss the key elements for evaluating and recognizing the innovations that are important and also appropriate to pursue.
The European Identity & Cloud Awards honor outstanding projects and initiatives in Identity & Access Management (IAM), Governance, Risk Management and Compliance (GRC), as well as Cloud Security. Numerous projects have been nominated by vendors and end-user companies during the last 12 months. Winners have been chosen by KuppingerCole Analysts among the most outstanding examples of applications and ideas in the areas of IAM, GRC, and Cloud security.
Since the adoption of the EU Cybersecurity Strategy in 2013, the European Commission has stepped up its efforts to better protect Europeans online. It has adopted a set of legislative proposals, in particular on Network and Information Security (NIS). The keynote will provide an outline on emerging EU policy legislative context addressing improved capabilities, cooperation, crisis management and preparedness at EU Level. The second part of the keynote will focus on initiatives and synergies to support EU policy implementation that will on the one hand stimulate the competitiveness and innovation of Europe's cybersecurity industry and on the other increase the levels of trust and security in EU products and services.
The time is coming when customers have the upper hand, and companies agree to their terms rather than the other way around. Doc Searls, leader of the VRM (Vendor Relationship Management) movement, co-author of "The Cluetrain Manifesto", and author of "The Intention Economy: When Customers Take Charge", will explain how customer independence and empowerment will make the GDPR’s dreams come true—for both regulators and companies, as well as for customers themselves.
Where we are, and where we are going in blockchain implementations and strategies. What are the implications for various industry sectors and stage of enterprise adoption? How to think about new blockchain-based business models?
We are about to enter a decade where critical business-grade information is protected by the OAuth 2.0 framework. Congratulations are not yet in order. Our mission for the next decade is to not repeat our own identity history, and instead to build a system that is provably secure through test-driven automation and that takes a vicious approach to detecting anomalies.
Tired of paying hundreds of thousands or millions of dollars for IAM projects that don’t show benefit or eventually are considered failures? Us too! So we decided to do something about it. “Digital transformation is the profound and accelerating transformation of business activities, processes, competencies and models to fully leverage the changes and opportunities of digital technologies.” We took this to heart and radically changed our approach to our own customer IAM, how we (and our customers) connect to SaaS properties and how we leverage machine learning, advanced analytics and bots to not only serve our company but to also serve our customers. In this session I will detail how we are digitally transforming IAM within our own company and for our customers.
An identity of some sort is necessary for almost all daily interactions in developed countries, and is becoming increasingly necessary in many developing nations. To interact with the public sector, it is imperative for an individual to have a legal identity that is anchored in a legally established, standardized, verifiable, and trustworthy source. All countries in the world have such repositories, and they exist either as civil registries or civil identification registers (or both). The 198 countries reviewed in this study have a civil registry and 171 have civil identification registers that issue identity cards. Only 27 lack a civil identification and do not issue identification credentials. And of those 27 countries, four are currently in the process of establishing such systems to uniquely identify citizens and residents.
Around the world, industries are experiencing a digital transformation that is accelerated by exponentially growing technologies. The networking of ’internet of things, services, data and people’ will fundamentally change the future of individual companies, as well as transform market dynamics across a whole range of industries. This talk how to design for success in this new environment and the impact technology will have in shaping it.
The economics of cybersecurity have long favored the attacker. Adversaries skillfully harness automation to increase their advantage while benefiting from their victim’s fragmented and uncoordinated defenses. Automated Cyber Threat Intelligence (CTI) ecosystems hold the promise of changing these economics in favor of the defender. This keynote will highlight the promises of CTI along with the challenges we still must overcome if we are to realize the full potential of this opportunity.
Secure and unambiguous identities will be the next currency in the online world. Whether for information exchange or for online commerce in the consumer and the business segment, a secure identity will become more and more relevant over the coming years. A broad range of new services can be built up on this central element. This talk will provide information about the relevant technologies and the future business models.
Identity as the New Perimeter is a sleek and sexy term that seems to perfectly encompass the modern world in which we live dominated by talk of IoT, Cloud, BYOD, Big Data, AI, CIAM, and other buzzworthy acronyms. Unfortunately, it and other equally unquestioned and under-analyzed IAM mantras do more harm than good by oversimplifying and distracting IAM practitioners from the reality of the security threats facing our organizations today. In this session, we will question a number of outdated and inaccurate commonly held IAM beliefs and replace them with actionable and impactful techniques such as Micro-Segmentation, Zone-Based Security, Defense in Depth, Least Privilege and others. We will also highlight the central role of IAM in delivering on these strategies.
You can’t sell to strangers. Customer identity and access management (CIAM) is the emerging technology that transforms unknown online visitors into known and loyal customers. Find out how CIAM can help your organization build trusted and lasting customer relationships. By progressively identifying online users from initial website visit to the creation of a full customer profile — businesses can build consent-based relationships that respect the new rules as outlined in the forthcoming GDPR. The great power delivered by CIAM also demands great responsibility. Learn how to ensure customer data is secure from threats, including account takeover attacks, as you build rich customer profiles and collect consent from consumers for various marketing, sales and support activities.
The tectonic shift of enterprise IT to a world of cloud and devices is upon us. As enterprises around the world look to embrace the incredible opportunities and address the competitive pressures this tectonic shift creates, they are discovering that digital identity is the cornerstone technology of a successful modern IT estate. This tectonic shift brings a new set of identity design and architectural imperatives that legacy systems are poorly suited to address. Alex will discuss these trends, the new set of design and architectural imperatives they create and give examples of how these new approaches are already in use today.
An interview during the European Identity & Cloud Conference 2017