KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
Cybersecurity reporting is a critical mechanism to ensure effective commincation of significant security issues across different levels of your organization - from software architects to the Board. Yet, reporting today is far from being a formality and does not comprehensively highlight an organization's exposure to cyber threats. Join this session to understand the factors that drive the effectiveness of a risk-based cybersecurity report and get access to best practices on communicating actionable metrics within a specific context.
This is the story of our journey to Zero Trust, from the initial analysis to its technical and effective implementation. As many organizations our starting point was not the best one (lack of proper asset management, mixed permissions, etc) but when we started to work on a Zero Trust implementation we were able to overcome these and also solve some unforeseen problems and offer major security also through Human Factors and Risk Management. The aim of this talk is to inspire security leaders on what is a Zero Trust Architecture (which is not an off-the-shelf solution and desn't require massive initial investments) and how they can reuse their internal knowledge and tools to deliver it.
This presentation will explore why companies need security automation. We will look at how companies can ensure success (and how to ensure failure). Leveraging professional experience and doctoral research into security automation, the presenter will examine the keys to successful security automation, including how to prioritize use cases and build enterprise support. This session will look at how to decide what to automate (and what not to automate), strategies to help ensure a successful security automation program, and lessons learned from success and failure, including worst reason to pursue security automation.
For any large company, regulated or not, it is essential to have a mechanism or process for detecting vulnerabilities. For this purpose, various scanners exist that can automatically scan the company's IT assets for known and new vulnerabilities. However, this is where the big challenge begins: most scanners tend to find a large number of vulnerabilities. This is important and good, but not every vulnerability is equally relevant for every company.
Typically, most organizations drown quickly with the number of vulnerabilities they have. Different specific scanners for compliance, containers, source code, operating systems and applications deliver a hardly manageable number of different potential problems per asset.
For vulnerability management to work, you need to build a sustainable vulnerability management, define intelligent processes and specify intelligent bundling and prioritization.
In this presentation, Christopher Schütze will show how this was achieved in a successful project.
The challenges to information security in companies are increasing every year. The focus is on serious attacks against small and large companies and the urgent need to protect their own information. It is no longer sufficient to view the protection of corporate information in a one-dimensional way. Many different facets are important: authentication, authorization, governance, policies, processes, monitoring and surveillance, cyber defense and many more.
Putting a company on the right track in the long term requires strategic and technical expertise that is usually managed from the information security area within the company - by the Chief Information Security Officer.
But what skills does a modern CISO need? What should be his or her strengths, what does a company need to look out for if it has this role, or how does a security expert need to develop in order to meet the numerous requirements for this position? Join this session by KuppingerCole CISO, Christopher Schuetze to get answers to these pertinent questions
Thanks to cybersecurity technologies such as Privilege Access Management and security concepts like Zero Trust, we now have the capacity to secure all digital access, from the cloud to IoT.
Digital access in software and hardware must be secure by design to minimize risk as much as possible. We have seen official agencies including the US and UK governments signing off expansive cybersecurity executive orders to boost national security, and cybersecurity chiefs pushing for the inculcation of security by design in software.
However, the technology itself is not enough to build a trusted digital world. To cultivate this world, we need to raise general cybersecurity awareness for all citizens. This is no easy feat, so the first logical step is to focus on building knowledge and awareness in business schools, mentoring the directors of the future because they will have to learn how to deal with cyber risk daily.
To bring a trusted digital world to life, we must also disrupt the political sphere in the UK and surrounding European countries. The European continent must become a leader in digital sovereignty – where data protection and privacy are respected by all – by cross-country collaboration and the establishment of a European Business Act. European countries are democracies that produce large amounts of data, so to achieve this act, we must create a separate European model that protects and respects our valuable data.
• Educate attendees on the concept of digital sovereignty
• Build interest in the better protection of our data
• Provide attendees with the appropriate tools and knowledge to start working towards making digital sovereignty a top priority for their organisation and beyond
• Inspire attendees to collaborate with other departments and countries to create a more trusted digital sphere
As the sprawl of devices, device types, and solutions continues to skyrocket, environments only grow more complex.
But there's good news: asset management has evolved.
Today’s “asset intelligence” moves from a spreadsheet approach to an API-driven, always up-to-date view into all assets via integrations of existing tools, data correlation at scale, and querying capabilities to find and respond to gaps.
Join this workshop to learn: how asset intelligence and the emerging Cyber Asset Attack Surface Management (CAASM) category improves security hygiene, reduces manual work, and remediates gaps.