KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
In this talk, Martin Kuppinger, Principal Analyst at KuppingerCole Analysts, will provide insights on Digital Supply Chain Risk. He will look at the areas of risks, from secure partner onboarding to software supply chain security and others. He will look at prominent examples and common weaknesses in these areas. He then will provide insight into actions that organizations should and must take, both organizational and technical.
Cyber Security traditionally has been seen as the domain of Technology, with an expectation that the solution for cyber resilience has to be provided by IT – and we happily accepted this challenge and delivered numerous software and hardware solutions, design and development principles, policies and process controls.
However, as most successful cyber-attacks in recent time have started by targeting users with phishing emails or social engineering, raising awareness of their role in increasing cyber resilience is at least as important as providing “just a technical solution”.
This presentation will – based on example of a famous real robbery in Berlin – show how user awareness can become an important line of defence in cyber security.
This session will examine the ruling of 16 July 2020, where the Court of Justice of the European Union (the Court) in its Case C-311/18 Data Protection Commissioner v Facebook Ireland and Maximillian Schrems (called “Schrems II case”) invalidated the EU-US Privacy Shield adequacy decision.
How and why Microsharding was developed as a concept and a short summary of ShardSecure by Co-founder & CEO, ShardSecure - Bob Lam
Most organizations don’t suffer from a lack of cybersecurity tools. They suffer from the cost and administrative burden of running too many of these. They suffer from the lack of integration. They suffer from the lack of skills in optimally configuring the tools and analyzing the data.
Couldn’t less be more? But what is the right answer? Just retiring some tools? Consolidating to new solutions such as XDR? Replacing old tools with the newest best-of-breed solutions?
As always, best start with a plan, and with defined methods to evaluate the contribution of the various tools you have to your targets. The plan must help you in understanding which elements you need most for protecting your IT. On the other hand, you must understand how well your existing tools landscape contributes to this.
In his talk, Martin Kuppinger, Principal Analyst at KuppingerCole Analysts, will unveil methodologies that can help you in assessing your cybersecurity tools portfolio, and that can help you in deciding about where to invest next.
Cybersecurity reporting is a critical mechanism to ensure effective commincation of significant security issues across different levels of your organization - from software architects to the Board. Yet, reporting today is far from being a formality and does not comprehensively highlight an organization's exposure to cyber threats. Join this session to understand the factors that drive the effectiveness of a risk-based cybersecurity report and get access to best practices on communicating actionable metrics within a specific context.
For any large company, regulated or not, it is essential to have a mechanism or process for detecting vulnerabilities. For this purpose, various scanners exist that can automatically scan the company's IT assets for known and new vulnerabilities. However, this is where the big challenge begins: most scanners tend to find a large number of vulnerabilities. This is important and good, but not every vulnerability is equally relevant for every company.
Typically, most organizations drown quickly with the number of vulnerabilities they have. Different specific scanners for compliance, containers, source code, operating systems and applications deliver a hardly manageable number of different potential problems per asset.
For vulnerability management to work, you need to build a sustainable vulnerability management, define intelligent processes and specify intelligent bundling and prioritization.
In this presentation, Christopher Schütze will show how this was achieved in a successful project.
As organizations continue to grapple with security issues, a 'zero-trust' approach to cybersecurity has been touted as a potential solution to enhance enterprise security. However, taking on Zero Trust architectures can be an overwhelming experience for even the most seasoned cybersecurity professionals. This panel session features security leaders who go beyond network principles reliant on the “never trust, always verify” philosophy to focus on effective deployment of a Zero Trust strategy at your organization.
Zero trust has been around in one shape or form in security for many years, usually under different names like the "Principle of least privilege" or "Mandatory Access Control'. It exists for a good reason, and needs to be re-enforced. But for any cloud native vendor, Zero Trust should be table stakes at this point. Zero knowledge at the organizational level, and not just Zero knowledge encryption, is the next evolution of security best practices. Join us to learn more.