KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
Comprehensive protection of networks, system infrastructures, hardware and software, applications and data is part of every cyber security strategy. But what does this actually mean for identity and access management? Unloved for many years and repeatedly declared dead: passwords. Large IT companies have been promising us a password-free future for a long time. Is it really that easy to finally turn your back on passwords? The fact is that we have to deal with a large number of passwords every day in order to complete our professional and private tasks. Every password should be unique, highly complex and as long as possible. But what does the frightening everyday life with passwords look like today, what will it hopefully look like in the future and why it is essential to deal with the topic right now, explains Daniel Holzinger in his lecture.
Comprehensive protection of networks, system infrastructures, hardware and software, applications and data is part of every cyber security strategy. But what does this actually mean for identity and access management? Unloved for many years and repeatedly declared dead: passwords. Large IT companies have been promising us a password-free future for a long time. Is it really that easy to finally turn your back on passwords? The fact is that we have to deal with a large number of passwords every day in order to complete our professional and private tasks. Every password should be unique, highly complex and as long as possible. But what does the frightening everyday life with passwords look like today, what will it hopefully look like in the future and why it is essential to deal with the topic right now, explains Daniel Holzinger in his lecture.
Lack of control and controllability is increasingly a problem in many internal IT departments today. The complexity of the solutions used has steadily increased. It is therefore all the more important that information security systems are optimally set up and easy to operate and administer.
Establishing a risk class-based access management system makes sense for many reasons. In addition to meeting compliance requirements such as ISO27001, BSI IT-Grundschutz or industry standard 62443 and integrating seamlessly into a risk-based approach followed in the information security management system, this approach promotes the regaining of control over all possible accesses to company or organisational systems, regardless of these requirements.
Join us on a journey through the current cybersecurity threat landscape and discover how Mimecast is the perfect companion to Microsoft Defender for Office 365 in order to defend against evolving email-based attacks using AI technology. Learn how you can make your everyday SOC and XDR processes more efficient through improved integration and automation of your security architecture thereby avoiding alert fatigue and the unnecessary repetition of manual, redundant tasks. By adopting a quantified risk-based approach, you can have increased efficacy of multi-layered security while simultaneously reducing complexity, all without the necessity of consolidating and increasing vendor dependency.
The promise of the DIW (Digital Identity Wallet), which is inspired by SSI (Self-Sovereign Identity), is to give the user more control of which data they are sharing with whom. But do the users really want this? User control was also the intention behind "The cookie law", which brings up annoying dialogs, where only the most dedicated will do anything but accept the default option. This is very similar to the GDPR consents, where you in most cases have no option but to accept, to be able to continue.
The side effects of (re)generative AI impacting cyber security
The polarizing public discussion about ChatGPT and its siblings and the smokescreens of those responsible for technology and business behind the brands obscure a differentiated view on the non-obvious side effects of a completely overheated Chatbot rally. This makes it difficult to seriously address the partially mutually dependent side effects of the large-scale public use of this technology.
Employers in particular are torn between giving in to the tempting benefits of this technology while, at the same time, they have to live up to their responsibility towards the law, regulations such as ESG, their organizations and their digital assets, the society and the duty of care towards their employees. All of that without missing a beat of innovation in that field.
In this workshop, we'll jointly explore the missing questions that need individual answers for a conscious, responsible and security aware use of AI.
Artificial Intelligence is transforming how we live, work, and interact, bringing groundbreaking opportunities and notable challenges. As the influence of AI continues to grow, the pressing issues of governance and ethical considerations come to the forefront.
Martin, Scott, and Spray dive into this crucial discourse. Together, they will navigate the intricate landscape of AI regulations, exploring how to ensure these systems align with human values and societal standards. From the nuances of biases in decision-making algorithms to the broader societal implications of unchecked AI, the panelists will provide insights, debate solutions, and address the need for universally accepted ethical guidelines.
With diverse policy, ethics, and technology backgrounds, this panel promises a holistic overview of the ongoing challenges in AI governance. Attendees will gain insights into the path forward, ensuring AI serves humanity responsibly and ethically.
Cyber risk isn’t just a technical problem but a strategic one. Through Cyber Risk Quantification CISO’s are enabled to quantify the financial benefit of their cyber security strategy and are empowered to communicate with the Executive Board on eye-level and get the buy-in that you need. Join this session to learn how other companies are finally getting full transparency on their cyber exposure, ensuring not only they’re making the right investments in cyber security but also getting the right ROI of such investments.
Even before Russia`s war of aggression against Ukraine upended the international order it was clear that a new form of “hybrid conflict” had become the new normal. While it may seem obvious that cyber means have long played a decisive role in this new form of state aggression, both the actors, targets, and goals are often misunderstood. Instead of cyberwar the battle is often information war, the means are ransomwar rather than ransomware, and there are only two types of potential victims - those that know they are a target, and those that do not yet know. But there are positive developments as well, and boards and the c-level are likely to be more receptive to their CISOs in the future – if they can craft the right messages.
In an increasingly technologically interconnected world, cybersecurity teams are the defenders of digital frontlines. Looking ahead to the future, this session dives into the dynamic landscape of cybersecurity, and investigates the market segments’ evolution within it. Many things impact your cybersecurity preparedness and plans, such as new attack patterns, evolution of cybercrime techniques, and emerging technologies. We will discuss industry forecasts until 2025 and how businesses step towards optimal cybersecurity.
From AI driven decision-making to a massive amount of cybersecurity threats around the world, many events make fluctuations in the market, and whether you are a cybersecurity professional, an investor or passionate about IT security, this session will provide you valuable information about the current market sizes and the predictions until 2025.
You will find this session not only informative, but full of valuable insights that will enlighten your journey to secure your organization.
Traditional federation agreements are relatively static. It takes some effort to onboard an IdP and RP to each other, but once that trust is established, it's good until some exceptional event breaks the federation.
But what about a more dynamic world, one where trust comes and goes based on context? What if users could be provisioned dynamically into a space based on trust from elsewhere? What if an isolated space could still function in a disconnected state and still have powerful security properties? What if these isolated spaces could reconnect to the network and provide audit capabilities and security signaling to other components throughout the wide ecosystem? And what if all of this could be built on a layer of trusted software that didn't rely on pre-placing keys or accounts ahead of time?
Come to this talk to learn about Federation Bubbles, the proof of concept being built out on top of a suite of technology including OpenID Connect, OAuth, SPIFFE, Verifiable Credentials, and more.
This session aims to explore the practicalities and paradigms of integrating AI identities into current and future digital infrastructures. Topics will include the regulatory and governance challenges posed by autonomous AI operations, the technical requirements for creating and managing AI identities, and the technical and even legal considerations of recognizing AI as identifiable entities, focusing on accountability and traceability within various frameworks.
The past weeks again have demonstrated that cybersecurity and geopolitics are inseparable. Cyber attacks have become a common element in geopolitical crisis as an additional vector for concrete attacks, but also for MDM (Misinformation, Disinformation, Malinformation). This also means that CISOs nowadays must take a broader perspective beyond technology. Geopolitics impact the cybersecurity of organizations, and organizations must adapt to this, both by adjusting their organizational structures and cybersecurity spendings as by extending their risk management approaches in a way that also helps in assessing the concrete cybersecurity impact of geopolitics.
