KuppingerCole Analysts

The SolarWinds incident made the news in December 2020 and continues to impact many organizations. John Tolbert joins Matthias to give a short introduction of what decision makers need to know at this stage and which measures to look at first.

John Tolbert joins Matthias and shares insights about the results from the just recently published Leadership Compass CIAM. They talk about the overall maturing of the market and the areas of innovation in products, standards and integration scenarios.

Annie joins Matthias to talk about the topic of Verified Digital Identity. They explore what these are, why they are becoming increasingly important and where they add new aspects to the concept of digital identity. A special focus is put on existing and emerging use cases, where verified digital identities can be beneficial to all types of real life entities in their day by day interaction.

This podcast has already looked at the Zero Trust concept as a challenging architectural paradigm for security and an important component of modern and future-oriented security architectures from various angles. This time Christopher and Matthias focus on a phased project approach towards implementing Zero Trust in a well-paced, phased, "one-bite-at-a-time" manner.

The Zero Trust concept comes with the promise to adequately secure our modern, hybrid IT world at any time and any place. Manufacturers, consultants and even analysts agree as rarely as they do that this changed architectural paradigm is an important component of modern and future-oriented security architectures. Alexei and Matthias address the question why in practice only a few powerful zero trust architectures deliver on this promise. They try to answer the question what organizations...

The PAM market continues to evolve and many organizations are adopting the DevOps paradigm where critical access and sensitive accounts are required in fast moving and agile environments. Paul Fisher meets Matthias for this episode and shares his research on PAM for DevOps. They talk about the challenges of this area of application, but also about the differences and similarities with "classic" PAM. And about the opportunities on a path towards a hybrid approach to PAM in today's...

In this second of two episodes, Annie Bailey and Matthias Reinwarth look at use cases of emerging technologies in healthcare. The use of AI, and machine learning to facilitate self-diagnosis chatbots is just one of many fascinating areas of application that are discussed and analyzed.

John Tolbert has just taken a close look at the market for SOAR tools (Security Orchestration, Automation and Response) to prepare a Leadership Compass. This has just been published and this gives John and Matthias the opportunity to take a closer look at this market segment of security infrastructures.

In this first of two episodes, Annie Bailey and Matthias Reinwarth lay the foundations for the topic "Emerging Technologies in Healthcare". Beyond hype and half-knowledge, they look at the use of AI, machine learning, block chain, and modern digital identities for the comprehensive improvement of processes and systems in healthcare.

This analyst chat episode is the 50th and therefore a bit different. This time Matthias talks to two experienced analysts, Martin Kuppinger and Alexei Balaganski, about the ECSM, the European Cyber Security Month, which is to provide information and awareness on cyber security in October 2020. The particular aim they pursue is to go beyond awareness to arrive at specific measures that can benefit individuals and organizations alike.

When asked to describe IAM processes, managers tend to think first of traditional lifecycle management processes such as Joiner, Mover and Leaver (JML). While these are clearly essential for identity governance in interplay with authoritative sources, a comprehensive process framework for IAM and beyond encompasses many other areas. Martin Kuppinger and Matthias Reinwarth explore some of these additional areas between convenience and compliance.

Dynamic, risk-based, attribute- and context-related authorizations are becoming increasingly important for many enterprises. Graham Williamson and Matthias Reinwarth take a look at the market sector for dynamic authorization management and policy-based permissions in light of the recent publication of a Market Compass on this topic.

Access management and access governance in many companies are still largely based on traditional authorization concepts. Thus defining and thinking access management is often rooted in a rather one-dimensional paradigm. Martin and Matthias talk about access policies as a common language for defining and maintaining rules for access, independent of the actual implementation of access control.

Warwick Ashford and Matthias Reinwarth talk about business resilience again, focusing on cyber supply chain risk management.

Alexei Balaganski and Matthias Reinwarth look at the citizen development movement and discuss the potential risks of letting business users create their applications without proper governance and security.

Warwick Ashford and Matthias Reinwarth discuss the prerequisites and challenges of making a business able to adapt quickly to risks and disruptions.

Anne Bailey and Matthias Reinwarth discuss the findings of the recently published Leadership Compass on Privacy and Consent Management.

Alexei Balaganski and Matthias Reinwarth discuss the concept of ephemeral credentials and its benefits for privilege management, DevOps and beyond.

John Tolbert and Matthias Reinwarth look at SP 800-207, the NIST special publication on Zero Trust architecture and discuss how it aligns with KuppingerCole's own vision of this topic (spoiler: it does align very well!)

Alexei Balaganski and Matthias Reinwarth try to make sense of the current state of quantum computing and talk about the risks it poses for information security.