Latest videos

2022 Wrapped Up - Major Trends in IAM and Cybersecurity

Dec 19, 2022

Another year gone already! It's time to take a look back at 2022. Martin Kuppinger and Matthias talk about what happened in the past year and identify top trends in IAM and Cybersecurity. They go beyond technology but also look at processes and business models. By this, they also provide an outlook to what to expect in 2023. With this episode, the Analyst Chat goes into a short Christmas break. We'll return on January 16th.

Watch

Implementing Zero Trust With Privileged Access Management Platforms

Dec 16, 2022

There is no debate about the fact that ransomware is the fastest-growing kind of cybercrime. Due to their wide range of access rights and thus potential ransom leverage, privileged accounts are at the top of the target list for cybercriminals. Therefore, organizations need to pay special attention to securing these kinds of accounts.

Watch

Unifying the Perspectives - Application Access Governance

Dec 13, 2022

The application landscape in organizations is getting more and more complex. Applications from vendors are more plentiful - or they differ very much from each other - and the combination of on-prem and cloud applications is no longer unusual. It's easy to lose track of all the different risks that are coming with that. Application access governance helps in unifying the different security perspectives. Martin sat down with Keri Bowman from Saviynt to take a deeper look into this topic.

Watch

Passwordless and Biometrics - Balancing UX with Security and Privacy

Dec 12, 2022

Alejandro and Matthias continue their conversation about passwordless authentication. This time, the topic is the use of biometrics (and possible security and privacy concerns related to their use) as an authentication factor.

Watch

Access Management: Managing Your Risk

6 videos

Playlist

Unify Identity and Security to Block Identity-Based Cyber Attacks

Dec 07, 2022

Compromised credentials are a top cyber-attack method. Identity-based attacks are on the rise, it is therefore vital that businesses can detect the misuse of enterprise identities to block attackers from getting unfettered insider access to IT systems and data. But that can be challenging in today’s distributed, hybrid, and multi-cloud business IT environment.

Watch

Video

Recap Cybersecurity Leadership Summit 2022

Dec 06, 2022

Watch

How to Measure a Market

Dec 05, 2022

Research Analyst Marina Iantorno works on determining market sizing data as a service for vendors, service providers, but especially for investors. She joins Matthias to explain key terms and metrics and how this information can be leveraged for a variety of decision-making processes.

Watch

Secure DevOps: Key to Software Supply Chain Security

Nov 30, 2022

In the modern world of flexible and remote working, it is useful for software engineers to be able to access and update source code from anywhere using any device, but the SolarWinds supply chain attack showed that it is essential to track every change for security and compliance reasons.

Watch

Identity Governance and Administration

Nov 28, 2022

Identity Governance and Administration (IGA) combines the traditional User Access Provisioning (UAP) and Identity and Access Governance (IAG) markets. Nitish Deshpande joins Matthias for the first time on the occasion of the publication of the Leadership Compass IGA 2022 , which he has created. They both have a look at this evolving and fascinating market segment.

Watch

Don’t Delay, Get Ready for a New Digital World Today

Nov 25, 2022

Like many other countries, digitization is a strategic priority in Germany, where there is a concerted effort to digitize public services. German banks and insurance companies are also digitalizing their customer journeys. Other organizations need to do the same, or risk losing competitive advantage in the digital era.

Watch

Key Findings on Malign Information, Misinformation, and Cyberattacks

Nov 24, 2022

Ksenia Iliuk, Head of Research at Detector Media, Ukraine tells us about some key findings of their research in the media landscape of Ukraine. Find out what she has to say about Telegram and what it has to do with #cybersecurity .

Watch

You Deserve a Better Security Testing Experience

Nov 23, 2022

To remain competitive, businesses are embracing digital transformation, adopting cloud services and agile software development. But this is creating opportunities for attackers because most organizations lack the skills, knowledge, and expertise to match attackers’ ability to find and exploit vulnerabilities. There needs to be a shift in the way organizations conduct security testing.

Watch

Clear and Present Danger - Ransomware Threats to Healthcare Providers

Nov 21, 2022

Only a week has passed since John Tolbert, our Cybersecurity Research Director, spoke at CSLS about ransomware and how to combat it. Today, he reports on specific threats posed by ransomware attacks to the healthcare industry, particularly in the US. But in the end, these are just examples of the threats against any user of IT. Links to the mentioned ransomware attacks: Medibank Common Spirit Lake Charles Health System (US) Helpful documents for cybersecurity in healthcare: CISA - Stop ransomware MITRE - MEDICAL DEVICE CYBERSECURITY

Watch

Effective IAM in the World of Modern Business IT

Nov 18, 2022

Digital Transformation promises lower costs, and increased speed and efficiency. But it also leads to a mix of on-prem and cloud-based IT infrastructure, and a proliferation of identities that need to be managed in a complex environment. Organizations adopting a Zero Trust approach to security must find a way to overcome these challenges.

Watch

Making Passwordless Authentication a Reality: The Hitchhiker’s Guide

Nov 16, 2022

In this webinar, Bojan Simic, founder and CEO at HYPR, and Martin Kuppinger, Principal Analyst at KuppingerCole Analysts, will share their insights and experience on what to consider when moving towards passwordless authentication, and making this a reality.

Watch

The Top 5 Cybersecurity Trends - Looking Back at CSLS 2022

Nov 14, 2022

Deep Fakes, AI as friend and foe, Business Resilience, Mis-, Dis- and Malinformation: The Cybersecurity Leadership Summit has taken place in Berlin and covered all of this and much more. Martin Kuppinger and Matthias look back on the event and identify their Top 5 Trends from CSLS2022 in Cybersecurity and beyond.

Watch

Cybersecurity Leadership Summit 2022

74 videos

Playlist

Cyber Hygiene Is the Backbone of an IAM Strategy

Nov 10, 2022

When speaking about cybersecurity, Hollywood has made us think of hooded figures in a dark alley and real-time cyber defense while typing at the speed of light. However, proper cyber security means, above all, good, clean and clear security practices that happen before-hand and all day, everyday. This is particularly true for Identity and Access Management, which is a component of every domain within Cyber Security, and it's identified as a cause for more than 80% of data breaches. IAM is rarely about white-hat hackers counter-attacking an ongoing intrusion. It's mainly about a set of good...

Watch

Welcome to CSLS 2022

Nov 10, 2022

Watch

Panel | Misinformation – Disinformation – Malinformation (MDM): The Next Big CISO Challenge?

Nov 09, 2022

Even though MDM has had a long history during war and times of high tension, the digital era has been increasing reach and potential impact of weaponized misinformation. Sophisticated tools such as machine learning mechanisms and software bots is opening a huge battlefield for creating and spreading manipulated information at scale even for those with limited technical skills. From nation state attacks through organized crime down to that one single customer who feels treated unwell – they all can use such tools. What does this trend mean for your organization and what ist he...

Watch

How to Improve Security with Passwordless Authentication

Nov 07, 2022

"Passwordless authentication" has become a popular and catchy term recently. It comes with the promise of getting rid of the risk associated with passwords, however, organizations will add a significant layer to the overall security of their IT infrastructure. Research analyst Alejandro Leal rejoins Matthias to explain how this can be achieved in reality with today's products and services. He gives an overview of the market, the technologies and recent developments in this area.

Watch

Protecting Web Applications Amid Severe Staff Shortages

Nov 03, 2022

Organizations are more dependent than ever on web applications for doing business with partners and customers, which means that protecting web applications has become business critical. But many companies are facing severe skills shortages exacerbated by the “Great Resignation”, and web application security is particularly hard hit. Automation is key to overcoming this challenge.

Watch

How To Manage Your Clients, From Customers and Citizens to B2B and B2B2C

Oct 31, 2022

CIAM solutions are designed to address specific technical requirements that consumer-facing organizations have that differ from traditional “workforce” or Business-to-Employee (B2E) use cases. John Tolbert has revisited this market segments for the updated Leadership Compass CIAM and provides an update to the analyst chat episode 58 from December 2020. Cybersecurity Leadership Summit takes place on November 8 – 10 in Berlin and online. Join us there .

Watch

Better Business With Smooth and Secure Onboarding Processes

Oct 28, 2022

In the modern world of working, organizations need to digitally verify and secure identities at scale. But traditional IAM and CIAM strategies can’t identity-proof people in a meaningful way in the digital era. Finding an automated digital identity proofing system that is passwordless and provides strong authentication, is essential.

Watch

Frontier Talk

Identity, Company Building and the Metaverse | Frontier Talk #10 - Lasse Andresen

Oct 27, 2022

In this milestone episode, Raj Hegde sits with Lasse Andresen – Founder and CEO of IndyKite to explore company building, the metaverse, and identity applications beyond security. Tune in to this episode to learn about Lasse’s inspiring journey since founding ForgeRock, his playbook for building dynamic teams from scratch, and his thoughts on where the identity ecosystem is heading. All of this and much more on episode 10 of the Frontier Talk podcast!

Watch

Advanced Authorization in a Web 3.0 World

Oct 26, 2022

Business and just about every other kind of interaction is moving online, with billions of people, connected devices, machines, and bots sharing data via the internet. Consequently, managing who and what has access to what in what context, is extremely challenging. Business success depends on finding a solution.

Watch

Do You Still Need a VPN?

Oct 24, 2022

Virtual Private Networks (VPNs) are increasingly being promoted as an essential security tool for end users. This is not about the traditional access to corporate resources from insecure environments, but rather about privacy and security protection, but also about concealing one's actual location on the Internet. Alexei analyzes the operation and effectiveness of these tools and explains his view on the question of whether VPNs are really needed for security and privacy. Cybersecurity Leadership Summit takes place on November 8 – 10 in Berlin and online. Join us there .

Watch

Why Data Resilience Is Key to Digital Transformation

Oct 21, 2022

As companies pursue digital transformation to remain competitive, they become more dependent on IT services. This increases the potential business impact of mistakes, natural disasters, and cyber incidents. Business continuity planning, therefore, is a key element of digital transformation, and must cover business-critical data and applications.

Watch

A Winning Strategy for Consumer Identity & Access Management

Oct 19, 2022

Success in digital business depends largely on meeting customers’ ever-increasing expectations of convenience and security at every touchpoint. Finding the best strategy to achieve the optimal balance between security and convenience without compromising on either is crucial, but can be challenging.

Watch

How Does Using Cloud Services Alter Risk?

Oct 17, 2022

The question whether using a cloud service alters risk is not simple to answer. Mike Small sits down with Matthias and explains, that every organization has its own set of circumstances, and the answer needs to take these into account. He explains the important factors to look at, and what organizations should understand when assessing their risks in a cloud and hybrid world. Cybersecurity Leadership Summit takes place on November 8 – 10 in Berlin and online. Join us there .

Watch

Implementing Modern and Future-Proof PAM Solutions

Oct 14, 2022

Privilege Access Management (PAM) is changing, driven by the move of most businesses from on-prem IT applications and infrastructure to the cloud, resulting in a multi-could, multi-hybrid IT environment. This has resulted in a proliferation of privileged identities that need to be managed.

Watch

A Zero Trust Approach to Cyber Resilience

Oct 13, 2022

Security in many organizations is not evolving fast enough to keep up with business transformation, including migration to the cloud and to Industry 4.0. These changes, while essential to remain competitive, bring fresh security risks. A new approach is needed to ensure cyber resilience.

Watch

What Cybercrime Can Really Mean to Your Business

Oct 10, 2022

Cybersecurity often seems like a dry subject. And as long as it is practiced successfully, its benefits can only be seen in the absence of damage. However, Marina Iantorno, who is taking part in the Analyst Chat for the first time, will discuss the actual risks associated with inadequate IT security and how they affect organizations specifically. Cybersecurity Leadership Summit takes place on November 8 – 10 in Berlin and online. Join us there .

Watch

Driving Innovation With Identity Fabrics

8 videos

Playlist

A DevSecOps Maturity Model for Secrets Management

Oct 07, 2022

Recent high-profile software supply chain attacks have highlighted the importance of security in the DevOps environment. But this can be challenging because DevOps teams are at the forefront of digital transformation and use agile techniques to deliver applications quickly, often not following traditional paths of identity management.

Watch

How to Move from Legacy IAM to Future-Proof Identity Fabric

Oct 06, 2022

As enterprises adopt new ways of collaboration and working, the area that has seen some of the biggest impact is the evolution of identity metadata to support improved and secure forms of access to IT infrastructure and services. Yet, this is still the most underrepresented aspect in target design conversations for most Identity Management programmes. As we move towards IAM 2.0 with the panes of evolution changing from what our approaches were in the pre-pandemic world, there is an opportunity for us to build our programmes based on sound Identity fabrics thereby leveraging the true power...

Watch

Breaking the Ransomware Attack Chain

Oct 05, 2022

At some point, any business connected to the internet is likely to become a victim of a ransomware because they are relatively easy and inexpensive to carry out, but potentially yield large payouts for cybercriminals. The best way of tackling this threat is to know how to break the attack chain.

Watch

Vulnerability Management: Emergency Patching and How to Deal with "Zero Days"

Oct 03, 2022

Sometimes Vulnerability Management has to take care of current threats very quickly: Christopher Schütze is today's guest in this episode and explains which processes are necessary when a system needs to be updated very quickly, for example because there is a current threat, e.g. a "zero day" attack actively being exploited or a vendor recommends an update....

Watch

Taking the Risk Out of Key Digital Business Enablers: APIs

Sep 30, 2022

Application Programming Interfaces (APIs) are among the foundations of modern digital business. APIs are found everywhere due to a rapid growth in demand to expose and consume APIs to enable new business models and connect with partners and customers, but APIs are also a security risk that businesses can’t afford to ignore.

Watch

Ensuring the Security of Microsoft Active Directory and Azure AD

Sep 28, 2022

In the face of increasing cyber-attacks by cybercriminals and nation-states, most organizations are investing in filling in the gaps in their cyber defenses, but as the landmark SolarWinds supply chain breach showed, securing Microsoft Active Directory (AD) is vital, but often overlooked.

Watch

Cyber Resilience: What It Is, How to Get There and Where to Start - CSLS Special

Sep 26, 2022

A key issue for many companies beyond technical cybersecurity is cyber resilience. This refers to the ability to protect data and systems in organizations from cyber attacks and to quickly resume business operations in the event of a successful attack. Martin Kuppinger, Mike Small, and John Tolbert will explore this important topic at the Cybersecurity Leadership Summit in Berlin. For this special episode of Analyst Chat, they join Matthias for a virtual panel discussion to identify key actions on the path to a cyber resilient enterprise.

Watch

A Comprehensive Approach to Solving SaaS Complexity

Sep 23, 2022

As businesses adopt cloud-based services as part of digital transformation programs to enable flexible working, boost productivity, and increase business agility to remain competitive, many IT and security teams are finding it challenging to gain oversight and control over the multitude of Software as a Service (SaaS) applications.

Watch

Cybersecurity-Teams mit Managed Detection Response stärken

Sep 21, 2022

Organisationen, die die Digitalisierung ihrer Businessprozesse versäumen, werden es in naher Zukunft schwer haben, wettbewerbsfähig zu bleiben. Mit zunehmender Digitalisierung steigen aber auch die Cyberrisiken, weil die Verlagerung von Dienstleistungen in die Cloud und die zunehmende Unterstützung von mobilem und dezentralem Arbeiten die Bedrohungsflächen rapide vergrößert. IT-Sicherheitsteams haben nicht zuletzt wegen geringer Budgets und mangelndem Know-How Mühe, Bedrohungen zu erkennen, darauf zu reagieren und sie einzudämmen, zumal diese zunehmend von staatlicher Seite ausgehen und mit...

Watch

What Defines Modern Cybersecurity Leadership

Sep 19, 2022

How do you implement modern cybersecurity leadership between compliance, threat protection, privacy and business enablement? To answer this question, Matthias invited the CEO of KuppingerCole Analysts, Berthold Kerl, who was and is active in various roles as a leader in cybersecurity. Together they explore questions such as how important the knowledge of basic cybersecurity technologies is and what the necessary management tasks are in an organization?

Watch

Zero Trust Is Driving the Evolution of Authorization

Sep 16, 2022

Verifying what specific applications, files, and data that a human or non-human entity has access to, is at the heart of cybersecurity in the face of increasing theft of data for espionage or other criminal purposes. Authorization, therefore, is extremely important to security, but it is also key to boosting brand trust and improving user experience.

Watch

Becoming a Better Privileged Access Manager

6 videos

Playlist

Managing Cyber Risk in a Hybrid Multi-Cloud IT Environment

Sep 14, 2022

Today’s IT environments blend applications and services from multiple public cloud networks, private clouds and on-prem networks, making it difficult to view and inventory assets deployed across complex hybrid networks, and keep track of the security risks. Organizations need to find a way to improve visibility, identify and prioritize risks, and maintain cyber resiliency.

Watch

Debunking the Myth of the Human Being the Biggest Risk in Cybersecurity

Sep 12, 2022

It is always easy to blame people, i.e. users, for data breaches and ransomware attacks. But is that really still true today? Martin Kuppinger and Matthias discuss this cybersecurity myth and finally defend users against unjustified accusations. Meet us at the Cybersecurity Leadership Summit !

Watch

Verified Identity Providers

Sep 05, 2022

Verified identity refers to digital identities that have been verified to describe a real-world identity in digital form. A growing range of service providers support organizations to achieve this for customers, citizens and employees alike. Annie Bailey rejoins Matthias and gives an overview of what "Providers of verified identity" are and which types of services and benefits beyond mere verification should be considered. The Leadership Compass is available here .

Watch

Jumpstart Your Zero Trust Strategy With Zero Trust Network Access (ZTNA) Solutions

Aug 22, 2022

Zero Trust is rapidly gaining popularity as a modern alternative to traditional perimeter-based security. While it is (rightfully) mainly considered a concept rather than a product, a new market segment has developed. Those solutions apply this concept to network-based access to existing applications and other systems by creating a logical identity- and context-based overlay over existing (and presumed hostile) networks. Alexei Balaganski has examined this new market for KuppingerCole Analysts research and talks to Matthias about how this can speed up ZT deployments.

Watch

What Is CDP and What Benefit Does It Add to Consumer-Centric Identity Ecosystems?

Aug 15, 2022

Customer Data Platforms (CDP) are a fairly new addition to the pool of consumer identity centric management solutions. KuppingerCole Fellow Analyst Roland Bühler joins Matthias for the first time and he explains the full picture of consumer identity and detail what differentiates CDPs from other solutions, such as DMP, CRM or Marketing Automation Solutions. Here are the links to the documents that Matthias and Roland are talking about: Customer Data Platforms , Machine Customers - The Impact of Customer Bots on Customer Journeys

Watch

Why Securing Microservices Isn’t as Straightforward as You Might Think

Aug 08, 2022

Microservices are increasingly becoming the new normal for enterprise architectures, no matter where they are deployed. Alexei Balaganski and Matthias discuss why doing this properly is essential and which aspects need to be considered, way beyond just talking about transport encryption or API security.

Watch

Can DREAM Help Me Manage My Multi-Hybrid Infrastructure?

Aug 01, 2022

The IT environments have become complex, and this will not stop as more technologies such as Edge Computing start to take hold. Paul Fisher looks at the full scope of entitlements across today's multi-hybrid environments. He explains how this new market segment between the cloud, on-premises, privileged accounts, and DevOps has developed and what DREAM means in this context.

Watch

The 3 Essentials of a Cyber Leader

Jul 29, 2022

How can the Cybersecurity Leadership Summit help you become a great digital leader? Raj Hegde, Product Manager, tells us what the 3 core qualities of the digital leaders of the future are, and how you can strengthen them by joining us on 8-10 November in Berlin.

Watch

Security and Compliance Benefits of Endpoint Privilege Management

Jul 29, 2022

As IT applications and endpoints proliferate, and enterprises shift to hybrid IT and hybrid working models, managing end user privileges is becoming very challenging, resulting in breaches, fraud, and undetected risky behavior. Enterprises need a way of governing end users wherever they are working and protecting a growing number of endpoints.

Watch

Multi-Cloud Permissions Management

Jul 27, 2022

Most businesses are adopting cloud services from multiple providers to remain flexible, agile, efficient, and competitive, but many do not have enterprise-wide control over and visibility of tens of thousands of cloud access permissions, exposing the enterprise to risk of security breaches.

Watch

How Self-Sovereign Identities Will Influence Public Services

Jul 25, 2022

Europe is on a "Path to a Digital Decade", which envisions 80% of EU citizens using a digital ID card by 2030. A part of that journey will be self-sovereign identities. Research Analyst Alejandro Leal joins Matthias to continue their discussion on the digital transformation in public services. Self-sovereign identities, the new eIDAS regulation, and the impact of both on how interactions between citizens and the state will change, are a controversial topic in the public discussion as well.

Watch

Leadership Compass Web Application Firewalls

Jul 18, 2022

Web Application Firewalls (WAF) have been around for quite some time to protect web applications through the inspection of HTTP traffic. But with a changing nature of web applications and the ever changing threats landscape they nee to evolve constantly. Richard Hill sits down with Matthias to explain newest developments in the market of WAFs, that is demanding increasingly for intelligent solutions.

Watch

You Can Only Protect and Govern the Data You Know About

Jul 15, 2022

Data is widely recognized as the lifeblood of the modern enterprise. However, the exponential rate at which it is being generated means that it is crucial that organizations have the capability to manage it effectively to ensure its confidentiality, integrity, and availability.

Watch

Dark Web Monitoring - CYFIRMA on an Undercover Mission

Jul 14, 2022

With CYFIRMA's products, you can take a look at your business through the eyes of a cybercriminal. But to know what they know, they need to take steps into the dark side of the World Wide Web. Osman interviews Kumar Ritesh from CYFIRMA about their work on the Dark Web.

Watch

Multi-Cloud Identity Governance 101

Jul 13, 2022

In an effort to cut costs, improve efficiencies, and cater for a mobile and remote workforce, businesses are adopting cloud services from multiple providers. This has created a host of challenges in managing identity and access across multiple clouds, and has introduced several risks that need to be addressed urgently.

Watch

Digital Transformation for the Public Sector

Jul 11, 2022

Imagine paying your taxes digitally on your mobile phone by using your digital ID that is also used for easily applying for a parking permit online. Sounds like the future? In Estonia, this has been a reality for 20 years. Research Analyst Alejandro Leal joins Matthias for the first time for the Analyst Chat. They talk about the changing landscape of citizen-facing government processes and the impact of the digital transformation on the public sector, how Estonia can be a role model and what we can learn from their limitations.

Watch

DevOps Tools: Securing the Software Supply Chain

Jul 08, 2022

Following the SolarWinds and Kaseya supply chain attacks, security of the DevOps tools chain with all the related components has shifted to the center of attention. There is a lot to do around securing code and CI/CD tools, as well as the execution environments. But it all starts with protecting secrets such as keys, certificates, and even passwords.- each one of these can provide access to large amounts of critical information.

Watch

The Future of Identity & Access Management

5 videos

Playlist

Erfolgreiche IAM-Projekte: Von Best Practices Lernen

Jul 06, 2022

Häufig beginnt die Suche nach einer Identity-Lösung mit einem ganz konkreten Schmerzpunkt im Unternehmen. Ein nicht bestandener Compliance-Audit wegen überhöhter Zugriffsberechtigungen, technische Probleme, wegen komplexer Systeme frustrierte User und eine Überforderung des Helpdesk mit Berechtigungsanforderungen und Passwort-Resets sind nur einige der vielen möglichen Ursachen. Selbst nach einer erteilten Budgetfreigabe für die Anpassung der IAM-Landschaft sind die Hürden vielfältig.

Watch

How CYFIRMA Puts Threat Intelligence Into Practice

Jul 05, 2022

Do you know what information about your company is out there and can be used by cybercriminals? What are they interested in? Are they actually targeting your company and planning to exploit it? These are many questions that you may want to consider answering. After all, part of a good defense strategy is knowing your enemy. Kumar Ritesh wanted to solve this challenge and founded CYFIRMA to help others with a complete, comprehensive view, on one platform. Learn more about how they help you look through the eyes of cybercriminals.

Watch

How to protect your OT and IoT from Cybersecurity Threats

Jul 04, 2022

Graham Williamson has teamed up with John Tolbert to research the current state of the Operational Technology (OT) and Industrial Control Systems (ICS) sectors. They documented the ability of the main industry players to support a coordinated approach to detecting, responding to, and recovering from, cybersecurity attacks and intrusions. Graham joins Matthias to provide insight into this market on the occasion of the publication of the Market Compass Cybersecurity for Industrial Control Systems.

Watch

Maximizing the Benefits of Customer Identity & Access Management

Jul 01, 2022

CIAM solutions often come packed with features that could be used to improve consumer experiences, which is key to success in the digital era. However, in most cases, organizations that deploy CIAM products or use cloud-hosted CIAM services are under-utilizing the capabilities, which leads to poor customer experiences.

Watch

Dealing Effectively with Modern, Industrialized Cyber Threats

Jun 30, 2022

The cyber threat landscape has become very complex, with state-of-the-art intrusion, ransomware, and cryptocurrency mining tools now readily available through online stores and service providers, and an expanding attack surface due to increased cloud computing and remote working. Keeping data secure while ensuring its availability to legitimate users has become extremely challenging.

Watch

Effective Threat Detection for Enterprises Using SAP Applications

Jun 29, 2022

Determined cyber attackers will nearly always find a way into company systems and networks using tried and trusted techniques. It is therefore essential to assume breach and have the capability to identify, analyze, and neutralize cyber-attacks before they can do any serious damage.

Watch

Leadership Compass Endpoint Protection, Detection and Response (EPDR)

Jun 27, 2022

The previously distinct but now converged fields and product lines of Endpoint Protection (EPP) and Endpoint Detection & Response (EDR) are covered in the brand new KuppingerCole Analysts Leadership Compass on EPDR (Endpoint Protection Detection & Response). Lead Analyst John Tolbert joins Matthias to give a sneak peek into this market segment and shares some results of the evaluation as well.

Watch

Managing Complexity: How to Define an Enterprise Cybersecurity Fabric That Delivers

5 videos

Playlist

IAM Projects Done Right

Jun 22, 2022

Delivering effective IAM is not always easy, and around half of IAM projects run into difficulties and stall. While opting for IAM that is delivered as a service is a potential solution, not all offerings are equal. Finding a service with the right combination of well-integrated capabilities is crucial to success.

Watch

Market Compass Secure Collaboration

Jun 20, 2022

Secure Collaboration solutions focus on enabling data-centric security to facilitate virtual collaboration. Annie Bailey talks with Matthias about this market segment that provides increasingly flexible, interoperable, and therefore even more secure solutions.

Watch

Trends, Innovations and Developments in the CIAM Market

Jun 15, 2022

Consumer Identity and Access Management (CIAM) is an emerging market with a strong demand for solutions. Especially with the increasing digitization of the workplace, the market is growing and there are more and more vendors entering this market. Our analyst John met with Sadrick Widmann from cidaas, one of the leading IAM solutions in Europe, to talk about the importance and relevance of CIAM.

Watch

The Changing Scope of the NIS 2 EU Directive

Jun 15, 2022

The NIS Directive aimed at achieving a common standard of network and information security across all EU Member States, with a focus on operators of essential services, is scheduled for an update. Suppliers of utilities, healthcare, transport, communications, and other services need to know what changes are coming and what they need to do to comply.

Watch

Characteristics of Future IT

Jun 13, 2022

Martin Kuppinger and Matthias conclude their conversation about the opening keynote Martin held at EIC 2022 in Berlin. They look at how future IT will look like and how the overall transformation towards this future state can be managed.

Watch

Effective Cyber Risk Quantification Through Automation

Jun 07, 2022

Continual high-profile cyber incidents demonstrate beyond a doubt that cyber risks exist, but most organizations struggle to quantify cyber risk in a useful way. There is an urgent need for IT security leaders to find a common way to express cyber risk in monetary terms, that business leaders understand to enable effective risk management and security investment.

Watch

Leadership and Challenges in a Changing World

Jun 06, 2022

Martin Kuppinger and Matthias discuss topics from the opening keynote Martin held at EIC 2022 in Berlin. They start with the role of leaders and decision makers in a consistently changing global environment.

Watch

Why Architects Should Rethink Authorizations

Jun 02, 2022

In the digital era, organizations are increasingly interacting online with contractors, partners, and customers. Traditional role-based authorization frameworks are not designed to provide these external identities with the right access to resources, services, and apps. A new approach is required.

Watch

Fixing the Way the World Logs In

Jun 01, 2022

Passwords are quickly and easily compromised, they are costly and difficult to manage, and they result in poor user experiences. Many organizations are looking for alternatives, but find it challenging to identify appropriate passwordless and phishing resistant authentication solutions that are simple, effective, and secure.

Watch

Leadership Compass Identity Fabrics

May 30, 2022

The Identity Fabric paradigm manifests an important cornerstone of the KuppingerCole Analysts AG research and advisory. Products in that area cover a wider range of capabilities including Access Management and IGA, and beyond. Martin Kuppinger joins Matthias to provide more details about this evolving market sector, and on which vendors and which products/services to watch.

Watch

Effective Identity Access Governance in Hybrid SAP Environments

May 27, 2022

Increased cyber threats and regulatory requirements for privacy and security make staying on top of user roles and access rights in hybrid IT environments more important and challenging than ever, which means it’s important to understand the real risks and how to mitigate them effectively with modern GRC capabilities.

Watch

Leadership Compass Access Management

May 23, 2022

Access Management refers to the group of capabilities targeted at supporting an organization's access management requirements traditionally found within Web Access Management & Identity Federation solutions, such as Authentication, Authorization, Single Sign-On, Identity Federation. Richard Hill joins Matthias for the first time to talk about this topic and the recent developments in that area as reflected in his Leadership Compass on Access Management.

Watch

Making Zero Trust a Reality: Basing Decisions on Valid Identity Data

May 20, 2022

Cloud computing and mobile workforces have resulted in an expanding attack surface and a complex web of identify information. This means that traditional perimeter-based security models are no longer effective. A Zero Trust model of strict access control for every user and device enables businesses to be connected and secure, but an effective identity-focused approach is essential.

Watch

Market Compass "Policy-Based Access Management"

May 17, 2022

Shortly before EIC, Graham Williamson and Matthias sat together virtually and discussed the recent publication of the Market Compass on "Policy Based Access Management". In this episode Graham gives a great introduction in this evolved market segment and talks about hybrid and cloud-native use cases. They hint at several sessions on policy-based and cloud-native access control at EIC as well, so for those interested in learning even more on modern authorization, either the Market Compass itself or the EIC recordings are perfect starting points after listening to/watching this episode.

Watch

Impressions from the European Identity and Cloud Conference 2022

May 17, 2022

Watch

Attendees at the European Identity and Cloud Conference 2022

May 17, 2022

Watch

Panel | Protocols, Standards, Alliances: How to Re-GAIN the Future Internet from the Big Platforms

May 13, 2022

In talking about a "Post Platform Digital Future", it is all about a Vision, or better: mission to not let the current platform dominance grow any further and create the foundations for a pluralistic digital society & business world where size would not be the only thing that matters. To get there, we need open Standards, Protocols and Alliances that help individuals, as well as businesses of any size, to participate in a digital future inside the metaverse and beyond - just like trade unions helped the working class during the industrial revolution to fight for their rights. In this...

Watch

Panel | Turning (Distributed) Workforce Challenges into Productivity Gains

May 12, 2022

Customer Identity & Access Management (CIAM) has made us learn about reducing friction in the way customers access and consume our services, and to add value to the relationship. It is time now to apply CIAM learnings to workforce identity.

Watch

Making Digital Identity Enable Your Organization's Cloud/Digital Transformation

May 11, 2022

Watch

The Empowered Consumer and the Next Era of Digital Identity

May 11, 2022

Watch

A Story About Convenient Security

May 11, 2022

Watch

Promoting Cyber Resilience through Identity and Zero Trust

May 11, 2022

Resilience is defined as the dynamic process of encompassing positive adaptation within the context of adversity. Organizations today are under constant siege from any number of security threats. The only path to weathering this ongoing storm is to learn to intelligently adapt through the understanding of identity and the application of Zero Trust. In this presentation, we will illustrate how applying greater identity assurance and least privilege principles organizations can dramatically improve their overall cyber resilience.

Watch

Give me 10 minutes, I'll give you the truth about verified Identities

May 11, 2022

Watch

The strategic building blocks of the composable enterprise: Concepts & technologies

May 11, 2022

This session is a continuation of the opening keynote by Martin Kuppinger on the future Composable Enterprise. Together we take a look at what powers the composable enterprise and which concepts and technologies can contribute to building a composable enterprise. KuppingerCole proposes an engine that powers composable enterprises, made up of composable services, identities, and data. Since this journey towards becoming composable is intensely individual based on business goals and requirements, there countless ways of cultivating this modular trifecta. Therefore, this session identifies...

Watch

How organizations can make and save money with decentralized identity

May 11, 2022

In this talk John will present one way of modelling the potential value propositions for the parties (people and organisations) in decentralised identity models. Using real world examples of products and systems, he’ll use the model to consider their value propositions, and whether we need a “value exchange” ecosystem to enable the decentralised identity market to thrive. Along the way the talk will consider the risk of false prophets and fake profits, where the residual value will remain, as well as why (in John’s opinion) decentralised identity...

Watch

How to use the framework of a Trusted Data Ecosystem to simplify building decentralized identity solutions

May 11, 2022

Decentralized identity is an incredibly flexible technology that solves fundamental problems in the way we manage digital communication. But this capacity to do more than one thing at once can be a source of confusion: How do I actually build a decentralized or self-sovereign identity solution today? How do I put all the components together? In this session we use the framework of a Trusted Data Ecosystem to show how you can use decentralized identifiers, software agents, verifiable credentials, and the supporting infrastructure to verify data without having to check in with...

Watch

Demystifying CIEM for an Effective Multi-Cloud Security Enablement

May 11, 2022

As digital business pushes organizations towards an accelerated multi-cloud adoption, CIEM (Cloud Infrastructure Entitlements Management) emerges as a strong enabler for securing access and entitlements across an increasingly distributed cloud environment. Traditional PAM and IGA tools aren't natively designed to manage cloud infrastructure entitlements and therefore can't be easily re-purposed to discover and remediate excessive cloud permissions across multiple IaaS and PaaS platforms. The confusion arising from un-identically structured CSPs and misaligned cloud terminology is further...

Watch

Panel | Multi-Cloud Agility Must-Haves

May 11, 2022

With a highly prioritized digital tranfsformation towards a composable enterprise, it will be inevitable to work with multi-cloud solutions to achieve the level of agility and flexibility required. If it was to avoid vendor lock-in or to consequently go for best-of-breed solutions - in this cloud expert panel we will discuss approaches to manage multi-clouds efficently and to avaid increased complexity.

Watch

Security Improvement Through Visibility of Changes in Hybrid/Multi-Cloud Environments

May 11, 2022

Performing accidentally wrong or intentionally bad configuration changes by administrators, scripts or systems can lead to serious security vulnerabilities or unintentional visibility or leakage of data. This applies to on-premises systems, but especially to systems and applications in cloud environments. With a comprehensive change auditing and reporting in hybrid environments, such critical changes and conditions can be quickly identified and remediated. This session will deal with this topic in general and with a solution approach in particular.

Watch

Dissecting Zero Trust, a real life example

May 11, 2022

After his presentation on Strategic and Tactical approaches for Zero Trust, in this presentation Fabrizio will breakdown the components of a Zero Trust implementation and highlight what a company needs to implement it. Fabrizio will also cover use-cases like legacy or cloud-based applications.

Watch

Panel | The Stack, the Stack, the Stack: How Trust over IP is Enabling Internet-Scale Digital Trust

May 11, 2022

The internet was designed without a trusted identity layer to connect physical entities to the digital world. This layer is now emerging in the form of decentralized digital identity systems (aka self-sovereign identity or “SSI”) based on digital wallets and digital credentials. What industry insiders have demanded for long is becoming reality. This is bringing challenges to the forefront including resistance of the identity establishment and major questions about interoperability between emerging and existing identity systems. The Trust over IP Foundation was...

Watch

Panel | Assessing the Cybersecurity Impact of Russia’s Invasion of Ukraine

May 11, 2022

Russia’s invasion of Ukraine has tectonic consequences for citizens and businesses across the world. An expectation of normalcy post the pandemic has been replaced with fears of increased gas prices and supply chain disruptions. Attackers are expected to leverage the context to carry out advanced cybercrime intrusions, leaving businesses susceptible to attacks that could have potential second and third-order effects on their operations. A cyber problem immediately becomes a business problem that requires effective business continuity contingency plans built around...

Watch

The Changing Cyber Threat Landscape and its impact on IAM (I)

May 11, 2022

Watch

From A to B - How Decentralized Technologies Are Changing Collaboration Between the Public and Private Sector

May 11, 2022

The world of modern urban mobility is full of - unused - opportunities. To get to their destination, people can use public transportation, take a cab or rent an e-scooter. But many options also means many providers. Anyone who uses more than one of the aforementioned forms of transportation to get from A to B will inevitably be confronted with a fragmentation of their journey. This is anything but smooth and user-friendly. A simple example makes this particularly clear: If Erika Mustermann has to go to London for a business meeting, she first takes the suburban train to the airport, then...

Watch

Panel | Digital Identity & Web3- Rethinking Business Models

May 11, 2022

Watch

Dealing with Multi-Cloud, Multi-Hybrid, Multi-Identity: Recommendations from the Field

May 11, 2022

Watch

The Role of Identity & Access Management for Ransomware Resilience

May 11, 2022

Watch

Identity in Polyglot Cloud Environments

May 11, 2022

Watch

Panel | Cloud Infrastructure Entitlement Management (CIEM): Managing Your Cloud Scale Risk with an Identity Defined Security Approach

May 11, 2022

CIEM adopts a zero trust approach to Identity and Access Management (IAM) for cloud infrastructures, making access risks visible and avoidable. In this panel session

Watch

SASE vs. Zero Trust: Perfect twins or antagonists?

May 11, 2022

The concepts behind Zero Trust and SASE are not new, but recent developments in technological capabilities, changes in the way people are working, accelerated adoption of cloud and Edge computing, and the continued evolution of cyberthreats have resulted in both rising in prominence. As organizations seek to improve their security capabilities, many are evaluating Zero Trust and SASE to determine whether to adopt either, one, or both. Join this session to understand what each can potentially deliver and the exact nature of the relationship between...

Watch

Demystifying Zero Trust

May 11, 2022

“It’s about the journey, not the destination” they said. “It’s basically just Don’t Trust But Check, what’s the real difference?” they said. “ What’s the big deal?” They said. Zero trust has been the panacea to everyone’s security problems, for a really long time now, and yet we are still talking about it, and not just doing it. It’s no surprise that there is a certain level of cynicism then that zero trust was all marketing and no trousers. If 2021 brought us anything though, it was finally some clarity...

Watch

Zero Trust at Siemens: Where the impossible and the doable shake hands

May 11, 2022

Two years ago, Siemens started a still going on process to change its security architecture to Zero Trust. Not an easy task for a company that big, widespread, and divers in products. In this session program leads Thomas Müller-Lynch and Peter Stoll are talking about what they mean when talking about Zero Trust at Siemens, what everyone can learn from the approach Siemens is taking, and what they are planning as their next steps.

Watch

The Changing Cyber Threat Landscape and its impact on IAM (II)

May 11, 2022

Watch

Zero Trust and Software Supply Chain Security: Must-do’s for Every Organization

May 11, 2022

Watch

Experience is What Counts, Orchestration is How you Get There

May 11, 2022

Watch

Reinventing the Network with Zero Trust to Stop External Network Attacks

May 11, 2022

Watch

What Ails Enterprise Authorization

May 11, 2022

Continued advances in authentication technology have made the "identity" part of "identity and access management" more manageable over the years. Access management on the other hand, is still very much a "wild-west" landscape. As enterprises move to a zero-trust network access model, access management is the only way in which attackers can be prevented from gaining unwarranted access to enterprise data. Attackers can include both malicious insiders and those using compromised identities. Numerous organizations have suffered significant financial damage as a result of such unwarranted...

Watch

OpenID SSE, CAEP and RISC - Critical standards that enable Zero-Trust security

May 11, 2022

Zero-trust security relies heavily on the ability for independently owned and operated services to dynamically adjust users’ account and access parameters. These adjustments are based on related changes at other network services, such as identity providers, device management services or others. A set of standards from the OpenID Foundation enable independent services to provide and obtain such dynamic information in order to better protect organizations that rely on zero-trust network access. These standards are being used today in some of the largest cloud-based services from...

Watch

What Supports Zero Trust in the Enterprise?

May 11, 2022

When we think of Zero Trust, we often discuss how it can support and improve your security posture, defense-in-depth strategies, and architecture -- but what supports Zero Trust? This discussion will focus on other IT / Security strategies, methodologies, and business practices that can help better position an organization to be successful in their approach to Zero Trust.

Watch

The Path to Zero Trust by Securing Privileged Identities

May 11, 2022

Attacks on identity and privileged access pathways are relentless, with the stakes of a cyber-breach never higher. Securing privileged identity within your organisation has never been more important as it is the foundation of a successful Zero Trust implementation. Zero Trust is built on foundations that are essential across your cybersecurity strategy, delivering greater value from existing cyber investments. In this session, we will outline: Why protecting identities is fundamental to achieving Zero Trust Practical steps you can take NOW to secure your privileged identities...

Watch

Plan A: Reduce Complexity in your Cloud Native Environment (there is no Plan B)

May 11, 2022

Organizations with an advanced cloud migration program have hit a roadblock. TO successfully navigate the adoption of compartmentalized code, in order to reap the benefits of improved agility and reduced costs, The CISO must embrace automated deployment and gain control over APIs.

Watch

Panel | Introducing Open Policy Agent (OPA) for Multicloud Policy and Process Portability

May 11, 2022

With over 120 million downloads, and users like Netflix, Zalando and GS, the open source project Open Policy Agent has quickly become the de facto standard for Authorization. In this session, KuppingerCole´s Alejandro Leal will discuss with Jeff Broberg, Gustaf Kaijser and Ward Duchamps on most common use cases where OPA is adopted.

Watch

Certificate Based Authentication in a Cloud Native Environment - a Migration Journey from Handcrafted XML Signing to OpenID Connect

May 11, 2022

During this best practice session we will present you with hands-on experience from one of our financial services industry customers. The company used a handcrafted xml signature mechanism to authenticate their business partners when initiating machine-to-machine communication to exchange data between data centers. When the customer decided to migrate to REST APIs in a cloud native setup, the existing mechanism was no longer fit for purpose. Together, we designed a solution to keep the benefits of certificate based authentication while establishing an interaction model conforming to the...

Watch

OAuth DPoP (Demonstration of Proof of Possession): How to Not Let Attackers Steal your OAuth Token

May 11, 2022

Most OAuth deployments today use bearer tokens – tokens that can be used by anyone in possession of a copy of them, with no way to distinguish between legitimate uses of them and those that stole them and used them for nefarious purposes. The solution to this is proof-of-possession tokens, where the legitimate client supplies cryptographic material to the issuer that is bound to the token, enabling it to cryptographically prove that the token belongs to it – something attackers cannot do because they don’t possess the proof-of-possession cryptographic material. The...

Watch

Trends in Enterprise Authentication

May 11, 2022

Watch

Panel | The Future of Authentication

May 11, 2022

Watch

European Identity & Cloud Awards Ceremony

May 11, 2022

Once again, analysts from KuppingerCole come together to showcase outstanding Identity Management and Security projects, standards and people. The winners will be honored live on stage during the award ceremony.

Watch

SSI Market Size (and opportunity in web3.0) and use cases

May 11, 2022

Who is this new beast, which widespread technology is going to be used everywhere from banking to metaverse, travel to healthcare? The technology that has no limits in its application across sectors is equally welcome in centralised and decentralised worlds. Meet, self-sovereign identity (SSI). How do you quantify the impact of a paradigm which will completely transform how we interact with identity and more broadly, authentic or trusted data? Our estimates say its market size is $550b / $0.55Tr. We’ll give a brief rundown of SSI applications across Finance, NFT,...

Watch

The CASE for a Vehicle Lifecycle Ledger

May 11, 2022

Mobility-as-a-service is changing the way people move. From mobility based on driving your own car, it is converging to the consuming of various services using multiple modes of transportation. Ranging from eScooters, bicycles, ride-sharing to car-sharing, ride-hailing and public transport.

Watch

Identity Ecosystems for a Better Customer Experience

May 11, 2022

Portable, verifiable and, most importantly, reusable representations of personal data can enable high-touch, high-trust and low-cost engagement between customers and networks of complementary service providers. The EU is already adjusting to the opportunities of Self-Sovereign Identity, but the private sector needs to demonstrate more high-value use cases in order to force beneficiary regulations and an enabling environment for the technology. The tools and techniques of Self-Sovereign Identity (SSI), including the no-code capabilities provided by ProofSpace, can be used to create trust...

Watch

The 'Credentials-first Mobile-first' Identity Ecosystem

May 11, 2022

This is a new development in the world and touches on mDL, Verifiable Credentials, decentralized identity, and personal data topics. A forward-looking presentation about what the world might look like, the foundational changes represented by this change, and some current and potential innovations that are now possible because of this.

Watch

Cardea: verifiable credentials for health information go open source

May 11, 2022

As an incubator for innovation in air travel, Aruba has chosen to use verifiable digital credentials to manage entry requirements and health testing for travel to the island. This decentralized, open-source technology, which provides secure authentication while preserving traveler privacy, was developed by SITA and Indicio.tech and donated to Linux Foundation Public Health as Cardea. In this session, representatives from Aruba’s government, Indicio, and SITA will discuss why they chose a decentralized approach, how they created a trusted data...

Watch

Drone Pilot Credentialing for Air Safety

May 11, 2022

Drone operations are estimated to bring €10bn/yr to the EU economy by 2035. A critical e-Government issue is the ability to fly drones in regulated airspace around airports. Unauthorised drone operations in the flightpath of passenger aircraft can endanger lives and cause huge financial loss for airport operators. Heathrow Airport has invested >£10M in security systems to track and destroy unauthorised drones. Digitising the entire drone flight approvals process will involve many steps, but the major one we are addressing is verifying pilot training credentials....

Watch

The Digital Identity Shake-up we’ve been waiting for: How to Survive, and how to Thrive

May 11, 2022

Watch

A Key Milestone towards CBDC Wallets - The eIDAS 2.0 Payment-Authorising Wallets

May 11, 2022

The presentation to be made by Stéphane Mouy (SGM Consulting - France) and Michael Adams (Quali-Sign - UK) will focus on the forthcoming eIDAS 2.0 digital identity wallets (DIWs) and the payment use case. DIWs will allow users to share high LoA identity and status credentials to various relying parties, including financial institutions, as well as meet applicable strong customer authentication requirements for payments. The payment use case is of critical importance to eIDAS 2.0 digital identity wallets and promises to be transformational for EU payment service providers as it...

Watch

We’re Gonna Need an even Bigger Boat: How Pervasive Digital Transformation, Nation State Actors, and Open Code Repositories Mandate a Reinvention of Identity

May 11, 2022

Watch

Key Requirements for Next Generation MFA

May 11, 2022

In this talk you will learn how MFA can be a foundation for your Zero Trust Initiative

Watch

What Does It Mean to Package Ethics Into a Technology Stack?

May 11, 2022

Watch

The Value Paradox: The 3 Inflections of IGA

May 11, 2022

Watch

A Learning Agenda for Federal Identity

May 11, 2022

Watch

IAM 2025: Integrated, Agile, Flexible. Decentralized?

May 11, 2022

Times are challenging, probably more than during the last few decades, with a pandemic that seems to never ending, homeoffice workers who don´t want to return, some frightening growth rates on the dark side of digital with ransomware everywhere and nation-state intellectual property theft on a broad level. We therefore have to update and modernize our identity & access programs to meet chose new challenges and enable an agile & composable business. Identity proofing through global identity networks, risk mitigation of a workforce that remains at the home office, and all...

Watch

Panel | Identity Fabrics: The Mesh and the Factory for Identity Services

May 11, 2022

Identity Fabrics as a concept has established itself as a common paradigm for defining and implementing the identity services needed by organizations to provide seamless, yet secure and controlled access of everyone and everything to every type of service, regardless whether its legacy or shiny & bright SaaS, and regardless of where it runs. Identity Fabrics support the shift-left in IAM thinking from only managing applications to providing a consistent set of identity services for the developers of digital services. Identity Fabrics deliver the integration and control plane required...

Watch

IAM-Suites for Medium-Sized/Mid-market Organizations

May 11, 2022

Watch

Panel | Centralized vs. Decentralized: Pros, Cons, Use Cases

May 11, 2022

Watch

The ICaaS (Identity Component as a Service) approach for taking control of customer experience

May 11, 2022

Watch

Denmark's 2022 brand new eID solution

May 11, 2022

Watch

The Importance of a Centralized Access Management System

May 11, 2022

Watch

Panel | Deliver on the Promise of an Identity Fabric: The Power of Data

May 11, 2022

Digital identities of consumers, customers, business partners, employees, but also devices, things, or services are at the core of the digital business. Unfortunately, most digital identities reside in siloes. Building a modern Identity Fabric that delivers seamless yet secure and controlled access from everyone and everything to every service requires breaking down the legacy identity siloes, and building a modern, flexible, identity data foundation.

Watch

Building a robust CIAM foundation, fit for the dynamic financial market

May 11, 2022

As organizations are recovering from the pandemic, many of them embark on a digital transformation at high-speed. Investments to drive online business, powered by customer insights and an attractive user experience, yet secure and compliant to rules and regulations, have never been bigger. NN, an international financial services firm with over 15,000 employees, is changing from a traditional insurance firm into a modern and online financial services firm that focuses on frequent and valuable customer interactions. NN is providing these online...

Watch

Implementing Multi-Region Identity Identifiers and IAM

May 11, 2022

Watch

Siemens AG: Real-World Enterprise IAM at Scale

May 11, 2022

In today´s unpredictable business environment where change is the normal, it has become critical to have a manageable and scalable Identity & Access Management program in place. In this Best Practice Presentation, Leonardo Morales will talk about the challenges and his learnings from implementing state-of-the-art IAM at Siemens AG, and what the next steps will be.

Watch

Practicalities of Identity Proofing for Authentication

May 11, 2022

Watch

A Blueprint for Achieving a Passwordless Reality

May 11, 2022

Password-related attacks increased by a staggering 450% in 2020, with over 1.48 billion records breached worldwide. Meanwhile, the average cost of a password reset exceeds $50 USD. We all know that passwords fail to deliver adequate Zero-Trust security and cause unnecessary friction for both customers and the workforce. So why have passwords not receded into the background? What are the key challenges facing enterprise passwordless agendas? And how can modern identity and access management help us realise a blueprint for a passwordless reality?

Watch

Panel | MFA usage in enterprise

May 11, 2022

There are so many ways enterprises could benefit from using Multi-Factor Authorization (MFA). Benefits include identity theft prevention, secure devices, lower breach risks, to name just a few. But why are so many businesses still not using MFA? Perhaps because it is too complex and time-consuming for IT departments? In this panel, our security leaders will try to clear up any misconceptions there seem to be about implementing MFA in the enterprise.

Watch

The State of Passwordless Authentication

May 11, 2022

The FIDO Alliance has made tremendous strides in its mission to change the nature of authentication with stronger, simpler and passwordless authentication. Join this session to get find out the state of passwordless authentication from the FIDO lens, including a sneak peak at major news that will – finally - make passwordless FIDO authentication available to the masses.

Watch

Fraud Reduction Intelligence Platforms - an Overview

May 11, 2022

Watch

Panel | Overcoming SMS OTP: Secure passwordless MFA with your mobile phone

May 11, 2022

Watch

Why KYC Isn’t Enough

May 11, 2022

Watch

Panel | Best Practices for Implementing Zero Trust

May 11, 2022

The “zero trust” approach to cybersecurity has been gaining momentum in recent years, as both corporations and government agencies have struggled with how to enhance security given the de-emphasis on the network perimeter. For the most part, the zero trust movement has remained rooted in network principals. However, in the last two years, much of the world was forced to interact exclusively online, creating a sense of urgency around zero trust security and the “never trust, always verify” philosophy behind it reached a new level of...

Watch

SSI, NFTs, ENS & Co - Trends and Adoption of Decentralized Identity in 2022

May 11, 2022

Goal of this Deep Dive: Listeners will leave with a solid understanding of different approaches to decentralized identity like Self-Sovereign Identity (SSI) and Non-Fungible Token (NFTs), Ethereum Name Service (ENS) their adoption (based on real use cases) their impact on web2/3. Main Contents / Flow: The new status quo: The broken web and the shift from data silos to ecosystems. The rise and latest trends in Web3: On-chain identity, NFTs, ENS & Sign-in with Ethereum Comparing paradigms: What is better, NFTs or SSI? Adoption & real-life use cases...

Watch

European Identity and Cloud Conference 2022

190 videos

Playlist

Welcome to EIC 2022

May 10, 2022

Watch

Identity. Security. Decentralized. The Future of IT in the Age of Change

May 10, 2022

The future of the enterprise is changing. In the Digital Age, much is different than it has been in the past. The focus must be on agility in business models and delivery, innovation, and reliability in delivering to the customers. This requires a shift in focus, in all areas, including IT. IT must focus on enabling the business to deliver digital services that stand out from the competition, with leading-edge customer experience. IT must be able to adapt to change in competition as well as in technology, and to support the continuous innovation of businesses in the digital age. It must...

Watch

Future Government: Transforming Public Services to Be More Agile and Innovative

May 10, 2022

Watch

Advocating for Decentralised Identity in Europe: 7 Lessons Learnt

May 10, 2022

Watch

Model, Measure, Manage - The Journey to Autonomous Security in a Hybrid Multi-Cloud World

May 10, 2022

We cannot manage what we cannot measure.

Watch

Digital Identity and Privacy: Stories from the Frontline

May 10, 2022

As the pace of digitalization gathers momentum, organizations are witnessing a dramatic increase in the number of digital identities. These identities interact with systems and applications relentlessly to perform day-to-day IT tasks. Nevertheless, maintaining the privacy of this data is a daunting task. Enterprise data is hosted in multi-tenant cloud, managed service providers and distributed data center environments. How an organization can maintain data privacy in this evolving IT access control use-cases depends on the level of preparedness to protect and monitor those digital...

Watch

Dynamic Authorization in Zero Trust Architecture

May 10, 2022

Watch

New Face, Who Dis? Privacy vs Authentication in a World of Surveillance

May 10, 2022

Facial recognition technology is evolving rapidly, presenting the benefits and dangers that innovation always does. Will it provide reliable biometric authentication, or will it erode personal privacy? We’ll examine the current landscape from both a policy and a technical perspective, and discuss the responsibility of government, enterprise, and individuals in this complicated environment, and review the latest adversarial research that attempts to enhance biometric privacy for individuals.

Watch

Pre-Conference Workshop | The IAM Experience Your Users Really Deserve

May 10, 2022

Organisations that are being targeted by SaaS and B2B companies might struggle when it comes to building a smooth and quick process of authentication for their users. Issues with business needs, such as user organisation within a specific target business, separate branding, access control and SSO are spreading like wildfire. Therefore, some of these processes could overwhelm your IT-team with unnecessary burdens, such as building an application entirely from scratch reducing significantly the time dedicated to the design and improvement of the app itself. Join us in this hands-on...

Watch

I'm None of your Business

May 10, 2022

Watch

Privacy and Data Protection. What is this Thing Called Privacy?

May 10, 2022

Watch

CISO Panel | Securing the Composable Enterprise

May 10, 2022

As if it all came together on the foundations of an agile, fully decentralized enterprise, embracing the API economy to deliver results through assembling and combining pre-packaged business capabilities. AI-driven, automated, everything delivered on-demand, providing the best possible user experience, and all that at an unprecedented pace that keeps us ahead of the ever-increasing speed of change: The composable enterprise. But wait – less than a third of businesses that we at KuppingerCole have asked recently, say that they have processes, staff, structures, skills, and...

Watch

The New Digital Identity Wallet for all Europeans: Latest Amendments

May 10, 2022

An impactful 73 pages proposal for amending the 2014 e-IDAS regulation was made in June last year, a.o. providing EU wide wallets for national e-ID’s. Market consultations and impact assessments have been concluded early 2022 and the European Parliament discussed the proposal with experts answering questions parliamentarians had, not without arousing quite some dust. The EU Digital ID Proposal is powerful, as it is creating a Pan-European wallet for all member states, trying to stay in line with all existing ID initiatives and legislation. Drs. Jacoba Sieders will give you insight...

Watch

Journey to the North: Canadian Perspectives and Progress on Digital Identity

May 10, 2022

Watch

It's the Relationship, Stupid

May 10, 2022

Watch

Privacy: The Real Cost

May 10, 2022

Privacy is one of the most challenging aspects to protect in identity solutions. The entities that stand to gain the most from surveilling users can use convenience as a bargaining chip. Users understand and appreciate convenience, but they often don't appreciate the costs of loss of privacy, as the consequences often play out well after the violation occurred. Identity practitioners often take the need to preserve privacy for granted, and in so doing fail to help users and solution designers understand the concrete impact privacy violations can have on the lives of users. This...

Watch

Pre-Conference Workshop | Standards Matter. Trustworthy use of Identity and Personal Data

May 10, 2022

The world has changed because of COVID. More fraud is taking place. More misuse of identity is occurring. To combat the rise in fraud and to mitigate risk, the Kantara Initiative offers a 3rd party conformity assessment program.

Watch

Pre-Conference Workshop | How OpenID Standards are Enabling Secure & Interoperable Digital Identity Ecosystems

May 10, 2022

OpenID Foundation Workshops provide technical insight and influence on current digital identity standards while also enabling a collaborative platform to openly address current trends and market opportunities. The OpenID Foundation Workshop at EIC includes a number of presentations focused on 2022 key initiatives for the Foundation.

Watch

Tribute to Kim Cameron: Privacy & the 7 Laws of Identity

May 10, 2022

Last November, the creator of the 7 Laws of Identity, Digital ID thought leader and focal point of a Global Identity Community, Kim Cameron, passed away. He not only left us with an uncountable number of unforgettable moments. He also left us with those 7 laws of Identity, a set of fundamental principles that have helped shaping modern privacy legislation and which are more relevant today as ever before. In this keynote session, 7 of Kim´s friends, colleagues and co-founders will talk about today´s relevance of Kim´s work. The session will be moderated by Jackson Shaw who...

Watch

Pre-Conference Workshop | IAM, the Cloud, and GDPR - Why you will fail on GDPR without a strong IAM posture

May 10, 2022

Watch

Modern Identity Management: Security Without Compromising Usability

May 04, 2022

In the digital age, effective customer, partner, and employee identity and access management (IAM) is essential to enable secure online transactions, collaboration, and other interactions. But finding the right balance between security and usability has traditionally been challenging and required compromise. However, this is changing.

Watch

Market Compass - Security Operations Center as a Service

May 02, 2022

SOCaaS (Security Operations Center as a Service) is a growing trend in cybersecurity, where core security functions are uniformly delivered to enterprises from the cloud. Warwick Ashford explored this in a recently published Market Compass and provides an overview of his findings.

Watch

The Machine Monitoring Mandate

Apr 27, 2022

Governments world-wide are increasingly worried about the social unrest that could result from a cybersecurity compromise of critical infrastructure. This has highlighted the fact that the underlying operational technology (OT) is often inadequately protected, and that this must change.

Watch

How to Deal with the Increase and Complexity in Consumer Fraud

Apr 25, 2022

John Tolbert and Matthias discuss the question of whether companies in retail, finance, healthcare, insurance, etc. are really able to keep up with the scale and sophistication of attacks aimed at committing fraud? Are they considering FRIP solutions for specific use cases?

Watch

Passwords: Dead, but Not Gone

Apr 22, 2022

Organizations are looking to eliminate passwords because they are costly and difficult to manage, they result in poor user experiences, and they are easily compromised, enabling 81% of breaches. But despite these efforts, many passwords remain unsecured. These passwords can still be compromised, and must be managed to mitigate the risk.

Watch

Passwordless Customer Authentication: Reduce Friction and Increase Security

Apr 19, 2022

Acquiring and retaining customers is key in the modern world of e-commerce, but this can be challenging if creating and accessing accounts is difficult. Online traders need to find ways of turning authentication into a competitive edge by reducing friction and improving security.

Watch

Increasing the Adoption of MFA and Risk-based Authentication

Apr 18, 2022

A recently published study shows that the use of strong authentication in enterprise environments is at a very low level. John Tolbert explains this finding to Matthias and together they discuss how to find a way out of this situation.

Watch

Policy Based Access Control for Cloud-Native Applications

Apr 13, 2022

As companies shift to cloud-native applications, the complexity of a microservices framework can be daunting. When applications are built in a cloud-native stack, authorization is also infinitely more complex. Crucially, Open Policy Agent (OPA) decouples policy from code, enabling the release, analysis, and review of policies without impacting availability or performance.

Watch

Leadership Compass Container Security

Apr 11, 2022

Securing containers along their lifecycle and wherever they are deployed is a cybersecurity challenge. And it is a new topic for KuppingerCole Analysts. Alexei Balaganski joins Matthias to talk about the just recently completed Leadership Compass on Container Security.

Watch

Protecting the Business From Software Supply Chain Threats

Apr 08, 2022

Recent events such as the SolarWinds and Kaseya compromises by malicious actors have demonstrated the need to focus significantly more on software supply chain security. According to a report from ENISA, supply chain attacks are increasing, with 66% of attacks focusing on source code and 62% exploiting customer trust in suppliers. This is a risk organizations can’t afford to ignore.

Watch

Composable Enterprises

Apr 04, 2022

Martin Kuppinger gives Matthias one of these rare insights into the process of creating and delivering the next great opening keynote of an event. With EIC 2022 being already in sight in May 2022 in Berlin, they talk about the composable enterprise and more perceived or actual buzzwords, and how to make sense of this in a business context.

Watch

Understanding the Unified Endpoint Management (UEM) Market

Mar 31, 2022

Business IT environments continue to undergo rapid and continual change as businesses seek to improve productivity and efficiency by adopting cloud-based services and enabling employees to work on a wide range of mobile devices. But this has in turn created opportunities for attackers.

Watch

A first look at the new Trans-Atlantic Data Privacy Framework

Mar 30, 2022

On March 25th, 2022 the European Commission and the US government announced a new agreement governing the transfer of data between the EU and the US. Mike Small and Annie Bailey join Matthias to have a first look as analysts (not lawyers) at this potential milestone for data privacy between the European and the US regions.

Watch

An Agile Approach to Customer Identity and Access Management (CIAM)

Mar 25, 2022

Business success in the digital era depends on delivering seamless and secure customer experiences. Failure to do so can easily result in abandoned shopping carts, fraudulent transactions, and regulatory fines. However, delivering exceptional experiences and keeping pace with the speed of business is challenging.

Watch

Zeroing in on Zero Trust

9 videos

Playlist

Practical Zero Trust: From Concepts to Quick Wins to a Strategy

Mar 23, 2022

So, you’ve heard a lot of impressive things about Zero Trust, and how implementing it in your organization should solve most of your security problems, especially these days, when people still primarily have to work remotely. Now you would like to start with Zero Trust as soon as possible, but still unsure how to separate truth from fiction and how to turn theory into practical steps? Then you are at the right event! But before jumping to specific technologies in later presentations, we have to address some common misconceptions and dispel a couple of myths. Most importantly, we...

Watch

Siemens – heading towards our Zero Trust Vision and how we measure the implementation status

Mar 23, 2022

Getting a global IT company Zero Trust ready is a huge challenge. And now imagine you have to do that plus hundreds of factories, trains, and other machines as well as tools. Siemens is already in the middle of that enormous process. To give you an insight how to cope with such a challenge, Thomas Mueller-Lynch and Peter Stoll will share today how important their target vision is. how they want to reach that vision – and why they know they never will. how they measure their progress on defined KPIs.

Watch

And Now What? How to Approach Zero Trust for Success

Mar 23, 2022

Fabrizio has been working on Zero Trust Architectures since 2017. In this talk, he will show how to approach a Zero Trust initiative (or program) in the most successful way. The presentation will touch on both strategical and tactical approaches and what needs to be considered for each.

Watch

Identity as the Key to Zero Trust Maturity

Mar 23, 2022

Okta’s vision is to enable everyone to safely use any technology. Trust is critical to our business and our customers' success. Markus Grüneberg will speak about the modern digital identity and how to use them to build a robust security strategy. In this keynote he will present among maturity stages Okta's role model for Zero Trust.

Watch

Panel | Best Practices to Get Started on Your Zero Trust Journey

Mar 23, 2022

As organizations continue to grapple with security issues, a 'zero-trust' approach to cybersecurity has been touted as a potential solution to enhance enterprise security. However, taking on Zero Trust architectures can be an overwhelming experience for even the most seasoned cybersecurity professionals. This panel session features security leaders who go beyond network principles reliant on the “never trust, always verify” philosophy to focus on effective deployment of a Zero Trust strategy at your organization.

Watch

Interview with Eleni Richter

Mar 23, 2022

Watch

Pitfalls in the Road to Zero Trust

Mar 23, 2022

Zero trust promises better security in a highly interconnected world, but many of the tenets of zero trust are contradictory to entrenched practices and ideas. Getting beyond MFA into a true zero trust environment isn't an incremental change, it's a radical restructuring of how resources are secured and accessed. Encrypt everything - True end to end encryption means that data packets can't be inspected for malware in between the source and destination. Are your endpoints ready? Can your policies adapt? Micro-segmentation - Preventing lateral movement of an attacker...

Watch

Standards and Zero Trust

Mar 23, 2022

While many in our industry see Zero Trust as the new security architecture paradigm that will increase security program effectiveness, reduce entropy of security architectures, and finally bring the advances in information security that were promised by de-perimeterization over a decade ago, the lack of standards around what ZTA actually is present a potential barrier to adoption. This talk will : discuss why standards are critical in the Zero Trust area provide an overview of the standards landscape around zero trust describe the benefits to user organizations...

Watch

Enterprise Readiness for Zero Trust

Mar 23, 2022

Preparing to embark on the Zero Trust journey for your Enterprise users can be daunting. Discussed will be a consolidated review of objectives, resources, policies, and other considerations required to honestly assess your current organization and plan your strategy for gracefully embracing zero trust for your workforce.

Watch

EIC Blog | Interview with Tatsuo Kudo

Mar 22, 2022

Watch

Practical Zero Trust

Mar 21, 2022

This time Alexei Balaganski and Matthias look at practical approaches to actually implementing Zero Trust for specific, real-life use cases. On this occasion, they also finally unveil the connections between Zero Trust and Feng Shui.

Watch

Zero Trust: Putting Theory Into Practice

Mar 18, 2022

Now is the time to implement the Zero Trust security model because the traditional model of enforcing security at the network perimeter is no longer effective. However, moving from theory into practice can be challenging unless you start with a key element like effective endpoint management.

Watch

Putting GAIN to the Test

Mar 14, 2022

GAIN (the Global Assured Identities Network) is entering a new phase. On March 2, the technical proof-of-concept group was launched to actually test the concepts. Annie Bailey and Matthias have a look at the list of participants, the agenda, and the potential outcomes of this PoC. And provide a sneak peek at more about GAIN at the upcoming EIC 2022 in Berlin in May.

Watch

Eliminate Passwords With Invisible Multi-Factor Authentication

Mar 11, 2022

A high proportion of data breaches and ransomware attacks exploit stolen credentials. Eliminating passwords with multifactor authentication is an effective way to reduce the risk of unauthorized access to company networks, systems, SaaS applications, cloud infrastructure, and data. But not all MFA systems are created equal.

Watch

From Third-Party Cookies to FLoC to Google Topics API

Mar 07, 2022

Online tracking is a highly visible privacy issue that a lot of people care about. Third-party cookies are most notorious for being used in cross-site tracking, retargeting, and ad-serving. Annie Bailey and Matthias sit down to discuss the most recently proposed approach called „Topics API“.

Watch

Enabling Full Cybersecurity Situational Awareness With NDR

Mar 02, 2022

Effective cyber defense depends on detecting, preventing, and mitigating threats not only on desktops, laptops and servers, but also on the network, in the cloud, and in OT, ICS and IoT, which is where Network Detection & Response (NDR) solutions come into play. Support for a security operations (SecOps) approach is essential as remote working becomes commonplace.

Watch

Frontier Talk

The Story is the Strategy | Frontier Talk #9 - Mike Kiser

Mar 01, 2022

In this episode, Raj Hegde is joined by Mike Kiser - Director of Strategy and Standards at SailPoint to explore the relevance of #storytelling in enterprise and to help you become a world-class business communicator. Tune in to this episode to learn about storytelling frameworks, the power of #curiosity, reading a room, narrative arcs, etc. Find your voice via episode 9 of the Frontier Talk podcast! Subscribe to Frontier Talk! Apple Podcasts: https://podcasts.apple.com/podcast/frontier-talk/id1561982846 Spotify:...

Watch

Access Control Solutions for SAP Solutions

Feb 28, 2022

Access control tools for application environments, which include SAP in particular, but also a growing number of other business applications, are becoming increasingly important for compliance and cybersecurity. They also serve as a basis for granting proper access to employees efficiently. Martin Kuppinger and Matthias look at this market segment and at new, innovative solutions, on the occasion of very recent research that has just been published.

Watch

Die Rolle von Identity Security bei Zero Trust

Feb 25, 2022

„Zero Trust“ ist heute für die meisten CISOs ein regelmäßiges Gesprächsthema. Im Kern geht es bei Zero Trust um das Prinzip der kontinuierlichen und sorgfältigen Zugriffskontrolle an mehreren Stellen für alle Benutzer beim Zugriff auf Netzwerk- und Systemressourcen ebenso wie Daten. Das ist erst einmal nichts Neues, bringt jedoch eine neue Fokussierung für die Frage, was und wie man IT-Sicherheit und Identity Security umsetzt. Zugriff muss mehr, detaillierter und besser gesteuert und kontrolliert werden.

Watch

Data Catalogs and Metadata Management

Feb 21, 2022

Data catalogs and metadata management solutions help capture and manage data from all enterprise data sources to enable the use of that data and support data governance and data security initiatives. This interesting and growing market segment is the topic this week when Martin Kuppinger and Matthias sit down for the Analyst Chat podcast.

Watch

Licensing Strategies for Vendors and Customers

Feb 14, 2022

The conclusion of a tool choice process is usually the consideration of commercial aspects, i.e. software costs and licensing. Martin Kuppinger and Matthias look at this central aspect and discuss different approaches to make different offers comparable, but also give recommendations to vendors on how they can make decisions easier for their potential customers.

Watch

Zero Trust: Now Is the Time and PBAC Is Key

Feb 11, 2022

Now is the time to implement the Zero Trust security model because the traditional model of enforcing security at the network perimeter is no longer effective with users, devices and workloads moving outside the corporate network, but success depends on understanding the essential components of a Zero Trust Architecture.

Watch

From SIEM to Intelligent SIEM and Beyond

Feb 07, 2022

A comprehensive cybersecurity strategy typically includes the use of modern, intelligent Security Information and Event Management (SIEM) platforms. These go far beyond simply aggregating and analyzing log files. Alexei Balaganski outlines the latest market developments based on his recently published Leadership Compass on "Intelligent SIEM Platforms" and explains the differences to other market segments together with Matthias.

Watch

Cloud Backup and Disaster Recovery Done Right

Jan 31, 2022

The importance of efficient and secure cloud backup and recovery is often underestimated. Mike Small explains these two disciplines to Matthias and looks at the market of available solutions on the occasion of his recently published Leadership Compass. He also provides valuable guidance on what a strategy and its successful implementation can look like in this area.

Watch

A Delegated Model for B2B Access Management

Jan 26, 2022

In the digital age, collaboration is becoming more dynamic and integrated than ever before. External partners often require specific information, and therefore need access to internal systems. Providing efficient processes to manage partners is key to building a strong partner network.

Watch

From IT GRC to Integrated Risk Management Platforms

Jan 24, 2022

The three biggest threats to business resilience are IT Risk, Compliance Risk, and Vendor Risk. Integrated Risk Management Platforms address these risks. KuppingerCole's Lead Analyst Paul Fisher has analyzed this market segment recently and he joins Matthias to talk about recent developments and the market in general.

Watch

New Methods to Accelerate Endpoint Vulnerability Remediation

Jan 21, 2022

IT endpoints are no longer just workstations and servers confined to corporate headquarters, branch offices, customer sites, and data centers, they can now be just about anything located anywhere, from employee homes to airports, hotels and in the cloud. But every endpoint represents a potential entry point for cyber attackers, and needs to be managed.

Watch

Privacy and Consent Management

Jan 17, 2022

"Privacy and Consent Management" is an exciting topic in a continuously changing market. Annie Bailey has just completed her latest Leadership Compass, which researches this market segment. To mark the release of this document, she joined Matthias for an Analyst Chat episode where she talks about the innovations and current developments. In A Nutshell In the episode 108 “Privacy & Consent Management” Matthias hosts Anne Bailey. Q: “From a definition point of view, what do we need to think of when we talk about privacy and consent management?”...

Watch

Are You Ready for Security Automation?

Jan 14, 2022

Security Orchestration, Automation & Response (SOAR) tools are the latest in the evolution of automated cyber defenses and are set to become the foundation of modern Security Operations Centers (SOCs). But SOAR is not only for large enterprises. The benefits for smaller organizations should not be overlooked.

Watch