KuppingerCole Blog

Blog
Enter Microsoft Entra
by Anne Bailey
Today, Microsoft announced a new name for their identity product family which encompasses familiar capabilities alongside new capability launches. Microsoft Entra covers identity, including Azure Active Directory (Azure AD), Permissions Management, and Verified ID. Azure AD is a familiar offering and will remain available stand-alone. But it is now accompanied by a Cloud Infrastructure Entitlement Management (CIEM) offering and a decentralized identity offering. At first glance, Microsoft Entra Permissions Management has a smattering of interesting functionality like visibility on...
Read More
Blog
The Changing Market for Access Control & Risk Management for Business Applications
by Martin Kuppinger
Pathlock’s acquisition tour is changing the market dynamics A few days ago, Pathlock, one of the leading providers in the market for Access Control & Risk Management for Business Applications , has announced a merger with Appsian and Security Weaver, and the acquisition of CSI Tools and SAST Solutions. With that, five of the vendors in this market segment, become one. In our recent Leadership Compass on Access Control Solutions for SAP and other LoB (Line of Business) Applications , we had covered overall 23 vendors. With five of these merging into one, it becomes apparent...
Read More
Blog
Identity Fabrics 2
by Warwick Ashford
In the digital era, being able to manage and control access to services, data and other resources by employees, partners, customers, and devices (things) is extremely important, and a key element of that is identity. Having a comprehensive Identity and Access Management (IAM) capability, therefore, is essential for any modern business. In fact, the management of identities and permissions in digital transformation is the key to security, privacy, compliance, governance, and audit, as well as system usability and user satisfaction. Traditional IAM systems meet only a fraction of current...
Read More
Navigator
Endpoint Protection, Detection & Response
by Warwick Ashford
Cyber-attacks are continually evolving and so too is the approach organizations are taking to defend themselves, and nowhere is this more evident than in Endpoint Protection, Detection & Response (EPDR) technologies which show the shift from prevention or protection alone to a much more realistic and proactive approach that assumes breach and adds detection and response. Most organizations now understand that 100% security is almost impossible to achieve, and although prevention is preferable with some types of malware attacks such as ransomware and wipers, in many cases determined...
Read More
Blog
Ransomware in 2022
by Nitish Deshpande
Cybercriminals continue to cause disruption for organizations in 2022. Depending on the cyberattack type, those disruptions lead to various consequences, such as reputational/brand damage, financial losses, and monetary penalties. One of the most prevalent types of cyberattacks is ransomware, accounting for approximately 10% of all cyberattacks in 2021. Ransomware is a form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption keys. Palo Alto Networks states...
Read More
Blog
Zero Trust vs SASE
by Warwick Ashford
As discussed in the last edition of KC Navigator, public sector organizations are increasingly early adopters in digital identity, digital transformation, and cybersecurity, providing the opportunity for private sector organizations to learn from public sector implementations and follow their lead. Within cybersecurity, government adoption of a Zero Trust approach to security, particularly in the US, is a prime example of where the public sector is providing a lead for the private sector to follow because both sectors are potential targets of the same cyber threats. Zero Trust is not...
Read More
Blog
Will Users and Organizations Have Trust in Keys Roaming via the Cloud?
by Alejandro Leal
The need for authentication standards In the cybersecurity industry, many new technologies–particularly those related to identity management and authentication–are constantly driving change and innovation. Yet one thing remains the same: the use of passwords continues to pose a threat to an organization’s IT security. As long as passwords continue to be used, users and organizations will remain vulnerable to attacks. Fortunately, due to the development of new solutions and authentication standards, replacing passwords as the dominant form of authentication on the...
Read More
Blog
Government and Technology
by Warwick Ashford
Although there are some differences, in many ways the business IT and cybersecurity requirements of government are very similar to those of private sector organizations, and therefore public sector initiatives can often offer insights on tackling common challenges. Public and private organizations both have to ensure the services are agile and innovative to remain cost effective and provide good user experiences, both have to ensure privacy for users of their services, both have to manage user access based on identity, and both have to face similar cyber security threats against...
Read More
Blog
In the Midst of Change, Somethings Remain the Same
by Richard Hill
Industry 4.0 is the fourth revolution in manufacturing. I won't bore you with the details of the prior iteration or versions and how we got where we are today, only that Industry 4.0 promises to take the interconnectedness of devices and machines to a new level. Smart or intelligent computing and autonomous systems using analytics and AI/ML techniques supported by big data are integral parts of the industry 4.0 paradigm. Industry 4.0, in short, is a significant change and will impact a manufacturing organization's digital transformation. A Bow Wave of Devices and Machines Since the...
Read More
Blog
Ever-Growing Attack Surface
by Osman Celik
The era we are living in has transformed the Internet and IT from being a convenience for people and organizations into a cyber liability. In an IT infrastructure, almost any system is now an integrated system that has internet connectivity. With assets, devices, resources, hardware, and software, being changed, patched, or updated continuously, it is critical to have an approach that continuously collects and classifies the inventory, discovers the risks, and monitors the organization’s IT infrastructure. Classifying, protecting, and identifying digital assets have always been a...
Read More
Previous 4 5 6 7 8 9 10 Next