People
Lead Analyst

Paul Fisher

Paul Fisher is a Senior Analyst who researches primarily on cybersecurity and identity and access management (IAM). He also studies trends in AI, IoT and data governance for different industry sectors including automotive. Paul is responsible for managing relevant quantitative research at KuppingerCole.

He has been an IT journalist and analyst since 1991. In that time, he served as editor in chief of several major IT and business titles in the UK. Paul has worked as a communications consultant with IBM, HP Enterprise Security Services, Sky UK and other leading companies on data security and IT projects.

pf@kuppingercole.com

Latest research

Whitepaper
Cloud Access Governance
January 26, 2023
Across the globe there has been a significant increase in the adoption of cloud and multi-cloud environments, as businesses scramble to take advantage of digital transformation. With more clouds comes more access and more data spread across expanding IT infrastructures. With a further shift…
Read now
Leadership Compass
Privileged Access Management
January 11, 2023
This KuppingerCole Leadership Compass provides an overview of insights on the leaders in innovation, product features, and market reach for Privileged Access Management (PAM). These vendors use a variety of software tools to enable organizations to control, and monitor privileged access to…
Read now
Whitepaper
Secure Software Supply Chains
January 04, 2023
Major cyber-attacks such as the SolarWinds and Kaseya incidents demonstrate the need to focus significantly more on software supply chain security as well as traditional cyber defense areas. Avoiding the code tampering that occurred in both of those attacks by criminals and internal…
Read now
Executive View
Beyond Identity Secure DevOps
November 25, 2022
Organizations that fail to secure access to resources are at risk of suffering from cyberattacks, data loss or compliance failure. As the market grows and business demands become more acute, vendors are innovating to provide secure authentication for dynamic access to resources in the cloud…
Read now
Whitepaper
Understanding and Managing Privileged Access to Databases and Other Data Resources
October 13, 2022
This Whitepaper analyses the issues surrounding access management, privacy, security and compliance when identities access compute and storage resources, with a special focus on database technologies commonly found in modern enterprises.
Read now
Executive View
NETAND HIWARE Privileged Session Management (PSM)
October 13, 2022
As organizations modernize IT and adopt multi-cloud infrastructures to support evolving business processes involving thousands of users and workloads, it’s difficult to know who has access to what data across which platforms. This lack of visibility and security can lead to chronic loss of…
Read now

Latest blog posts

Blog
Stop attackers enjoying a pick ‘n’ mix attack surface
December 09, 2021
We know that the way forward for business IT is to use multi-hybrid architectures for long term agility of operations. Such architectures will include multiple clouds for new services, on-prem stacks, edge devices, OT integration and much more. But while the need for multi-hybrid is clear,…
Read now
Blog
Complex Modern Business Needs Trusted IT Partners to Be Secure
October 08, 2021
In today’s business environment, companies have three major challenges – making a profit, finding great people, and staying ahead of the competition. That’s quite enough, but they also have major operational challenges with IT, cyber security, and compliance. For example,…
Read now
Blog
Microsoft’s Threat Intelligence Play is Good News for Customers in Fight Against Ransomware
July 19, 2021
This week, Microsoft made official its agreement to acquire Threat Intelligence vendor RiskIQ in a deal rumoured to be worth around $500m. It is not an unusual event; Microsoft has absorbed five businesses already in 2021, and usually it is to acquire a discrete technology it deems useful…
Read now
Blog
PAM Is Changing and You Need to Know Why
April 22, 2021
What is left to say about PAM that has not already been said? Well in my opinion, quite a lot – as I hope you find out when you join me at the forthcoming KCLive Event, Operationalizing Privileged Access Management. I talk to PAM vendors all the time and I believe it is a truly…
Read now
Blog
Time CISOs Stopped Trying to Speak to the Board?
March 31, 2021
I have been covering cybersecurity issues, first as a journalist then as an analyst, since 2006. In that 15 years I have heard the mantra that security is a boardroom issue hundreds of times. The subject has filled countless conference talks and media articles. It appears that the…
Read now
Blog
AI and Healthcare
March 19, 2020
AI's role in reducing the impact of future pandemics As the coronavirus spreads fear and panic across the world, it’s perhaps timely to take a step back and consider the future of healthcare and how AI will help. But first let’s consider that the coverage and spread of the…
Read now

Latest videos

Webinar Recording
Championing Privileged Access Management With Zero Trust Security
January 20, 2023
A modern approach to securing privileged accounts is to apply the principle of Zero Trust: Never trust, always verify. While Zero Trust is not an off-the-shelf solution, it is modern vendors of PAM solutions that recommend using this security principle to cement the technical capabilities…
Watch now
Analyst Chat
Analyst Chat #156: CIEM Is Entering the Privileged Access Management Market
January 16, 2023
The PAM market is changing and expanding. Paul Fisher talks about the latest trends for Privileged Access Management, the role of CIEM, mergers and newcomers in this important market segment.
Watch now
Webinar Recording
Implementing Zero Trust With Privileged Access Management Platforms
December 16, 2022
Among the many approaches to do that, Zero Trust is one where organizations apply the principle of “never trust – always verify”. Since Zero Trust is not a single product or solution, implementing processes that work accordingly can be a challenge to IT teams that want to…
Watch now
Webinar Recording
Secure DevOps: Key to Software Supply Chain Security
November 30, 2022
It is vital to guarantee application security at the earliest stages in the development lifecycle when source code is most vulnerable, according to Paul Fisher at KuppingerCole and Jasson Casey at Beyond Identity. Join these experts as they discuss the challenges and importance of secure…
Watch now
Webinar Recording
Implementing Modern and Future-Proof PAM Solutions
October 14, 2022
Privilege Access Management (PAM) is changing, driven by the move of most businesses from on-prem IT applications and infrastructure to the cloud, resulting in a multi-could, multi-hybrid IT environment. This has resulted in a proliferation of privileged identities that need to be…
Watch now
Webinar Recording
A DevSecOps Maturity Model for Secrets Management
October 07, 2022
Recent high-profile software supply chain attacks have highlighted the importance of security in the DevOps environment. But this can be challenging because DevOps teams are at the forefront of digital transformation and use agile techniques to deliver applications quickly, often not…
Watch now