Director Cybersecurity Research
John Tolbert
John is the Director of Cybersecurity Research and Lead Analyst at KuppingerCole Analysts. John covers multiple cybersecurity and identity management topics, drawing upon his years of experience as a security specialist in both Fortune 50 companies and tech startups. John develops research strategies, conducts research, and advises enterprises on security architecture as well as security and identity management vendors on their product and service roadmaps. He has participated in technical standards development and was named an OASIS Distinguished Contributor in 2014. John regularly participates in KuppingerCole events and is often invited to speak at industry and security vendor events.
Roles & Responsibilities at KuppingerCole
As Director of Cybersecurity Research, John keeps up to date on threats, trends, and product developments across the industry, in order to set the agenda for cybersecurity research. As a Lead Analyst, he conducts research on established and leading-edge cybersecurity solutions.
Background & Education
As Lead Analyst, John covers a number of different research areas, outlined below. John also advises cybersecurity and IAM vendors, from startups to Fortune 500 companies, regarding their product and service roadmaps.
Areas of coverage
Cybersecurity
- Fraud Reduction Technologies
- eXtended Detection & Response (XDR)
- Endpoint Protection, Detection, and Response (EPDR)
- Network Detection & Response (NDR)
- User Behavioral Analysis (UBA)
- Security Orchestration Automation & Response (SOAR)
- Secure Access
- Threat Deception Technologies
- Industrial Controls Systems Security
- Data Leakage Prevention (DLP)
IAM
- Authentication, Authorization, and Federation
- Identity Threat Detection & Response (ITDR)
- Consumer IAM (CIAM)
- Zero Trust Architecture
Professional Experience
John has specialized in security and identity management throughout his career, which spans working for companies in the manufacturing, aerospace and defense, and software industries.
Latest research
Leadership Compass
SASE Integration Suites
February 06, 2023
This report provides an overview of the market for Secure Access Service Edge (SASE) Integration Suites. In this Leadership Compass, we examine the market segment, vendor service functionality, relative market share, and innovative approaches to providing SASE Integration solutions.
Leadership Compass
CIAM Platforms
September 27, 2022
This report provides an overview of the market for Consumer Identity and Access Management solutions and provides you with a compass to help you to find the CIAM product or service that best meets your needs. We examine the market segment, vendor product and service functionality, relative…
Executive View
Malwarebytes Nebula and Incident Response
August 25, 2022
Organizations and individuals are constantly under threat by malware. Malware variants evolve and proliferate daily, making it increasingly difficult to prevent infections, compromises, and consequences such as data leakage and damage. While Endpoint Protection (EPP) solutions are primarily…
Leadership Brief
Advanced IT security solutions for OT environments
August 09, 2022
Industrial Control Systems operators are increasingly targeted by Advanced Persistent Threat (APT) actors and cybercriminals as digital transformation accelerates. Many hitherto isolated systems now connected, which introduces additional risks from enterprise IT and the cloud. Although such…
Whitepaper
Identity & Security: Addressing the Modern Threat Landscape
July 12, 2022
Identity and Access Management (IAM) and Cybersecurity have for too long been separate disciplines with distinct solutions that have not interoperated optimally. This has put defenders at a disadvantage because malicious actors have increasingly made IAM solutions a primary vector of attack…
Market Compass
Cybersecurity for Industrial Control Systems
June 23, 2022
Focus on Operation Technology (OT) is increasing for two reasons: firstly, governments worldwide have, or are threatening to, intervene in cases of compromise of OT infrastructure and secondly, many companies are now investing in IoT (Internet of Things) technology to support their business…
Latest blog posts
Blog
Security for Operational Technology Environments
September 05, 2022
Operational Technology (OT) systems encompass Industrial Control Systems (ICS), Critical Infrastructure Systems (CIS), and Industrial Internet of Things (IIoT). OT environments face threats similar to those that traditional enterprise IT systems do, as well as threats unique to each type…
Blog
PCI-DSS 4.0 launched
April 22, 2022
The Payment Card Industry (PCI) Standards Council has published a major update to the Data Security Standard (DSS), version 4.0. This version is an improvement over the current version, 3.2.1, which came out in 2018. The new publication directs organizations that need to be…
Blog
SentinelOne Acquires Attivo Networks: A Big Leap Forward to Security With Identity
March 15, 2022
SentinelOne has announced that they will acquire Attivo Networks, a leading Distributed Deception Platform (DDP) and Identity Threat Detection & Response (ITDR) solution provider. This appears to be a good move for SentinelOne, which is a leading Endpoint Protection Detection &…
Blog
Has Your Organization Rolled Out MFA Yet?
January 27, 2022
Have you entered a password somewhere today? Do you wonder why you’re still having to do that? Did entering that password give you a feeling of digital safety? Did it make your consumer experience more enjoyable?
Cybersecurity and identity management experts have been proclaiming…
Blog
What is XDR?
June 25, 2021
Almost all enterprises have many security tools in place already, some of which are still focused on perimeters/DMZs and on hosts, such as servers and endpoints. Endpoint Detection & Response (EDR) tools are becoming more commonplace in enterprises and SMBs. EDR tools depend on agents…
Blog
Dark Side Ransomware Attacks
May 20, 2021
Last week Colonial Pipeline, one of the largest pipelines in the US, was hit by a ransomware attack from the Dark Side cybercrime group. While many pertinent specifics about the attack are not known, FireEye and US Cybersecurity and Infrastructure Security Agency (CISA) have shed some…
Latest videos
Webinar Recording
Debunking Common Myths about XDR
January 25, 2023
Join security experts from KuppingerCole Analysts and SentinelOne to help you get an understanding of what eXtended Detection & Response (XDR) really is, and why you should consider this emerging technology in your enterprise security stack.
John Tolbert, Director Cybersecurity…
Webinar Recording
Unify Identity and Security to Block Identity-Based Cyber Attacks
December 07, 2022
Join security and identity experts from KuppingerCole Analysts and ARCON as they discuss the importance of securing enterprise credentials, explain why a unified identity security approach in line with Zero Trust principles improve security and efficiency, and describe how to combine…
Analyst Chat
Analyst Chat #150: Clear and Present Danger - Ransomware Threats to Healthcare Providers
November 21, 2022
Only a week has passed since John Tolbert, our Cybersecurity Research Director, spoke at CSLS about ransomware and how to combat it. Today, he reports on specific threats posed by ransomware attacks to the healthcare industry, particularly in the US. But in the end, these are just examples…
Analyst Chat
Analyst Chat #147: How To Manage Your Clients, From Customers and Citizens to B2B and B2B2C
October 31, 2022
CIAM solutions are designed to address specific technical requirements that consumer-facing organizations have that differ from traditional “workforce” or Business-to-Employee (B2E) use cases. John Tolbert has revisited this market segments for the updated Leadership Compass…
Webinar Recording
A Winning Strategy for Consumer Identity & Access Management
October 19, 2022
Success in digital business depends largely on meeting customers’ ever-increasing expectations of convenience and security at every touchpoint. Finding the best strategy to achieve the optimal balance between security and convenience without compromising on either is crucial, but can…
Webinar Recording
A Zero Trust Approach to Cyber Resilience
October 13, 2022
Security in many organizations is not evolving fast enough to keep up with business transformation, including migration to the cloud and to Industry 4.0. These changes, while essential to remain competitive, bring fresh security risks. A new approach is needed to ensure cyber…
