Blog by Martin Kuppinger

Blog
The Ping/ForgeRock combination
by Martin Kuppinger
Joining forces to compete against Microsoft and Okta A couple of months ago, the series of acquisitions of SailPoint, ForgeRock, and Ping Identity by Thoma Bravo triggered discussions and rumors about the impact on the broader Identity & Access Management (IAM) market. Recently, Thoma Bravo announced that ForgeRock would be combined into Ping Identity. Such merger & acquisition (M&A) developments prompt the spate of usual questions: What does this mean to customers of the two companies? What to expect strategically from the combined companies? Where are the...
Read More
Blog
Securing the Digital Universe: Where Do We Even Start?
by Martin Kuppinger
What a huge topic. The Digital Universe. Is this more than the Metaverse or less? Anyway: We live in the Digital Age. The vast majority of organizations rely on digital services to run at least parts of their business. Every one of us is consuming such digital services. They are ubiquitous. But this bigger ecosystem of connected digital services, of consumers and customers and citizens, of businesses and governments, of business partners and suppliers, of devices and things is at risk. It is under attack, continuously. The golden rule is: Once you are connected, you are under attack. No...
Read More
Blog
Microsoft Putting Decentralized Identities Into Practice
by Martin Kuppinger
Decentralized Identities in all their facets have been a hot topic at the European Identity and Cloud Conference 2023 (EIC) , which ran in Berlin last week. Just a few days before, Microsoft announced their support for Verified Workplace in LinkedIn using Microsoft Entra Verified ID . Verifying the workplace What Microsoft announced is focused on a particular use case, the verification of workplaces of LinkedIn members. It builds on multi-step verification. The entry level is workplace email verification. There is little friction in that. Organizations can verify the work...
Read More
Blog
Microsoft Security Copilot: Value-adding Generative AI
by Martin Kuppinger
Just recently, Microsoft announced the Microsoft Security Copilot , a new security offering based on a combination of the GPT-4 language model, the well-known technology provided by OpenAI that also powers ChatGPT and Microsoft Bing, and Microsoft’s own technology, data, knowledge, and security-specific model from their ongoing global threat intelligence. As the name indicates, the new solution, which is not publicly available yet, is positioned as a “copilot” augmenting the security analysts in SOCs (Security Operations Centers) / CDCs (Cyber Defense Centers) and...
Read More
Blog
Identity Fabrics: Where Do You Stand? Where Should You Go?
by Martin Kuppinger
A maturity level matrix for Identity Fabrics The term and concept of Identity Fabrics has become popular in recent years. We observe widespread adoption of the concept as the foundation for further evolving IAM (Identity & Access Management) infrastructures. To provide a guideline for organizations, KuppingerCole Analysts have developed a maturity model for Identity Fabrics, as we have done for other areas of IAM and cybersecurity . What makes up maturity of an Identity Fabric When working on such maturity models, the first question to ask is what makes up maturity in that...
Read More
Blog
Passwordless Authentication 101
by Martin Kuppinger
Passwordless authentication has become a trending topic in IT over the past two years. This comes to no surprise, with all the password-related security incidents that happened in the past years. Passwords are known as a security risks, and passwords are inconvenient to the users. Passwordless authentication bears the promise of increasing security and reducing friction. Done right, this is true. Passwordless authentication can overcome the notion of “balancing security with convenience”, which factually says that convenience goes down when the level of security increases, to a...
Read More
Blog
Enhancing Zero Trust in a ServiceNow Environment
by Martin Kuppinger
Zero Trust has been established as the guiding principle for cybersecurity. The “don’t trust, always verify” approach stands for methods that don’t rely only on singular security tools, such as the traditional network perimeter firewall, to keep attackers out. Instead, Zero Trust builds on layered security and repeated or  continuous verification. The concept of Zero Trust has evolved beyond a network perspective, restricting lateral movements of users once they have passed the firewall. It involves a broader model that looks at many different layers of...
Read More
Blog
Martin Kuppinger's Must Watch Sessions
by Martin Kuppinger
CSLS (Cybersecurity Leadership Summit) 2022, a fully hybrid event taking place Nov 8th to 10th in Berlin, is approaching quickly. Being asked to pick few must watch sessions, I had the challenge of selecting only a few, instead of a long list of sessions worthwhile to attend or stream. Here are my five favorites.  Frank Fischer, CISO of the Deutsche Bahn, will talk about the role a Software Bill of Materials (SBOM) can potentially play in increasing cyber resilience. Just a hype or the one thing we need to tackle Cybersecurity Supply Chain Security?  With...
Read More
Blog
Training Non-techies on Cybersecurity Awareness
by Martin Kuppinger
Most users are just a bit techie. Some more, some less. But as we all know, real cybersecurity experts are rare. Thus, it is best to assume that the ones you want to educate on cybersecurity awareness and response are no technical, nor cybersecurity experts.  However, with everyone of us being a user of devices in personal life, and everyone being in danger of cyber-attacks, cybersecurity awareness training has become way easier. The approach I take for several years now is to focus on what this means on the own device, in the personal life, and then to transfer to the business...
Read More
Blog
Thales Acquires OneWelcome: Beyond CIAM
by Martin Kuppinger
Thales, a global provider of advanced technology solutions, with more than 80,000 employees worldwide, and an established business unit for Digital Identity and Security, has announced the acquisition of OneWelcome, one of the leading European providers of CIAM (Consumer IAM). While the acquisition will provide OneWelcome with a go-to-market capability on a global scale, there are interesting options beyond that. OneWelcome delivers CIAM and B2B management capabilities, consent management, authentication support, and policy-based access control. Thales, on the other hand, has a variety...
Read More
1 2 3 4 5 6 7 Next