KuppingerCole Analysts

Organizational identity is no longer optional In this episode of the KuppingerCole Analyst Chat, host Matthias Reinwarth is joined by cybersecurity research director John Tolbert to talk about the rising threats of organizational fraud, rogue merchants, and the growing need for robust identity verification at the business level. Topics covered: What are rogue merchants, and how do they operate? The staggering fraud numbers behind the Paycheck Protection Program (PPP) The importance of Know Your Business (KYB) vs. Know Your Customer (KYC) Why legacy business verification methods are no longer enough How APIs, LEIs, and verifiable digital identities can help The role of CIEM and B2B CIAM in detecting and preventing organizational fraud Whether you're in cybersecurity, compliance, finance, or e-commerce, this episode unpacks how fraud at the organizational level is growing—and what tools and frameworks can stop it.

Unlock vital strategies on how to defend your organization from costly supply chain attacks by ensuring airtight third-party access management, understanding the latest regulatory demands, and implementing cutting-edge IAM solutions that go beyond perimeter defenses. Read the original blog post here: https://www.kuppingercole.com/blog/ashford/third-party-risk-is-the-new-front-door

In this episode, Matthias Reinwarth welcomes KuppingerCole Membership Product Owner Christie Pugh to share her unique perspective on the European Identity and Cloud Conference (EIC) 2025.

Beware the digital impostors! Deepfakes aren't just sci-fi anymore; they're here, and they're a threat to your bank account, your vote, and your trust. Peek behind the curtain of this digital deceit, where emerging technologies fight to expose forgeries and keep our truth intact. Discover the urgent strategies needed to outpace this digital battleground. Read the original blog post here: https://www.kuppingercole.com/blog/celik/what-to-expect-from-deepfake-threats-and-how-likely-are-we-to-develop-effective-detection-tools

Unveiling its European Digital Commitments, Microsoft moves to empower Europe's digital sovereignty! But is it enough to break free from US influence? Explore the balance between innovative data strategies, European partnerships, and the struggle against extraterritorial laws that challenge cloud independence. A riveting journey into the future of cloud sovereignty awaits. Read the original blog post here: https://www.kuppingercole.com/blog/small/microsofts-cloud-sovereignty-promises-progress-or-patchwork

In this episode, Matthias Reinwarth welcomes KuppingerCole Lead Advisor Patrick Teichmann to share his highlights from attending the European Identity and Cloud Conference (EIC) for the first time.

What were the key takeaways from EIC 2025? This week, Matthias Reinwarth speaks with Dr. Phillip Messerschmidt, IAM expert and advisor at KuppingerCole Analysts, to get a personal review of the European Identity and Cloud Conference 2025 and its highlights.

Get ready for EIC 2025!

One does not simply secure an enterprise without integration. In this episode of the KuppingerCole Analyst Chat, host Matthias Reinwarth sits down with cybersecurity expert Jonathan Care to explore the Cybersecurity Fabric — an emerging architectural concept designed to unify existing security tools, improve visibility, and enable automation and orchestration across your entire IT environment. Discover how this approach complements frameworks like Zero Trust and NIST, what benefits it brings to your organization, and how it can evolve alongside your security maturity.

Apple's defiance against the UK's call for a secretive surveillance backdoor marks a pivotal moment in digital privacy battles. With an open tribunal ruling, the clash between encryption integrity and governmental power unfolds publicly. Plunge into this landmark case influencing global tech policies, setting the stage for enhanced corporate resilience strategies. Read the original blog post here: https://www.kuppingercole.com/blog/care/uk-pushes-for-apple-backdoor

Dive into the complexities of US isolationism and uncover what it means for global cloud sovereignty. Gain insights on data privacy, operational challenges, and how these affect international businesses using US-based cloud services. Read the original blog post here: https://www.kuppingercole.com/blog/small/sovereign-cloud-geopolitical-risks

In this eye-opening episode of the KuppingerCole Analyst Chat, Dr. Kashyap Thimmaraju, postdoc researcher at TU Berlin and founder of FlowGuard Institute, joins Matthias Reinwarth to discuss his groundbreaking research into burnout, well-being, and flow state in Security Operations Centers (SOCs).

Join Matthias Reinwarth in this special episode of the KuppingerCole Analyst Chat as he welcomes not one but two expert guests: Nitish Deshpande, Research Analyst at KuppingerCole, and Martin Kuppinger, Principal Analyst and Co-Founder of KuppingerCole. Together, they explore the evolution of modern authorization, discussing how far the industry has come since the early days of static entitlements and XML-based policies. From early insights shared back in 2009 to today’s dynamic, AI-enhanced, signal-driven authorization models, this episode unpacks the what, why, and how of modern access control systems.

In this videocast, KuppingerCole Analysts' Senior Analyst Warwick Ashford is joined by Prakash Sinha, Senior Director and Technology Evangelist at Radware, to explore how security teams can drive Mean Time To Resolution (MTTR) close to zero. As AI-powered attacks increase in sophistication and frequency, security operations centers (SOCs) must evolve by leveraging automation and AI-driven incident response. Prakash shares insights on how AI can enhance threat detection, automate remediation, and reduce analyst workloads while maintaining governance and accountability. Discover practical steps for implementing AI-assisted security and the key success factors for modernizing SOCs in the face of an ever-changing threat landscape.

In a blockbuster $32 billion deal, Google aims to redefine cloud security with the acquisition of Wiz, propelling the industry into uncharted territory. As the allure of integrated security solutions promises to bridge fragmented environments, the spotlight is on Google's next moves in the battle against cyber threats. Dive into what's next for cloud security! Read the original blog post here: https://www.kuppingercole.com/blog/small/google-acquires-wiz

Step into the realm of modern identity management with federated identities but beware of potential pitfalls. Organizations are welcoming external partners into cloud environments, challenging traditional IAM frameworks. Unravel how your company can embrace this evolution while maintaining security, compliance, and efficiency. Read on to navigate these uncharted waters with confidence and strategic foresight. Read the original blog post here: https://www.kuppingercole.com/events/eic2025/blog/federation-without-frustration-setting-the-right-framework-for-external-identities

In the era of cloud-driven business, non-human identities are more pervasive than ever. They offer immense utility but also risky vulnerabilities. Discover how ITDR solutions are turning the tide in identity threat detection, ensuring that your organization's automated processes remain seamless and secure. The future of identity security starts here. Read the original blog post here: https://www.kuppingercole.com/events/eic2025/blog/rage-against-the-machines-itdr-and-the-rise-of-non-human-identities

In this episode of KuppingerCole Analyst Chat, host Matthias Reinwarth welcomes back Alexei Balaganski, Lead Analyst at KuppingerCole Analysts, to continue their deep dive into quantum computing and its impact on authentication security. They discuss the increasing risks posed by quantum threats, the vulnerabilities of current encryption standards, and the critical role of crypto agility in ensuring long-term security. The conversation explores how organizations can prepare for the post-quantum era, highlighting strategies such as hybrid cryptography, quantum-resistant algorithms, and zero-trust authentication models. Alexei shares insights into the latest advancements in quantum-safe security, regulatory considerations, and practical steps businesses can take to mitigate future risks. The episode wraps up with a look at emerging trends in quantum security and what the future holds for authentication in a rapidly evolving digital landscape.

In this episode of KuppingerCole Analyst Chat, host Matthias Reinwarth is joined by Martin Kuppinger, Principal Analyst at KuppingerCole Analysts, to explore the intersection of Non-Human Identities (NHI) and Identity Threat Detection and Response (ITDR). They discuss the growing importance of securing machine identities, service accounts, APIs, and automation processes, as well as the security risks associated with overprivileged accounts and mismanaged credentials. The conversation highlights how ITDR enhances traditional IAM and PAM solutions by providing real-time monitoring, anomaly detection, and automated threat response. Martin shares insights into AI-driven threat detection, zero-trust principles, and best practices for organizations looking to mitigate identity-based threats. The episode concludes with a look at emerging trends in ITDR and the future of machine identity security.

In an era where privacy is overshadowed by convenience and AI's immense capabilities, critical misconceptions and stark realities loom large. Are companies and individuals ready to protect what little privacy remains, or is it a lost cause in today's digital age? Discover the provocative debates shaping the future of privacy. Read the original blog post here: https://www.kuppingercole.com/blog/balaganski/privacy-and-data-protection-do-they-still-belong-together

The digital security apocalypse is looming, courtesy of quantum computing. Is your organization ready? As passwords cling to life, quantum computers threaten to dismantle existing encryption, rendering current authentication insufficient. Dive in to explore the dawn of post-quantum cryptography and the critical need for crypto-agility to safeguard your digital domain effectively. Read the original blog post here: https://www.kuppingercole.com/events/eic2025/blog/strong-authentication-in-a-post-quantum-world

Step into the future of travel where digital identity technologies are reshaping cross-border experiences. Explore the rise of innovations like automated verification, while uncovering regional success stories like SITA and India's Digi Yatra. Discover how international collaboration could make cumbersome passport checks a thing of the past. Welcome to the next era of seamless and secure global journeys. Read the original blog post here: https://www.kuppingercole.com/events/eic2025/blog/the-future-of-digital-travel-credentials-trust-adoption-and-the-eidas-20-framework

In today's interview, Mirela Ciobanu, Lead Editor at The Paypers, talks with John Erik Setsaas, Director of Innovation at Tietoevry Banking, about the challenges and opportunities in digital identity and fraud prevention at cyberevolution 2024.

In this exclusive interview, Mirela Ciobanu, Lead Editor at The Paypers, sits down with Justin Richer, CTO of UberEther, to explore the latest advancements and challenges in digital identity at cyberevolution 2024.

Stay updated on the future of CIAM: Learn about integrating privacy management, fraud intelligence platforms, and CDPs to enhance security and customer experience. Read the original blog post here: https://www.kuppingercole.com/blog/tolbert/whats-next-in-customer-identity-and-access-management

In this exclusive interview, Mirela Ciobanu, Lead Editor at The Paypers, sits down with Max Imbiel, CISO of BitPanda, to discuss the evolving challenges and opportunities in cybersecurity within the crypto space.

Explore the challenges of EU DORA compliance and why supply chain cybersecurity remains a critical concern. Uncover hidden risks and strategies for building resilience in financial services. Read the original blog post here: https://www.kuppingercole.com/blog/fisher/eu-dora-compliance-day-arrives-but-supply-chain-cybersecurity-remains-a-major-concern

In today's interview, Mirela Ciobanu, Lead Editor at The Paypers, talks with Sergej Epp, CISO at Sysdig, about the ever-evolving world of cybersecurity and its impact on industries worldwide.

Discover how to rethink Identity Governance and Administration (IGA) to meet the demands of a dynamic workforce, rapid application turnover, and evolving compliance needs. Learn key strategies for modernizing IGA with agility, automation, and policy-driven solutions. Read the original blog post here: https://www.kuppingercole.com/blog/kuppinger/rethinking-identity-governance-and-administration-iga-in-the-digital-era

As the world welcomed the New Year, the U.S. Treasury Department was busy investigating a cybersecurity breach. Read the original blog post here: https://www.kuppingercole.com/blog/leal/new-year-same-threats-hacking-the-treasury

In this exclusive interview, Mirela Ciobanu, Lead Editor at The Paypers, sits down with Andrzej Kawalec, Head of Cybersecurity for Vodafone Business, to explore the evolving landscape of cybersecurity and its critical role in driving innovation.

Discover how to turn cyber catastrophes into manageable incidents and fortify your business continuity with state-of-the-art backup and recovery strategies. Read the original blog post here: https://www.kuppingercole.com/blog/balaganski/zero-data-loss-peace-of-mind-in-the-ransomware-era

As we close another year, join us in reflecting on KuppingerCole’s journey from a niche identity management focus to becoming a leader in the intersection of identity and cybersecurity. Discover exciting new initiatives like our Rising Stars Program and explore the challenges and opportunities shaping the future of the industry. Watch now and hear how we’re empowering the community with insights, innovation, and tools to thrive in a rapidly evolving digital landscape. Wishing you a safe and secure holiday season and a successful 2025!

This blog addresses the integration of Identity and Access Management (IAM) with Artificial Intelligence ('AIdentity'). It calls for a shift to dynamic identity management for AI agents to mitigate security risks, highlighting KuppingerCole's Identity Fabric as a solution. Read the original blog post here: https://www.kuppingercole.com/blog/bailey/identity-for-ai-agents

Join us as we explore the major cybersecurity and IAM trends to keep an eye on in 2025. We’ll discuss the emergence of non-human identities, the hurdles of quantum-safe encryption, and the practical applications of AI and decentralized identity. Get ready to learn how these trends will influence the industry and how you can stay ahead of the curve.

We sit today with André from Unit 42 as he covers the rapidly changing landscape of cyber threats and points out some key trends in 2025, from increasing sophistication in cyberattacks to state actors gaining a greater upper hand. He provides insight into how organizations can prepare and defend against emerging risks. In this session, learn about the latest challenges and strategies for building cyber resilience in an increasingly complex global environment.

In this videocast, Tom Bruggeman from DPG Media shares how his team tackled the challenges of user authentication in a fast-changing media landscape. He highlights the role of open standards like OAuth and OIDC and explains how Authlete helped create a seamless and secure user experience. Tom also offers insights into future plans, including efforts to enhance user privacy and explore data wallet solutions.

Trust in data's power as Cohesity and Veritas unite to dominate the world of cyber resilience and data protection. This merger is more than market consolidation; it's the dawn of a new era in safeguarding digital enterprises. Read the original blog post here: https://www.kuppingercole.com/blog/small/the-marriage-of-cohesity-and-veritas

Discover the vital role of Identity and Access Management (IAM) in securing enterprises, especially as we navigate the growing demands of digital transformation and compliance. The blog introduces the KuppingerCole Identity Fabric, a robust framework aimed at bridging the gaps in current IAM strategies across companies. With an update expected in 2025, this Identity Fabric will include advanced conceptual designs and an IAM Reference Architecture. Read the original blog post here: https://www.kuppingercole.com/blog/reinwarth/the-kuppingercole-identity-fabric-2025

In this episode of the KuppingerCole Analyst Chat, Matthias Reinwarth is joined by cybersecurity expert John Tolbert to talk about essential tips for personal cyber hygiene. Together, they discuss practical advice for keeping your devices secure, avoiding common threats, and implementing best practices for online safety. Whether you're a tech-savvy professional or just starting to think about your digital security, this episode offers actionable insights to protect yourself and your loved ones in an increasingly connected world.

Trust in cybersecurity is built on the bedrock of Privileged Access Management. Explore how Syteca's innovative approaches redefine security, addressing today's challenges with precision and foresight. Read the original blog post here: https://www.kuppingercole.com/blog/fisher/the-role-of-pam-in-modern-cybersecurity

Matthias Reinwarth and Dr. Phillip Messerschmidt delve into the complexities of Cyber Supply Chain Risk Management (C-SCRM). They discuss the importance of understanding and mitigating risks that arise from external suppliers and the interconnected nature of modern supply chains. The conversation highlights the critical role of Identity and Access Management (IAM) in managing these risks, particularly in the context of federated identities and the challenges that arise from relying on third-party controls. The speakers emphasize the need for organizations to actively assess and manage risks, implement robust onboarding processes, and continuously improve their cybersecurity practices to protect against potential threats.

As digitalization accelerates in industrial and operational settings, Operational Technology (OT) environments have become more interconnected with enterprise IT and even cloud infrastructures. The increased connectivity often can provide more efficiency and new capabilities, but it also introduces complex security challenges. Protecting OT and IoT environments is critical but complicated due to the differences in functions and approaches to securing IT vs. OT infrastructures. Read the original blog here: https://www.kuppingercole.com/events/cyberevolution2024/blog/security-in-the-era-of-rapid-digitalization-in-operational-technology-environments

This Videocast episode explores the complexities and advancements in digital identity standards, focusing on FAPI, OAuth, and OpenID Connect. Martin Kuppinger and Joseph Heenan, CTO of Authlete, discuss the origins and purpose of FAPI, its adoption across various regions, and its significance in enhancing security and interoperability in financial services. They also highlight the role of Authlete in simplifying the implementation of these standards for developers and the emerging trends in decentralized identity and verifiable credentials.

Join Matthias Reinwarth and Alexei Balaganski as they dive into the changing world of cybersecurity. In this episode, they talk about Cyber Threat Intelligence (CTI) and Attack Surface Management (ASM), exploring how security is moving from old-school models to more proactive, real-time threat detection. They also discuss how AI is shaking things up in cybersecurity and why understanding the dark web is more important than ever. The takeaway? Organizations need to tap into expert CTI and ASM services to stay ahead of today’s complex cyber threats.

Trust in the digital age is under siege—explore how innovative cybersecurity measures can turn the tide against increasingly sophisticated attacks. Read the original blog post here: https://www.kuppingercole.com/blog/deshpande/redefining-cybersecurity-facing-the-next-generation-of-threats

Matthias and Christopher discuss the critical importance of cyber hygiene in the corporate context, especially in light of evolving threats such as AI-driven attacks, deepfakes, and ransomware. They emphasize the need for organizations to train employees on recognizing and responding to these threats, as well as the role of technology in both perpetrating and preventing cybercrime. The discussion also touches on the growing issue of disinformation and the necessity for vigilance in verifying information.