Click on the slide!

Enabling Business Agility

Live Webcast!             Learn how to protect data assets with a new data de-identification framework.

Click on the slide!

Rethinking Email Security

Live Webcast!             Learn the key concepts and best practices to protect and maintain private email…

Click on the slide!

Disaster Recovery in the Cloud

Live Webcast!             Join us on May 29th to learn how to develop a metric-driven program!

Click on the slide!

Lessons from the Target Data Breach

On-Demand               Play Now!

Frontpage Slideshow (version 2.0.0) - Copyright © 2006-2008 by JoomlaWorks
Martin Kuppinger

  • Real world face recognition and where paper beats the smartphone
    A few days ago, I was I was travelling in a local train, together with a business partner, from my office in Germany to an event in another city. We both learned a lot about the real world challenges of face recognition. While I already had a 24-hour ticket for travelling in and around that […]

  • Real-time Security Intelligence – more than just “next generation SIEM”
    Recently  a spotlight has been shed on the need for investing in Information Security solutions. The increase in cyber-attacks, the consistently high level of internal challenges, the appearance of more sophisticated types of long-running attacks (sometimes called Advanced Persistent Threats or APTs), the concerns regarding cyber-security following the Snowden revelations, the permanent challenge of dealing […]

  • The end of the Social Login begins: FIDO Alliance, Samsung, and PayPal to redefine authentication
    Recently, the FIDO Alliance announced that PayPal and Samsung were enabling consumer payments with fingerprint authentication on the new Samsung Galaxy S5. My valued colleague Dave Kearns and I have written various posts about the FIDO Alliance and the impact we expect they will have on the market of strong authentication and BYOI (Bring Your […]

  • The Mt. Gox Bitcoin disaster and the need for innovation in the finance industry
    A few days ago, Tokyo-based Bitcoin exchange Mt. Gox appeared to be in trouble. When looking at their website Friday morning, I only found meaningless announcements. They are “working very hard to find a solution to our recent issues”. Looking at the situation realistically, chances are high that the owners of the Bitcoins have lost […]

  • The new ABC: Agile businesses – connected
    Agility is a key capability of successful organizations. Agility is the ability to quickly adapt the organization and the business model to new customer demands, innovations, and a changing competitive landscape. We live in a time where virtually all business relies on IT. Whether this is retail, finance, or life sciences – business requires IT. […]

  • Secure Information Sharing: Which approach to choose?
    There are various approaches to Secure Information Sharing (SIS), as I have explained in previous posts. However, which one is the best? As always, there is no simple answer. It depends on the requirements of the customers. Nevertheless, the various product categories have their strengths and limitations. Let’s look at the categories within SIS first: […]

  • Why Apple’s culture of secrecy is your biggest risk in BYOD
    The news of the bug in Apple operating systems has spread this week. As Seth Rosenblatt wrote on cnet, Apple’s culture of secrecy again has delayed a security response. While there is a patch available for iOS, the users of OS X still have to wait. I have written before about the risks Apple’s culture […]

  • Is there still a need for keeping Identity Provisioning and Access Governance separate?
    When looking at the core IAM (Identity and Access Management) market with its main product categories of Identity Provisioning and Access Governance, some customers and vendors currently raise the question of whether there is still a need to keep these product categories separate or whether a single, combined view on these is the better choice. […]

  • The need for Secure Information Sharing
    A while ago, I wrote about the changing market for Secure Information Sharing. I also recently published a report on Microsoft Azure RMS, one of the most important products in that market segment, and further reports will follow. The first question is: What is Secure Information Sharing (SIS) about? It is about technologies that allow […]

  • Microsoft RMS Security and Confidentiality
    Microsoft Rights Management Services (RMS) is a solution that might help Secure Information Sharing become a topic for the masses, at least at the enterprise level. I just recently wrote a report on the product. However, as with any Information Security technology – especially ones that are Cloud-based – there are questions about security details. […]

  • Entitlement & Access Governance – the next generation of core IAM
    In my new report “Entitlement & Access Governance”, published yesterday, I introduce a new term and abbreviation: EAG for Entitlement & Access Governance. Thanks to Dave Kearns for proposing that term – I like it because it reflects what this is about. EAG describes approaches that some vendors currently call “Data Governance,” but enhanced and […]

  • The NIST Cybersecurity Framework for Critical Infrastructures
    NIST (the US National Institute of Standards and Technology) has now released the final version of their Cybersecurity Framework for Critical Infrastructures. As requested, this is not a set of new regulations or fundamentally new concepts for security, but, to quote my colleague Prof. Dr. Sachar Paulus, a “well-written summary document incorporating different approaches (lifecycle […]

  • Marketing wants the “social” login – but should they?
    It is a common scenario in organizations that the marketing department, business development, or the sales department asks the IT department to support social logins on some of the corporate websites, including eCommerce sites. Admittedly, IT also sometimes proposes such functionality, having technology on hand that allows for simple integration of such social logins. My […]

  • Facebook, Google, Apple & Co: NSA’s best friends
    Recently, there have been various articles on the NSA and GCHQ (Britain’s Government Communications Headquarter) collecting date from “leaky apps”, including data from Angry Birds, Google Maps, Facebook, Flickr, or Twitter. Surprise? No! Look at another story in that context: There have been extensions to Google’s Chrome browser that have started to spam users with […]

  • Attributes instead of Roles – or better Roles and Attributes?
    A recent discussion in the “Identity Management Specialists Group” on LinkedIn had the title “On point. Agree. Gartner says attributes are the new role for identity?” I wondered a little about a rather old discussion appearing again. In fact, there rarely has been pure role-based access control. On the other hand, roles are one of […]