The Analyst Brief

This week Simon and David return with a weekly dose of industry analysis on the global identity and access management space. First up a discussion on Microsoft announcing the GA of their Entra for External IDs - who is it aimed at? Is it ground breaking? Next up is Cisco who announced an investment round into next-gen PAM provider StrongDM. Finally they discuss a great interview by Standard Chartered CEO Bill Winters and his view of cyber in the board and its strategic value.

This week hosts Simon and David review a range of topical news events in the global identity and access management space. First up BeyondTrust have a definitive agreement with Entitle to combine up PAM and IGA. Cisco appear twice..once regarding a breach on Duo MFA service and another regarding their new solution launch - the Hypershield. A discussion on definitions before a quick comment on the new CEO at SecureAuth.

After a small spring break, Simon and David return with a special episode focused on the convergence of identity and access management and fraud. Why the convergence? How to measure success? What are the three 'V's' as they relate to fraud? How should people and process adapt to keep up with technology changes? And how to thwart the asymmetric advantage of the fraudster?

This week Simon and David tackle several topics in the governance space - how NIST Cyber Security Framework got a rev to v2.0, with the addition of a governance stage, are Privileged Access Management and Identity Governance & Administration convergence and a review of some CISO spending habits by investment firm Nightdragon.

This week Simon and David have a mini-deep dive on data security. Data storage locations are changing. Organisations are harvesting PII, transaction and payment data continually being collected. And what about disinformation and misinformation? What role does identity have here? What about data and deepfakes for onboarding and biometrics? What does data access governance meanin 2024? Is data integrity protection the biggest issue within cyber today? How should we handle fine grained and contextual access and how do the CISO and Chief Data Officer relate?

This week Simon and David focus on a new raft of pending acquisitions. They discuss the impact of SecureAuth and Cloudentity joining forces as well as news that Entrust are in talks to buy OnFido. They also cover the announcement that Cisco has launched a new Identity Intelligence offering hot on the back of acquiring ITDR vendor Oort in 2023. They finish up by taking a look at an emerging technology trends report released by Mastercard. Is Data security the next big IAM integration story?

This week Simon and David take a look at the recent announcement that Okta are laying off 400 staff globally. Is this part of a broader tech slow down? They discuss some of the trends from 2023 with respect to staff attrition and the impact that has had. With funding still high for IAM and cyber what does 2024 have in store?

This week Simon and David review the 40 page Global Cybersecurity Outlook 2024 report released by the World Economic Forum. This report covered 49 countries with over 200 respondents from a range of organisations. The report covered cyber resilience, inequity, emerging technologies such as generative AI, the role of cyber regulations, how to engage strategic leaders with respect to cyber risk and strategy and the role of changing geopolitical tensions and the impact on private sector cyber risk.

The first episode of 2024 sees Simon and David analyse the recent spate of IDTR and ISPM acquisitions including: Cisco's 2023 purchase of Oort; Okta's acquisition of Spera Security; Delinea's acquisition of Authomize. What do those acquisitions have in common? Will there be more? Is cyber and IAM now becoming one thing? Other predictions include consolidation within passwordless authentication, the rise of workload identity.

This week Simon and David review the recent Blackhat EMEA 2023 event that was held in London. They discuss the recent CEO change at Imprivata - and what means for their plans going forward. With respect to Blackhat they discuss the role of the CISO - is it becoming difficult to hire and be successful? Other Blackhat topics included a keynote by the UK's NCSC CTO discussing the asymmetric adversarial threat, password managers on mobile and how they "Autospill" credentials, the tampering of patient records and is data integrity now more important than confidentiality? The Cyber Hut Blackhat review is here.