KuppingerCole Analysts

AM and cybersecurity programs are under increasing pressure — not just from new threats, but from operational complexity, regulation, and organizational reality.
This episode of the KuppingerCole Analyst Chat shifts the focus from analyst predictions to the perspective of end-user organizations and their real-world challenges in IAM and cybersecurity. Matthias Reinwarth speaks with Reiner Mertens and Charlene Spasic, KC Advisors with a focus on identity strategy, governance, and enterprise programs, specializing in IAM transformation and advisory practice. The discussion goes beyond technology to cover organizational aspects such as governance, compliance, processes, and policies, as well as the implications of modern Target Operating Models.
You’ll learn:
✅ Why operability is the biggest IAM challenge for many organizations
✅ How unclear ownership and overlapping responsibilities undermine IAM success
✅ Why IGA modernization is rarely a one-off project — but a long-term program
✅ How Privileged Access Management (PAM) is evolving beyond password vaulting
✅ The growing importance of non-human identities (NHIs) and automation
✅ How regulation (NIS2, DORA) increases urgency — but doesn’t replace good architecture
✅ Why data quality, governance, and business alignment are foundational to IAM
Rather than making abstract predictions, this episode focuses on real patterns, structural issues, and practical improvements advisors see across industries. Watch now to understand how IAM, PAM, governance, and identity architecture must evolve in 2026 and beyond.

Cybersecurity and AI are evolving faster than ever, and 2026 is already proving that traditional predictions may no longer be enough. In this year's first episode of the Analyst Chat, Matthias Reinwarth is joined by Jonathan Care and Alexei Balaganski to attempt looking into some predictions for the coming year. Join to find out what organizations should realistically prepare for in cybersecurity and AI in 2026!
You’ll learn:
✅ Why traditional cybersecurity predictions are becoming less reliable
✅ How geopolitical, economic, and societal shifts are shaping cyber risk
✅ Whether cybersecurity can exist without AI — and where AI actually fits
✅ Why governance, accountability, and responsibility matter more than tools
✅ What’s flying under the radar in AI and cybersecurity today
✅ The risks of AI hype, long-lived permissions, and autonomous agents
✅ Why agility and resilience should be your cybersecurity mantra for 2026
📌 This discussion focuses on patterns, risks, and preparation strategies security leaders should consider as AI and cyber threats continue to accelerate.
🔒 Watch now to understand how to think critically about AI, cybersecurity, governance, and resilience in 2026.

Every so often, the digital world gets a reminder that “The Cloud” is not a magical, omnipresent entity but just another complex socio-technical system operated by humans. Electricity usually comes from the socket, networks usually work, and cloud services are marketed as being always on… Until they are not. Recent outages expose inherent vulnerabilities, threatening global digital infrastructure. Learn why resilience and diversification are critical.
Read the original blog post here: https://www.kuppingercole.com/blog/balaganski/platform-dependence-growing-fragility

Web scraping has entered a new era and AI is changing everything.
In this videocast, Osman Celik speaks with Dmitriy Loshakov from QRator Labs to explore how automated data collection has evolved from simple crawling into highly adaptive, human-like scraping attacks that operate invisibly.
You’ll learn:
✅ What web scraping actually is (and why not all scraping is malicious)
✅ How AI-powered scrapers mimic real user behavior with mouse movements, delays & clicks
✅ Why classic defenses like CAPTCHAs and JS challenges no longer stop modern bots
✅ The industries hit hardest — from e-commerce and travel to betting, finance, and media
✅ How organizations can defend themselves using behavioral analysis & intent detection
✅ Why the future of cybersecurity is officially AI vs. AI
📉 With intelligent scrapers bypassing most legacy defenses and blending in with real users, organizations must rethink how they detect and mitigate automated threats.
🔒 Watch now to understand how to protect your data, your users, and your business from today’s invisible AI-driven bots.

What happens when a single platform outage impacts half the internet? This week, Matthias Reinwarth is joined by Martin Kuppinger and Alexei Balaganski to analyze the recent Cloudflare disruption and what it means for modern digital infrastructure.
🔑 Key Topics Covered:
✅ What happened during the Cloudflare outage and why it was so disruptive
✅ How platformization and consolidation increased systemic risk
✅ The shift from decentralized internet ideals to dependency on global platforms
✅ Lock-in challenges: hyperscalers, CDNs, and cloud services
✅ Understanding the hidden risks of convenience and integration
✅ Why organizations neglect risk management and how to correct it
✅ Business impact analysis: mapping critical services and dependencies
✅ How to architect for resilience, failover, and exit strategies
💡 Your Next Step: Evaluate your digital supply chain, map your dependencies, and identify where platform concentration creates unacceptable business risk. Small architectural decisions today can dramatically reduce the impact of tomorrow’s outages.