The Analyst Brief

This week Simon and David focus on a new raft of pending acquisitions. They discuss the impact of SecureAuth and Cloudentity joining forces as well as news that Entrust are in talks to buy OnFido. They also cover the announcement that Cisco has launched a new Identity Intelligence offering hot on the back of acquiring ITDR vendor Oort in 2023. They finish up by taking a look at an emerging technology trends report released by Mastercard. Is Data security the next big IAM integration story?

This week Simon and David take a look at the recent announcement that Okta are laying off 400 staff globally. Is this part of a broader tech slow down? They discuss some of the trends from 2023 with respect to staff attrition and the impact that has had. With funding still high for IAM and cyber what does 2024 have in store?

This week Simon and David review the 40 page Global Cybersecurity Outlook 2024 report released by the World Economic Forum. This report covered 49 countries with over 200 respondents from a range of organisations. The report covered cyber resilience, inequity, emerging technologies such as generative AI, the role of cyber regulations, how to engage strategic leaders with respect to cyber risk and strategy and the role of changing geopolitical tensions and the impact on private sector cyber risk.

The first episode of 2024 sees Simon and David analyse the recent spate of IDTR and ISPM acquisitions including: Cisco's 2023 purchase of Oort; Okta's acquisition of Spera Security; Delinea's acquisition of Authomize. What do those acquisitions have in common? Will there be more? Is cyber and IAM now becoming one thing? Other predictions include consolidation within passwordless authentication, the rise of workload identity.

This week Simon and David review the recent Blackhat EMEA 2023 event that was held in London. They discuss the recent CEO change at Imprivata - and what means for their plans going forward. With respect to Blackhat they discuss the role of the CISO - is it becoming difficult to hire and be successful? Other Blackhat topics included a keynote by the UK's NCSC CTO discussing the asymmetric adversarial threat, password managers on mobile and how they "Autospill" credentials, the tampering of patient records and is data integrity now more important than confidentiality? The Cyber Hut Blackhat review is here.

This week Simon and David return to Okta - to uncover more about details on their recent breach. They also discuss their recent Q3 results and are Microsoft their only competitor? They also discuss a recent complex attack involving customers of Booking.com - and cover push payment fraud, ATO, complex supply chains and protecting trust boundaries.

After a couple of weeks off, Simon and David return for an hour long special. They review the recent Security and Risk Management event in Washington DC hosted by Forrester where the topic of identity and cyber convergence appeared. They comment on the recent Okta breach and what that means for the world of complex software supply chain attacks and the rise of identity security, ITDR and identit security posture management. They also review the London version of the Ping Identity Youniverse series of events.

This week Simon and David were in sunny Carlsbad, San Diego for the latest Authenticate conference hosted by the FIDO Alliance. In this episode they review the main topics of the event, taking a look at passkey deployment maturity, KPIs, biometrics, threat models, adoption patterns as well as orthogonal topics such as machine identity, crypto agility, IDV + converged identity assurance.

This week Simon and David take a deep dive look at a recent cyber security advisory that was released by the NSA and CISA recently. This top 10 list covers a range of issues from default credentials, excessive permissions, a lack of networking monitoring and segmentation as well a lack of MFA and poor credential management. Simon and David apply their identity lens to the top 10 and what it may mean for your organisation.

This week Simon and David return to discuss a recent cyber attack against the hospitality chain MGM resorts - that leveraged social engineering, credential theft and more. Are attacks against complex digital entities now standard practice? They also return for part II of the ForgeRock and Ping Identity integration and discuss a recent article by David and a market choice poll by The Cyber Hut.