Identity + Security = Deciphered.

The Cyber Hut is a leading boutique industry research, analysis and advisory firm focused on
identity, access and cyber security technology.

vendor intelligence

Analysis on solutions and products

Market intelligence

Insight and analytics on M&A and funding

ciso briefings

Architecture and design for industry leaders

opinion

Expert opinion on contemporary events

Introducing the FOSA Strategy –
Free Open Source Analysis

The Cyber Hut are industry specialists when it comes to identity and access management. We have contributed to industry standards. Worked for the largest vendors. Designed some of the world’s biggest identity platforms.  

We also want to break down the traditional model for understanding the market and technology for identity and access management.  Why don’t you join us?

Free Open Source Analysis

We provide the vast majority of our analysis and insights free as open source articles as well as our Signals Project – providing a view into a range of OSINT data points to help with vendor understanding.

The Week in Identity Podcast

The Cyber Hut runs a weekly podcast – aptly named “The Week in Identity” – where we take an industry analyst view of the latest identity and access management events, funding and conference news. 

CISO Briefings

We run regular CISO briefing webinars – where we take an impartial industry view of emerging technology trends or market sectors, distil them into bite-sized chunks to enable security and information leaders to make more informed technology decisions.

Trusted by Global Vendors, Integrators and Industry

The Cyber Hut has supported a range of vendor, buy side, integrator and investment clients to enhance their content, understanding and insight on the emerging identity and access management markets – through training, advisory, content and inquiry.

“The Cyber Hut is a partner in helping us build our strategy. They provide us with unique insights and custom services that help HYPR continue to lead the passwordless MFA market.”

Michael Rothschild

VP Product Marketing, HYPR

“Working with Simon and team on the consumer authentication webinar was great – they provided great inputs based on deep industry knowledge and and domain expertise.”

Gal Steinberg

VP Products, Sift / Keyless

“Simon at TCH is our go to point of contact for understanding the technical and business nuances of the emerging patterns in identity. Always clear, smart and insightful, but most importantly, trusted.”

Emily B.

Investment Analyst

“No faster way of getting into Consumer IAM, than by learning from the master himself. Great overview and best practices from Simon at The Cyber Hut. Recommended”

André Koot

Founder & Principal Consultant, SonicBee

“The Cyber Hut provides insightful guidance on identity security best practices that’s backed by industry experience and in-depth research. TCH has helped us better communicate to a more relevant audience consisting of both business and security-oriented professionals.”

Lani Leuthvilay

Senior Director, Product Marketing, PlainID

Latest Open Source Analysis, Events & Opinion

Opinion

IAM Deployment Model Definitions

by Simon M
on Oct 7

Even as many organisations are moving to a "cloud first" strategy for the consumption of new applications and services, the cloud line is blurred. Not all services can be consumed in a pure cloud setting, and not all "clouds" are the same.

Any analysis in the popularity, options or strategy with respect to IAM deployment should be firmly based against a set of basic definitions.

Read more
Opinion

Poll: Where Will AI/ML Have The Biggest Benefit in IAM?

by Simon M
on Oct 5
Our latest LinkedIn poll on September 27th was focused on understanding the role and impact of artificial intelligence and machine learning (AI/ML) technology on the general identity and access management industry.
Read more
Events

IdentIT CIAM Track Day: Future Trends

by Simon M
on Oct 3
Last week I had the privilege of attending a consumer identity and access management day hosted by specialist CIAM consultancy IdentIT to deliver a key note presentation on the future trends of consumer IAM. Identity specialists, security leaders and enterprise architects gathered at the Circuit Zolder in Belgium for an afternoon of identity discussions, case studies and more importantly track racing on a former F1 circuit!
Read more
OpinionVendor

What is Styra Run?

by Simon M
on Sep 29
Styra, the team behind "Cloud Native Authorization" recently announced a few feature called "Styra Run". Their launch blog back in July described Run as being "a new holistic approach" to authorization. But that is trying to solve? Styra are behind the popular Open Policy Agent - a policy driven decision engine for authorization in cloud native environments. Whilst likely OPA is focused on the protection of infrastructure (think containerized ecosytems) it is also used for protecting APIs and custom applications. The developer-first angle sees a dedicated rule language and the storage of policy data in files. The OPA project on github has over 7000 stars.
Read more
Opinion

Poll: Why Are We Not Using Passwordless?

by Simon M
on Sep 27
In the last 3 years or so, we have seen huge interest in the need to improve authentication techniques, that deliver a passwordless MFA experience. What is stopping adoption?
Read more
Opinion

Authorization: Why Now & What Next

by Simon M
on Sep 2
Security starts when authentication ends. It's a line I have used a few times over the years as it is one I actually quite believe in. In an era where firewalls are derided as being pretty toothless in the fight against omnipresent complex cyber attacks - and the concept of trusted networks quite rightly become obsolete in the world of "zero trust" - it always seemed odd to me, to put such a large emphasis on stringent authentication services. Clearly authentication is hugely important don't misunderstand, but my point really was that authentication (even with a strong MFA component) becomes less relevant if a) it is not continuous and b) not part of a more holistic approach focused on the access control of services, data and APIs.
Read more
Events

Externalization of Authorization Policy: Build -v- Buy

by Editor
on Sep 1

Join our founder Simon Moffatt on September 15th where he will join PlainID on a discussion around external authorization platforms.

The modern digital native enterprise is facing a number of emerging and incumbent challenges - from increased competition and demand for a more agile service deployment model through to needing the ability to share more data to more people, all under a competing climate of increased security threats coupled with a lower risk appetite.

Read more
Opinion

Identity Trust: The Seen and Known Matrix

by Simon M
on Aug 25
Trust within the identity world is a huge priority. Trust regarding the on-boarding and registration of external users via proofing (think assurance levels using identity validation and verification techniques) right through to creating trust labels for employees in order to monitor for malicious activity - that is either driven by external threat actors, insider threat or just unintentional bad user behaviour.
Read more
Events

Authentication Within FSI: Now and Next

by Editor
on Aug 1

Join our founder Simon Moffatt along with Michael Rothschild VP of Product Marketing at HYPR on August 22nd, where they'll be taking a look at authentication within the global financial services industry.

In this industry fireside chat webinar, Simon and Michael will take a look a the current challenges and opportunities that exist within the financial services industry as it pertains to authentication.

Read more
Opinion

From Automation to Autonomy: How Identity & Access Management is Changing

by Simon M
on Jul 12

When on briefings and inquiry workshops there are often emerging themes that start to spring up repeatedly. Perhaps every few months, perhaps under different projects, using different terms and stories and perhaps from unexpected people or teams.

There has been one theme over the past 12 months or so that is difficult to ignore: not only how identity based security has left-shifted into the thinking of information leaders to being a first-class citizen in the technology arsenal, but how identity is moving into a new territory. The territory of autonomy.

Read more
Events

An Introduction to SIM Based Authentication

by Editor
on Jul 5
Join our Founder and Analyst Simon Moffatt on July 20th for our latest industry fireside chat, where he will be discussing the emerging area of SIM based authentication, with Paul McGuire, CEO of tru.id.
Read more
Opinion

Identity Trends at Infosec 2022

by Simon M
on Jun 24
This week saw the London edition of Infosec Europe - essentially a smaller version of the RSA Conference a few week ago in San Francisco. There were about 15,000 attendees and 300+ solution providers from a range of cyber and information security areas. Of course my primary interest was to get briefings and understand the viewpoint from an identity and access management perspective and see how far the tentacles of identity were now spreading into other orthogonal areas of security. It didn't disappoint and I had some thought provoking conversations...
Read more
OpinionVendor

Vendor Introduction: Aserto

by Simon M
on Jun 14
An introduction to authorization startup Aserto.
Read more
News & Press Releases

Podcast: The Week In Identity

by Editor
on Jun 4
June 2022 sees the launch of The Cyber Hut’s brand new podcast […]
Read more
Opinion

Authorization: Drivers for Demand

by Simon M
on Jun 1
What is driving the demand for new authorization models, software vendors and emerging authorization design patterns? This discusses previous failures of RBAC and XACML as well as modern architecture patterns such as identity centricity and the business mesh.
Read more
Opinion

2022 Emerging IAM Technology Spend

by Simon M
on Jun 1

I recently ran another of my highly scientific industry polls - via LinkedIn to get a feel for this years spending patterns as they pertain to some emerging identity and access management technology areas. I have been tracking four emerging areas over the past 8 months or so, including Passwordless Authentication (where The Cyber Hut released a 61 page buyer guide last year), Cloud Identity/Infrastructure Entitlements Management, Decoupled Authorization and Identity Threat Detection and Response.

All four areas have had significant venture capitalist funding over the past 36 months and the use cases and capabilities of each have started to stabilise to a point where buy side procurement and integration is becoming consistent and vendors are identifying their competitive go to market narratives.

So my poll was essentially asking, which of these areas would a buy-side practitioner look to invest in during 2022?

Read more
Events

CISO Briefing: Consumer Identity & Access Management

by Editor
on May 30
Join our founder Simon Moffatt on June 14th for a free 60 […]
Read more
OpinionVendor

Vendor Introduction: Oort

by Simon M
on May 19
Vendor introduction report covering oort.io - an emerging vendor in the Identity Threat Detection and Response sector.
Read more
Opinion

Analyst Notes – Funding for Antimatter & Skiff, MFA Prompt Bombing Attack, Casino ATO Fraud Increases

by Editor
on Apr 1
A few interesting items to hit The Cyber Hut intelligence inboxes over […]
Read more
Opinion

Why Authorization is More Than Just Enforcement

by Simon M
on Mar 18
Access control has very much been centred around models. Who should have […]
Read more
OpinionVendor

The Rise of Cloud Based IGA – Vendor Introduction: ConductorOne

by Simon M
on Mar 18
An overview and introduction to ConductorOne, an identity governance automation platform.
Read more
Opinion

Cyber Defence Series: Collection of Authentication Controls and Countermeasures

by Simon M
on Mar 7
A selection of curated links relating to user login and authentication security controls and threat counter measures.
Read more
Events

Stopping Account Takeovers in Southeast Asia With Passwordless Customer Authentication

by Editor
on Mar 7
Join Simon Moffatt Analyst from The Cyber Hut and Ian Sorbello Principal […]
Read more
Events

Frictionless Biometric Authentication under PSD2 and GDPR Regulation

by Editor
on Mar 1
Join Simon Moffatt, Founder & Analyst of The Cyber Hut and Gal Steinberg, VP of Product at Keyless on March 29th where they'll be discussing the growing need for friction-free authentication in the light of growing regulation and fintech innovation.
Read more
Market

Authorization: Venture Capitalist Funding 2019 – 2022

by Simon M
on Feb 28
An analysis on VC funding in authorization, existing vendor feature additions and acquisition activity.
Read more

Signup For New Content Releases

Registered in England & Wales as TCH Research Ltd 13188456.

Registered Office: 7 Christie Way, Christie Fields, Manchester, M21 7QY, UK

Email: info@thecyberhut.com

© 2021 - 2022 The Cyber Hut.