Free Privileged Account Discovery Tool: Identify & secure credentials to stop lateral movement. Download Free

BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    BeyondInsight Analytics
    See All Solutions
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

CISOs: Gartner Recommends Privileged Account Management as the #1 Security Project in 2018 - Get Your Definitive Guide from BeyondTrust

June 7, 2018

  • Blog
  • Archive

blog-cisos-gartner-recommends-privileged-account-management-as-the-1-security-project-in-2018.jpg

This week’s Gartner Security & Risk Management Summit in Washington, DC was packed full of insights and best practices from some of the sharpest minds in the industry. During the conference, Gartner VP and distinguished analyst Neil MacDonald summed up the challenge facing CISOs today by identifying the top ten list of new projects for security teams to explore in 2018. Focusing on these top ten security projects will reduce the maximum amount of risk and drive the most organizational value.

Gartner Top 10 Cybersecurity Projects for 2018

Here’s what Neil believes are the top ten cybersecurity projects CISOs should tackle first:

  1. Privileged account management
  2. CARTA-inspired vulnerability management
  3. Active anti-phishing
  4. Application control on server workloads
  5. Microsegmentation on flow visibility
  6. Detection and response
  7. Cloud security posture management
  8. Automated security scanning
  9. Cloud access security broker (CASB)
  10. Software-defined perimeter

BeyondTrust Can Help CISOs Prioritize Security Projects – Starting with PAM

Following Gartner’s guidance, BeyondTrust can help CISOs by delivering on not just the #1 security priority, but also #2, #4, #5, #6, #7… you get the idea. In particular, CISOs can maximize the value of their existing security investments by integrating much of this technology together under a unified platform for visibility and control. BeyondTrust delivers a fully integrated privileged access management platform (#1) with built-in vulnerability insights (#2). Our best practices approach to PAM includes the following steps:

Step 1: Improve accountability and control over privileged passwords. Considering that 80% of data breaches involve privileged credentials, CISOs can achieve immediate return by reducing this attack surface.

Step 2: Implement privilege management and application control for Windows and Mac desktops. Once accounts and assets have been discovered and are being consistently managed, the next step to complete privileged access management is implementing least privilege on end-user machines. Since 95% of Microsoft system vulnerabilities can have been mitigated by reducing privileges on standard end-user machines, this one’s a no-brainer.

Step 3: Leverage application-level risk to make better privilege decisions. This is where having built-in vulnerability insights (the #2 priority in Gartner’s list) is essential. Vulnerability-based application management is patented technology that automatically scans applications for vulnerabilities at runtime – triggering alerts, reducing application privileges, or preventing launch altogether based on policy. With this capability, you’ll never grant privileges to a risk application again.

Step 4: Finally do away with sudo. Why risk your most critical tier-1 assets (and the data housed on them) on a free, unsupported tool? BeyondTrust delivers full privilege management on Unix and Linux with integrated file integrity monitoring and more to completely lock down your most important run-the-business apps.

Step 5: Unify management, policy, reporting and threat analytics under a single pane of glass. It is no secret that IT and security professionals are overloaded with privilege, vulnerability and attack information. By unifying privileged account management and vulnerability management solutions, you can provide IT and security teams a single, contextual lens through which to view and address user and asset risk. Get more from the security investment you made, and not more islands of disconnected intelligence.

Step 6: Integrate Unix, Linux, and Mac into Windows. Your admins are overloaded, and overloaded admins make mistakes. Enabling those admins to log on to all their managed systems with the standard user login will simplify their lives, and improve your security.

Step 7: Real-time change auditing and recovery for Windows environments. Once you have your non-Windows systems integrated into Active Directory, the next step is to audit user activity to gain additional insight into AD changes that could impact the business. Get the auditors off your back faster.

Take the Next Step

Where do you begin? Gartner has identified what your top 10 security priorities should be. And, BeyondTrust, a Gartner-recognized leader in Privileged Access Management, has defined a roadmap to knock out not just #1, but #2 and beyond. Download the definitive guide to privileged access management best practices, Seven Steps to Complete Privileged Account Management, today. Or, contact us for a strategy session.

Scott Lang

Sr. Director, Product Marketing at BeyondTrust

Scott Lang has nearly 20 years of experience in technology product marketing, currently guiding the product marketing strategy for BeyondTrust’s privileged account management solutions and vulnerability management solutions. Prior to joining BeyondTrust, Scott was director of security solution marketing at Dell, formerly Quest Software, where he was responsible for global security campaigns, product marketing for identity and access management and Windows server management.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

Evolving Privileged Identity Management (PIM) In The 'Next Normal'

Webcasts | January 27, 2021

AN ANALYST’S TAKE: Securing Privileged Identities & Remote Access in 2021

Webcasts | February 10, 2021

Is VPN Dead?

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.