CISOs: Gartner Recommends Privileged Account Management as the #1 Security Project in 2018 - Get Your Definitive Guide from BeyondTrust
by Scott Lang —
This week’s Gartner Security & Risk Management Summit in Washington, DC was packed full of insights and best practices from some of the sharpest minds in the industry. During the conference, Gartner VP and distinguished analyst Neil MacDonald summed up the challenge facing CISOs today by identifying the top ten list of new projects for security teams to explore in 2018. Focusing on these top ten security projects will reduce the maximum amount of risk and drive the most organizational value.
Gartner Top 10 Cybersecurity Projects for 2018
Here’s what Neil believes are the top ten cybersecurity projects CISOs should tackle first:
BeyondTrust Can Help CISOs Prioritize Security Projects – Starting with PAM
Following Gartner’s guidance, BeyondTrust can help CISOs by delivering on not just the #1 security priority, but also #2, #4, #5, #6, #7… you get the idea. In particular, CISOs can maximize the value of their existing security investments by integrating much of this technology together under a unified platform for visibility and control. BeyondTrust delivers a fully integrated privileged access management platform (#1) with built-in vulnerability insights (#2). Our best practices approach to PAM includes the following steps:
Step 1: Improve accountability and control over privileged passwords. Considering that 80% of data breaches involve privileged credentials, CISOs can achieve immediate return by reducing this attack surface.
Step 2: Implement privilege management and application control for Windows and Mac desktops. Once accounts and assets have been discovered and are being consistently managed, the next step to complete privileged access management is implementing least privilege on end-user machines. Since 95% of Microsoft system vulnerabilities can have been mitigated by reducing privileges on standard end-user machines, this one’s a no-brainer.
Step 3: Leverage application-level risk to make better privilege decisions. This is where having built-in vulnerability insights (the #2 priority in Gartner’s list) is essential. Vulnerability-based application management is patented technology that automatically scans applications for vulnerabilities at runtime – triggering alerts, reducing application privileges, or preventing launch altogether based on policy. With this capability, you’ll never grant privileges to a risk application again.
Step 4: Finally do away with sudo. Why risk your most critical tier-1 assets (and the data housed on them) on a free, unsupported tool? BeyondTrust delivers full privilege management on Unix and Linux with integrated file integrity monitoring and more to completely lock down your most important run-the-business apps.
Step 5: Unify management, policy, reporting and threat analytics under a single pane of glass. It is no secret that IT and security professionals are overloaded with privilege, vulnerability and attack information. By unifying privileged account management and vulnerability management solutions, you can provide IT and security teams a single, contextual lens through which to view and address user and asset risk. Get more from the security investment you made, and not more islands of disconnected intelligence.
Step 6: Integrate Unix, Linux, and Mac into Windows. Your admins are overloaded, and overloaded admins make mistakes. Enabling those admins to log on to all their managed systems with the standard user login will simplify their lives, and improve your security.
Step 7: Real-time change auditing and recovery for Windows environments. Once you have your non-Windows systems integrated into Active Directory, the next step is to audit user activity to gain additional insight into AD changes that could impact the business. Get the auditors off your back faster.
