Thwarting the AdversaryA frequently utilized method for breaching federal information systems has been to enter they information system through a known software vulnerability to ultimately capture and exploit privileged credentials. Even with this well documented threat, the Department of Interior Inspector General recently reported that the DOI is struggling with managing thousands of software vulnerabilities, leaving their systems at extreme risk. It is time for agencies to take a hard look at their Privileged Access Management and Vulnerability Management capabilities as part of a layered cyber strategy. With all we know about the wide spread exploitation of privileged credentials and software vulnerability it makes no sense not to. This is a back to basics building block in line with General Touhill’s lines of effort. That said, we also know it is not so simple in the complex federal IT environment. So what can Federal IT professionals do?
Explore a Solution with the ExpertsIn the recent webinar, Defense in Depth: Implementing a Layered Privileged Password Security Strategy, Nick Cavalancia, Founder/Chief of Techvangelist, explores one of the greatest challenges faced today by Federal IT professionals, “How are you supposed to know which security measures are appropriate for a given privileged account without trampling on a user’s productivity?” Check out this on demand program. I think you’ll find it a valuable tool on the path to assessing and assigning appropriate risk values to the various accounts in your government information systems. Not everything should be treated equally. When your agency is ready to explore options to mitigate Federal data breach risks, contact us for a strategy session. BeyondTrust has the experience and solutions to help.
Scott Lang, Sr. Director, Product Marketing at BeyondTrust
Scott Lang has nearly 20 years of experience in technology product marketing, currently guiding the product marketing strategy for BeyondTrust’s privileged account management solutions and vulnerability management solutions. Prior to joining BeyondTrust, Scott was director of security solution marketing at Dell, formerly Quest Software, where he was responsible for global security campaigns, product marketing for identity and access management and Windows server management.