Securing privileged identities, all the admin credentials, root accounts, enabled accounts, and any account that has lots of power has long vexed IT security practitioners. And for many CISOs, privileged access-related risks remain a blind spot. However, with the increasing awareness that privileged access is implicated in most of today’s breaches, privilege management is starting to command more attention. In fact, just this month at the Gartner Security & Risk Management Summit, Gartner VP and analyst Neil MacDonald called out privilege account management as the #1 security project IT security teams should explore in 2018.
To get to the root of Unix & Linux privileged access security, download the paper now. get it nowWhile Windows systems have traditionally been a target for hackers and malware, Linux and Unix-based systems have emerged as serious malware targets as well, and these systems house some of the most mission-critical applications and data. With this trend and the associated challenges in mind, I’ve published a new guide – Getting to the Root of Unix & Linux Security: A CISO’s Primer on Privileged Access – to help CISOs, or any IT security leader, understand, and take steps to mitigate, privileged access risk in the context of Unix/Linux environments. You can read the paper to discover:
- 4 key factors underlying the trend of increased attacks on Unix/Linux systems
- Key insights into the role of trust and privileged identities/access
- Observations that debunk conventional thinking, and help you gain buy-in from end users for PAM initiatives
- Best practices for managing Unix/Linux privileges and securing the systems
Derek A. Smith, Founder, National Cybersecurity Education Center
Derek A. Smith is an expert at cybersecurity, cyber forensics, healthcare IT, SCADA security, physical security, investigations, organizational leadership and training. He is currently an IT Supervisor at the Internal Revenue Service. He is also owner of The Intercessors Investigative and Training Group (www.theintercessorgroup.com). Formerly, Derek worked for several IT companies including Computer Sciences Corporation and Booz Allen Hamilton. Derek spent 18 years as a special agent for various government agencies and the military. He is also a cyber security professor at the University of Maryland, University College and Virginia University of Science and Technology and has taught for over 25 years. Derek is retired from the US Army and also served in the US Navy, and Air Force for a total of 24 years. He is completing his Doctorate Degree in Organizational Leadership and has completed an MBA, MS in IT Information Assurance, Masters in IT Project Management, and a BS in Education. Derek has written several books including Cybersense: The Leaders Guide to Protecting Critical Information, and its companion workbook, and he has contributed to several other books as an author and technical adviser.