Getting to the Root of Unix & Linux Security: A CISO’s Primer on Privileged Access

Derek A. Smith, Founder, National Cybersecurity Education Center
June 13th, 2018

Securing privileged identities, all the admin credentials, root accounts, enabled accounts, and any account that has lots of power has long vexed IT security practitioners. And for many CISOs, privileged access-related risks remain a blind spot. However, with the increasing awareness that privileged access is implicated in most of today’s breaches, privilege management is starting to command more attention. In fact, just this month at the Gartner Security & Risk Management Summit, Gartner VP and analyst Neil MacDonald called out privilege account management as the #1 security project IT security teams should explore in 2018.

To get to the root of Unix & Linux privileged access security, download the paper now.
get it now

While Windows systems have traditionally been a target for hackers and malware, Linux and Unix-based systems have emerged as serious malware targets as well, and these systems house some of the most mission-critical applications and data. With this trend and the associated challenges in mind, I’ve published a new guide – Getting to the Root of Unix & Linux Security: A CISO’s Primer on Privileged Access – to help CISOs, or any IT security leader, understand, and take steps to mitigate, privileged access risk in the context of Unix/Linux environments.

You can read the paper to discover:

  • 4 key factors underlying the trend of increased attacks on Unix/Linux systems
  • Key insights into the role of trust and privileged identities/access
  • Observations that debunk conventional thinking, and help you gain buy-in from end users for PAM initiatives
  • Best practices for managing Unix/Linux privileges and securing the systems

To get to the root of Unix & Linux privileged access security, download the paper now.
get it now

Derek A. Smith, Founder, National Cybersecurity Education Center

Derek A. Smith is an expert at cybersecurity, cyber forensics, healthcare IT, SCADA security, physical security, investigations, organizational leadership and training. He is currently the Director of Cybersecurity Initiatives for the National Cybersecurity Institute at Excelsior College, responsible to perform complex duties relating to the development and coordination of cyber initiatives at NCI. Formerly, he has worked for a number of IT companies including Computer Sciences Corporation and Booz Allen Hamilton. Derek spent 18 years as a special agent for various government agencies and the military. He has also taught business and IT courses at several universities for over 20 years. Derek has served in the US Navy, Air Force and Army for a total of 24 years. He completed an MBA, MS in IT Information Assurance, Masters in IT Project Management, and a BS in Education.