Unix/Linux Privilege Management: What a Financial Services CISO Cares About

Nikolay Chernavsky, SVP & CISO of a Financial Services Company

Nikolay Chernavsky, SVP & CISO of a Financial Services Company

A visionary leader with excellent written and verbal communications skills, interested in executive opportunities to advise and assist in addressing today’s information protection and privacy challenges. Over 20 years of information technology and security management experience, and a track record of success. Skilled operational and Computer Security (CSIRT) practitioner with extensive expertise of technical security and integrated convergence with Information Security recovery practices. Responsible for developing and executing an enterprise-wide information security and risk management strategy that balances the need to protect the company, its customer’s information, and patients while complying with applicable regulatory standards, and implement those strategies in a way that enables successful execution of company’s business strategies. Capable of addressing complex risk factors and ensuring security becomes an enabler, not just a standalone function. Creating innovative strategies where risk management and security supports business goals and objectives by maximizing revenue streams while reducing overall security risk. Proven staff management and leadership skills in developing customer and business focused initiatives, cyber security strategies, enterprise risk methodologies, information security awareness, and corporate governance to achieve strong enterprise support and initiative adoption in various organizations and lines of business. Keen on providing strategic and technical guidance and assistance in the design and implementation of appropriate security processes for the organizations information systems; recommending and monitoring computing practices to prevent and to recover from security breaches; and coordinating the handling of security incidents when such breaches occur. 

About this Webinar

Hardly a week goes by without a major cyber security event affecting millions of users – and the financial industry is particularly vulnerable. The 2017 Verizon Data Breach Investigations Report identified “Insider and Privilege Misuse” as a major incident pattern resulting in confirmed data breaches. According to Verizon, 62% of all breaches featured hacking, and of those, 81% leveraged stolen and/or weak passwords—giving the attacker the same privileges as a trusted insider. At the heart of the problem lies a simple fact that many organizations fail to follow the basic information security principle of Least Privilege with trusted insiders having access to both highly sensitive and mission-critical information. As a result, accidental or deliberate misuse of a credential can lead to a breach. Companies in the financial industry are prime targets for such attacks because of the large potential payout of critical information. While many tools have been developed to address Least Privilege issues on Windows-based systems, Linux/Unix systems were largely neglected. Unix/Linux systems are serving critical roles for many financial organizations, from storing highly sensitive information to processing millions of transactions between institutions. Being able to tightly control access to these systems is a critical security need. This webinar will provide CISOs in financial services and other sectors:

  • A CISO’s first-hand experiences regarding the challenges faced in securing access to critical Unix and Linux systems
  • Real-world insights on how Unix and Linux Privileged Access Management (PAM) helps CISOs bolster security with granular access controls while also meeting compliance requirements
  • Guidance on selecting technologies that enable CISOs to meet their business objectives while remaining nimble
  • An executive view on where the market is headed in relation to PAM