Avoiding “Game Over” by Securing the Server via Privilege Management

Eric Cole, SANS Instructor

About this White Paper

Are You Making the Attacker’s Job Easier?

Many organizations struggle with information security because they try to do too many things and they do not focus on the things that really matter. While defense in depth is important, in these types of reactive organizations quantity – instead of quality – of controls is too often the answer.

Nowhere is the quantity/quality disparity more evident than in an organization’s response to data breaches. Today’s security reality should not be about preventing a breach, but controlling the damage caused by the breach. Compromises are inevitable; thinking that an organization is never going to have a breach is as naïve as thinking that a person will never get sick. The focus needs to be on limiting the frequency and impact which directly ties to controlling the damage.

Therefore, the most appropriate question to ask when building, designing and implementing a plan for information security is, “What would allow an attacker to cause the most damage?” The answer is actually quite simple: Not controlling privileged access to critical information – information that is often housed in tier 1 systems.

Download this white paper and  explore the necessary elements of server privilege management – command elevation and delegation, session monitoring and logging, privileged account management, account consolidation and measuring risk to target systems. When used in concert, these capabilities will better secure access to critical systems and data.


Eric Cole, SANS Instructor

Dr. Cole is an industry-recognized security expert with over 20 years of hands-on experience. Dr. Cole has experience in information technology with a focus on helping customers focus on the right areas of security by building out a dynamic defense. Dr. Cole has a master's degree in computer science from NYIT and a doctorate from Pace University with a concentration in information security. He served as CTO of McAfee and Chief Scientist for Lockheed Martin. Dr. Cole is the author of several books, including Advanced Persistent Threat, Hackers Beware, Hiding in Plain Sight, Network Security Bible 2nd Edition, and Insider Threat. He is the inventor of over 20 patents and is a researcher, writer, and speaker. He is also a member of the Commission on Cyber Security for the 44th President and several executive advisory boards. Dr. Cole is the founder and an executive leader at Secure Anchor Consulting where he provides leading-edge cyber security consulting services, expert witness work, and leads research and development initiatives to advance the state-of-the-art in information systems security. Dr. Cole was the lone inductee into the InfoSec European Hall of Fame in 2014. Dr. Cole is actively involved with the SANS Technology Institute (STI) and is a SANS faculty Fellow and course author who works with students, teaches, and develops and maintains courseware.

Register to download this white paper.