Access Management & Security
Facebook X LinkedIn

Access Management & Security

Expert Talk
Wednesday, May 15, 2019 14:30—15:30
Location: WINTERGARTEN

Privileged Attack Vectors: Building Effective Cyber-Defense Strategies to Protect Organizations

Cyber-attacks continue to increase in sophistication and are occurring in such volume that the daily newsfeed is littered with tales of new breaches and the cyber infonomics ramifications. Central to almost each of these stories is an element of privilege abuse and misuse that resulted in either the initial exploit or that was implicated in allowing an initial foothold to metastasize into a security event inflicting widespread reputation and economic damage.

Based on strategies developed by BeyondTrust and presented in the recently published book, “Privileged Attack Vectors,” security professionals will learn how privileges, passwords, and vulnerabilities are being leveraged as attack vectors, and how you can take measurable steps to defend against them. Attendees will learn:

Privileged Attack Vectors: Building Effective Cyber-Defense Strategies to Protect Organizations
Presentation deck
Privileged Attack Vectors: Building Effective Cyber-Defense Strategies to Protect Organizations
Click here to download the slide deck. Please note that downloads are only available for event participants and subscribers. You'll need to log in to download it.
Morey J. Haber
Morey J. Haber
BeyondTrust
Morey J. Haber is Chief Technology Officer and Chief Information Security Officer at BeyondTrust. He has more than 25 years of IT industry experience and has authored three Apress books: Privileged...

Privileged Access Management: Operational Burden or Enabler for Protection Against Targeted Attacks?

Securing the use of privileged accounts, i. e. service accounts, accounts used for administration and accounts having the ability to access critical data and perform unauthorized changes, is one of the basic security measures. However, the practice shows that the implementation of privileged access security is a challenge for many organizations and opens critical cyber security vulnerabilities. Within this presentation, the speaker will build a bridge between privileged access management and cyber security. The presentation is based on consulting experience in various organizations and will cover the following topics.

1. What challenges organizations typically face when securing privileged accounts usage? The presentation will address typical problems such as lack of account ownership, lack of central responsibility for privileged access management and accounts managed by service providers.

2. Why these challenges may lead to critical vulnerabilities used as a gateway for enabling cyber-attacks? The presentation will show typical cyber-attack scenarios and will elaborate on the usage of privileged accounts as a key method for achieving the goal of the attackers.

3. How privileged access security enables reasonable protection against targeted attacks? Targeted attacks are persistent in time, well-funded and use complex methods. Therefore a 100% protection is hardly possible and many organizations are looking for a reasonable balance between cyber security investments and remaining risk. The presentation will show the benefits of implementing privileged security controls such as administration tiering, password & session management for significantly reducing the probability of cyber security attacks in a reasonable way. The relation between preventive and detective cyber controls as well as a strategy for focusing the cyber security efforts to protection of key assets will be presented.

Key takeaways:
1. What challenges organizations typically face when securing privileged accounts usage?
2. Why these challenges may lead to critical vulnerabilities used as a gateway for enabling cyber-attacks?
3. How privileged access security enables reasonable protection against targeted attacks?

Privileged Access Management: Operational Burden or Enabler for Protection Against Targeted Attacks?
Presentation deck
Privileged Access Management: Operational Burden or Enabler for Protection Against Targeted Attacks?
Click here to download the slide deck. Please note that downloads are only available for event participants and subscribers. You'll need to log in to download it.
Dr. Svilen Ivanov
Dr. Svilen Ivanov
T-Systems International GmbH, Telekom Security Division
Dr. Svilen Venelinov Ivanov works since 2017 as a Senior Cyber Security Consultant at T-Systems International, Telekom Security division in Bonn. Cyber security and identity & access management...

Get the Most out of PAM: How to Make Privileged Access Management Meaningful and Effective

While PAM is a vital cog in the security wheel of an enterprise, its relevance to other IT functions is often overlooked leading to its poor implementation. For PAM to be meaningful and effective, all its functional components should fit into and be aware of the overall context of the environment, integrate seamlessly with other security applications and finally provide actionable information to the administrators.

This session will help attendees understand how to improve their PAM program and demonstrate more security value.

Key takeaways:

·         Challenges ailing PAM implementations

·         Factors that make PAM holistic and powerful

·         Using contextual awareness to elevate PAM

·         Real-world use cases demonstrating value

Get the Most out of PAM: How to Make Privileged Access Management Meaningful and Effective
Presentation deck
Get the Most out of PAM: How to Make Privileged Access Management Meaningful and Effective
Click here to download the slide deck. Please note that downloads are only available for event participants and subscribers. You'll need to log in to download it.
Rajesh Ganesan
Rajesh Ganesan
ManageEngine, a division of Zoho Corp
Rajesh is passionate about building enterprise software products that are simple and pragmatic and bring real value to customers. In his twenty years with Zoho, Rajesh has built products in the...
Subscribe for updates
Please provide your email address