Privileged Access Management , Security Operations

Privileged Attack Vectors: Key Defenses

BeyondTrust's Karl Lankford on Mitigating the Unmanaged Privilege Threat
Karl Lankford, director of solutions engineering, EMEA, BeyondTrust

Attackers crave insider-level access to IT infrastructure, and to get it, they regularly target insiders - and especially anyone with "super user" or admin-level access - to steal their credentials, says Karl Lankford of BeyondTrust.

See Also: Webinar | Beyond Managed Security Services: SOC-as-a-Service for Financial Institutions

That's why all insider access to systems must be "managed, monitored and audited" while also ensuring "the principle of least privilege to only give people the access they need at the time they need it," he says.

Putting that in place requires looking at insiders and "scoping some control around what they can do and limiting their exposure once they're through the front door," Lankford says.

In a video interview at the recent Infosecurity Europe conference, Lankford discusses:

  • His customers' top privileged access management challenges;
  • Best practices for assessing, prioritizing and addressing internal and external privileged risks;
  • Key steps for mitigating the threat posed by unmanaged privileges.

Lankford, director of solutions engineering in EMEA for BeyondTrust, is a frequent speaker at industry conferences.


About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.in, you agree to our use of cookies.