Security Congress Day 2: From PAM to Cyber Insurance to Finding a Voice

Security Congress Day 2: From PAM to Cyber Insurance to Finding a Voice

While cybersecurity spending is expected to hit $124 billion this year, only a small portion of it will go toward identity management. Yet, a disproportionate number of breaches occur because of flaws in access management and dangerous practices such as the sharing of passwords, according to Tariq Shaikh, CISSP, Senior Security Advisor for CVS Health.


Identity management spending accounts for 5% to 10% of total cybersecurity spend. When it comes to privileged access management (PAM), Shaikh said the portion is even smaller -- 1%. It’s time to change that, he argued during a session on PAM at the (ISC)2 Security Congress 2019, taking place in Orlando this week. Considering how many breaches result from access management issues, Shaikh said PAM can substantially reduce the number of security incidents.


Shaikh’s presentation was one of dozens of sessions on the second full day of Security Congress, covering a range of topics, including challenges around cybersecurity protection, how to cope with data privacy and security regulations, and how to find your voice as a professional to make yourself heard.


“Your ability to secure your assets depends on how well you manage privileged access,” Shaikh said. “It’s the critical attack vector.” He added that PAM isn’t a one-and-done situation, but rather an ongoing endeavor that requires updating to keep up with the evolution of the threat landscape.


He shared a list of best practices for PAM implementation, which includes separating user accounts and infrastructures for routine business and privileged activities, using a centralized enterprise authentication solution, removing privileged access from users who don’t need it, and keeping track of w ..

Support the originator by clicking the read the rest link below.