Like a Hurricane: The Life and Times of Privileged Access Management

OVERVIEW

So you want to implement a modern PAM (Privileged Access Management) solution? Awesome. More robust access controls are what the Infosec Gods say your Wild-Wild-West organization needs to inch closer to the mythic land of Pretty-Pretty Zero Trust. How are you going to accomplish this? How do you sell this to those who make the $$$ decisions (who claim to align with the principles of PAM but shudder at the threat of productivity loss)?
Or maybe the full vision of modern PAM isn’t being bought. The risk is “so-low” that it is not worth the trouble and your organization accepts this risk. Is the risk REALLY understood?
But first—what is PAM? This talk will explore iterations of access control across history. Then, let’s kick it up a notch; we’ll discuss how each control (adding up to the idealized “Modern PAM Solution”) plays a vital role (AKA, the difference between solutions provided by traditional PAM vs Modern PAM), and how gaps persist when any one of the controls is missing. We will also talk about the logistical nightmares that come with not just implementing these solutions but even proposing such a program to an organization.
And now for something completely different—I will accomplish all the above using DuckTales metaphors. Life is like a hurricane here in Duckburg! (ooo-WOO-oo!)

Presented By

ARIA LANGER

Security Engineer, Morningstar Inc.