Home / News / CyberArk’s Kevin Jermyn: Agencies Need Programmatic Approach to Ensuring Privileged Access Security

CyberArk’s Kevin Jermyn: Agencies Need Programmatic Approach to Ensuring Privileged Access Security

Kevin Jermyn

Kevin Jermyn, regional manager of federal customer success at CyberArk (Nasdaq: CYBR), has said government agencies seeking to protect sensitive data from cyber attacks should come up with a program to control, monitor and oversee privileged access to critical assets.

“One key component is the ability to restrict a hacker’s access as soon as an attack is detected without negatively affecting legitimate users’ abilities to meet their goals or missions,” Jermyn wrote.

He suggested four steps agencies can implement to address risks related to external attackers and insider threats and the first is reducing the attack surface by minimizing user privileges.

The three other steps are centralizing access to critical infrastructure using a secure repository to store privileged credentials; controlling role-based access and segregating administrative duties to restrict the power of an account; and analyzing and monitoring privileged user’s behavior and activities. Jermyn also offered an advice for agencies to ensure privileged access security as they move to the cloud.

“As agencies migrate to the cloud, it’s important to avoid creating technical debt by adopting the easiest option now with the intention of reworking it later to meet specific needs,” he said. “The better approach is to define a centralized structure from the beginning that incorporates best practices for managing privileged access.”

Check Also

Former Symantec Exec Nico Popp Joins Forcepoint as Chief Product Officer

Nico Popp, former senior vice president for cloud and information protection at Symantec, has been named chief product officer of cybersecurity company Forcepoint.

Microsoft Gets Task Order Under DoD’s JEDI Cloud Contract

The Department of Defense has awarded a task order worth $1M to Microsoft (Nasdaq: MSFT) under the potential 10-year Joint Enterprise Defense Infrastructure cloud computing contract.