CISA and The Principle of Least Privilege w/ CISA Security Advisor: Donald E. Hester

The world is finally becoming aware of the danger of excess privileges and unmanaged users. These are the accounts that the attackers love to take over and then stay resident in our enterprises and exfiltrate data while going undetected.NIST, the National Institute of Standards and Technology, has created a concept to remedy this situation. They label it the Principle of Least Privilege (NIST CSF 1.1. PR.AC-04, NIST CSF 2.0 PR.AA-05), which guides companies to limiting logical, physical & system access to specific job functions. To get the word out - the U.S. has created CISA - the Cybersecurity and Infrastructure Security Agency to explain, promote and create dialogue on important cyber principles. The #AuditTuesday series is privileged to have one of their cyber advisors, the esteemed Donald E. Hester, to discuss the principle of least privilege and why CISA has itemized it in multiple documents including: The #StopRansomware Guide and the Zero Trust Maturing Model.  Karina Klever, Cyber and Risk Management expert, and CEO of Klever compliance,  will round on the speaker panel with real "use cases" of how the Principle of Least Privilege is used (and to an enterprise's cost) not used in accounts.The discussion will also include 13 U.S. patented Garret Grajek who will explain how YouAttest enables enterprises, big and small, to meet the principles of least privilege.To learn more about YouAttest and how we can help secure your identities, contact us at [email protected]

There are no comments yet.

Please log in to write the first comment.