Critical PAM Components in the Current EnvironmentCISO Yask Sharma on Changing Access Management Strategies
Privileged access management is more critical as a result of the shift to telework during the COVID-19 pandemic and the ongoing shift of applications and data to the cloud, says Dr. Yask Sharma, CISO of a large national critical infrastructure organization in India.
"The additional controls of validation of requests coming from privileged users involves deep packet inspection, verification of the user who is initiating the request and in addition, a multifactor authentication mechanism to check the validity of the user," he says in an interview with Information Security Media Group.
Organizations should make sure privileged users have access to critical data and applications only during defined periods to better ensure security, he adds.
In this interview (see audio link below photo), he offers insights on:
- Technologies and authentication mechanisms used in PAM deployment;
- Understanding when privileged access is merited;
- How to mitigate the risk of phishing campaigns that target privileged users.
As CISO, Sharma is responsible for the maintenance of cybersecurity operations, infrastructure, and governance at a national critical infrastructure organization. He has more than two decades of experience and holds a master's degree in cyber law and cybersecurity from NLU, Jodhpur.
Disclaimer: The views expressed by the practitioner are purely personal and do not necessarily represent the organizational strategy.