SANS Open-Source Intelligence (OSINT) Summit & Training offers immersive cyber security courses and a free Summit!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

The Case for PIM/PAM in Today's Infosec

  • Tuesday, June 14, 2016 at 1:00 PM EDT (2016-06-14 17:00:00 UTC)
  • Ken Ammon, Barbara Filkins


  • CA, Inc.

You can now attend the webcast using your mobile device!



Even the most secure servers and networks may be vulnerable to attack using passwords that give attackers root access to a sensitive server or allow them to assume the privileged accounts created for critical backup or SCADA systems that need elevated access to secure systems.

Regulators are painting a target on privileged access, however, according to a Gartner analysis that predicts increases of up to 40% in fines for organizations that are too slow to drop passwords in favor of more secure authentication.

Privileged Identity Management (PIM) and Privileged Access Management (PAM) systems are already in place in many organizations to secure those weak points and bring organizations into compliance. Many are badly configured or only partly implemented, leaving important gaps in security that could remain invisible until a data breach or security audit makes them obvious.

This webcast will explore the regulations that could mean bad news for organization with poor access control, as well as some of the critical issues that make privileged-access controls less effective than they could be and things both IT vendors and InfoSec pros are doing to close holes in both compliance and security.

Webcast speakers will offer practical advice on the procurement and implementation of PIM/PAM systems -- especially within federal agencies where they are often required but still underutilized. They will also review organizational issues that make it harder to control privileged access and operational techniques to address even the stickiest of those problems.

Be among the first to receive the associated whitepaper written by Robert M. Lee and Barbara Filkins.

View the associated whitepaper here.

Speaker Bios

Barbara Filkins

Barbara Filkins, SANS Analyst Program Research Director, holds several SANS certifications, including the GSEC, GCIH, GCPM, GLEG and GICSP, the CISSP, and an MS in information security management from the SANS Technology Institute. She has done extensive work in system procurement, vendor selection and vendor negotiations as a systems engineering and infrastructure design consultant. Barbara focuses on issues related to automation—privacy, identity theft and exposure to fraud, plus the legal aspects of enforcing information security in today’s mobile and cloud environments, particularly in the health and human services industry, with clients ranging from federal agencies to municipalities and commercial businesses.

Ken Ammon

Ken Ammon is chief strategy officer at Xceedium, which was acquired by CA Technologies last summer. He previously had founded both Looking Glass Security, a consulting firm that advises corporations, private equity funds and venture capital investors on emerging security trends and technologies, and NetSec, a pioneer in the managed security service provider marketplace. Specializing in security matters relating to commercial enterprise and federal government markets, Ken has testified before the House Government Reform Committee on dramatic security vulnerabilities affecting sensitive government information and critical infrastructure. He also has served as an adjunct faculty member at the National Security Agency's National Cryptologic School, where he was recognized with the Scientific Achievement Award.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.