SANS Open-Source Intelligence (OSINT) Summit & Training offers immersive cyber security courses and a free Summit!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Overcome Privilege Management Obstacles with CSC v. 6

  • Tuesday, April 26, 2016 at 11:00 AM EDT (2016-04-26 15:00:00 UTC)
  • Jon Wallace, John Pescatore


  • Appsense

You can now attend the webcast using your mobile device!



In the latest update to the CIS Critical Security Controls (v. 6), "Controlled Use of Administrative Privileges" moved up from No. 12 to No. 5. This change reflects a concern that administrative privileges are granted too widely and that those who legitimately have administrative privileges might sometimes engage in risky behavior while logged in as an administrator, such as surfing the Web or reading email.

CSC 5 recommends that "security personnel should periodically gather a list of running processes to determine whether any browsers or email readers are running with high privileges."

But implementing elevated privilege management has its challenges because the controls adversely affect user experience. Or at least used to.

In this webcast, learn about the changes in controls that can help streamline privilege management and make it less visible - and annoying - to users.

View the associated whitepaper here.

Speaker Bios

John Pescatore

John Pescatore joined SANS as director of emerging security trends in January 2013 after more than 13 years as lead security analyst for Gartner, running consulting groups at Trusted Information Systems and Entrust, 11 years with GTE, and service with both the National Security Agency, where he designed secure voice systems, and the U.S. Secret Service, where he developed secure communications and surveillance systems and "the occasional ballistic armor installation." John has testified before Congress about cybersecurity, was named one of the 15 most-influential people in security in 2008 and is an NSA-certified cryptologic engineer.

Jon Wallace

Jon Wallace is AppSense's chief technologist for Americas, leading the company's technology strategy into security and cloud. Jon has been involved with AppSense since inception and held various technical roles, ranging from software development to product management to sales engineering. His two decades of experience make him one of the world's leading figures in user environment management. Prior to that, he had a brief career as a professional magician.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.