Most security teams have focused their identity governance efforts on managing human access. You’ve got SSO in place. MFA is enforced. There’s a reasonably consistent process for onboarding and offboarding employees. You probably run access reviews on a quarterly basis and, if you’re further along, maybe you’ve deployed a PAM solution to protect privileged user…
Tag Archives: Privileged Access
-
Break Glass Accounts – Risk or Required
October 1st, 2025 by Paul Hunter | Posted in Best Practices, Perspective, Research |
Tags: Access Control, break glass accounts, Cyber Risk, cybersecurity, Data Protection, IAM, identity management, Incident Response, IT Security, MFA, Privileged Access, Resilience, Risk Management, Security Best Practices, Zero trust
We have all seen the sign, “In case of fire, break glass, and pull alarm.” While this necessary mitigating control for fire safety is explicitly known and present in almost every building, an analogy translates into the cybersecurity landscape as “break glass accounts.” In fact, few risk-mitigating controls stir as much debate among CISOs as…
-
Identity Blind Spots on the Network Layer
September 25th, 2025 by Paul Hunter | Posted in Perspective, Research, Security Outcomes |
Tags: access management, cybersecurity, identity security, IT Security, Kron, KronPAM, KronTech, PAM, Privileged Access, privileged access management, Web App, Web Security, Zero trust
Webinar Title: Zero Trust Falls Short Without Network Identity: Lessons from Salt Typhoon Date: October 1, 2025 Registration: Save your spot here Abstract Identity for users, applications, servers, and cloud has matured. Network devices are often the exception. Shared device accounts, SSH key sprawl, limited per-command authorization, and weak session evidence create a gap that…
-
Salt Typhoon: How Network Admin Paths Became Attack Paths
September 23rd, 2025 by Paul Hunter | Posted in News, Perspective, Security Outcomes |
Tags: access management, cybersecurity, identity security, IT Security, PAM, Privileged Access, privileged access management, Web App, Web Security, Zero trust
Webinar Title: Zero Trust Falls Short Without Network Identity: Lessons from Salt Typhoon Date: October 1, 2025 Registration: Save your spot here Abstract Salt Typhoon highlights how valid credentials and built in tools can turn network administration into an attacker highway. This post walks a likely attack chain in plain language and shows where identity…
Recent Comments
No comments to show.
