The National Industrial Security Program Operating Manual (NISPOM) and other Executive Orders require contractors to establish and maintain an insider threat program to detect, deter, and mitigate insider threats. This Solution Brief highlights how you can establish a foundation for Federal compliance with CyberArk Privileged Access Security Solutions.
U.S. Dept of Homeland Security CDM Program
This white paper outlines how to leverage Privileged Account Security solutions to detect, alert, and respond to insider threats.
Juan Asenjo, Partner Integration Marketing, Thales e-Security
Kevin Jermyn, Technical Advisor, CyberArk
According to the findings of the recent 2017 Data Threat Report, 59% of the U.S. federal government respondents cited privileged users as the most dangerous insider threat. Cyber criminals launch sophisticated attacks to gain access to, and exploit insider privileges. Once they have privileged credentials, they are difficult to detect and can do irreparable damage.
This on-demand webcast highlights a typical use case to illustrate how the CyberArk Privileged Account Security Solution integrates with Thales nShield hardware security modules (HSMs) to secure account credentials, passwords, and keys.
Download this webcast to learn how this combined solution:
- Deploys easily across federal agencies without impacting operations
- Provides an added layer of security to privileged account management
- Protects and manages the critical cryptographic keys automatically
- Facilitates auditing and compliance with data security regulations
- Complies with FIPS 140-2 and Common Criteria security standards
Time is ticking to meet the Department of Homeland Security’s Continuous Diagnostics and Mitigation (CDM) Phase 2 Privilege Management requirements.
The U.S. Department of Homeland Security is continuously looking for better ways to help federal agencies manage and secure their networks by providing guidance and resources such as those in the Continuous Diagnostics and Mitigation (CDM) program. The program was initiated to provide the government with continuous monitoring capabilities for its computers and systems. Phase one of this program was aimed at endpoint integrity, including the management of hardware and software assets, configuration management, and vulnerability management. Phase two is focused on the people using the computers, systems, and networks and their associated security privileges. This phase is called Least Privilege and Infrastructure Integrity, and is aimed at the management of access control, security-related behavior, privileges, credentials and authentication, and boundary protection.
Download the whitepaper to find out more or send us an email at [email protected] to set up a meeting.