3rd Party Risk Management , Artificial Intelligence & Machine Learning , Critical Infrastructure Security

Privileged Access Management: Essential Steps

John Keells Holdings CISO, Sujit Christy, on the Need for Auditing Privileged Access
Sujit Christy, group CISO, John Keells Holdings

Critical steps when implementing a privileged access management program include auditing of activities performed by administrators and continuous monitoring of user activity, says Sujit Christy, group CISO at John Keells Holdings, a conglomerate based in Sri Lanka.

See Also: The Essential Guide to Security (Chinese Language)

"Auditing becomes essential to ensure that administrators do not use productivity credentials for administrative purposes, which can open up the systems to hackers," Christy says in a video interview with Information Security Media Group.

In this interview, Christy offers insights on:

  • Building a risk-based strategy to reduce exposure of privileged credentials;
  • The need for administering governance policies as part of a PAM framework;
  • Managing passwords of privileged users;

Christy, global CISO at John Keells Holdings, is an experienced governance, risk, compliance, and cybersecurity professional. He's also the director of Layers-7 Seguro Consultoria Private Ltd. and a board member of the ISACA Sri Lanka Chapter. He is a Certified Information Systems Security Professional, Certified Information Systems Auditor, Certified in Risk and Information System Control, and a Certified IT Disaster Recovery Professional.


About the Author

Geetha Nandikotkur

Geetha Nandikotkur

Managing Editor, Asia & the Middle East, ISMG

Nandikotkur is an award-winning journalist with over 20 years' experience in newspapers, audio-visual media, magazines and research. She has an understanding of technology and business journalism, and has moderated several roundtables and conferences, in addition to leading mentoring programs for the IT community. Prior to joining ISMG, Nandikotkur worked for 9.9 Media as a Group Editor for CIO & Leader, IT Next and CSO Forum.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.