Whitepapers
In-depth technical papers on key topics in Privileged Access Management, Identity Security and regulatory compliance.
DORA and PAM — What the Financial Sector Needs to Know
DORA (EU) 2022/2554 has been in force since 17 January 2025. This whitepaper explains the direct implications for Privileged Access Management in financial institutions: ICT risk management requirements, third-party access, incident reporting and the replacement of BAIT/VAIT. For compliance officers, CISOs and IT security leaders.
NIS2 and Access Management for Critical Infrastructure
NIS2 (EU) 2022/2555 obliges essential and important entities to implement mandatory cybersecurity measures. This whitepaper analyses the access management requirements from NIS2 Art. 21 and shows how PAM implementations systematically satisfy them.
CyberArk Self-Hosted vs. Privilege Cloud — Decision Framework
The choice between on-premises PAM and SaaS PAM is a strategic decision with long-term implications. This whitepaper provides a structured decision framework with evaluation matrix for different organisation types and regulatory requirements.
Zero Trust Architecture and PAM — Practical Guide
Zero trust is an architecture principle, not a product. This guide shows how PAM is integrated into a ZTA initiative: mapping NIST SP 800-207 principles to PAM controls, prioritising implementation steps and a pragmatic approach for organisations beginning their ZTA journey.
