Since 2011, SANS has been celebrating those "Difference Makers" whose innovation, skill and effort have driven real increases in information security. There is no shortage of publicity around failures in security - constant headlines detailing breaches and vulnerabilities at companies and government agencies. However, what you never hear about are the many organizations who aren't in the news because their security staff have found ways to meet business and mission needs while protecting customer and business data from attackers. There are thousands of security practitioners out there who are quietly succeeding and making breakthroughs in advancing security.
On Tuesday, December 16th at the SANS Cyber Defense Initiative Training Event in Washington DC, SANS celebrated 2014's "Difference Makers." The 2014 list of cybersecurity Difference Makers include:
Freedom Mortgage National Operations and Control Center
The team at Freedom Mortgage was able to both support business demand for BYOD and mobility and to build out a NOC capability to securely monitor operations. They had 10 monitoring tools and 5 major apps in use. They were able to develop their own central monitoring capability, using SharePoint and their own smarts, reducing hundreds of thousands of security alerts per day down to an average of twenty events per day that required action.
Laks Prabhala, CISO, US Department of Justice Office of Justice Programs
Laks has been CISO at OJP since 2009 and has been the driving force behind the OJP's Next Generation Security implementation and their Secure Cloud initiative. He quickly pulled together a cross-department team that focused on the Critical Security Controls to define the OJP "Secure Cloud Initiative" and focused on early wins to demonstrated immediate security improvement.
AES Corporation Advanced Targeted Threat Team
The AES (Fortune 200) team was able pilot an approach to advanced targeted threat prevention to rapidly recognize the threat posed to AES by advanced targeted attacks which detected 100 active threats that had gone undetected. Over a nine month period they demonstrated an approach to detect and mitigate those attacks, demonstrating avoidance of over $10M in incident impact and response costs. They were able to demonstrate to management both the need and the benefit, but also were able to rapidly implement the solution in a complex organizational environment.
Department of Homeland Security National Cybersecurity Assessment and Technical Services, Team Members: Rob Karas, Sean McAfee, Dave Link, John Bush, Mark Feldhousen, Jason Hill, Willio Jean-Paul, Lorenzo Miller, Teodorico Trajano, Ken Vrooman, Scott Wallace, Joshua McAllister, Dave Redmin
The DHS NCATS team uses a proactive approach to provide vulnerability assessment and risk analysis services to DHS and other agencies. By showing how vulnerability scanning could be increased from quarterly to weekly, the team showed an 86% reduction in critical vulnerabilities. NCATS lead the response to the Heartbleed vulnerability and coordinated a response effort that mitigated 99% of all vulnerabilities within 3 weeks
Cheryl Conley, Lockheed Martin, Corporate Information Security, Security Education and Awareness
Lockheed Martin has been a trailblazer in effective employee security awareness and education. Cheryl Conley has lead that program since 2008, and been with LMSC since 1983. Her program at LMSC has included very innovative work both in defining Undesired Action Rate metrics and optimizing security awareness investments to show real security improvements. She has been tireless is collaborating with other security leaders to share her ideas and to support other efforts. Cheryl was recently appointed Business Area Information Security Officer.
Joyce Brocaglia, CEO Alta Associates
Joyce has long been a force in helping skilled cybersecurity professionals move up to CISO positions. She founded Alta Associates in 1986, helping information security professionals find management positions before the term CISO was known, let alone cool. She also established the Executive Women's Forum in 2002, exposing more women to IT and cybersecurity, and personally funding several scholarships.
Scholarships for Women Studying Information Security, Applied Computer Security Associates (ACSA) and HP Diane Pearson, Director- Federal Channel Partners, HP Enterprise Security
ACSA, a non-profit organization that has been in existence wince 1985, founded the SWSIS program in 2011 to help address the shortage of skilled people in the cybersecurity field and to especially focus on encouraging young women to consider careers in security. In 2014, with funding from HP, and involvement from the Committee on the Status of Women in Computing Research (CRA-W), an arm of the Computing Research Alliance the SWSIS program has awarded scholarships to 11 young women.
Mike Knight, Naval Network Warfare Command (NNWC) (NETWARCOM)
Mike was instrumental in making the DoD 8570 implementation produce meaningful results in increasing the skills of those getting 8570 certification. This effort not only facilitated increasing information assurance workforce skills, but delineated a career path that increases personnel retention and continual improvement of skills.
Dr. Martin Carlisle, Professor and Head, Department of Computer Science, United States Air Force Academy
Dr. Carlisle was instrumental in adding a cybersecurity major to the Air Force Academy curriculum, even as other areas were being reduced. He also created and has led the USADA Cyber Competition Team.
Sarah Edwards SANS Institute DFIR Instructor Team
Sarah Edwards has put SANS on the map with cutting edge Mac OSX and file system forensic expertise. Throughout 2014, she has contributed her time at national Law Enforcement industry events, regional B-Sides and national technical conferences, educating fellow professionals in her area of expertise.
Michele D. Guel, Distinguished Engineer, Cisco
Michele lead the development and implementation of Cisco's Security Knowledge Empowerment (SKE) program that produced tremendous gains ensuring continuous adoption of security into the DNA of all areas of Cisco's operations.
Heather Mahalik, SANS Institute DFIR Instructor Team
Heather played a key role in revitalizing mobile forensics training. She also spent her free time teaching workshops at the CyberJutsu Women in Tech group, and even participated in the Cyber girls outreach training, ensuring middle school and high school girls would have the confidence to pursue whatever profession they so desire.
Cindy Murphy, SANS Institute DFIR Instructor Team
Cindy also played a key role in developing SANS groundbreaking mobile forensics training course. She also volunteered much of her time to provide guidance and mentoring to cybersecurity investigators in the Law Enforcement community, as well as serving as a mentor for new SANS instructors.
Tyler Williams, ICS Solution Manager, Shell
Tyler was the leading force in the development of the Process Control Design and IT Security Domain Competency Guidelines that defined the specific security skill areas needed in Industrial Control System environments. Tyler chaired the broad industry consortium that turned this into the basic for the Global Industrial Cyber Security Professional (GICSP) certification.