Talk With an Expert

A Small Business No Budget Implementation of the SANS 20 Security Controls

A Small Business No Budget Implementation of the SANS 20 Security Controls (PDF, 1.94MB)Published: 31 Aug, 2011
Created by
Russell Eubanks
Russell Eubanks

A consensus of defensive and offensive security practitioners developed the SANS 20 Security Controls. In their implementation of this program, the United States Department of State demonstrated a substantial reduction in vulnerabilities in its first year alone. Given their overwhelming success, other organizations have begun to adopt this approach and have achieved similar results. Small businesses do not have to be excluded from this program. They too can use practical and often no cost ways to leverage existing security and administration tools to bolster their information security capabilities. Each control is paired with pragmatic ways for small business to rapidly deploy a continuous monitoring program at little to no cost. By leveraging and leaning into existing tools, the small business can develop a robust continuous monitoring program that is positioned to better recognize and respond to threats.

Meet the expert

Russell Eubanks
Russell Eubanks

Russell Eubanks

Principal Instructor

Russell is a Principal Consultant and Co-Founder of Cyverity with extensive cybersecurity leadership experience. As former CIO and CISO of the Federal Reserve Bank of Atlanta, he brings real-world expertise to his role as SANS Principal Instructor.

Read more about Russell Eubanks