Industry Thought Leadership

Stephen Northcutt presents in depth interviews with the thought leaders in information security and IT. For every novel security product, there is a thought leader, a man or woman of vision that sees the need and guides the creation of the security product. If there is someone missing whose voice you feel should be heard, drop me a note, stephen@sans.edu.

GIAC GSEC Certification

Quick links to STI Leadership Laboratory

Thought Leadership Essay

Leadership development begins with the simple realization that you want to be a leader. Life has many opportunities to press forward and take charge of a situation, or conversely, to shrink into the background. This is why we ask prospective students to write an essay about demonstrated leadership when they apply to our college, The SANS Technology Institute.

What does leadership mean, how do you know if you are qualified to lead, how do you measure leadership? One approach is through management and leadership competencies. We define competencies as measurable skills, knowledge, and abilities that identify successful managers. Comptencies are the tools that make management possible. They are covered in our leadership course, SANS Management 421, Management and Leadership Competencies. Some of the competencies that you will be taught include:

  • Team Development
  • Relationship Building
  • Conflict Resolution
  • Importance of Communication
  • Self-Direction
  • Coaching and Training
  • Leader Qualities
  • Vision Development
  • Employee Involvement
  • Change Management
  • Motivation of employees and team mates
  • Leadership Development
  • Leading Tribes
  • Brainstorming
  • Leading Change

What is the difference between a manager and a leader? A successful leader needs all of the same competencies as a manager, but some of the competencies must be more developed. For instance vision. You can manage with a minimal capability for vision and that is even something Human Resources may look for in an industry that is based on repeatable tasks. However, you cannot lead without vision. In addition you must have power beyond your positional power, the authority that comes with your role or job description. For many people is security, this might be something called referential power, based on your knowledge of technical security. For others, it might be something called personal power, people will want to work with you because they feel that you have both programmatic skills and a strong understanding of technical issues. They will look for you to be a bridge between management and technical groups in your organization. We try to teach this balance in Management 512, SANS Security Leadership Essentials.

Different groups, industrys or situations might call for additional or different competencies. Some of these might include:

Video Interview with Joe Fantuzzi of Agiliance.
Click Here

Security Thought Leader
Roll Call

Daniel B. Cid
Sucuri
November 21, 2013
Dominique Karg
AlienVault
November 20, 2013
Bill Pfeifer
Juniper Networks
March 4, 2011
Bill Pfeifer
Juniper Networks
March 4, 2011
Chris Pogue
Senior Security Analyst
July 8, 2010
John Kanen Flowers
Founder, kane|box
May 25, 2010
Kees Leune
Leune Consultancy, LLC
February 13, 2010
Joel Yonts
CISO, a Fortune 500 retailer
February 12, 2010
Maury Shenk
TMT Advisor, Steptoe & Johnson
January 31, 2010
Chris Wysopal
CTO, Veracode
January 27th, 2010
Amir Ben-Efraim
CEO, Altor Networks
November 25th, 2009
Ed Hammersla
COO, Trusted Computer Solutions
October 15th, 2009
Amit Klein
CTO, Trusteer
September 27th, 2009
Ron Gula
Tenable
August 13th, 2009
A. N. Ananth
CEO, Prism Microsystems
August 7th, 2009
Lance Spitzner
Founder, The Honeynet Project
May 11th, 2009
Jeremiah Grossman
Founder & CTO, WhiteHat Security
April 24th, 2009
Mike Yaffe
Director of Product Marketing, Core Security Technologies
April 15th, 2009
Chris Petersen
Chief Technology Officer, LogRhythm
March 13th, 2009
John Pirc
IBM, ISS Product Line & Services Executive
February 17th, 2009
Leigh Purdie
Co-founder of Snare: Evolution of log analysis, InterSect Alliance
January 28th, 2009
Bill Worley
Chief Technology Officer, Secure64 Software Corporation
December 9th, 2008
Doug Brown
Former Manager of Security Resources, University of North Carolina at Chapel Hill
October 30th, 2008
Amrit Williams
Chief Technology Officer, BigFix
June 30th, 2008
Andrew Hay
Q1 Labs
May 13th, 2008
Gene Schultz
CTO, High Tower
April 4th, 2008
Tomasz Kojm
Original author of ClamAV
April 3rd, 2008
Bill Johnson
CEO, TDI
April 2nd, 2008
Gene Kim
Tripwire
March 14th, 2008
Kevin Kenan
Managing Director, K2 Digital Defense
March 14th, 2008
Leigh Purdie
InterSect Alliance, co-founder of Snare
March 7th, 2008
Marty Roesch
Sourcefire CEO and Snort creator
February 26th, 2008
Dr. Anton Chuvakin
Chief Logging Evangelist with LogLogic
January 28th, 2008
Kishore Kumar
CEO of Pari Networks
January 23rd, 2008
Dr. Robert Arn
CTO of Itiva
November 1st, 2007
Charles Edge
September 15th, 2007
Ivan Arce
CTO of Core Security Technologies
Updated May 6th, 2009
Mike Weider
CTO for Watchfire
Updated July 23rd, 2007
Authors of The Art of Software Security Assessment
Updated July 9th, 2007
Ryan Barnett
Director of Application Security Training at Breach Security, Inc.
June 29th, 2007
Dinis Cruz
Director of Advanced Technology, Ounce Labs
June 11th, 2007
Brian Chess
Chief Scientist for Fortify Software
June 9th, 2007
Caleb Sima
CTO for SPI Dynamics
Updated May 29th, 2007
David Hoelzer
Author of DAD, a log aggregator
May 1st, 2007