SANS 2017 "Difference Makers" Awards

There is no shortage of publicity around failures in security - constant headlines detailing breaches and vulnerabilities at companies and government agencies. However, what you never hear about are the many organizations who aren't in the news because they have found ways to meet business and mission needs while protecting customer and business data from attackers. There are thousands of security practitioners out there who are quietly succeeding and making breakthroughs in advancing security.

At the SANS Cyber Defense Initiative conference in Washington DC in December, SANS will hold the 5th annual celebration of the most dedicated and innovative "People Who Made a Difference in Security in 2017."

We are soliciting nominations from the SANS community for names of individual, teams and groups who implemented security processes or technology in 2017 that resulted in meaningful and measurable advances in security. The criteria for nomination are:

  1. Must have led the implementation and deployment of security processes or controls in 2017 that either (a) made measurable increases in cybersecurity or (b) enabled new business initiatives (such as use of BYOD, cloud, agile development, Digital Government, etc) while maintaining required security levels.
  2. The deployed solutions must show advances or innovation over common levels of practice.
  3. Must be willing, and have management approval, to be publicly acknowledged. Company or agency names can be kept anonymous if necessary.

Awards will be made in several categories, including but not limited to:

  1. Enhancing the Security Workforce
  2. Implementing the Critical Security Controls
  3. Meaningful Security Metrics
  4. Mitigating Advanced Threats
  5. SANS Security Awareness
  6. Vertical Industry Difference Makers: ICS, Healthcare, Government, etc.

Submissions are due by 20 October 2017, and will be evaluated by a team from SANS, security industry analysts and thought leaders. Nominations should include:

  • Full contact information for the person submitting the nomination
  • Full contact information for the nomination person or the leader of the team or group nominated.
  • A brief description of the accomplishments justifying nomination. This must include indication of the measurable increase in security or the new business initiative enabled.
  • Any additional explanatory information.
  • Confirmation that the nominating person or group can be publicly acknowledged.

Send your nominations or questions to