.jpg?auto=webp&height=390&crop=3:1)
SANS Institute is pleased to announce the winners of the SANS 2017 Difference Makers Awards which celebrate individuals who are quietly succeeding and making breakthroughs in advancing security. The SANS Difference Maker Awards were created to honor the unsung heroes in cyber security whose innovation, skill, and hard work have resulted in real successes in information security.
The nominations for the 2017 SANS Difference Maker Awards represent some interesting trends in cyber security. From more innovative methods to increase the cyber security talent pool to creative, low cost ways of finding and fixing vulnerabilities, this year's winners have demonstrated they are working hard and making a difference in advancing security. SANS is honored to recognize these talented individuals and teams for their outstanding achievements.
Winners of the 2017 SANS Difference Makers Awards were celebrated on December 15th at the SANS Cyber Defense Initiative training event in Washington D.C. The 2017 list of SANS Difference Makers Award winners include:
Michael Roling, CISO of The State of Missouri Office of Cyber Security (OCS)
Michael Roling successfully led a team to implement the Using Public Data to Alert
Organizations of Vulnerabilities program which identifies vulnerable
internet connected systems belonging to organizations from various
industries across the State of Missouri. The program identifies
high-risk systems that, if left insecure, could lead to disruptions
within critical infrastructure or significant data loss, and contacts
the owners of the impacted systems to mitigate risks.
Dan Basile, Texas A&M University (TAMU), Security Operations Center
Dan Basile successfully increased security of TAMU's systems while helping to grow
a pipeline of skilled security operations personnel. Basile put
students on the front line of the school's security initiative. His team
was able to stop seven cyberattacks on A&M's networks in a single
year. The center also slashed costs by eliminating the need for
post-breach forensics, which costs about $1 million per incident, and
accelerated threat detection because students don't have to sift through
piles of data.
Ben Miller, Director of Threat Operations at Dragos
Ben Miller led analysis into the first ever piece of malware designed to disrupt
power grids. Miller was one of the founding members of the E-ISAC and
led cyber threat analysis for the North American power grid for NERC and
the community. In his role at Dragos he's been hunting threats and
taking that knowledge and helping various ICS companies implement
security controls in response to the threats.
Rob Witoff, Director at Coinbase (now at Google)
Rob Witoff successfully automated the Center for Internet Security (CIS) Critical
Security Controls in Amazon Web Services (AWS) cloud applications.
Witoff has openly shared his successes with other security teams,
showing how foundational security measures can be implemented in an AWS
account. He has also prescribed best practices to help make
implementation of core AWS security measures more straightforward for
security teams and AWS account owners.
Allen Stubblefield, Troy High School
Developed cyber security skills in high
school students by running competitive events that challenged students
across a wide range of hands-on cyber security areas. Stubblefied is in
charge of cybersecurity and the CyberPatriot program at Troy High
School. He has two teams competing in the CyberPatriot nationals; one is
ranked number one in the Open Division and the other is number one in
the All-Service Division.
Dr. Ron Pike, Computer Information Systems at Cal Poly Pomona
For his work, and showing real progress, in developing cyber security
skills in college students by running competitive events that challenged
students across a wide range of hands-on cyber security areas. Dr. Pike
is the advisor for Cal Poly's SWIFT cyber club and is in charge of the
student run data center and security operations center.
Teri Radichel
Teri Radichel successfully leveraged cloud
technology and automation to create new solutions for network monitoring
and threat intelligence. While at Watchguard Technologies, she was on
the initial team that helped Capital One move to the cloud, implementing
security controls and networking, and went on to help architect a cloud
platform. Radichel started the Seattle AWS Architects Engineers Meet Up
to connect with and learn from other AWS users. She was also recognized
by Amazon as an AWS Community Hero.
University and Colleges Shared Services, InfoSec Shared Service Team, Chris Sutherland, CISO
Chris Sutherland was selected as a Vertical Industry Difference Maker in the field of
Education. UCSS is a collaboration / jointly owned organization between
all of the Universities and Colleges in Scotland. The member
institutions of UCSS formed the ISSS to provide shared information
security leadership and strategy to efficiently address the common
threats to all Universities and Colleges.
Seven states were selected for their efforts to help inspire the next generation cyber security talent by bringing the CyberStart pilot program to students in their respective locations. CyberStart is a forward-thinking skills program designed to build future generations of cyber security professionals while identifying talented young Americans. In addition to providing a unique learning opportunity and scholarships for students, the program can lead to job growth and improved cyber security. The winners include:
- The State of Delaware, Governor John Carney
- The State of Hawaii, Governor David Ige and Reynold Hioki, Chief Information Officer
- The State of Iowa, Governor Kim Reynolds and Alison Radl, Information Security Officer OCIO
- The State of Michigan, Governor Rick Snyder
- The State of Nevada, Governor Brian Sandoval and Brian Mitchell, Director of the Office of Science, Innovation and Technology
- The State of Rhode Island, Governor Gina Raimondo and Christina M. Cosgrove
- The Commonwealth of Virginia Governor Terry McAuliffe and Karen Jackson, Secretary of Technology