Don't Miss Pen Test Hackefest Summit & Training, November 2-9 near DC!

2010 National Cyber Security Leadership Award Winners Press Release

Carper, Kundra, and Streufert Win the 2010 National Cyber Security Leadership Award

Washington, November 16 - Three federal government officials, including a U.S. senator, have won the 2010 National Cyber Security Leadership Award presented by the SANS Institute to honor persons who significantly improve the effectiveness of the nation's cyber security.

Senator Tom Carpenter
U.S. Senator
Vivek Kundra
CIO of the United States
John Streufert
CISO of the U.S. Department of State
  • U.S. Senator Tom Carper of Delaware, chairman of the Senate Subcommittee on Federal Financial Management, Government Information, Federal Services and International Security
  • Vivek Kundra, Chief Information Officer of the United States
  • John Streufert, Chief Information Security Officer of the U.S. Department of State.

The 2010 award recognizes the three leaders for (1) uncovering more than $300 million each year in wasted federal spending on ineffective certification and accreditation reporting, and (2) developing and demonstrating an alternative approach called "continuous monitoring" that provides more effective security for federal systems at lower costs. The officials also played a key role in changing federal policy to ensure that government agencies can rapidly implement the improvements. The impact of continuous monitoring reaches beyond federal agencies--more than 100 state agencies and commercial organizations have taken steps to implement continuous monitoring, as well.

The National Cyber Security Leadership Award is the most prestigious of all cyber security awards because it recognizes transformational changes that have a sweeping impact on a range of public and private sector entities and on millions of users. The 2010 award was presented Tuesday at the Washington Convention Center during the keynote session of the 2010 Security Conference.

Awardees are selected by the faculty and 120,000 alumni of the SANS Institute and by experts from the Internet Storm Center. Past winners include:

  • Congressmen Dan Lungren (R-CA), Dave Reichert (R-WA), James Langevin (D-RI), and Michael McCaul (R-TX), along with teams from Idaho National Labs, the U.K. National Infrastructure Security Coordination Centre, and the U.S. Departments of Homeland Security and Energy for (1) illuminating the risk to power systems from cyber attacks, (2) motivating asset owners to correct problems, and (3) developing and operating a National Testbed where experts find vulnerabilities in control systems and prompt industry players to quickly correct them.
  • Microsoft and Red Hat for enabling automated patch and update distribution to replace old methods requiring users to find and download patches from vendor web sites.
  • UUNET (now Verizon) for developing a technique that stops denial of service attacks, and for sharing the technique with all other major Internet service providers to help stop the distributed denial-of service attacks that brought down the web sites of Dell, Yahoo, eBay, CNN, and many other organizations.

For more information, contact