A Small Business No Budget Implementation of the SANS 20 Security Controls
- Russell Eubanks
- Wednesday, May 14th, 7:15pm - 8:15pm
A consensus of defensive and offensive security practitioners developed the SANS 20 Security Controls. In their implementation of this program, the United States Department of State demonstrated an 85 percent reduction in vulnerabilities in the first year alone. Small businesses can use practical and often no-cost ways to leverage existing security and administration tools to bolster their information security posture. Each control is paired with pragmatic ways for small business to rapidly deploy a continuous monitoring program. By leveraging and leaning into existing tools, the small business can develop a robust continuous monitoring program that is positioned to better recognize and respond to threats.
Russell's BIo:
Russell Eubanks has been a security leader in several financial and health care organizations. He has developed information security programs from the ground up and actively seeks opportunities to measurably increase their overall security posture.
Russell is enrolled in the SANS Technology Institute and has a Bachelor of Science in Computer Science. He holds several security certifications including the CISSP, CISM, GCIA, GCIH, GPEN, GISP, GSEC and GWAPT. He is a leader of the Atlanta OWASP chapter and is instrumental in helping it grow. http://www.securityeverafter.com
Bonus Sessions
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
- Vendor: Events hosted by external vendor exhibitors.
- Lunch & Learn: Short presentations given during the lunch break.
Emerging Trends in Information Security
At Security West 2014, we'll offer 3 different discussions on Emerging Trends in Information Security and an opening night address by John Pescatore. Here's your chance to influence these discussions on trends in cyber threats, technology, business vulnerabilities, device and software security, and more. Your insights may be featured during the SANS@Night panel discussions!
Share Your Thoughts About Emerging Trends in Information Security
Friday, May 9
| Session | Speaker | Time | Type |
|---|---|---|---|
| Registration Welcome Reception | — | Friday, May 9th, 5:00pm - 7:00pm | Reception |
Saturday, May 10
| Session | Speaker | Time | Type |
|---|---|---|---|
| General Session - Welcome to SANS | Rob Lee | Saturday, May 10th, 8:15am - 8:45am | Special Events |
| Emerging Security Trends: Crossing the Chasm to Protecting a "Choose Your Own IT" World | John Pescatore | Saturday, May 10th, 7:15pm - 8:15pm | Keynote |
| Will The Real Next Generation Security Please Stand Up? | Moderator: John Pescatore, Panelists: Paul Henry, Phil Hagen, and Seth Misenar | Saturday, May 10th, 8:15pm - 9:15pm | Keynote |
Sunday, May 11
| Session | Speaker | Time | Type |
|---|---|---|---|
| Security Awareness Metrics: Measuring Human Behavior | Lance Spitzner | Sunday, May 11th, 7:15pm - 8:15pm | SANS@Night |
| Emerging Trends Panel: Offense Informs Defense... but How? | Ed Skoudis, Mike Poor, and a panel of Pen Testing and Cyber Defense faculty | Sunday, May 11th, 7:15pm - 8:15pm | SANS@Night |
| Continuous Ownage: Why you Need Continuous Monitoring | Eric Conrad and Seth Misenar | Sunday, May 11th, 8:15pm - 9:15pm | SANS@Night |
| Securing The Kids | Lance Spitzner | Sunday, May 11th, 8:15pm - 9:15pm | SANS@Night |
Monday, May 12
| Session | Speaker | Time | Type |
|---|---|---|---|
| Vendor Solutions Expo | — | Monday, May 12th, 10:30am - 10:50am | Vendor Event |
| Vendor Solutions Expo | — | Monday, May 12th, 12:15pm - 1:30pm | Vendor Event |
| Vendor Solutions Expo | — | Monday, May 12th, 3:00pm - 3:20pm | Vendor Event |
| The 13 Absolute Truths of Security | Keith Palmgren | Monday, May 12th, 7:15pm - 8:15pm | SANS@Night |
| Emerging Trends in Forensics and Incident Response | Rob Lee and a panel of DFIR faculty | Monday, May 12th, 7:15pm - 8:15pm | SANS@Night |
| The State of Eavesdropping on Cellular Networks | Christopher Crowley | Monday, May 12th, 8:15pm - 9:15pm | SANS@Night |
| An Introduction to PowerShell for Security Assessments | James Tarala | Monday, May 12th, 8:15pm - 9:15pm | SANS@Night |
Tuesday, May 13
| Session | Speaker | Time | Type |
|---|---|---|---|
| Fortinet Next Generation Firewalls | Jeff Eckley, Inside Sales Manager, Infogressive | Tuesday, May 13th, 12:30pm - 1:15pm | Lunch and Learn |
| âOperationalize Open Intelligence â YARA + Fidelis XPSâ | Mike Nichols, Senior Technical Product Manager | Tuesday, May 13th, 12:30pm - 1:15pm | Lunch and Learn |
| Symantec Lunch and Learn | — | Tuesday, May 13th, 12:30pm - 1:15pm | Lunch and Learn |
| Retina Vulnerability Management: The Best-Kept Secret in Security | Jason Williams, Security Engineer with BeyondTrust | Tuesday, May 13th, 12:30pm - 1:15pm | Lunch and Learn |
| SANS Technology Institute Open House | David Hoelzer | Tuesday, May 13th, 7:15pm - 7:45pm | Special Events |
| Closing the Door on Web Shells | Anuj Soni | Tuesday, May 13th, 7:15pm - 8:15pm | SANS@Night |
| GIAC Program Overview | Seth Misenar | Tuesday, May 13th, 7:45pm - 8:15pm | Special Events |
| How the West was Pwned | G. Mark Hardy | Tuesday, May 13th, 8:15pm - 9:15pm | SANS@Night |
Wednesday, May 14
| Session | Speaker | Time | Type |
|---|---|---|---|
| Evolving Threats | Paul A. Henry | Wednesday, May 14th, 7:15pm - 8:15pm | SANS@Night |
| A Small Business No Budget Implementation of the SANS 20 Security Controls | Russell Eubanks | Wednesday, May 14th, 7:15pm - 8:15pm | SANS@Night |
| How to Spy on your Employees with Memory Forensics | Jake Williams | Wednesday, May 14th, 8:15pm - 9:15pm | SANS@Night |
