Bethesda, Md. – SANS Institute, the global leader in cyber security training and certifications, today announced the winners of the SANS 2019 Difference Makers Awards. This prestigious annual awards program honors individuals, teams and groups from within the SANS community who have made a difference in security. Through their implementation of security processes or technology, each person has demonstrated meaningful and measurable advances in security.
“The 2019 winners are a very diverse group that have made real progress in increasing cyber security levels in a number of key areas,” said John Pescatore, SANS Director of Emerging Security Trends. “The Difference Makers range from a CEO to a high school teacher. The progress includes increasing diversity in the cyber security workforce, fighting fake account creation and implementing many areas of the Critical Security Controls, to name just a few.”
Winners will be honored during an awards luncheon on Monday, December 16, at the SANS Cyber Defense Initiative® 2019 training event in Washington D.C. The SANS 2019 Difference Makers Award winners include:
Conor Callahan, Technical Lead, Platform & Infrastructure, Zoosk
Callahan
and team put forth a successful effort to stop fake account creation
and account take overs. In so doing, they helped put a stop to
associated fraud and scams like the “romance” scam, which costs, on
average, $12,000 per scam.
Jason Gray, CIO, US Department of Education
Dorothy Aronson, CIO, National Science Foundation
Doc McConnell, Office of the Federal Chief Information Officer, Office of Management and Budget
Trey Kennedy, Office of the Chief Information Officer, U.S. Department of Justice
Through
a strategic partnership between the U.S. Department of Education, the
National Science Foundation, the Office of Management and Budget, the
U.S. Department of Justice, and the CIO Council, with leadership by US
Federal CISO Suzette Kent, the first-ever Federal Cyber Reskilling
Academy (FCRA) was created to offer Federal employees hands-on training
in cyber security. Launched in November 2018, this program demonstrates
the ability to reskill employees into cyber security professionals by
identifying hidden internal talent – specifically employees who had no
formal IT training or work experience. This program provides a model for
the rest of government and for large industrial organizations, and has
already served, in part, as the model for a large-scale cyber talent
development program being launched in Canada.
Jose María Labernia, Head of IT Security & Internal Control, LafargeHolcim IT EMEA
Labernia
was instrumental in helping redefine LafargeHolcim’s vulnerability
management program through such efforts as the introduction of newly
defined key performance indicators (KPIs). As a result, rather than
report thousands of vulnerabilities to senior management, the number is
significantly scaled down. Senior leaders' sponsorship to resources
allocation and the organization’s security posture have improved.
Victor Givers, Founder, GDI.Foundation
Givers has
been a driving force behind the GDI.Foundation, an international
non-profit organization. GDI’s mission is to protect the Internet by
trying to make it safer for users, and to prevent and mitigate digital
abuse. Members focus on responsible disclosures and assist anywhere in
times of need. Givers has more than 5,000 responsible disclosures on his
name and is progressing internet safety in The Netherlands, and
worldwide.
Jamie Graves, Senior Cyber Security Training Analyst, BlueCross BlueShield of Louisiana
Graves
took compliance-focused, annual training to a robust awareness program
with measurable metrics that focuses on long-term sustainment and
culture change. He also created an Ambassador Program to further advance
security awareness programs throughout the state.
Mark R. Estep, Teacher, Poolesville High School, Poolesville MD (MCPS)
Estep
was awarded a Maryland Governor’s Citation for his work in developing a
cyber-workforce of tomorrow. His efforts have helped students gain
national recognition at cyber security competitions and earn many
scholarships.
Steffanie A.K Schilling, Information Technology Marketing
& Communications, Program Lead for Cyber Security Awareness, Steris
Schilling
designed and implemented a measurably effective Cyber Security
Awareness program for Steris. This program covers 12,000+ employees in
more than 30 countries.
Sherrie Caltagirone, Founder and Executive Director, Global Emancipation Network
Caltagirone
has dedicated herself to creating new solutions to end human
trafficking. Included among her many efforts is the use of cyber data to
identify human trafficking victims around the world.
Eric Zimmerman, former FBI Special Agent and SANS Instructor
Zimmerman has
written more than 20 open source and free digital forensics utilities
and DFIR tools throughout the past three years. These tools provide
rapid and accurate capabilities that match or exceed many commercial
products. Zimmerman’s efforts in developing and supporting these tools
have enabled many enterprises to increase the efficiency and
effectiveness of their cyber security operations.
Sylvia Acevedo, CEO of the Girl Scouts
Acevedo
helps fuel the pipeline of female leadership, STEM leadership and
entrepreneurship in Birmingham. As part of this effort, Girl Scouts of
the USA has unveiled several new program badges and goals, most of which
involve STEM and the outdoors.
Neal Richardson, CISO-Director of Technology, Hillsboro-Deering School District, New Hampshire
Richardson successfully
implemented the CIS Controls Implementation Group 1 (IG1) across his
network and brought the school district into compliance with New
Hampshire’s student privacy law.
Lieutenant Colonel Shane F. Liptak (Retired), U.S. Army
LTC
Liptak helped create the training program for the Army 255S
"Information Protection Technician" military occupational specialty
(MOS). This program literally launched the Army into Cyberspace and
helped make Fort Gordon the cyber hub of the Army.
Jefferson Gilkeson, Director of Information Technology Audit, U.S. Department of the Interior
Gilkeson
was a driving force in increasing the effectiveness of cyber security
audits that are typically performed by Inspectors General (IG) in the US
Government. He actively advocates these advancements to IG special
interest groups so other auditors can achieve similar success
About SANS Institute
The SANS Institute was established in 1989 as a cooperative research and education organization. Today, SANS is the most trusted and, by far, the largest provider of cyber security training and certification to professionals in government and commercial institutions world-wide. Renowned SANS instructors teach more than 60 courses at in-person and virtual cyber security training events and on demand. GIAC, an affiliate of the SANS Institute, validates practitioner skills through more than 35 hands-on, technical certifications in cyber security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers a master’s degree, graduate certificates, and an undergraduate certificate in cyber security. SANS Security Awareness, a division of SANS, provides organizations with a complete and comprehensive security awareness solution, enabling them to easily and effectively manage their ‘human’ cybersecurity risk. SANS also delivers a wide variety of free resources to the InfoSec community including consensus projects, research reports, webcasts, podcasts, and newsletters; it also operates the Internet's early warning system–the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to support and educate the global information security community. (https://www.sans.org)