Christopher was not born into the digital age and resonates strongly with a statement one of his colleges once made, “I am a digital immigrant. I found my way here." In the mid 1990's, he started in desktop support then moved into server operations and network support for a local governmental agency. After a brief intermission serving as the director of physical security for a state agency, he returned to IT in a Cybersecurity Operations role and has embraced it ever since. It was during this period of time Christopher established a solid foundation in drafting and applying policy and procedure while striking a balance between operations and business units. For the past decade Christopher has been engineering security solutions for such systems as email, encryption, data loss prevention, remote access, log management, multi-factor authentication, and privileged access management to name just a few.
Vulnerability Management has long since been a topic of interest for Christopher, as it affects not only IT but also business strategy, progress, and the humans working in the business. Knowing how a single vulnerability can be leveraged; how it can effect a business unit; and being able to communicate that across all levels of the organization is a key asset in today’s digital landscape. Being well past the days of running a scan and addressing numbers, Christopher feels strongly that we need to be able to see the organization as a whole, prioritize our work efforts, and make the most efficient use of our resources.
From the very first SANS class he took, Christopher learned that SANS was committed to student success. SANS provided him with actionable intelligence to take back to his organization and implement the day he returned. He found the techniques demonstrated in class ranged from the use of free and open-source tools to paid versions so as to fit into any organization’s budget and resources. He wanted to be a part of that work, so has joined SANS as an Associate Instructor. To Christopher, the classroom is not just about a lecture and labs. It's about interactions and connections between the instructor and the students. His goal is to present the material in such a way that the student can relate to it and gain understanding from it. This is accomplished through the sharing of experiences related to the material in a way that everyone in the room is learning from one another.
Christopher enjoys teaching vulnerability management because the topic adds value to an organization’s overall cybersecurity program. It does not matter what the vertical is, the principles conveyed in the class will make the organization more resilient. He takes pride in knowing that he is helping students develop solid skills that are aiding at all levels of an organization no matter what the organization is intending to protect. Christopher feels the biggest challenges faced by students is adapting their current vulnerability management programs to an ever-changing cloud environment. The skills and techniques used in traditional programs may not adapt to the cloud, but the course introduces tools and tactics to address an organization’s exposure in using cloud technologies and how to enhance an organization’s overall vulnerability management program.
Christopher maintains numerous professional certifications to include CISSP, GSEC, GCCC, and PCIP.
In his spare time, Christopher enjoys being outdoors, designing and building DIY projects around the house, and restoring a Jeep CJ5.
ADDITIONAL CONTRIBUTIONS BY CHRISTOPHER DENNEY
Vulnerability Management Water Cooler Chat, Aug 2021
Cyber42 Vulnerability Management Game Day, June 22
Cyber42 Vulnerability Management Game Day, June 3
Cyber42 CISO For A Day Game Day, April 2021
Cyber42 Vulnerability Management Game Day, Feb 2021