Randy Marchany
Senior InstructorChief Information Security Officer at Virginia Tech
Specialities
Cybersecurity Leadership

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsCybersecurity Leadership

Randy Marchany teaches cybersecurity from a long view of the field: from mainframes and Unix systems to modern control frameworks, risk measurement, and security programs built to survive real incidents. A SANS Senior Instructor, Chief Information Security Officer at Virginia Tech, and Director of the Virginia Tech IT Security Lab, Randy teaches SEC566: Implementing and Auditing CIS Controls. His work helps students connect defensible controls, audit strategy, and operational security to the practical challenge of reducing risk across complex environments.
Randy knows his stuff. I am amazed at his depth and breadth of knowledge.
Randy has a wealth of knowledge and is a fantastic communicator. I will have much to take back with me.
[Randy] is very knowledgeable and approachable for questioning and clarification.
Here are upcoming opportunities to train with this expert instructor.
Explore content featuring this instructor’s insights and expertise.
This session argues that modern cyber incidents are not the result of novel or sophisticated threats, but of the industry’s repeated failure to fix problems we have understood since the 1990s.

This session will describe the differences between version 7.1 and version 8 of the Center for Internet Security Twenty Critical Security Controls. This major rewrite of the twenty CSCs reflects core changes in today\'s computing and infrastructure environments.

The 20 Critical Controls are quick wins that allow you to rapidly improve your cybersecurity without major procedural or technical change. International cybersecurity experts developed the 20 Critical Controls to be the most effective and specific set of technical measures to counter the most common and damaging computer attacks. The controls address the root causes of these attacks to ensure your security measures are effective. This presentation will also discuss how VA Tech is implementing the 20 Critical Controls as part of its overall security strategy.
