Russell Eubanks

As founder and owner of Security Ever After, Russell is responsible for assessing the cyber security of many diverse organizations and increasing their maturity while decreasing the probability of a breach. He wrote the first paper on how to implement the Critical Security Controls and serves on the editorial panel for the Critical Security Controls. As a current handler for the SANS Internet Storm Center and a former chief information security officer (CISO) of the Federal Reserve Bank of Atlanta, he's especially passionate about helping new or aspiring cyber leaders increase their influence. Russell is a SANS Certified Instructor and co-author of MGT521: Leading Cybersecurity Change: Building A Security-Based Culture and the SEC405: Business Finance Essentials course for SANS Technology Institute.

More About Russell


From factory worker to owner of Security Ever After, Russell Eubanks' career trajectory has been anything but traditional. Years ago, while working a factory job, Russell realized he wanted more and started investigating options. He learned about his company's tuition reimbursement program and promptly signed up for computer classes at his local community college. He worked in the factory until early morning then attended classes during the day. 

"My employer paid for all of my tuition and expenses," says Russell. "I remain amazed and grateful for that benefit." Back then, the Y2K crisis was looming and companies were desperate for cybersecurity talent. Russell secured his first position before he'd even finished his degree. 

Russell is a certified instructor for SANS, teaching MGT415: A Practical Introduction to Cyber Security Risk Management; MGT514: Security Strategic Planning, Policy, and Leadership; and SEC566: Implementing and Auditing the Critical Security Controls - In-Depth and MGT 521: Driving Cybersecurity Change - Establishing a Culture of Protect, Detect and Respond. 

Russell's experience with SANS started in 2003 when he took the Security 401 course. "I thought I knew all there was to know," he says. "As it turned out, I was in over my head before lunch on the first day." His instructor told him that not many students followed through and earned the GSEC certification, so Russell decided right then that he would. He went on to participate in the SANS Mentor Program, eventually becoming an instructor himself. Throughout that time, Russell has found the best part of teaching is the ongoing education he gets from his students. "I know they have something to share that will make me become a better cyber security professional," he says. Russell encourages students to prepare for their SANS courses as they would a college class, eliminate distractions and arrive ready to engage with the instructor and fellow students. "I intentionally focus on key takeaways each day that the students can apply when they get back to work," he says. 

"I love when students apply them while they are still in class!" Perhaps most important of all, Russell brings his heart to what he teaches. "I want those I have mentored to know that I gave my all to help them become the absolute best version of themselves. I want them to have every single advantage that I always longed for and did not see or act upon until much, much later," he says. 

Russell holds a bachelor's degree in computer science from the University of Tennessee at Chattanooga. In his free time, Russell studies leadership, keeps up with his wife, son, and daughter, and loves to smoke pork on his Big Green Egg. "Only recently I learned about the importance of disconnecting from technology on a regular basis," he says. "I have my best ideas when I am away from a screen." Russell also stays busy with his recently discovered passion for running and just recently ran his fourth marathon.

Over the years, Russell has earned an impressive number of professional certifications including:

  • GIAC Strategic Planning, Policy, and Leadership (GSTRT)
  • Certified Information Security Manager, ISACA
  • Certified Information Systems Security Professional, ISC2
  • GIAC Certified Enterprise Defender (GCED)
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Certified Intrusion Analyst (GCIA)
  • GIAC Certified Penetration Testing (GPEN)
  • GIAC Certified Project Manager (GCPM)
  • GIAC Critical Controls Certification (GCCC)
  • GIAC Information Security Professional (GISP)
  • GIAC Security Essentials Certification (GSEC)
  • GIAC Web Application Penetration Testing (GWAPT)

Listen to Russell in his webcast "How to Work in Ways That Will Make Your Boss Take Notice!".


Cyber42 Game Day: Security Capabilities, May 2021

What's New with the CIS Controls v8?, RSA 2021, May 2021

Rekt Casino Hack Assessment Transformational Series – Pulling It All Together, Feb 2021

Rekt Casino Hack Assessment Transformational Series – Feeble Security Culture Disconnected from Business Objectives, Feb 2021

New Five Day Security Culture Course, Nov 2020

How to Work in Ways That Will Make Your Boss Take Notice!, July 2020

Security Leadership: Managing in Turbulent Times, presented by SANS Summits, May 2020

10 Visibility Gaps Every CISO Must Fill, Dec 2019

What the CISO REALLY Wants Out of Your SOC, Sept 2018

A Small Business No Budget Implementation of the SANS 20 Security Controls, Aug 2011