Russell Eubanks

Russell is a Principal Consultant and Co-Founder of Cyverity, an information security consulting firm specializing in governance and fractional CISO. He is responsible for assessing the cybersecurity posture of many diverse organizations and increasing their maturity while decreasing the probability of a breach. He wrote the first paper on how to implement the Critical Security Controls and serves on the editorial panel for the Critical Security Controls. As a former chief information officer (CIO) and chief information security officer (CISO) of the Federal Reserve Bank of Atlanta, he's especially passionate about helping new or aspiring cyber leaders increase their influence. Russell is a SANS Principal Instructor and co-author of LDR 521: Security Culture for Leaders and the SEC405: Business Finance Essentials course for SANS Technology Institute.

More About Russell

Upcoming Courses


From factory worker to owner of Security Ever After, Russell Eubanks' career trajectory has been anything but traditional. Years ago, while working a factory, Russell realized he wanted more. He learned about his company's tuition reimbursement program and promptly signed up for computer classes at his local community college. He worked in the factory until early morning and attended classes during the day. 

"My employer paid for all of my tuition and expenses," says Russell. "I remain amazed and grateful for that benefit." The Y2K crisis was looming back then and companies were desperate for cybersecurity talent. Russell secured his first position before he'd even finished his degree. 

Russell is a principal instructor for SANS, teaching MGT415: A Practical Introduction to Cyber Security Risk Management; MGT514: Security Strategic Planning, Policy, and Leadership; and SEC566: Implementing and Auditing the Critical Security Controls - In-Depth, MGT521: Leading Cybersecurity Change: Building a Security-Based Culture, and SEC405: Business Finance Essentials

Russell has found the best part of teaching is the ongoing education he gets from his students. "I know they have something to share that will make me a better cyber security professional," he says. Russell encourages students to prepare for their SANS courses as they would a college class, eliminate distractions and arrive ready to engage with the instructor and fellow students. "I intentionally focus on key takeaways each day that the students can apply when they get back to work," he says. 

"I love when students apply them while they are still in class!" Perhaps most importantly, Russell brings his heart to what he teaches. "I want those I have mentored to know that I gave my all to help them become the absolute best version of themselves. I want them to have every single advantage that I always longed for and did not see or act upon until much, much later," he says. 

Russell holds a bachelor's degree in computer science from the University of Tennessee at Chattanooga. In his free time, Russell studies leadership, keeps up with his wife, son, and daughter, and loves to smoke pork on his Big Green Egg. "Only recently I learned about the importance of disconnecting from technology on a regular basis," he says. "I have my best ideas when I am away from a screen." Russell also stays busy with his recently discovered passion for running and just recently ran his fifth marathon.

Over the years, Russell has earned an impressive number of professional certifications including:

  • GIAC Strategic Planning, Policy, and Leadership (GSTRT)
  • Certified Information Security Manager, ISACA
  • Certified Information Systems Security Professional, ISC2
  • GIAC Certified Enterprise Defender (GCED)
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Certified Intrusion Analyst (GCIA)
  • GIAC Certified Penetration Testing (GPEN)
  • GIAC Certified Project Manager (GCPM)
  • GIAC Critical Controls Certification (GCCC)
  • GIAC Information Security Professional (GISP)
  • GIAC Security Essentials Certification (GSEC)
  • GIAC Web Application Penetration Testing (GWAPT)

Listen to Russell in his webcast "How to Work in Ways That Will Make Your Boss Take Notice!".


Improve Your Security Culture, May 2023

Cyber42 Game Day: Security Capabilities, May 2021What's New with the CIS Controls v8?, RSA 2021, May 2021

Rekt Casino Hack Assessment Transformational Series – Pulling It All Together, Feb 2021

Rekt Casino Hack Assessment Transformational Series – Feeble Security Culture Disconnected from Business Objectives, Feb 2021

New Five Day Security Culture Course, Nov 2020

How to Work in Ways That Will Make Your Boss Take Notice!, July 2020

Security Leadership: Managing in Turbulent Times, presented by SANS Summits, May 2020

10 Visibility Gaps Every CISO Must Fill, Dec 2019

What the CISO REALLY Wants Out of Your SOC, Sept 2018

A Small Business No Budget Implementation of the SANS 20 Security Controls, Aug 2011