Seven Cyber Security Courses in Orlando - Oct. 28-Nov. 2. Save $200 thru 9/25.

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

The 20 Critical Security Controls: From Framework to Operational to Implementation

  • Tuesday, June 11th, 2019 at 3:30 PM EDT (19:30:00 UTC)
  • Randy Marchany
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

You can now attend the webcast using your mobile device!

Overview

The 20 CSC provide an excellent bridge between the high level security framework requirements and the operational commands needed to implement them. Implementation is a 3-7 year process depending on a wide variety of factors and constraints. This talk discusses our experiences in implementing the 20 CSC. For example, Control #1 has proved to be the most challenging one because it depends on how your IP addresses are generated by your networking group. We'll also discuss various tools and internal policies and standards that support a particular control's implementation. Finally, we'll show examples of how we measure progress. 

Speaker Bio

Randy Marchany

Randy is the Chief Information Security Officer of Virginia Tech and the Director of Virginia Tech's IT Security Laboratory. He is a co-author of the original SANS Top 10 Internet Threats, the SANS Top 20 Internet Threats, the SANS Consensus Roadmap for Defeating DDoS Attacks, and the SANS Incident Response: Step-by-Step guides. He is a member of the Center for Internet Security development team that produced and tested the CIS Solaris, HPUX, AIX, Linux and Windows2000/XP security benchmarks and scoring tools. He was a member of the White House Partnership for Critical Infrastructure Security working group that developed a Consensus Roadmap for responding to the DDOS attacks of 2000.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.