Develop invaluable cybersecurity skills through interactive training during SANS 2021 - Live Online. Register now.


To attend this webcast, login to your SANS Account or create your Account.

Leveraging the Critical Security Controls to Mitigate User and Asset-based Risk

  • Friday, February 07, 2014 at 1:00 PM EST (2014-02-07 18:00:00 UTC)
  • Michael Yaffe, Eric Cole, PhD


  • BeyondTrust

You can now attend the webcast using your mobile device!



Data breaches often begin with an attacker exploiting a single external vulnerability on a low-level system, and then capitalizing on privileges to gain access to critical systems and data. To defend against these threats, you need to discern the asset-based vulnerabilities that provide doors into an environment as well as the user privileges that present corridors to sensitive assets.

The 20 Critical Security Controls (CSC) have been proven by top public and private security agencies to effectively mitigate cyber threats. During this presentation, Dr. Eric Cole, SANS fellow and a key participant in the development of the (CSC), will focus on the 8 controls specifically designed to address user and asset-based risks.

You'll learn about:

  • The 5 Critical Tenets of an effective cyber defense system
  • The 5 Quick Wins that can deliver solid risk reduction with minimal hassle
  • Techniques for gaining a better understanding of vulnerabilities, privileges and other key points of exposure

You'll walk away with practical tips for leveraging the CSC to more effectively mitigate user and asset-based risk throughout your organization.

Speaker Bios

Eric Cole, PhD

Eric Cole, PhD, is a SANS faculty fellow, course author and instructor who has served as CTO of McAfee and chief scientist at Lockheed Martin. He is credited on more than 20 patents, sits on several executive advisory boards and is a member of the Center for Strategic and International Studies' Commission on Cybersecurity for the 44th Presidency. Eric's books include Advanced Persistent Threat, Hackers Beware, Hiding in Plain Sight, Network Security Bible and Insider Threat. As founder of Secure Anchor Consulting, Eric puts his 20-plus years of hands-on security experience to work helping customers build dynamic defenses against advanced threats.

Michael Yaffe

Michael brings more than 15 years of experience at organizations ranging from start-ups to Fortune 100 companies to his position. He has a significant record of achievement in developing strategic and tactical marketing programs for information security companies. He possesses a strong set of skills in lead generation, public and analyst relations, product marketing, partnership development, positioning and branding. Prior to his role at BeyondTrust, he spent over 10 years with Core Security where he established the company's leadership position in the penetration testing space and helped grow revenues more than 10 fold during his tenure.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.