Webcasts

Critical Security Controls Survey

  • Tuesday, June 25 at 1:00 PM EDT (17:00:00 UTC)
  • John Pescatore and Anil Nandigam

Sponsors

  • FireEye
  • Symantec
  • Tenable Network Security
You can now attend the webinar using your mobile device!

Overview

The Critical Security Controls (CSCs) are rapidly being adopted by companies and government agencies in the U.S., Canada and elsewhere to increase visibility into advanced threats, to shore up defenses, and ultimately for benchmarking and to improve risk posture.

As security managers become more familiar with the CSCs, theyre raising a number of urgent questions: What types of organizations are implementing what controls, and why? How integrated are these controls with overall operations and with risk management dashboards? And what new development, staffing and tool decisions will adopters have to make to address the control areas theyre focusing on?

In answer to these questions, this webcast examines the just-released results of a six-week survey on the CSCs conducted by the SANS Institute. These and other critical issues including adoption drivers,how to obtain leadership buy-in, and overcoming inhibitors to adoption will be explored during this webcast.

Register for this webcast and be one of the first to receive a SANS white paper on the CSCs, developed by John Pescatore with input from SANS director Tony Sager.

Survey Results:

Click here to view the associated whitepaper.

Take the SANS 2013 Critical Security Controls Survey https://www.surveymonkey.com/s/Critical_Controls

Speaker Bios

John Pescatore

John Pescatore joined SANS as director of emerging security trends in January 2013. He has 35 years experience in computer, network and information security. Prior to joining the SANS Institute, Mr. Pescatore was Gartner’s lead security analyst for 13 years, working with global 5000 corporations and major technology and service providers. Before joining Gartner, Mr. Pescatore was Senior Consultant for Entrust Technologies and Trusted Information Systems, where he started, grew and managed security consulting groups focusing on firewalls, network security, encryption and Public Key Infrastructures. Prior to that, Mr. Pescatore spent 11 years with GTE developing secure computing and telecommunications systems. Mr. Pescatore began his career at the National Security Agency, where he designed secure voice systems, and the United States Secret Service, where he developed secure communications and surveillance systems. He holds a Bachelor's degree in Electrical Engineering from the University of Connecticut and is a NSA Certified Cryptologic Engineer. He is also an Extra class amateur radio operator, callsign K3TN.


Ron Gula

Ron Gula is known in the global security community as a visionary, innovator, and extraordinary engineer. He started his career in information security at the National Security Agency conducting penetration tests of government networks and performing advanced vulnerability research. Since co-founding Tenable Network Security in 2002, Ron has been CEO and CTO at Tenable, maker of the world-renowned Nessus® vulnerability scanner and Unified Security Monitoring™ architecture. As CEO/CTO of Tenable, he is responsible for product strategy, research and development, and product design and development. Ron is also a leader in his community and a passionate advocate for education and scientific research. Prior to Tenable, Ron was the original author of the Dragon IDS and CTO of Network Security Wizards, which was acquired by Enterasys Networks. At Enterasys, Ron was Vice President of IDS Products and worked with many top financial, government, security service providers, and commercial companies to help deploy and monitor large IDS installations. He was also the Director of Risk Mitigation for US Internetworking and was responsible for intrusion detection and vulnerability detection for one of the first application service providers. Ron also worked for BBN and GTE Internetworking where he conducted security assessments as a consultant, helped to develop one of the first commercial network honeypots, and helped develop security policies for large carrier-class networks. Ron was the recipient of the 2004 Techno Security Conference "Industry Professional of the Year" award. In SC Magazine's 20th Anniversary Edition, Ron was named as one of the top market entrepreneurs for the past 20 years.


John Bordwine

With over two decades of experience in the security industry, John Bordwine is widely recognized as an expert in his field. John is currently the Public Sector Chief Technology Officer at Symantec. As the Symantec Public Sector CTO, John currently serves as a trusted advisor, providing guidance on the development of products and solutions that meet government requirements and certifications specifically focused on the Public Sector markets. John’s responsibilities also include all technical and strategic activities related to Public Sector customers, which includes federal, state, and local government agencies, and education industries. John is an active member of various government working groups and has participated with developing several government IT security requirements. John has spoken at numerous highly-acclaimed security events, including SANS Institute events, FOSE, AFITC, RSA and US Government agency-specific functions. John holds a Top Secret clearance and served in the US Army Signal Corps where his last assignment was with the White House Communications Agency.


Kevin Skapinetz

Kevin Skapinetz is the Program Director for Product and Security Strategy at IBM. As part of the Security Systems division, he's responsible for defining and executing the strategic direction for IBM’s portfolio of products and services to protect customers from today’s rapidly changing cyber threats. Kevin also leads Product Management for IBM X-Force - a world renowned security research organization focused on collecting, understanding and documenting global threats and security challenges. During his tenure at IBM and Internet Security Systems (acquired by IBM in 2006), Kevin has held multiple leadership positions in product management, engineering and support. He played a central role in the Office of the CTO as a technology strategist, where he guided the company's roadmap for securing emerging technologies, including virtualization and cloud computing. He also spent several years as the lead software engineer for RealSecure Server Sensor, a multi-platform host intrusion prevention system. Kevin holds a computer science degree from Tulane University and a master's degree in information security from the Georgia Institute of Technology.


Anil Nandigam

As Senior Staff Product Marketing Manager at FireEye, Anil is responsible for aligning FireEye’s product communications with the evolving security needs of global organizations. Anil has over 12 years of experience in the computer networking industry. Prior to FireEye, Anil was a Senior Product Manager at Cisco, responsible for driving Product strategy and GTM activities for security and access routing solutions. Anil holds a MS degree in Computer Science from the University of Houston and an MBA from Santa Clara University.


Tony Sager

Tony Sager served as the chief of every major element of the cyberdefense mission at the National Security Agency (NSA), finishing his 34-year career there as director of the Vulnerability Analysis and Operations group and chief operating officer of the IAD (Information Assurance division) of NSA. All 700 of the top cyberdefenders and vulnerability analysts at NSA worked for Tony. He was the person inside government most responsible for the initiation of the Critical Controls and for ensuring they reflected and dealt effectively with the active threat. Tony came to SANS to lead the global effort to ensure all new threats are appropriately reflected in the Critical Controls are kept current so their adopters can be assured that they are dealing as effectively as possible with the current threat environment. Tony is also working to on building a global career development and pathways program to map and enhance career growth opportunities for cybersecurity professionals and for companies trying to ensure they have the talent they need.

Need Help? Visit our FAQ page or email webcast-support@sans.org.