SANS Rocky Mountain Fall is Live Online! Join us Nov 2-7 MT for 17 interactive courses + NetWars. Save $300 thru 10/7.

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Sorry, the slides for this webcast are not available for download.

Cyber42 Game Day: Vulnerability Management

  • Tuesday, August 25, 2020 at 12:00 PM EST (2020-08-25 16:00:00 UTC)
  • Jonathan Risto, David Hazar, Frank Kim

You can now attend the webcast using your mobile device!

  

Overview

This event has reached it's registration cap. Due to the high demand, we have added an additional date, which is now open for registration. Wed Sept 23rd from 12 - 3 pm.

In this special session you will play to win the Cyber42 Vulnerability Management Simulation! In this three-hour game day you will play as part of a team to improve the state of a fictional organization and more effectively handle the vulnerability management. During the game, as developed for MGT516: Managing Security Vulnerabilities: Enterprise and Cloud, you will see that the actions you choose can have uncertain outcomes and even unintended consequences! 

This interactive simulation puts you in real-world scenarios that spur discussion, critical thinking of situations, and melding of different points of view and personalities that you likely will encounter at work. The decisions your team makes will impact your organizations vulnerability management program, leveraging and impacting the available budget, time, and vulnerability management maturity.

Winning the game is simple. Your team needs to have the highest score, which represents how well your team has adapted and implemented the vulnerability management program. Its not just about implementing security controls, its about changing behaviors and culture to create lasting improvements.

The Cyber42 game was originally developed for MGT512: Security Leadership Essentials for Managers class and has been adapted for MGT516. The Cyber42 Leadership Simulation game, as used in MGT512, is described in more detail here. The gameboard has been tailored for MGT516, and will be launched at this event.

IMPORTANT NOTE:

In this virtual session, individual attendees will be assigned to a team of 4-5 people as they log into the session. There is no ability to create a team ahead of the event, nor guarantee individual attendees will be assigned to the same team once in the session. This event will be capped at 50 people.

System Requirements: Computer with Adobe Acrobat Reader

Speaker Bios

Jonathan Risto

With a career spanning over 20 years that has included working in network design, IP telephony, service development, security and project management, Jonathan has a deep technical background that provides a wealth of information he draws upon when teaching. Currently, Jonathan works for the Canadian Government conducting cyber security research in the areas of vulnerability management and automated remediation. He is also an independent security consultant. Jonathan is a co-author and instructor for SANS MGT516: Managing Security Vulnerabilities – Enterprise and Cloud, and has been an instructor for both SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling and SEC440: Critical Security Controls: Planning, Implementing, and Auditing.


David Hazar

David is a security consultant based in Salt Lake City, Utah focused on vulnerability management, application security, cloud security, and DevOps. David has 20+ years of broad, deep technical experience gained from a wide variety of IT functions held throughout his career, including: Developer, Server Admin, Network Admin, Domain Admin, Telephony Admin, Database Admin/Developer, Security Engineer, Risk Manager, and AppSec Engineer. David is a co-author and instructor for MGT516: Managing Security Vulnerabilities: Enterprise and Cloud, an instructor for and contributor to SEC540: Cloud Security and DevOps Automation, and has also developed and led technical security training initiatives at many of the companies for which he has worked.


Frank Kim

Frank is the Founder of ThinkSec, a security consulting and CISO advisory firm, as well as a SANS Fellow and lead for both the SANS Management and SANS Cloud Security curricula, overseeing two dozen SANS courses in the two fastest growing curricula. Previously, as CISO at the SANS Institute, Frank led the information risk function for the most trusted source of computer security training and certification in the world. Frank is also the author and instructor of MGT512: Security Leadership Essentials for Managers, MGT514: Security Strategic Planning, Policy, and Leadership, and co-author of SEC540: Cloud Security and DevOps Automation.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.