NAC Applied to the Critical Security Controls

  • Wednesday, April 3rd, 2013 at 1:00 PM (13:00:00 EDT/US Eastern)
  • G. Mark Hardy, Scott Gordon and Brian Meyer


  • ForeScout Technologies
You can now attend the webinar using your mobile device!


Network Access Control (NAC) at first glance appears to be solely concerned with roles-based, device authenticated access to network resources. Given the diversity and proliferation of smart consumer devices in the workplace and the trend for enterprises to take advantage of wireless, cloud and mobile applications, next generation NAC has evolved beyond its namesake to become an integral component to effectuate visibility, asset intelligence and integrity, and network security controls.

This webcast will explore how today's NAC can align with many of the 20 Critical Security Controls, particularly in regards to monitoring, configuration, mobility and access. IT governance, risk management and compliance (GRC) assumptions, control challenges and NAC use cases are also slated for discussion, followed by an opportunity to present your questions to the experts.

Register now for this webcast, and be among the first to receive a new SANS Analyst Whitepaper on the subject.

Questions? Q@SANS.ORG

Click here to view the associated whitepaper.

Speaker Bios

G. Mark Hardy

G. Mark Hardy serves as President of National Security Corporation. He has been providing cyber security expertise to government, military, and commercial clients for over 25 years, and is the author of over 100 articles and presentations. He serves on the National Science Foundation's CyberWATCH Advisory Board, and is a recently retired Navy Captain. A graduate of Northwestern University, he holds a BS in Computer Science, a BA in Mathematics, a Masters in Business Administration, a Masters in Strategic Studies, and is designated as a Certified Information Systems Security Professional (CISSP) and Certified Information Security Manager (CISM).

Brian Meyer

Brian Meyer is an information security officer for Meritrust Credit Union. In the past four years at Meritrust, Brian has implemented layers of control to meet ongoing compliance objectives and streamlined security policy. He has worked within the financial industry to assist entities with risk assessments and to meet compliance goals using best-in-class vendor solutions with measurable results. Previously he held the positions of professional services manager and senior system engineer, providing information technology and business services consulting to small and medium businesses. Brian holds a bachelors degree in business administration in management information systems from Pittsburg State University. He holds a CISSP certification from ISC2 and the GISP and GSEC certifications.

Scott Gordon

Scott Gordon, COO at FinalCode, Inc., is an accomplished leader who has helped evolve security management, network and endpoint security, and risk and compliance assessment technologies at both innovative startups and large organizations. Prior to FinalCode, Scott held several senior management positions within ForeScout Technologies, Protego Networks (acq. Cisco), Axent Technologies and McAfee. An infosec authority, speaker and writer, he is the author of "Operationalizing Information Security" and the contributing author of the "Definitive Guide to Next-Gen NAC." Scott holds CISSP-ISSMP certifications, an MBA, and a BA in marketing and MIS from Hofstra University.

Need Help? Visit our FAQ page or email webcast-support@sans.org.