Prove Skill Mastery with GIAC Certs - Free Cert Attempt Included with OnDemand Training


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Security Leadership: Managing in Turbulent Times, presented by SANS Summits

  • Tuesday, May 05, 2020 at 3:30 PM EDT (2020-05-05 19:30:00 UTC)
  • Frank Kim, Kathy Wang, Lance Spitzner, Lenny Zeltser, Russell Eubanks, Rick Holland

You can now attend the webcast using your mobile device!



Good leadership is about setting clear expectations and providing all the conditions and support a team needs to succeed. So what happens when the global reality becomes unrelenting fear, uncertainty, and doubt? You've got to maintain business operations, deal with rapidly changing security threats, deploy resources for remote work, and help your team stay focused, while also acknowledging the realities of the anxiety and emotional challenges everyone must contend with.

In this virtual forum, security leaders will share their experiences with and advice for managing in turbulent times.

Summit Chair: Frank Kim @fykim, Senior Instructor, SANS Institute


3:30-3:45 pm EDT

Welcome & Opening Remarks

Frank Kim @fykim, Senior Instructor, SANS Institute


3:45-4:20 pm EDT


Lessons Learned from Building and Managing a Globally Distributed Fully Remote Team - Pre-Pandemic, Kathy Wang @wangkathy, Former CISO, GitLab


4:20-4:50 pm

Advancing Your Cybersecurity Program Past the Crisis, Lenny Zeltser @lennyzeltser, CISO, Axionus; Senior Instructor, SANS Institute

COVID-19 forced enterprises to transition to a distributed, remote workforce almost overnight. The sudden dispersal of employees:

  • Dramatically accelerated pre-existing trends related to the shifting security paradigm,
  • Turned strategic security plans into in-the-moment tactical decisions, and
  • Left enterprises wondering how to reconcile the current cybersecurity program with their post-pandemic objectives.

In this informative presentation Lenny Zeltser shares how business requirements imposed on your cybersecurity program during the pandemic can chart a path for its long-term success.

4:50-5:00 pm



5:00-5:30 pm

Black Swan Pandemic; Now What? @rickhholland

In a matter of weeks, an unprecedented shift from neglected pandemic plans, to tabletop exercises, to pandemic response operations occurred without the luxury of a deliberate, calculated transition. Security leaders are starting to adjust to this new model and need to examine the risks and opportunities this new operating environment presents. In this talk, Rick Holland, CISO of Digital Shadows, will provide practical guidance on planning for the next twelve months and building resiliency into your security and risk program. 

5:30-6:00 pm

10 Visibility Gaps Every CISO Must Fill, Russell Eubanks @russelleubanks, Certified Instructor, SANS Institute

Using critical questions, this talk will help the successful CISO evaluate their level of visibility. This evaluation is simple enough, but the results can quite easily serve as a roadmap to help the CISO effectively close these critical cybersecurity visibility gaps for years to come.

6:00-6:30 pm


Leading Change - Establishing a Security Culture of Protect, Detect and Respond

Lance Spitzner @lspitzner, Director, SANS Security Awareness

Cybersecurity is no longer just about technology it is ultimately about organizational change. Change in not only how people think about security but what they prioritize and how they act, from the Board of Directors on down. Organizational change is a field of management study that enables organizations to analyze, plan, and then improve their operations and structures by focusing on people and culture. This presentation is a highlights version of our SANS MGT521 course that will teach leaders how to leverage the principles of organizational change, enabling them to develop, maintain and measure a security driven culture.

Speaker Bios

Frank Kim

Frank is the Founder of ThinkSec, a security consulting and CISO advisory firm, as well as a SANS Fellow and lead for both the SANS Management and SANS Cloud Security curricula, overseeing two dozen SANS courses in the two fastest growing curricula. Previously, as CISO at the SANS Institute, Frank led the information risk function for the most trusted source of computer security training and certification in the world. Frank is also the author and instructor of MGT512: Security Leadership Essentials for Managers, MGT514: Security Strategic Planning, Policy, and Leadership, and co-author of SEC540: Cloud Security and DevOps Automation. Learn more about Frank here.

Kathy Wang

Kathy Wang is the former CISO at GitLab, a cloud-native company, and is a recognized thought-leader in information security with a strong background in project management, research, and business development. She has worked in government, commercial, and technology startup environments, and currently advises security services/products startup companies. Kathy is also an internationally-recognized malware expert, who has researched, developed, evaluated, and operationalized various solutions for detecting and preventing client-side attacks used by advanced persistent threats (APT), as they target common platforms (e.g., browser, email, mobile phones). She has spoken internationally at many conferences and on many panels, including RSA, DEFCON, AusCERT, and REcon. Kathy has co-authored a book, Beautiful Security, and holds a BS and MS in Electrical Engineering from The University of Michigan, Ann Arbor.

Lance Spitzner

Lance Spitzner has over 20 years of security experience in cyber threat research, security architecture and awareness training and is a SANS Senior Instructor. He helped pioneer the fields of deception and cyber intelligence with his creation of honeynets and founding of The Honeynet Project. In addition, Lance has published three security books, consulted in over 25 countries, and helped over 350 organizations build awareness programs to manage their human risk. He is also on the Board of Advisors for Attivo Networks. Lance is the author and an instructor for MGT433: Managing Human Risk: Mature Security Awareness Programs, and MGT521: Leading Cybersecurity Change: Building A Security-Based Culture, and built the SANS Security Awareness business unit from the ground up over the past 10 years. With the catalyst of COVID-19, Lance created multiple resources for securing humans from home, from those working remotely for the first time or managing newly remote teams, to children learning and playing online. Read more about Lance here.

Lenny Zeltser

Lenny Zeltser is the Chief Information Security Officer at Axonius. Prior to Axonius, Lenny led security product management at Minerva Labs and NCR. Before that, he spearheaded the U.S. security consulting practice at a leading cloud services provider acquired by CenturyLink. Zeltser also helps shape global cybersecurity practices by teaching at SANS Institute and sharing knowledge through writing, public speaking, and community projects. He has earned the prestigious GIAC Security Expert designation and developed the Linux malware analysis toolkit REMnux.

Russell Eubanks

As owner of Security Ever After and consultant for Enclave Security, Russell is responsible for assessing the cyber security of many diverse organizations and increasing their maturity while decreasing the probability of a breach. He wrote the first paper on how to implement the Critical Security Controls and serves on the editorial panel for the Critical Security Controls. As a current handler for the SANS Internet Storm Center and a former chief information security officer (CISO) of the Federal Reserve Bank of Atlanta, he is especially passionate about helping new or aspiring cyber leaders increase their influence. Russell is a SANS Certified Instructor and co-author of the new five day version of MGT 521: Leading Cybersecurity Change: Building A Security-Based Culture and the new SANS SEC405: Business Finance Essentials course for SANS Technology Institute. More About Russell.

Rick Holland

Rick (@rickhholland) has more than 15 years’ experience working in information security. Rick is currently the CISO at Digital Shadows. Previously, he was a vice president and research analyst at Forrester Research, providing strategic guidance on security architecture, operations, and data privacy. Rick also served as an intelligence analyst in the U.S. Army. He is currently the co-chair of the SANS Cyber Threat Intelligence Summit and holds a B.S. in business administration from the University of Texas, Dallas. Rick regularly speaks at leading security conferences across the globe and has been interviewed by industry and business media, including BBC News, CNN, Dark Reading, Motherboard, NPR, The Register, and Wall Street Journal.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.