SANS Institute is pleased to announce the winners of the SANS 2017 Difference Makers Awards which celebrate individuals who are quietly succeeding and making breakthroughs in advancing security. The SANS Difference Maker Awards were created to honor the unsung heroes in cyber security whose innovation, skill, and hard work have resulted in real successes in information security.
According to John Pescatore, SANS Director of Emerging Security Trends, "The nominations for the 2017 SANS Difference Maker Awards represent some interesting trends in cyber security. From more innovative methods to increase the cyber security talent pool to creative, low cost ways of finding and fixing vulnerabilities, this year's winners have demonstrated they are working hard and making a difference in advancing security. We are honored to recognize these talented individuals for their outstanding achievements."
Winners of the 2017 SANS Difference Makers Awards will be celebrated on December 15th at the SANS Cyber Defense Initiative training event in Washington D.C. The 2017 list of SANS Difference Makers Award winners include:
Michael Roling, CISO of The State of Missouri Office of Cyber Security (OCS) successfully led a team to implement the Using Public Data to Alert Organizations of Vulnerabilities program which identifies vulnerable internet connected systems belonging to organizations from various industries across the State of Missouri. The program identifies high-risk systems that, if left insecure, could lead to disruptions within critical infrastructure or significant data loss, and contacts the owners of the impacted systems to mitigate risks.
Dan Basile, Texas A&M University (TAMU), Security Operations Center successfully increased security of TAMU's systems while helping to grow a pipeline of skilled security operations personnel. Basile put students on the front line of the school's security initiative. His team was able to stop seven cyberattacks on A&M's networks in a single year. The center also slashed costs by eliminating the need for post-breach forensics, which costs about $1 million per incident, and accelerated threat detection because students don't have to sift through piles of data.
Ben Miller, Director of Threat Operations at Dragos led analysis into the first ever piece of malware designed to disrupt power grids. Miller was one of the founding members of the E-ISAC and led cyber threat analysis for the North American power grid for NERC and the community. In his role at Dragos he's been hunting threats and taking that knowledge and helping various ICS companies implement security controls in response to the threats.
Rob Witoff, Director at Coinbase (now at Google) successfully automated the Center for Internet Security (CIS) Critical Security Controls in Amazon Web Services (AWS) cloud applications. Witoff has openly shared his successes with other security teams, showing how foundational security measures can be implemented in an AWS account. He has also prescribed best practices to help make implementation of core AWS security measures more straightforward for security teams and AWS account owners.
Allen Stubblefield, Troy High School for his work, and showing real progress, in developing cyber security skills in high school students by running competitive events that challenged students across a wide range of hands-on cyber security areas. Stubblefied is in charge of cybersecurity and the CyberPatriot program at Troy High School. He has two teams competing in the CyberPatriot nationals; one is ranked number one in the Open Division and the other is number one in the All-Service Division.
Dr. Ron Pike, Computer Information Systems at Cal Poly Pomona for his work, and showing real progress, in developing cyber security skills in college students by running competitive events that challenged students across a wide range of hands-on cyber security areas. Dr. Pike is the advisor for Cal Poly's SWIFT cyber club and is in charge of the student run data center and security operations center.
Teri Radichel, Director of Security Strategy and Research at WatchGuard Technologies successfully leverages cloud technology and automation to create new solutions for network monitoring and threat intelligence. She was on the initial team that helped Capital One move to the cloud, implementing security controls and networking, and went on to help WatchGuard Technologies architect a cloud platform. Radichel started the Seattle AWS Architects Engineers Meet Up to connect with and learn from other AWS users. She was also recognized by Amazon as an AWS Community Hero.
Meredith R. Harper, Chief Information Privacy & Security Officer at Henry Ford Health System has inspired many security and privacy professionals to focus on why we are protecting data and privacy, namely the health and safety of the patient. Harper was recently named President of the Board at the Medical Identity Fraud Alliance (MIFA) and Chair of the Michigan Healthcare Cybersecurity Council (MiHCC) in addition to her role at Henry Ford.
University and Colleges Shared Services, InfoSec Shared Service Team, Chris Sutherland, CISO was selected as a Vertical Industry Difference Maker in the field of Education. UCSS is a collaboration / jointly owned organization between all of the Universities and Colleges in Scotland. The member institutions of UCSS formed the ISSS to provide shared information security leadership and strategy to efficiently address the common threats to all Universities and Colleges.
Seven states were selected for their efforts to help inspire the next generation cyber security talent by bringing the CyberStart pilot program to students in their respective locations. CyberStart is a forward-thinking skills program designed to build future generations of cyber security professionals while identifying talented young Americans. In addition to providing a unique learning opportunity and scholarships for students, the program can lead to job growth and improved cyber security. The winners include:
- The State of Delaware, Governor John Carney
- The State of Hawaii, Governor David Ige and Reynold Hioki, Chief Information Officer
- The State of Iowa, Governor Kim Reynolds and Alison Radl, Information Security Officer OCIO
- The State of Michigan, Governor Rick Snyder
- The State of Nevada, Governor Brian Sandoval and Brian Mitchell, Director of the Office of Science, Innovation and Technology
- The State of Rhode Island, Governor Gina Raimondo and Christina M. Cosgrove
- The Commonwealth of Virginia Governor Terry McAuliffe and Karen Jackson, Secretary of Technology
To learn more about the SANS Difference Makers Awards, visit: www.sans.org/cyber-innovation-awards
About SANS Institute
The SANS Institute was established in 1989 as a cooperative research and education organization. SANS is the most trusted and, by far, the largest provider of cyber security training and certification to professionals at governments and commercial institutions world-wide. Renowned SANS instructors teach over 50 different courses at more than 200 live cyber security training events as well as online. GIAC, an affiliate of the SANS Institute, validates employee qualifications via 30 hands-on, technical certifications in information security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers master's degrees in cyber security. SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, and newsletters; it also operates the Internet's early warning system--the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to help the entire information security community. (www.SANS.org)