2019 National Cyber Summit

Summit Speaker Jonathan Risto

Session Information

Critical Security Controls: Planning, Implementing, and Auditing
Monday, June 3, 2019 9:00 a.m. - 4:00 p.m.
This course helps you master specific, proven techniques and tools needed to implement and audit the Critical Security Controls as documented by the Center for Internet Security (CIS). These Critical Security Controls, listed below, are rapidly becoming accepted as the highest priority list of what must be done and proven before anything else at nearly all serious and sensitive organizations. These controls were selected and defined by the US military and other government and private organizations (including NSA, DHS, GAO, and many others) who are the most respected experts on how attacks actually work and what can be done to stop them. They defined these controls as their consensus for the best way to block the known attacks and the best way to help find and mitigate damage from the attacks that get through. For security professionals, the course enables you to see how to put the controls in place in your existing network though effective and widespread use of cost-effective automation. For auditors, CIOs, and risk officers, the course is the best way to understand how you will measure whether the controls are effectively implemented. SEC440 does not contain any labs. If the student is looking for hands on labs involving the Critical Controls, they should take SEC566.

The Critical Security Controls are listed below. You will find the full document describing the Critical Security Controls posted at the Center for Internet Security.

One of the best features of the course is that it uses offense to inform defense. In other words, you will learn about the actual attacks that you'll be stopping or mitigating. That makes the defenses very real, and it makes you a better security professional.
Embassy Suites - Monte Santo Boardroom
Jonathan Risto photo
Jonathan Risto
Jonathan is a SANS Instructor teaching a wide variety of SANS classes including SEC440, SEC504, SEC560, SEC566, and SEC580. He is also the co-author of the SANS MGT516: Managing Security Vulnerabilities: Enterprise and Cloud.

With a career spanning over 20 years that has included working in network design, IP telephony, service development, security and project management, he has a deep technical background that provides a wealth of information he draws upon when teaching. His leadership of direct reports and matrix teams in industries including telecom, government and charity environments. When not teaching for SANS, he primarily works for the Canadian Government performing cybersecurity research work, in the areas of vulnerability management and automated remediation. He also performs consulting work.

He holds a bachelors degree in Electrical Engineering and is a licensed Professional Engineer (P.Eng.). He also holds a Master's Degree in Information Security Management from STI. In his spare time, he sits on the board of directors for charities and his 3 daughters keep him very busy. When possible, he enjoys the outdoors, astronomy, and photography.


Meet Our NCS 2019 Speakers

Adam Alexander Photo Adam Alexander The University of Alabama in Huntsville
Michael Anderson Photo Michael Anderson The University of Alabama in Huntsville
Jason Asbury Photo Jason Asbury President Digitel, A NXTsoft Company
John Bland Photo John Bland The University of Alabama in Huntsville
Jeremy Blevins Photo Jeremy Blevins Cybersecurity Analyst Sentar, Inc.
Jocquette Blue Photo Jocquette Blue Senior Cybersecurity Analyst H2L Solutions
Rajendra Boppana Photo Rajendra Boppana University of Texas at San Antonio
Paige Boshell Photo Paige Boshell Managing Member Privacy Counsel LLC
Jartinez Boston Photo Jartinez Boston Cybersecurity Analyst Sentar, Inc.
Colonel Nichoel Brooks Photo Colonel Nichoel Brooks Director of Intelligence Army Futures Command
Jason Brown Photo Jason Brown Specialist Leader, Cyber Risk Services Deloitte
Steven Bryant Photo Steven Bryant Chief Hacker Gate LLC
Brigadier General Jennifer Buckner Photo Brigadier General Jennifer Buckner Director of Cyber, G-3/5/7 United States Army
Scott Campbell Photo Scott Campbell Acquisition Analyst Missile Defence Agency
Walter Alan Cantrell Photo Walter Alan Cantrell Lipscomb University
Robby Ann Carter Photo Robby Ann Carter Founder | Chief Executive Officer Hockeypuk Cybersecurity Consulting, LLC
Rajasekhar Chaganti Photo Rajasekhar Chaganti University of Texas at San Antonio
Professor Kim-Kwang Raymond Choo Photo Professor Kim-Kwang Raymond Choo Cloud Tech Endowed Associate Professor University of Texas at San Antonio
Frank Cilluffo Photo Frank Cilluffo Director Auburn University's McCrary Institute for Cyber and Critical Infrastructure Security
Paul Coggin Photo Paul Coggin Cyber Security Research Scientist Financial Institution
C. Daniel Colvett Photo C. Daniel Colvett The University of Alabama in Huntsville
Randall Cottrell Photo Randall Cottrell Chief Executive Officer Bluejireh Incorporated
Austin Cottrill Photo Austin Cottrill West Virginia University
Joshua Crumbaugh Photo Joshua Crumbaugh Chief Hacker/Chief Operating Officer PeopleSec® LLC
Ben Curry Photo Ben Curry Chief Architect, Managing Partner Summit 7 Systems
Jun Dai Photo Jun Dai California State University, Sacramento
Steven Day Photo Steven Day Argonne National Laboratory
Byron DeLoach Photo Byron DeLoach Director of Adaptive Services Cybriant
Bryan Dickens Photo Bryan Dickens Chief Operating Officer Cybint Solutions
Nicholas Downer Photo Nicholas Downer Systems Security Engineer/Instructor Millennium
Major Bradley Eames Photo Major Bradley Eames 47CTS OL-A Deputy Commander 47 Cyberspace Test Squadron
Jason Eames Photo Jason Eames Test Engineer 47CTS
Toni Eberhart Photo Toni Eberhart Executive Director Urban Engine
Rita Edwards Photo Rita Edwards Featured Cyber Security Instructor CyberProtex
Scott Edwards Photo Scott Edwards President Summit 7 Systems
Shawn Edwards Photo Shawn Edwards Cyber Adversarial Engineer The MITRE Corporation
David Elkins Photo David Elkins Cyber Strategy Lead Redstone Test Center
Letha Etzkorn Photo Letha Etzkorn The University of Alabama in Huntsville
SES John Felker Photo SES John Felker
Hillary Fleenor Photo Hillary Fleenor Columbus State University
Lieutenant General Stephen Fogarty Photo Lieutenant General Stephen Fogarty Commanding General United States Army, Cyber Command
Irene Garcia-Goan Photo Irene Garcia-Goan Senior Cybersecurity Analyst H2L Solutions
Enis Golaszewski Photo Enis Golaszewski University of Maryland, Baltimore County
Brian Gouker Photo Brian Gouker Division Chief, National Security Agency
Paul Graham Photo Paul Graham The University of Alabama in Huntsville
Sara Graves Photo Sara Graves The University of Alabama in Huntsville
Travis Green Photo Travis Green Trainer OISF
SueAnne Griffith Photo SueAnne Griffith Research Engineer University of Alabama Huntsville
Chris Guo Ph.D. Photo Chris Guo Ph.D. Principal Cybersecurity Architect Ultra Electronics
Jatinder Gupta Photo Jatinder Gupta The University of Alabama in Huntsville
Jonathan Hard Photo Jonathan Hard Chief Operating Office and President H2L Solutions
Arron Harrell Photo Arron Harrell Cyber Security Engineer Verodin
Raymond Harris Photo Raymond Harris Chief Information Officer ADTRAN
Christopher Hawkins Photo Christopher Hawkins Director of Business Development Scalable Network Technologies
Dr. James Brandon Haynie Photo Dr. James Brandon Haynie Chief Data Scientist Babel Street
Matt Henson Photo Matt Henson Chief Executive Officer Trade Collaboration Engine
Geoffrey Herman Photo Geoffrey Herman University of Maryland, Baltimore County
Amy Hess Photo Amy Hess Executive Assistant Director, Criminal Cyber, Response and Services Branch Federal Bureau of Investigation
Sean Hopkins Photo Sean Hopkins Red Team Security Engineer Millennium Corporation
Bradley Horton Photo Bradley Horton Supervisory Intelligence Specialist United States Army
Jason Hough Photo Jason Hough Director of Information Security Mission Multiplier
Dr. DJ Hovermale Photo Dr. DJ Hovermale Senior Cyber Operations Training Analyst, Principal SAIC
Chris Hutto Photo Chris Hutto Jr. Cybersecurity Engineer Mission Multiplier
Eric Imsand Photo Eric Imsand The University of Alabama in Huntsville
Dr. Michaela Iorga Photo Dr. Michaela Iorga Senior Security Technical Lead National Institute of Standards and Technology
Desmond Jackson Photo Desmond Jackson Chief Executive Officer Jackson CS Consulting LLC
Eric Jackson Photo Eric Jackson The University of Alabama in Huntsville
Johanna Jacob Photo Johanna Jacob University of Houston Clear Lake
Ahman Javaid Photo Ahman Javaid The University of Toledo
Jerry Jenkins Photo Jerry Jenkins Director, Cybersecurity Practice CGI Federal Inc.
Caroline John Photo Caroline John University of West Florida
Bryant Johnson Photo Bryant Johnson The University of Alabama in Huntsville
Matt Jonkman Photo Matt Jonkman Trainer OISF
Amanda Joyce Photo Amanda Joyce Argonne National Laboratory
Ezhil Kalaimannan Photo Ezhil Kalaimannan University of West Florida
Ray Kelly Photo Ray Kelly Security Architect Micro Focus
Dan Kim Photo Dan Kim University of North Texas
Sanghun Kim Photo Sanghun Kim University of North Texas
David Krovich Photo David Krovich West Virginia University
Dr. Yesem Kurt Peker Photo Dr. Yesem Kurt Peker Associate Professor of Computer Science Columbus State University
Dr. Kim LaFevor Photo Dr. Kim LaFevor Dean, College of Business Athens State University
Rob Lee Photo Rob Lee Chief Executive Officer Dragos
Naomi Lefkovitz Photo Naomi Lefkovitz Senior Privacy Policy Advisor and Lead for the Privacy Framework in the Information Technology Lab National Institute of Standards and Technology, U.S. Department of Commerce
Bradford Love Photo Bradford Love University of North Texas
Subhrajit Majumder Photo Subhrajit Majumder The University of Toledo
Daniel Mancini Photo Daniel Mancini West Virginia University
Akshay Mathur Photo Akshay Mathur The University of Toledo
Katia Mayfield Photo Katia Mayfield Athens State University
Ben McGee Photo Ben McGee CyberProtex Featured Cyber Security Instructor
Dr. Wesley McGrew Photo Dr. Wesley McGrew Director of Cyber Operations HORNE Cyber
Chris McLain Photo Chris McLain Information Technical Department Honda Manufacturing of Alabama, LLC
Victor Melnik Photo Victor Melnik California State University, Sacramento
Vicki Michetti Photo Vicki Michetti Director, Defense Industrial Base Cyber Security Department of Defense, Office of Small Business Programs
Jamie Miller Photo Jamie Miller Chief Executive Officer/President Mission Multiplier
Eric Monterastelli Photo Eric Monterastelli Security Engineer Anomali
Thomas Morris Photo Thomas Morris The University of Alabama in Huntsville
Sonia Mundra Photo Sonia Mundra President Chenega Analytic Business Solutions, LLC (CABS)
Dr. Charline Nixon Photo Dr. Charline Nixon Dean EC-Council University
Spencer Offenberger Photo Spencer Offenberger University of Maryland, Baltimore County
Linda Oliva Photo Linda Oliva University of Maryland, Baltimore County
Jaehong Park Photo Jaehong Park The University of Alabama in Huntsville
Joe Paxton Photo Joe Paxton The University of Alabama in Huntsville
Michelle Peters Photo Michelle Peters University of Houston Clear Lake
Peter Peterson Photo Peter Peterson University of Maryland, Baltimore County
Mikel Petty Photo Mikel Petty The University of Alabama in Huntsville
Sean Piper Photo Sean Piper Intelligence Specialist The Army Threat Systems Management Office (TSMO)
Dr. Ashley Podhradsky Photo Dr. Ashley Podhradsky Associate Dean and Associate Professor Dakota State University
Michael Portera Photo Michael Portera Red Team Security Engineer Millennium Corporation
Thomas Proue Photo Thomas Proue Cloud Cybersecurity Specialist Army C5ISR Center
Dr. Daniel Ragsdale Ph.D. Photo Dr. Daniel Ragsdale Ph.D. Assistant Director, Cyber Office of the Assistant Secretary of Defense for Research and Engineering (OASD(R&E))
Bhuvana Ramachandran Photo Bhuvana Ramachandran University of West Florida
Ravi Rao Photo Ravi Rao Fairleigh Dickinson University
Alan Roder Photo Alan Roder Digital Forensic Officer West Midlands Police, United Kingdom
Robert Rounsavall Photo Robert Rounsavall Co Founder Trapezoid, Inc.
Kell Rozman Photo Kell Rozman Senior Manager, Security Software Engineering Toyota Motor North America
Antonio (Tony) Rucci Photo Antonio (Tony) Rucci Retired Counterintelligence Special Agent InfoSec and Threat Intelligence Consulting
Brian Ruf CISSP, PMP Photo Brian Ruf CISSP, PMP FedRAMP PMO SME FedRAMP/GSA
Ravi Sandhu Photo Ravi Sandhu University of Texas at San Antonio
Greg Schaffer Photo Greg Schaffer Principal vCISO Services, LLC
Hans Schantz Photo Hans Schantz Principal Scientist GaN Corporation
Travis Scheponik Photo Travis Scheponik Cyber Defense Lab, Department of Computer Science and Electrical Engineering, University of Maryland, Baltimore County
Dr. David Schippers Photo Dr. David Schippers Chair - Assistant Professor Walsh College
Jake Schneider Photo Jake Schneider Director of Cyber Technologies GaN Corporation
Winn Schwartau Photo Winn Schwartau Chief Visionary Officer Winn Schwartau LLC
Hossain Shahriar Photo Hossain Shahriar Kennesaw State University
Mehrnoosh Shakarami Photo Mehrnoosh Shakarami PhD Student University of Texas at San Antonio
Jeffrey Shapiro Photo Jeffrey Shapiro Senior Cyber Operations Training Analyst, Principal SAIC
Alan Sherman Photo Alan Sherman University of Maryland, Baltimore County
Mohammad Shojaeshafiei Photo Mohammad Shojaeshafiei The University of Alabama in Huntsville
Amanda Silver Photo Amanda Silver Senior Manager, Information Security Governance and Supply Chain Boeing
Bobbie Stempfley Photo Bobbie Stempfley Managing Director CERT Division – Carnegie Mellon University – Software Engineering Institute
Dr. Joshua Stroschein Photo Dr. Joshua Stroschein Training and Academic Outreach Open Information Security Foundation
Tom Sutherland Photo Tom Sutherland Principal Engineer GaN Corporation
Brian Tucker Photo Brian Tucker The University of Alabama in Huntsville
Jeff Uphues Photo Jeff Uphues Chief Executive Officer DC BLOX
Trevor Vaughan Photo Trevor Vaughan Vice President Engineering Onyx Point, Inc.
Vasudha Vedula Photo Vasudha Vedula University of Texas at San Antonio
Paul Wagner Photo Paul Wagner Assistant Professor of Practice University of Arizona
Xin Wang Photo Xin Wang Virginia Commonwealth University
Dr. Brad Wardman Photo Dr. Brad Wardman Head of Threat Intelligence PayPal
Gary Warner Photo Gary Warner Director University of Alabama Center for Information Assurance and Joint Forensic Research
Peter Weishaar Photo Peter Weishaar Government Learning Manager ITProTV
Aaron Werth Photo Aaron Werth The University of Alabama in Huntsville
Tymaine Whitaker Photo Tymaine Whitaker The University of Alabama in Huntsville
Benjamin White Photo Benjamin White California State University, Sacramento
Wes Widner III Photo Wes Widner III Senior Cloud Engineer CrowdStrike
Tania Williams Photo Tania Williams The University of Alabama in Huntsville
Seong-Moo Yoo Photo Seong-Moo Yoo The University of Alabama in Huntsville
Cui Zhang Photo Cui Zhang California State University, Sacramento
Wei Zhang Photo Wei Zhang Virginia Commonwealth University
Shirley Zhao Photo Shirley Zhao Principal Program Manager, Product Security Governance Blackberry

View AgendaView Speaker Listing


Attend NCS 2019 to meet and hear speakers like this!

Register Now