Cyber42 Game Day: Vulnerability Management
In this special session you will play to win the Cyber42 Vulnerability Management Simulation! In this three-hour game day you will play as part of a team to improve the state of a fictional organization and more effectively handle the vulnerability management. During the game, as developed for MGT516: Managing Security Vulnerabilities: Enterprise and Cloud, you will see that the actions you choose can have uncertain outcomes and even unintended consequences!
This interactive simulation puts you in real-world scenarios that spur discussion, critical thinking of situations, and melding of different points of view and personalities that you likely will encounter at work. The decisions your team makes will impact your organizations vulnerability management program, leveraging and impacting the available budget, time, and vulnerability management maturity.
Winning the game is simple. Your team needs to have the highest score, which represents how well your team has adapted and implemented the vulnerability management program. Its not just about implementing security controls, its about changing behaviors and culture to create lasting improvements.
The Cyber42 game was originally developed for MGT512: Security Leadership Essentials for Managers class and has been adapted for MGT516. The Cyber42 Leadership Simulation game, as used in MGT512, is described in more detail here. The gameboard has been tailored for MGT516, and will be launched at this event.
Speaker and Presenter Information
Jonathan Risto
With a career spanning over 20 years that has included working in network design, IP telephony, service development, security and project management, Jonathan has a deep technical background that provides a wealth of information he draws upon when teaching. Currently, Jonathan works for the Canadian Government conducting cyber security research in the areas of vulnerability management and automated remediation. He is also an independent security consultant. Jonathan is a co-author and instructor for SANS MGT516: Managing Security Vulnerabilities – Enterprise and Cloud, and has been an instructor for both SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling and SEC440: Critical Security Controls: Planning, Implementing, and Auditing.
David Hazar
David is a security consultant based in Salt Lake City, Utah focused on vulnerability management, application security, cloud security, and DevOps. David has 20+ years of broad, deep technical experience gained from a wide variety of IT functions held throughout his career, including: Developer, Server Admin, Network Admin, Domain Admin, Telephony Admin, Database Admin/Developer, Security Engineer, Risk Manager, and AppSec Engineer. David is a co-author and instructor for MGT516: Managing Security Vulnerabilities: Enterprise and Cloud, an instructor for and contributor to SEC540: Cloud Security and DevOps Automation, and has also developed and led technical security training initiatives at many of the companies for which he has worked.
Frank Kim
Frank is the Founder of ThinkSec, a security consulting and CISO advisory firm, as well as a SANS Fellow and lead for both the SANS Management and SANS Cloud Security curricula, overseeing two dozen SANS courses in the two fastest growing curricula. Previously, as CISO at the SANS Institute, Frank led the information risk function for the most trusted source of computer security training and certification in the world. Frank is also the author and instructor of MGT512: Security Leadership Essentials for Managers, MGT514: Security Strategic Planning, Policy, and Leadership, and co-author of SEC540: Cloud Security and DevOps Automation.
Relevant Government Agencies
City Government, Federal Government, State & Local Government
Event Type
Webcast
This event has no exhibitor/sponsor opportunities
When
Tue, Aug 25, 2020, 12:00pm - 1:00pm
ET
Cost
Complimentary: $ 0.00
Website
Click here to visit event website
Organizer
SANS
