Security Awareness Blog: Author - lspitzner

Ready - Set - Stop! FERC Postpones CIP Version 5

Editor's Note: This guest post is from Ted Gutierrez,the ICS & NERC CIP Product Manager at the SANS Institute Just when the electric industry thought that they had seen it all, FERC pulls another rabbit out of its hat astonishing audiences near and far. In an order issued today (February 25, 2016) FERC granted a … Continue reading Ready - Set - Stop! FERC Postpones CIP Version 5


Security Awareness Maturity Model - Your Path to Success

After teaching and working with literally hundreds oforganizations on their security awareness program, we know its hard, very hard, to build a mature program. By mature we mean going beyond just changing behavior, but creating a secure culture and having the metrics to prove it. Akey challenge we see time and time againis there are … Continue reading Security Awareness Maturity Model - Your Path to Success


Transforming Your Security Culture - Lab at RSA

I'm excited to announce Dr. Lance Hayden (author of People Centric Security) and I are leading a two hour lab at RSA conference titled Transforming Your Security Culture. This learning lab will link security culture and performance, with "hands on" exercises to teach attendees to measure, manage and transform their own security cultures. Through interactive … Continue reading Transforming Your Security Culture - Lab at RSA


Managing Your Top Human Risks

One of the advantages working at SANS Institute is being surrounded by literally many of the world leaders in information security. At any time I can tap into a global network of experts, from forensics and malware to risk analysis and ICS attacks. One consistent thing I have learned from these people is you never … Continue reading Managing Your Top Human Risks


Fiction Sometimes Eerily Like Future Reality

Editor's Note: This is a guest Blog Post from Ted Gutierrez, Ted is the ICS & NERC CIP Product Manager at the SANS Institute. In this post he discusses "Anatomy of an ICS Attack". By now anybody who follows cybersecurity news has probably heard about the December 23, 2015 attack on the Ukrainian electric … Continue reading Fiction Sometimes Eerily Like Future Reality