The CSIS 20 critical controls are known for driving effective security programs across government agencies, establishing guidelines for security professionals to ensure the confidentiality, integrity and availability of information technology assets. This session will discuss best practices for automation of these controls to drastically lower costs while enabling more successful implementations.
As the CTO for Qualys, Wolfgang Kandek is responsible for innovation and research aspects of the QualysGuard platform. Kandek has over 20 years of experience in developing and managing information systems. His focus has been on Unix-based server architectures and application delivery through the Internet. Prior to joining Qualys, he was Director of Network Operations at the Online Music streamingcompany myplay.com and at iSyndicate, an Internet media syndication company. He earned an M.S. and a B.A. in computer science from the Technical University of Darmstadt, Germany. He is a frequent speaker at security events including Black Hat, RSA Conference, InfoSecurity UK and The Open Group. He is the main contributor to the Laws of Vulnerabilities blog.
With 20+ years of experience leading teams to design, implement and operate secure networks and computer systems, Andrew oversees the security, risk management and compliance of Qualys' enterprise and SaaS environments. Prior to Qualys, he managed the team responsible for the design, implementation and operation of security solutions for EMC's SaaS offerings. Prior to EMC, he was the Chief Security Officer at Transaction Network Services. He has also held leadership roles with large network service providers including BT and Sprint. Andrew has a master's degree in electrical engineering from George Washington University and a bachelor's degree in electrical engineering from the United States Military Academy. He is a veteran of the US Army.