Gal Shpantzer has been a full-time security consultant since the year 2000, providing (mostly good) advice to early-stage tech startups, security vendors, Ivy League universities, non-profits, and Fortune 50 clients. Gal owns and operates a boutique consultancy focused on vCISO and Observability Pipeline services that enable modern, scalable, user-friendly, auditable, and forensically ready security programs. Gal leads security programs and projects that empower business and technical leadership to prevent, detect and respond to security incidents, including threats to confidentiality (sophisticated IP theft) and availability (DDoS, ransomware).
- vCISO/Security Leadership
- Security Architecture
- Observability pipelines
- M&A Security
- Vendor selection
- SIEM, Splunk, Big Data
- Incident Response
- Vulnerability Assessment/Management
Achievements & Contributions
- Contributed to global security/privacy standards in the energy sector (NIST 7628, ES-C2M2)
- Architected and deployed a high-speed streaming analytics data pipeline and multi-petabyte data lake for a Fortune 100 megaglobocorp, enabling drastically reduced MTTD. Provided flexible, real-time, ultra-scale observability to CISO and CIO orgs in on-prem and multi-cloud endpoint/network/server workloads and applications. Project included the largest supported MiNiFi deployment in the world.
- Expert witness for a billion-dollar GSA protest relating to managed security services
- SANS Newsbites co-editor since 2002. Quoted in Scientific American, eWeek, Dark Reading, Governing.com and others.
Hobbies & Fun Facts
Wildlife photography, anything on/under the water (SCUBA diving/snorkeling/swimming/kayaking), winter camping/snowshoeing, emergency first aid. Gal enjoys desert and frozen landscapes, and spoofing song lyrics with infosec themes.