Faculty Directory
Adrian Sanabria
Adrian Sanabria
Adrian is the Principal Researcher at The Defenders Initiative, a firm he founded to feature and support decades of cybersecurity research. His foundation spans technical, GRC, and leadership roles with a background as a practitioner, incident responder, penetration tester, and PCI QSA.
As an industry analyst, studying market trends, working with founders and investors brought a deep understanding of the business side of cybersecurity. After Adrian’s own startup was acquired, he spent seven years helping startups grow, market, and sell to their clients. Leaving the startup space, Adrian is once again focused on helping practitioners solve fundamental challenges, with or without the help of industry vendors.
Mike Saurbaugh
Mike Saurbaugh
Mike has been an IANS Faculty member since 2011, and founded First Security Alliance, LLC, to serve as an independent cybersecurity advisory and consultancy. Mike spent nearly 20 years in financial services leading cybersecurity, IT operations, and digital banking services. After his long run in financial services, Mike was the head of global strategic alliances at VMRay as well as the director of technical alliances at Cofense. Additionally, Mike was research director at Security Current, focused on C-level research, practical advice, and trusted collaboration. In addition, Mike is involved in higher education as an adjunct curriculum advisor and mentor to cybersecurity students for over 20-years.
Justin Searle
Justin Searle
Justin is the Director of ICS Security at InGuardians, specializing in Industrial Control Systems (ICS) security architecture design and penetration testing. He also led the Smart Grid Security Architecture group in the creation of NIST Interagency Report 7628 and has played key roles in the Advanced Security Acceleration Project for the Smart Grid (ASAP-SG), National Electric Sector Cybersecurity Organization Resources (NESCOR), and Smart Grid Interoperability Panel (SGIP). Justin has authored and taught courses in hacking techniques, forensics, networking, and intrusion detection for multiple universities, corporations, and security conferences.
Masha Sedova
Masha Sedova
Richard Seiersen
Richard Seiersen
Richard is the Chief Risk Officer at Resilience. Prior to joining Resilience in 2021, he was the co-founder and president of Soluble, a cloud security company sold to Lacework in October 2021. He was previously the CISO of Twilio, GE Healthcare and Lending Club. He is the co-author of “How To Measure Anything In Cybersecurity Risk” (July 2016) and author of “The Metrics Manifesto: Confronting Security with Data” (March 2022).
Dave Shackleford
Dave Shackleford
Dave is the founder and principal consultant with Voodoo Security, an information security consulting firm with broad expertise. He is also a senior instructor, analyst and course author for the SANS Institute and a VMware vExpert with extensive experience designing and configuring secure virtualized infrastructures. In addition, Dave has served as co-chair of the Cloud Security Alliance (CSA) Top Threats Working Group and founded the CSA Atlanta Chapter. Dave has consulted with hundreds of organizations in the areas of security, regulatory compliance, network architecture and engineering. He has also worked as a security architect, analyst and manager for several Fortune 500 companies.
Alex Sharpe
Alex Sharpe
Mr. Sharpe is a long-time (+30 years) Cybersecurity, Governance, and Digital Transformation expert with real-world operational experience. Mr. Sharpe has run business units and has influenced national policy. He has spent much of his career helping corporations and government agencies create value while mitigating cyber risk. This gives him a pragmatic understanding of the delicate balance between Business realities, Cybersecurity, and Operational Effectiveness. He began his career at NSA, moving into the Management Consulting ranks building practices at Booz Allen and KPMG. He subsequently co-founded two firms with successful exits, including the Hackett Group (NASDAQ HCKT). He has participated in over 25 M&A transactions. He has delivered to clients in almost 30 countries on 6 continents. Alex is one of the few who has been part of executive teams, has run business units, and served as a CIO and as a CISO.
Jeffrey Shearer
Jeffrey Shearer
Idan Shoham
Idan Shoham
Idan was one of the founders of M-Tech Information Technology, Inc. (acquired in 2008 and renamed Hitachi ID Systems). Idan led the product development and roadmap strategy and was responsible for customer services at M-Tech and subsequently Hitachi ID for 28 years. During his tenure, the company released password management automation software in 1996, user provisioning/IAM in 2002 and PAM in 2007. Idan has worked with many corporate, government and higher education customers worldwide to implement process automation, including IAM and PAM controls across their on-premises and cloud-hosted systems and applications.
Since exiting Hitachi ID Systems in 2020, Idan helped found M-Tech Innovations, Inc. This is an angel investment firm specializing in Canadian-domiciled technology startups with B2B software offerings.
Adam Shostack
Adam Shostack
Adam is a leading expert on threat modeling, and a consultant, expert witness, author and game designer. He has decades of experience delivering security. His experience ranges across the business world from founding startups to nearly a decade at Microsoft.
Beyond consulting and training, Shostack serves as an advisor to a variety of companies and academic institutions, and as an Affiliate Professor at the Paul G. Allen School of Computer Science and Engineering at the University of Washington.
Gal Shpantzer
Gal Shpantzer
Gal Shpantzer has been a full-time security consultant since the year 2000, providing (mostly good) advice to early-stage tech startups, security vendors, Ivy League universities, non-profits, and Fortune 50 clients. Gal owns and operates a boutique consultancy focused on vCISO and Observability Pipeline services that enable modern, scalable, user-friendly, auditable, and forensically ready security programs. Gal leads security programs and projects that empower business and technical leadership to prevent, detect and respond to security incidents, including threats to confidentiality (sophisticated IP theft) and availability (DDoS, ransomware).
Caleb Sima
Caleb Sima
Caleb is the VP of Security at Databricks, a Unified Data Analytics Platform. Previously, he served as the Managing Vice President of Cyber Security at CapitalOne. Caleb has held many executive-level positions at information technology and security companies in addition to starting and running his own companies. Currently, he also serves as an Investor & Advisor to Pindrop Security.
Anand Singh
Anand Singh
Anand is a seasoned Information Security practitioner with domain expertise of healthcare, retail, ecommerce, and finance. His CISO roles span the spectrum of Fortune 100 to early stage companies. Anand’s personal mission is to drive solutioning of complexities and challenges in the Information Security space such as Cloud security, board oversight of cybersecurity programs, cybersecurity talent grooming and advancement, and emerging threats. Anand also serves as an adjunct faculty at Mitchell Hamline School of Law teaching Incident Management and Response.
Ed Skoudis
Ed Skoudis
Ed Skoudis is the founder of Counter Hack, a company focused on conducting ultra high-quality penetration tests and red team engagements to help organizations better manage their cyber risks. Ed is a SANS Fellow, author, and instructor who has trained over 20,000 cyber security professionals in the art of penetration testing and incident response. Ed is an expert witness who is often called in to analyze large-scale breaches.
Eric Smith
Eric Smith
Eric is the CEO and Co-Founder of Lares, an international cybersecurity consulting firm specializing in a wide range of offensive, defensive, and advisory services. He is committed to a lifelong career in Information Security holding positions as CEO, CTO, VP, Co-Founder, Engineer and Consultant spanning over the last three decades.
John Strand
John Strand
John is the Owner of Black Hills Information Security (BHIS) where he leads the Hunt Teaming, Command & Control (C2)/Data Exfiltration and Pivot testing development. He is also a SANS Institute Senior Instructor. In these roles, John has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing.