Randy is the Chief Information Security Officer of Virginia Tech and the Director of Virginia Tech's IT Security Laboratory and has 25 years experience as a systems administrator, IT auditor, and security specialist. He is a co-author of the original SANS Top 10 Internet Threats, the SANS Top 20 Internet Threats, the SANS Consensus Roadmap for Defeating DDoS Attacks, and the SANS Incident Response: Step-by-Step guides. Randy is currently a senior instructor for the SANS Institute and has taught a wide variety of courses over the years. Currently, he can be found teaching SEC440: Critical Security Controls: Planning, Implementing, and Auditing and SEC566: Implementing and Auditing the Critical Security Controls on a regular basis.