Kevin Garvey
Certified InstructorDirector - Information Security Risk at CLS Group
Specialities
Cybersecurity Leadership
SEC504: Hacker Tools, Techniques, and Incident Handling
SEC504Offensive Operations
LDR512: Security Leadership Essentials for Managers
LDR512Cybersecurity Leadership
- GIAC Security Leadership (GSLC)
- 5 Days (Instructor-Led)
- 30 CPEs / 30 Hours (Self-Paced)
- Labs: 22 Hours of hands-on instruction
LDR516: Building and Leading Vulnerability Management Programs
LDR516Cybersecurity Leadership
- 5 Days (Instructor-Led)
- 30 CPEs / 30 Hours (Self-Paced)
- Labs: 29 Hours of hands-on instruction
Virtual Events
Explore content featuring this instructor’s insights and expertise.
- Slide 1 of 7
Rekt Casino Hack Assessment Transformational Series Weak Security Program, Unprotected Systems, and Poor Detection & Response Part 2 of 4
The fictitious Rekt Casino fell victim to a ransomware attack which resulted in personal identifiable information, HR records, and financial information being exfiltrated. The root cause of the problem was a lack of governance, risk, and compliance, along with properly configured technical and administrative controls. It could also be argued that Rekt Casino lacked a strategic plan as well as an inherent security culture. Looking at the history of Rekt Casino, we are going to identify when the transition from the old school approach of information security could have been transitioned to the enterprise risk management approach. The mistake organizations often make is to focus on defenses such as endpoint protection, firewalls, and intrusion prevention without a good understanding of what the threats actually are. It's as if Rekt Casino fortified their castle to protect against bows and arrows, yet the adversaries attacked with a trebuchet. ' If the executives, technology team, and board of directors had been paying attention to news stories, security guidance, employees ' approach to protecting company assets, or even attending security-related conferences, they would have gotten the message that security had become a critical concern due to the threat landscape. It's not enough to acknowledge that security requires more attention, you also have to act on that knowledge. In this Part 2 of 4 webcast, we will quickly review the overarching history of Rekt Casino, what they had in place for protections, and the outcome. Then we will dive deep into what could have been done to prevent the breach from occurring in the first place in regards to a security program built to protect data, systems, networks. We will dive into topics such as:Building a strong security programHow best to protect networks, systems, and dataLeading Modern Security InitiativesDetecting and Responding to Attacks Don't wait! Register now for the other webcasts in the series!Part 1: Business Security Strategy, Policies, and Leadership Gone WrongPart 3: Feeble Security Culture Disconnected from Business ObjectivesPart 4: Rekt Casino Hack Assessment Transformational Series: Pulling It All Together
WebinarCyber Defense
- 10 Feb 2021
- 11:59 UTC
- Kevin Garvey
- Slide 2 of 7
Not in Cyber Security? No Problem! Creative Ways to Gain Experience With No Experience
Calling everyone who wants to join the amazing cyber security industry. In this webinar, we are going to tackle what you can do outside of your normal day to day work responsibilities to gain experience that future cyber security employers love. We will also cover some ways for you to gain some foundational experience to help build your future cyber chops. The resources are there for you and Kevin will walk through examples to get yourself prime for your next cyber dream role.Don't wait! Register now for the other webcasts in the HR + Cybersecurity! Skilling the Gap: Creative Ways to Recruit Top Cyber TalentKnowing Your Applicants: How to Stay Current to Best Assess Your Cyber ApplicantsSlow the Revolving Door of Talent: Creative Ways to Keep Your Existing Cyber Talent in Your OrganizationTransition to Cyber Security From a Non-Cyber Role: Creative Ways to Impress to Land Your Dream Cyber Role
WebinarCyber Defense
- 13 May 2021
- 15:30 UTC
- Kevin Garvey
- Slide 3 of 7
Cyber42 Ransomware – HHS Private
Join us for Cyber42 on the hot topic of ransomware. This version of the game represents how a fictional organization responds to a ransomware event against the organization. Responses to ransomware events require not only managing the event but also the expectations of key stakeholders and external parties.
WebinarCyber Defense
- 24 Jun 2022
- 13:00 UTC
- Kevin Garvey
- Slide 4 of 7
2023 SANS Report: Become Timeless: The Present and Future Skills Needed for Cyber Security Job Success at Any Level
The hard skills required to be successful in the cyber security industry are constantly evolving. The evolution of technology and the ever-evolving threat landscape have contributed to a new world of hard skills cyber security professions need to be well versed. Acquiring additional skills will not only help you better protect your organization, but also help grow your successful career in this dynamic industry. Knowing what skills to acquire can be overwhelming when you do not know where to start.
WebinarSecurity Awareness
- 15 Mar 2023
- 15:30 UTC
- Ted Demopoulos & Kevin Garvey
- Slide 5 of 7
Hands On Workshop: Cyber42: Transformational Leader
Practice your skills in an engaging, team-based environment to improve your cyber security executive decision making proficiency. Cyber42 is a realistic leadership simulation with applicable and discussion-based outcomes. Leave with a confidence boast in a key skill senior leaders seek from their CISOs: nimble decision making.
WebinarCyber Defense- 11 Jan 2024
- 10:00 UTC
- Kevin Garvey
- Slide 6 of 7
Rethinking Oversharing Risk and Knowledge Segmentation in the Age of AI
As large language models (LLMs) like Microsoft Copilot become embedded in enterprise workflows—from search and summarization to project tracking—they introduce a new frontier of risk: the inadvertent oversharing of sensitive information. Traditional data governance approaches, built around static controls and classification, are no longer sufficient when AI can infer sensitive insights from benign data. .Join this webcast to explore how Knostic is redefining access and identity management for the AI era with a knowledge-centric approach that emphasizes not just who has access, but who needs access. Discover how their innovative methodology—grounded in need-to-know principles, role-based knowledge segmentation, and intent-aware access policies—creates an intelligent, scalable framework for controlling AI-generated knowledge sharing.
WebinarCloud Security- 3 Jun 2025
- 12:00 UTC
- Kevin Garvey & Sounil Yu
- Slide 7 of 7
Be a DLP Hero: How to Quickly Deliver Value from Your DLP Program and Set It Up for Future Success
Data loss prevention (DLP) is a cornerstone of modern cybersecurity—but building a program that delivers fast, visible impact and scales for the future can feel overwhelming. Between evolving data threats, mounting pressure from leadership, and the complexity of tools like AI, it’s tough to know where to begin.
WebinarSecurity Awareness- 4 Jun 2025
- 13:00 UTC
- Kevin Garvey & Prateek Temkar