Marcus H. Sachs, P.E.

Marcus H. Sachs

President George W. Bush and Marcus H. Sachs

Dr. Condelezza Rice and Marcus H. Sachs

Secretary Tom Ridge and Marcus H. Sachs

Marcus H. Sachs

Marcus H. Sachs

Marcus H. Sachs

Marcus H. Sachs in the 2008 Army Ten-Miler

Marcus H. Sachs

Marcus H. Sachs

Marcus H. Sachs

Marcus H. Sachs

Marcus Sachs is the Senior Vice President and Chief Security Officer of the North American Electric Reliability Corporation in Washington, D.C. where he is responsible for the oversight of the Electricity Information Sharing and Analysis Center (E-ISAC), and for directing security risk assessment and mitigation initiatives to protect critical electricity infrastructure across North America. He also leads day-to-day coordination with governmental agencies and stakeholders regarding security matters, including analysis, response and dissemination of critical information regarding security threats and events.

Mr. Sachs was previously the Vice President for National Security Policy at Verizon in Washington, D.C. where he represented Verizon in national security and emergency preparedness (NS/EP) coordination with Obama administration officials, the United States Congress, and the security industry. He served on the Executive Committee of the US Communications Sector Coordinating Council Communications Sector Coordinating Council, was the Vice Chair of the Communications Information Sharing and Analysis Center, and had leadership roles in several public/private advisory working groups and task forces. In November 2007 Mr. Sachs was named a member of the Commission on Cyber Security for the 44th Presidency. From August 2003 to December 2010 he directed the all-volunteer SANS Internet Storm Center.

Mr. Sachs' professional experience includes a distinguished 20 year military career in the United States Army, two years of federal civilian service at the White House and the Department of Homeland Security, and over eleven years as an executive in the private sector. He has appeared on several domestic and foreign television and radio networks as a computer security expert, has testified before the United States Congress, and is frequently quoted by the on-line and printed media. He serves on the advisory boards of SAGE Inc., the National Committee on American Foreign Policy, and the Virginia Joint Commission on Technology and Science. He is a member of the boards of directors of the National Cyber Security Alliance, Internet Security Alliance and DShield, Inc.

From January 2005 to August 2007, Mr. Sachs led the Washington, D.C. research team of SRI International's Computer Science Laboratory. His group supported the U.S. Department of Homeland Security’s Cyber Security Research and Development Center, and served as the operations and analysis center of the U.S. Department of Defense’s Cyber Threat Analytics research project.

In January 2002 Mr. Sachs was appointed by the President to serve concurrently on the staff of the National Security Council as the Director for Communication Infrastructure Protection in the White House Office of Cyberspace Security, and on the staff of the President's Critical Infrastructure Protection Board. The Board was created in October 2001 to coordinate critical infrastructure protection issues across all US federal agencies in partnership with the industry sectors. The most significant effort undertaken by the Board was the development of the National Strategy to Secure Cyberspace, published in February 2003. As a member of the White House staff, Mr. Sachs coordinated efforts to protect and secure the nation's telecommunication and Internet infrastructures, leveraging expertise from United States government agencies, the domestic private sector, and the international community. He also participated in bilateral and multilateral talks with officials from Australia, Canada, the Netherlands, and the United Kingdom to develop policies for protecting cyber and physical infrastructures. While at the White House, he developed the initial concept and strategy for the creation of the United States Computer Emergency Response Team. After the Cyberspace Security Strategy was published, Mr. Sachs joined the National Cyber Security Division of the US Department of Homeland Security, where he was responsible for developing the implementation plan for the Strategy.

Mr. Sachs retired at the rank of Major from the United States Army in 2001 after serving over 20 years as a Corps of Engineers and systems automation officer. He specialized during the later half of his career in computer network operations, tactical communication systems, and the application of information technology to the defense environment. In 1998, he was selected by the Secretary of Defense to serve with the Defense Department's Joint Task Force for Computer Network Defense, a small organization created to defend the DoD's computer networks from foreign intrusions. At the JTF, he served as the Senior Operations Analyst and Technical Director, and was responsible for investigating and preparing a defensive strategy for several high-profile computer network incidents. His previous military assignments include serving as the director of the XVIII Airborne Corps automation office at Ft. Bragg; and serving as the director of the 4th Infantry Division's tactical computer network operations in support of the Army's Force XXI Advanced Warfighting Experiments at Ft. Hood. His military career included assignments in Karlsruhe and Vilseck Germany, Ft. Belvoir, Ft. Bragg, Ft. Gordon, Ft. Hood, Ft. Leavenworth, Ft. Leonard Wood, and Washington D.C., as well as deployments to Haiti and Panama. On both tours to Germany he was the station manager for the local Military Affiliate Radio System (MARS) station, and was active in local Boy Scout troops and Scouting activities. He was well known in the Defense Department as an information security expert and was a frequent speaker at conferences and public events.

Mr. Sachs holds a Master of Science in Computer Science with a concentration in Information Security from James Madison University, a Master of Science in Science and Technology Commercialization from the University of Texas at Austin, and a Bachelor of Civil Engineering from the Georgia Institute of Technology. He is a graduate of the Army's Command and General Staff College, the Army Engineer School, the Army Computer Science School, and the Army's Airborne and Air Assault schools. Mr. Sachs is currently pursuing a Ph.D. in Public Policy from George Mason University. Mr. Sachs holds an advanced class amateur radio license, is a registered Professional Engineer in the Commonwealth of Virginia, is a member of the local InfraGard, ECTF, and ISSA chapters, and is a life member of the Signal Corps Regimental Association, the Armed Forces Communications and Electronics Association, and the Texas Exes. A native of Tallahassee, Florida, he and his wife currently live in Virginia. They have two grown children, one living in Washington state and the other in Georgia.

Recent articles featuring Mr. Sachs:
Are we gambling with TCP/IP? (CSO Magazine)
Cyberspace, Technology Innovation Throw Plans Into Well of Uncertainty (Signal Magazine)
Obstacles Loom for Pacific Realignment (Signal Magazine)
Hacktivism Up, Denial of Service Down in Internet Malfeasance (Signal Magazine)
Public Fears in Virtual Places (NYU-Poly)
Cyber Security Heavy Hitters Meet in Brooklyn (Brooklyn Daily Eagle)
Keep the Internet Safe! (Verizon)
Frankentech poses emerging global threat (SCMagazine)
Marcus Sachs Named Verizon Vice President for National Security Policy (Verizon)
Anti-hack: Retaliatory action against digital attacks (SCMagazine)
Considering Security Metrics (eWeek)
Social networking risks, benefits for enterprises weighed by RSA panel (SearchSecurity)
Interview With SANS Internet Storm Center Director Marc Sachs (The New New Internet)
U.S. takes aim at cyberwarfare (Washington Times)
New policy aims to close Web site holes (Federal News Radio)
'Cybersecurity commission' to proffer advice to next president (CNET News)
Marcus Sachs Named to Verizon National Security Post (Verizon)
Malware hitches a ride on digital devices (SecurityFocus)
Malware Writers Hack CA's Site (PC World)
Task force aims to improve U.S. cybersecurity (SecurityFocus)
U.S. Gov't E-mail Server Turns Into Spam Cannon (PC World)
Homeland Security newsletter error leads to flood of unwanted emails (SC Magazine)
DHS Injects Itself with DDoS (eWeek)
DHS e-mail snafu reveals info on thousands of security pros (Computerworld)
AUSCERT: SCADA connectivity could grow into risky business (Computerworld)
When World of Warcraft spreads to your world (Computerworld)
The best-laid plan? (Federal Computer Week)
Government to Put 'Cyber Katrina' to the Test (eWeek)
PING with Marcus Sachs (Information Security Magazine)
Today's Systems: Tomorrow's Business (SC Magazine cover story)
DHS Progress Proves Elusive (eWeek)
A Parent's Role as Net Cop (Washington Post)
Today's Hackers Code for Cash, Not Chaos (eWeek)
Marcus Sachs on Securing the Homeland (ZDNET)
Personality Profile (GSN Magazine)
SRI Press Release
Storm Warnings (Information Security Magazine)
Is Cyberterrorism Being Thwarted? (Optimize)
Shooting for the Moon (6Sense Newsletter)
Pop-up program reads keystrokes, steals passwords (ZDNet)
Young males most likely to make Internet viruses (Australian Broadcasting Corporation)
Businesses face increase in cyber attacks (Australian Financial Review)
Three Minutes with Marcus Sachs (PC World)
Cyber Eye: Time to get serious, Marcus Sachs says (Government Computer News)
Vegas' hackers' meeting stresses e-danger (Las Vegas Sun)
Official: Cyberterror fears missed real threat (SecurityFocus)
Guarding Virtual Borders (Signal Magazine)
Securing the net, bit by bit (Australian IT)
Feds Make Push for Cyber-Security Plan (eWeek)
Does the US Government Have an Open Source Security Plan? (LinuxWorld)
Bush Cyber-Security Plan Gets Pitch at Conference (Baseline)
Open source seeks growth in government market (InfoWorld)
Fed plea: Stop security leaks (CNET)
The Info Warrior (Computerworld)

Books (Author, Editor, or Contributor):
Cyber Security Policy Guidebook
Cyber Adversary Characterization: Auditing the Hacker Mind
Zero-Day Exploit: Countdown to Darkness
IT Ethics Handbook: Right and Wrong for IT Professionals
Securing IM & P2P Applications for the Enterprise

Talks and Speeches:
Local Governments - Where Do We Fit In The Cyber Ecosystem?, NATOA Local Government Conference, Minneapolis, MN, 2014 (video)
Online Safety for Kids and Teens: Industry Forum, Gardiner Bullis School in Los Altos Hills, California, February, 2011 (video)
Congress, the Executive Branch, and the Cyber Threat, Wilson Center, May 17, 2010 (video)
Wireless Access and Internet Service Providers, Stevens Institute, January 19, 2010 (video)
CSIS Commission on Cyber Security for the 44th Presidency, BlackHat 2008 (video)
Securing the IT Supply Chain in the Age of Globalization, Internet Security Alliance, 2007 (pdf)
Behind the Scenes at the Internet Storm Center, Information Systems Security Association, Northern Virgina Chapter 2006 (pdf)
Shaping National Security Policy, Heritage Foundation 2006 (streaming video, mp3)
Masters of Cybercrime, Churchill Club 2005 (mp3)
The SANS Internet Storm Center, Signal Symposium 2004 (ppt)
Adversary Characterization and Scoring Systems, BlackHat Federal 2003 (ppt)
Adversary Characterization and Scoring Systems, Defcon 11 (video)
Building a Global Culture of Security, BlackHat USA 2003 (pdf)
The Growing Dependence on Secure Information Systems and Networks, Organization for Economic Cooperation and Development 2003 (pdf)
A National Strategy to Secure Cyberspace, NANOG26 October 2002 (ppt and video)
Disclosure: The Mother of all Vulnerabilities, Defcon 10 (video)
Vulnerability Disclosure: What the Feds Think, BlackHat USA 2002 (video)
A Strategy to Secure Cyberspace, Multi-Sector Crisis Management Consortium 2002 (pdf)

YouTube Video, March 2, 2010 - "RSA 2010: Pre-debate on 'Proving the Worth of Security Metrics with Real-World Data'" (Tripwire Inc.)
Radio Interview, March 1, 2010 (Federal News Radio)
Podcast, December 4, 2009 (ESET Threat Blog)
Television Interview, April 1, 2009 (NBC Today Show)
Radio Interview, December 4, 2008 (WFED, Federal News Radio)
Podcast, September 16, 2008 (Risky Business, Australia - recorded in Holland)
Radio Interview, September 5, 2008 (WFED, Federal News Radio)
Radio Interview, August 27, 2008 (WFED, Federal News Radio)
Movie, released August 8, 2008 (Hackers Are People Too)
Podcast, June 16, 2008 (SC Magazine)
Radio Interview, November 15, 2007(KQED, National Public Radio)
Podcast, August 4, 2007 (Secure IT Live)
Podcast, June 28, 2007 (Secure IT Live)
Radio Interview, June 24, 2007 (ABC Radio National, Australia)
Podcast, June 12, 2007 (Risky Business, Australia)
Podcast, April 30, 2007 (Homeland Defense Week)
Radio Interview, December 11, 2006 (American Public Media)
Podcast, June 9, 2006 (Enterprise Leadership)
Webcast , April 20, 2006 (SC Magazine)
Television Interview, Part 1, Part 2, Part 3, September 2005 (Voice of America)
Podcast, June 1, 2005 (ZDNET)
Webcast, January 5, 2005 (The SANS Institute)
Radio Interview, December 20, 2004 (American Public Media)
Radio Interview, October 1, 2004 (
Radio Interview, August 11, 2004 (National Public Radio)
Radio Interview, May 31, 2004 (Australian Broadcasting Corporation)
Television Interview, May 20, 2004 (FOX News)

Papers (Author or Contributor):
The Fairfax County Connector Bus System: Measuring the Impact of Subsidized Fares on Ridership (New Voices in Public Policy, George Mason University, 2007) The Twenty Most Critical Internet Security Vulnerabilities (SANS Top 20 List, 2001-2006)
Ten Steps to Building a Secure Electronic Health Care System (Cyber Security Industry Alliance, 2005)
SANS Institute Training in Support of FISMA (SANS Institute, 2005)
WindowsXP: Surviving the First Day (SANS Internet Storm Center, 2003)
Stealing Passwords from Microsoft Operating Systems (GSEC paper, SANS Institute, 2001)

SANS Courses Taught by Mr. Sachs:
SECURITY 401: SANS Security Essentials Bootcamp Style (formerly Track 1)
SECURITY 504: Hacker Techniques, Exploits and Incident Handling (formerly Track 4)
MANAGEMENT 512: SANS Security Leadership Essentials For Managers (formerly Track 12)
Critical Infrastructure Protection
Ethics in IT
Cutting-Edge Hacking Techniques - Hands On

Digitizing the Dirt (TFXXI, 1997)
Military Non-Standard Fixed Bridging (USAES, 1988; republished in 2002)