Cybersecurity

Upon assessing the client’s cyber capabilities, it was determined that their various cybersecurity programs were ineffective due to a lack of cohesion. As a solution, our firm recommended establishing a CyberFusion Center (CFC) which is Booz Allen Hamilton’s proprietary approach at establishing several cybersecurity functions within an organization and enhancing each function’s operations through data-sharing between the …

Our client requested an in-depth security control assessment to determine their organization’s coverage against the 280+ tactics, techniques, and procedures (TTPs) cataloged by MITRE ATT&CK. After evaluation of the security controls, the coverage observations were captured and a custom Splunk application was developed to display the security control effectiveness via a heatmap of the MITRE …

Performed threat models on critical infrastructure to discover potential threats and driving recommendations for remediation of risk (risk management). Additionally, supported development of a threat modeling methodology and threat modeling training material for the client’s existing cybersecurity staff to perform threat models.  Roles and Responsibilities:

As a day-one incident responder to a Fortune 80 organization that was impacted by the NotPetya ransomware, I was able to extract my insights from that incident response engagement and perform a NotPetya Readiness Assessment, where I analyze the client’s cybersecurity controls and evaluate which of NotPetya’s tactics, techniques, and procedures (TTPs) the organization would be susceptible to based on the gaps observed …

After our Fortune 80 client was impacted by the NotPetya ransomware, our firm prepared several recommendations to improve their cyber defense posture. Our recommendation was to build a CyberFusion Center (CFC), which is Booz Allen Hamilton’s proprietary approach at establishing cohesive cybersecurity functions. As part of the resiliency effort, my responsibility was to co-lead the design and run of …

Our firm performed an incident response engagement for a Fortune 80 client that was impacted by the NotPetya ransomware. The client had over 60,000 impacted systems (endpoints and servers) that required remediation. As one of the day-one responders to the incident, my duties included being a member of a three-man investigative team that supported the multi-month investigation …