Explore detailed case studies that highlight Roberto’s problem-solving skills, technical expertise, and impactful results in cybersecurity projects.

Scope & Goals: This case study involves evaluating Botium Toys’ cybersecurity posture by assessing current controls and compliance with security standards.

Root Cause/Situation: The company needed a comprehensive review to ensure they met necessary security controls.

Process:

• Conducted a risk assessment to identify existing controls.
• Used a checklist to verify compliance with required controls.

Resolution:

• Identified gaps in controls and developed recommendations to address them.
• Enhanced overall security compliance through systematic assessment and improvements.

Scope & Goals: Analyzed network traffic to investigate a cybersecurity incident.

Root Cause/Situation: Unusual network traffic patterns prompted an investigation to identify potential security threats.

Process:

• Collected and analyzed network traffic data.
• Identified anomalies and potential threats.

Resolution:

• Detected and mitigated the source of the threat.
• Improved network monitoring and incident response protocols.

Scope & Goals: Updated file permissions in Linux to align with required authorization levels for improved security.

Root Cause/Situation: Permissions were not properly set, risking unauthorized access to critical files.

Process:

• Reviewed current permissions.
• Adjusted file and directory permissions based on required authorization levels.

Resolution:

• Enhanced file security by properly setting permissions.
• Reduced risk of unauthorized access to sensitive files.

Scope & Goals: Used SQL-based techniques to investigate and mitigate security issues.

Root Cause/Situation: Needed to address potential security vulnerabilities and unauthorized access attempts.

Process:

• Conducted SQL queries to identify and analyze failed login attempts and other security issues.
• Implemented security measures based on findings.

Resolution:

• Improved system security by addressing identified issues.
• Enhanced monitoring and response to potential security threats.

Scope & Goals: Documented and assessed the security and sensitivity of network assets.

Root Cause/Situation: Needed a detailed record of assets, their access levels, and sensitivity for effective management.

Process:

• Compiled an asset list with details on network access, ownership, and sensitivity.
• Analyzed access management and security controls.

Resolution:

• Enhanced asset management and security protocols.
• Improved visibility into asset sensitivity and access control.

Scope & Goals: Developed a risk register to prioritize cybersecurity risks for a bank.

Root Cause/Situation: Required a structured approach to identify and prioritize cybersecurity risks in the bank’s operational environment.

Process:

• Assessed the operational environment and risk factors.
• Developed a risk register to prioritize and address identified risks.

Resolution:

• Improved risk management and mitigation strategies.
• Enhanced overall security posture by addressing prioritized risks.

Scope & Goals: Investigated and analyzed an incident involving the unauthorized disclosure of confidential information.

Root Cause/Situation: A sales manager improperly shared internal documents, leading to potential information leaks.

Process:

• Analyzed the incident and assessed the impact of the disclosure.
• Reviewed access management practices.

Resolution:

• Implemented stricter access controls and revocation procedures.
• Provided training on handling confidential information to prevent future incidents.

Scope & Goals: Assessed vulnerabilities and developed a remediation plan for remote database access security.

Root Cause/Situation: Ensured the secure configuration of a MySQL database server to protect against potential threats.

Process:

• Conducted a vulnerability assessment of the database and server setup.
• Developed and implemented a remediation plan.

Resolution:

• Secured remote database access with enhanced measures.
• Improved overall database security through the remediation plan.

Scope & Goals: Investigated a USB drive containing sensitive information found in a hospital parking lot.

Root Cause/Situation: Addressed the potential security risk posed by the USB drive containing personal and operational information.

Process:

• Analyzed the contents of the USB drive.
• Assessed the risk and potential impact on the hospital’s operations and data security.

Resolution:

• Implemented measures to prevent similar incidents.
• Enhanced procedures for handling and securing sensitive information.

• Scope & Goals:
  • Analyze business and security objectives for a mobile app, including user profile creation, financial transaction processing, and PCI-DSS compliance.
• Root Cause/Situation:
  • Ensuring the app meets both security and compliance requirements.
• Process:
  • Defined business requirements, set security objectives, and implemented robust authentication and compliance measures.
• Resolution:
  • Achieved secure user profiles, safe financial transactions, and compliance with PCI-DSS and GDPR.

• Scope & Goals:
  • Document a ransomware attack, including its impact and prevention strategies.
• Root Cause/Situation:
  • Attackers used phishing to gain access and deploy ransomware, encrypting critical files.
• Process:
  • Detailed the attack, including the 5 W’s (Who, What, Where, When, Why) and considered future prevention and ransom payment implications.
• Resolution:
  • Recommended strategies for future prevention and addressed the dilemma of paying the ransom.

• Scope & Goals:
  • Analyze a malware incident involving the Flagpro malware used by BlackTech.
• Root Cause/Situation:
  • Identified malicious file hash and its relation to known malware.
• Process:
  • Analyzed TTPs (Tactics, Techniques, Procedures), tools used, network artifacts, and hash values.
• Resolution:
  • Provided detailed analysis to support remediation efforts and improve security measures.

• Scope & Goals:
  • Report on a data breach affecting customer PII and financial information.
• Root Cause/Situation:
  • Unauthorized access to sensitive information due to a web application vulnerability.
• Process:
  • Detailed the incident timeline, impact, and financial costs.
• Resolution:
  • Closed the incident after thorough investigation, with measures for future

• .Scope & Goals:
  • Review a playbook for responding to phishing incidents.
• Root Cause/Situation:
  • Need for a structured approach to handle phishing alerts effectively.
• Process:
  • Reviewed steps for evaluating alerts, checking for malicious content, updating tickets, and closing alerts.
• Resolution:
  • Reviewed a comprehensive guide for SOC analysts to manage phishing incidents and ensure timely responses.

• Scope & Goals:
  • Improve security by managing IP address access for healthcare data.
• Root Cause/Situation:
  • Need to ensure only authorized personnel access sensitive information.
• Process:
  • Developed a Python algorithm to update and manage the allow list of IP addresses.
• Resolution:
  • Enhanced network access control, ensuring only current authorized personnel can access sensitive data.