Professional Documents
Culture Documents
Symptai & Digicel BVI Building For The Future
Symptai & Digicel BVI Building For The Future
David Wright
Manager, Cyber Security, Symptai
CISM, CISSP, CISA, CIPM
Agenda
Threat Actors Regional Use Cases Mitigating Risks
CORE VALUES
CANDOR
INTEGRITY
CURIOSITY
EXTRAORDINARY PEOPLE
EXCEPTIONAL RESULTS
Certifications & Affiliations
CGEIT: Certified in the Governance of Enterprise IT eWPT: Web application Penetration Tester A+
CISM: Certified Information Security Manager eJPT: Junior Penetration Tester CISSP: Certified Information Systems Security Professional Server+
CRISC: Certified in Risk and Information Systems Controls eMAPT: Mobile Application Penetration Tester ISSAP: Information Systems Security Architecture Professional Security+
CSXP: Cybersecurity Practitioner
CSSLP: Certified Secure Software Lifecycle Professional PenTest+
CDPSE: Certified Data Privacy Solutions Engineer
CCSP: Certified Cloud Security Professional Linux+
Network +
Project+
MCSA: Microsoft Certified Solutions Associate
CySA+: Cybersecurity Analyst
MS-100: Microsoft 365 Identity and Services
OSCP: Offensive Security Certified Professional CASP+: CompTIA Advanced Security
Practitioner AZ-500: Microsoft Azure Security Technologies
CIPM: Certified Information Privacy Manager OSWP: Offensive Security Wireless Professional
CEH: Certified Ethical Hacker AZ-900: Microsoft Azure Fundamentals
CIPT: Certified Information Privacy Technologist
CCISO: Certified Chief Information Security Officer AZ-104: Microsoft Azure Administrator
CIPP/E: Certified Information Privacy Professional
CHFI: Computer Hacking Forensic Investigator AZ-400: Designing and Implementing Microsoft DevOps
Scrum Master Certified SPOC: Scrum Product Owner Certified PMI Agile Certified Practitioner
Some Questions to
Ask Yourself
A B C D E
7
Threat Actors
Malicious
Nation State Employees
individuals
IT
Friend Children
Professionals
10
Source: FBI Archives
Inside the Mind of a Hacker
Steps in a Ransomware Attack
42 %
Improperly Configured Devices
and Systems
16%
Ineffective Patch Management
Controls
11%
Insufficient
Cryptography
360+ Billion
IPS
Source: 200 Cyber Security Assessment conducted by Symptai Consulting (2020 – 2022)
Source: FortiGuard Caribbean Spotlight 2022
Vulnerability on the Dark Web …select Caribbean Islands
6x security is addressed at
design vs
implementation
Application Security
Testing Tool
Inspecting application
requests and response
Directory enumeration
Exploiting a software
vulnerability
Image Placeholder
Image Placeholder
Mitigating the Risks
Endpoint Protection
Enforce policy on mass amounts of devices
Managed Firewall
For Specific Sections of your network that need extra
protection
Penetration Testing
Check your Infrastructure regularly for backdoors or
vulnerabilities
Vulnerability Assessment
Find out in advance where you are prone