With over 25 years in cybersecurity, I have led teams to address the complex challenges of managing geographically separated networks under constant attack. I understand that mission needs take center stage when weighing appropriate cyber safeguards. I specialize in applying a risk-based security approach at a technical level, ensuring that protections are both effective and operationally practical. My Master's degrees and various industry certifications, including the CISSP, illustrate my breadth of knowledge in the field.
I passionately believe in giving back into the cybersecurity community and training the next generation of cyber professionals. I believe the only way to defend against new attacks is to truly understand how to perform them. I stay current with emerging threats, technologies, and frameworks, and I am driven by the challenges of the ever-evolving cybersecurity landscape.
Areas of Expertise
- Cybersecurity Architect
- Cyber Incident Handling
- SIEM Integration
- Vulnerability Management
- Boundary Protection
- Penetration Testing
- Security Data Analytics
- System Development Lifecycle
- Systems Design
- Network Design and Administration
- Enterprise Administration
- Big Data Analitics
- System Implementation and Migration
- Disaster Recovery
- Project Management
Technologies Experience
- Splunk
- Elastic Stack
- Unix/Linux Administration
- Amazon Web Services (AWS)
- Tenable Security Center
- Trellix ePolicy Orc hestrator
- Splunk Enterprise
- IBM Q-Radar
- McAfee Enterprise Security Manager
- McAfee Enterprise Firewall
- PaloAlto Next-Generation Firewall
- BlueCoat Proxy Server
- Core Impact
- Sourcefire / Snort
- Kali / Backtrack / Metasploit
- RedSeal
- Service Now
- eMASS
Michael's Published Works
Articles
My AI Has Me Questioning Reality
ISC2 Insights
The ability of an artificial intelligence (AI) platform to simulate information which it is lacking is commonly referred to as “hallucinations”. AI hallucinations are a strength of the technology, differentiating it from pure machine learning and the so-called Expert Systems of the past, enabling the creation of new and diverse content seemingly out of nowhere. However, hallucinations can become the ultimate gaslighting instance, causing AI users to question their own knowledge and experience.
A Proposed Model for Vulnerability Analysis Using Critical Paths
Information Assurance and Security Letters
Determining the means by which an attacker may compromise a given system is the main purpose of vulnerability assessment. As such, there are several models currently in place to track vulnerabilities. Some models focus on the susceptibility of a computer system as a whole where other models track attack paths through a network. This paper proposes a model which accomplishes both. The primary focus of the model is to identify synergistic attacks--consisting of multiple exploits used in tandem; thereby, resulting in a greater threat than the individual exploits alone. By using this data, a critical path can be identified; thus, revealing the exploit combination posing the greatest risk. Applying the critical path in conjunction with attack origins expands the diagram to depict attack vectors. Exploding the diagram by applying the model to all systems on the network with attack vectors depicts the entire network as a whole. Information from the model can then be used to harden both systems and the network, maximizing the benefits of the added security measures.
Port Knocking with Single Packet Authentication using Asymmetric Key Cryptography
Journal of Information Assurance and Security
Protecting services from attack is the sole purpose of a firewall; however, some services (generally those for remote administration) require enough leniencies in their rules that the protection of a firewall is quite limited. Port Knocking is a method which may helps protect against attack, by preventing firewall responses to connection requests until appropriate conditions are met, in the form of a knocking packet sequence. To harden the security of Port Knocking further, asymmetric cryptography can be used to reduce the number of knocking packets to a single packet while also authenticating the individual user.
iBooks
Security vs. Convenience
Computer Security is Common Sense: Volume 1
The inter-workings of computer security is often viewed as mysterious; however, nothing could be further from the truth. Computer Security is Common Sense is a series of simple to follow books, each tackling a separate aspect of computer security. Through use of analogies, these books help associate computer security practices with real life, everyday examples without sacrificing the accuracy of the technical details. These books are perfect for non-technical managers, computer security novices, and system administrators looking to broaden their knowledge.
Conflicts of Interest
Computer Security is Common Sense: Volume 2
The second in the Computer Security is Common Sense series, Conflicts of Interest addresses the various roles of administrators and security personnel are placed in as well as how these roles may effect each other and the organization as a whole. This book attempts to shed light on the complex nature of proper checks-and-balances, several considerations to account for, and the reason to employ them in the first place.
The Path of Least Resistance
Computer Security is Common Sense: Volume 3
The Path of Least Resistance, the third in the Computer security is Common Sense series, approaches network defense by addressing the methodology of attacking a network. Attackers plan their attacks to be swift and targeted, minimizing the chance of being caught. By identifying the weakest links and hardening them, the entire chain-mail of security is more resilient.
The Myth of the Secure OS
Computer Security is Common Sense: Volume 4
Every tool has its use and every operating system has its role. Selecting an operating system is a critical decision which can effect the capabilities and security posture of a network for years to come. The Myth of the Secure OS addresses the strengths and weaknesses of the major operating systems, aligning them with common capabilities or computing needs. The goal of this book is not to sway towards one OS or another, but to emphasize that each OS has its own Yin and its own Yang.