Sign in to view Saumil’s full profile
Welcome back
By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.
New to LinkedIn? Join now
or
By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.
New to LinkedIn? Join now
Greater Chicago Area
Contact Info
Sign in to view Saumil’s full profile
Welcome back
By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.
New to LinkedIn? Join now
or
By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.
New to LinkedIn? Join now
392 followers
383 connections
Sign in to view Saumil’s full profile
Welcome back
By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.
New to LinkedIn? Join now
or
By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.
New to LinkedIn? Join now
View mutual connections with Saumil
Welcome back
By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.
New to LinkedIn? Join now
or
By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.
New to LinkedIn? Join now
View mutual connections with Saumil
Welcome back
By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.
New to LinkedIn? Join now
or
By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.
New to LinkedIn? Join now
Sign in to view Saumil’s full profile
Welcome back
By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.
New to LinkedIn? Join now
or
By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.
New to LinkedIn? Join now
About
Welcome back
By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.
New to LinkedIn? Join now
Experience & Education
-
Abbott
****** ************** ******* ******* - *************
-
*******
******* ************** ***********
-
****-********
********** *********** ********** *******
-
*** ****** ********* ** **********
******* ** *******
-
******* **********
******** ** *********** (*.*.)
View Saumil’s full experience
See their title, tenure and more.
Welcome back
By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.
New to LinkedIn? Join now
or
By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.
View Saumil’s full profile
Sign in
Stay updated on your professional world
By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.
New to LinkedIn? Join now
Other similar profiles
-
Sejal Zaveri
Performance Test Architect at AT&T
Birmingham, ALConnect -
Raghav G
Indianapolis, INConnect -
Raghav Reddy
Madison, WIConnect -
Jacob Christensen
Cyber Operations Specialist | TS/SCI
New Berlin, WIConnect -
Rahul Sable
Alpharetta, GAConnect -
Alan Dionne
Industrial Sales Engineer - Eaton Corporation
North Charleston, SCConnect -
Chan YF
Senior Specialist Cybersecurity at Abbott
Pahang, MalaysiaConnect -
Jason Peach
Cyber Operations Planner
Apple Valley, CAConnect -
Patrick West
Cyber Operations Specialist (TS/SCI, CI Poly, Sec+)
Greater Augusta AreaConnect -
David Odland
Sr. Specialist Cybersecurity at Abbott
St Paul, MNConnect -
Keaton Fraticelli
Cyber Operations Specialist at US Army
Smyrna, GAConnect -
Raghav Kalra
Junior | Bachelors of Science In Business
Fort Wayne, INConnect -
Michael Alaimo
Greater Chicago AreaConnect -
Jay Esquivel
Cybersecurity Threat Hunter | Defensive Cybersecurity Professional | Software Developer
Orange County, CAConnect -
Steve Currier
Director of Program Operations at American Medical Association
Greater Chicago AreaConnect -
Shruti D
Charlotte, NCConnect -
Khaled Ahmed
Greater HartfordConnect -
Brad Williams
San Diego, CAConnect -
Sherif Hashem
Managing Director, Enterprise Infrastructure at Harvard Law School
Cambridge, MAConnect -
Vinay Prabhu
San Francisco Bay AreaConnect
Explore more posts
-
Dr. Milton Mattox
In recent cybersecurity news: Change Healthcare, Compromised By Stolen Credentials, Did Not Have MFA Turned On Summary: A ransomware group, AlphV, exploited compromised credentials to access Change Healthcare's systems via a Citrix portal lacking multifactor authentication, causing a major breach. UnitedHealth Group's inadequate security measures led to significant data theft and operational disruptions. My Thoughts: The significance of this cybersecurity breach lies in its impact on critical healthcare infrastructure, affecting patient care and privacy on a massive scale. Its importance is underscored by the need for robust security measures, like multifactor authentication, to prevent such incidents and protect sensitive data. The company needed to implement multifactor authentication (MFA) on the Citrix portal, an essential yet crucial cybersecurity measure. The breach was primarily due to this omission rather than direct software or human failures. https://lnkd.in/gc8vfaQB #cybersecurity #databreach #MFA #healthcare
5
-
Susan B.
🚨New Threat Research🚨 The Securonix Threat Research Team has identified a stealthy backdoor payload primarily targeting victims associated with Pakistan via unsolicited messages. In this new campaign (tracked by Securonix Threat Research as PHANTOM#SPIKE), threat actors are using military-related phishing documents to lure their victims into executing a simple RAT binary payload. Attackers utilized ZIP files with password-protected payload archives. 📍 Key Findings: 🎯 Sophisticated Social Engineering: The attackers used military-themed documents as lures to increase credibility and urgency, thereby enticing victims to execute the payload ⚡️ Exploitation of Trusted Formats: The campaign highlights the use of Compiled HTML Help (CHM) files, a trusted file format, to evade detection and bypass security measures ⛓️ Stealthy Execution: The malicious payload is executed in a way that minimizes visibility and avoids raising suspicion, ensuring a higher success rate of the attack 👨💻 Persistent Backdoor: Once the backdoor is established, it maintains a connection with the C2 server, allowing attackers continuous access to the compromised systems 🛡️ Recommendations: 1️⃣ Be cautious of unsolicited messages and email attachments 2️⃣ Double-check file extensions before execution 3️⃣ Monitor common malware staging directories 4️⃣ Deploy robust endpoint logging capabilities, including Sysmon and PowerShell logging Read the full threat advisory here: https://lnkd.in/gDpyw-Cf #threatresearch #threatadvisory #cybersecurity #TDIR #SIEM #phishing
4
-
MANOJ SHARMA
CISSP Twister of The Day (ToTD) Q. No 150 🎆🎇 Hey! A big congratulations to all of you as we have reached at 150th question in the form of ToTD Today. 🌟 Let's ignite some mental fireworks, folks! 💡🚀 💪 Remember, every question is an opportunity to learn and grow. So whether you nail it on the first try or use it as a chance to expand your knowledge, you're on the right track! 🌟 🧠 Get ready to flex those CISSP muscles because it's quiz time! 📝💼 🎯 Sharpen your focus and dive into the world of cybersecurity with this challenging question based on CISSP concepts. 💻🔒 🚀 Let's crush this quiz together and show the world the power of continuous learning and expertise! 💥💼 👉 Drop your answers in the comments below and let's spark some insightful discussions! 🗣️💬 TO CHECK ANSWER 👉👉: https://lnkd.in/gi3CqPug #CISSP #Cybersecurity #QuizTime #ContinuousLearning #Expertise #ChallengeAccepted 🌟 Cybernous Infosec Consulting LLP
10
3 Comments -
Teri Radichel 🩵
I wrote about the various rule combinations I’ve been testing in this post to block known bad and reduce load on the firewall. ~~ Are Your pfSense Filters Really Working? ~~ Too many rules and logs (?) makes them randomly fail ~~ To spot this you need to be monitoring your logs. I have been testing various combinations of rules and noticed this issue in certain scenarios. https://lnkd.in/eknrE6zG
3
-
Brian Ventura
Are you following along with our Achilles series? To register: https://lnkd.in/gUP2FSfS In part 2 I will discuss what failures were found and how they could be avoided or detected through the use of basic security controls, leveraging the CIS Controls. Please join me in the discussion May 8th to see what could have been done. To register: https://lnkd.in/gUP2FSfS From there you can find the first installment if you missed it previously. Cheers.
15
-
Thomas Scott
Are you ready? Given the complexity of the Cybersecurity Maturity Model Certification (CMMC) framework, it is essential for government contractors and subcontractors to have a comprehensive CMMC compliance checklist to ensure they meet all the requirements. The CMMC certification process is arduous but our CMMC 2.0 compliance roadmap can help. This blog post explores the CMMC 2.0 compliance requirements, provides a comprehensive CMMC Compliance checklist, and offers Department of Defense (DoD) contractors practical insights into how they can achieve CMMC compliance. CMMC 2.0 Compliance Roadmap for DoD Contractors Read Now What Is CMMC Compliance? CMMC is a cybersecurity framework regulating manufacturing contractors serving in the Defense Industrial Base (Defense Industrial Base), an extensive list of DoD supply chain partners.
5
-
Mike Holcomb
The #1 way to protect your ICS/OT environments from cyber attacks? Don't allow network connections from the IT network. I have had "conversations" with friendly state adversaries. I don't get any verbal acknowledgement from them. But they do nod their head slightly. So I'll take the head nodding as a sign! It was also the first thing Rob Lee stressed the first time I met him. I've taken it to heart ever since. Owners and operators need important data from the OT network. It allows the business to operate. We must provide that data in a secure manner. Without putting the ICS/OT network at risk. To do so: -> Do not provide IT systems with the ability to reach into the OT network and retrieve the data. -> Configure OT systems to send the data to the IT network in one direction. -> For additional protection, use a data diode or unidirectional gateway. -> Doing so allows data to be sent from OT to IT, but doesn't allow return traffic from IT to OT. If IT can connect into the ICS/OT network, attackers in the IT network can. And attackers WILL gain access to the IT network. I realize that not all IT-OT networks can be configured this way. -> Some have "special" requirements. -> Some were engineered without realizing the risk. -> Some were designed thirty years when security wasn't a concern. It doesn't change the facts. The #1 way to reduce cyber risk is to not allow IT to directly access ICS/OT. P.S. What is your #1 to protect ICS/OT?
470
91 Comments -
Antonio Feninno
On May 10, 2024, the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), the Department of Health and Human Services (HHS), and Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint Cybersecurity Advisory (CSA) to provide information on BlackBasta. This ransomware variant's actors have encrypted and stolen data from at least 12 out of 16 critical infrastructure sectors, including the Healthcare and Public Health (HPH) Sector. This joint CSA is a continuation of CISA’s ongoing #StopRansomware effort to arm defenders with the intelligence they need to combat different ransomware variants and ransomware threat actors. How Does BlackBasta Operate? BlackBasta follows a sophisticated technical approach to execute its attacks. The process generally includes the following phases: 1️⃣Initial Access: Attackers gain access to the target network using techniques such as phishing, exploiting vulnerabilities in outdated software, or compromised credentials. 2️⃣Lateral Movement: Once inside, they use remote administration tools and evasion techniques to move laterally within the network, escalating privileges and gaining control of multiple systems. 3️⃣Data Exfiltration: Before encrypting files, attackers often exfiltrate sensitive data for double extortion, threatening to publish the information if the ransom is not paid. 4️⃣Encryption: Finally, they deploy the ransomware, which encrypts the company's critical files, rendering them inaccessible and presenting a ransom note demanding payment in cryptocurrencies for data recovery. The Solution: Breach and Attack Simulation with Picus Security To tackle advanced threats like BlackBasta, it is essential for organizations to adopt a proactive approach.This is where Picus comes into play. Benefits of Picus Security: ✅Simulation of Ransomware Variants: Picus can quickly simulate numerous ransomware variants, including BlackBasta, providing a realistic environment to assess the effectiveness of existing security controls. ✅Detection and Prevention: Simulations help identify if current security measures can detect and prevent a ransomware attack before a real incident occurs. ✅Practical Evidence: Picus provides detailed evidence of how security controls respond to simulated threats, highlighting areas that need improvement. ✅Continuous Updates: Picus is constantly updated to include the latest emerging threats, ensuring the organization is protected against the most recent attack vectors For those interested in testing the effectiveness of their security controls against the latest BlackBasta variants, I invite you to watch our video below .Don’t wait to be the next victim; act now! #Cybersecurity #Ransomware #BlackBasta #BreachAndAttackSimulation #PicusSecurity #DigitalSecurity #AutomatedSecurityValidation https://lnkd.in/djx7Ys7N
10
1 Comment -
Prof Bill Buchanan OBE FRSE
The New Way To Create A Secure Tunnel … The WireGuard Protocol SSL/TLS is a poor security protocol, and where the secure tunnel can often be broken with a proxy/smart firewall. Those working in a secure environment should thus not rely on SSL/TLS to provide a secure environment. The solution for many, then, is to use IPSec in order to create a proper VPN tunnel. IPSec involves the negation of a tunnel policy, such as for the encryption method used, the key exchange method, the hashing method, and so on. There are normally two phases to this, where in the first phase, we define the methods to be used, and the second phase involves the actual handshaking of the encryption key to be used and the policy involved with the tunnel. But IPSec is overblown and contains many legacy cryptography methods. With this, an intruder could pull down the security of a tunnel to an unacceptable level, and break it. So what’s the solution? Well, one method that can be used is WireGuard. With WireGuard, we have a simpler solution than packages such as IKEv2 and OpenVPN, and it is more lightweight. While other packages need hundreds of thousands of lines of code, WireGuard requires only around 4,000 lines of code. https://lnkd.in/erzyb8MQ
31
4 Comments -
Lauren Dietrich
"Cybersecurity has changed everything about the managed services space, from the services partners can offer to the complexity of the solutions delivered to customers." A fantastic article written by Robin Ody at Canalys. 34% of partners expect over 20% year-on-year growth in their cybersecurity revenue in 2024!!! #ChannelPartners #MSPs #Cybersecurity
13
-
Gregory Kenneally Prawdzik
Small and medium-sized businesses (SMBs) face significant cybersecurity challenges due to their unique constraints and limited resources. Key challenges include: 1. **Limited Resources**: Tight budgets and lack of specialized cybersecurity staff lead to overburdened employees with insufficient expertise. 2. **Lack of Awareness and Training**: Employees often lack training to recognize cyber threats, making them susceptible to attacks like phishing. 3. **Sophisticated Threats**: Increasingly advanced cyber threats outpace the security capabilities of SMBs. 4. **Regulatory Compliance**: Difficulty in navigating cybersecurity regulations (e.g., GDPR, CCPA) due to limited legal expertise, risking non-compliance and penalties. 5. **Incident Response and Recovery**: Many SMBs lack robust incident response plans and backup solutions, prolonging downtime after incidents. 6. **Third-Party Risks**: Reliance on vendors with weak cybersecurity can introduce vulnerabilities. 7. **Technology Obsolescence**: Use of outdated hardware/software creates exploitable security gaps. 8. **Lack of Cybersecurity Strategy**: Absence of a clear strategy leads to inconsistent security measures and poor risk management. 9. **Vendor Management**: The plethora of cybersecurity products makes selecting appropriate solutions challenging. **Managed Service Providers (MSPs)** are becoming crucial for SMBs to enhance their cybersecurity and IT management. 94% of SMBs now use MSPs, up from 89% in 2022. **Selecting the Right MSP** involves evaluating: - **Security Expertise**: Certified and experienced staff. - **Range of Services**: Comprehensive services including network security and compliance management. - **Customization and Flexibility**: Tailored solutions and flexible contract terms. - **Reputation and References**: Positive reviews and successful case studies. - **Service Level Agreements (SLAs)**: Clear SLAs detailing service scope and performance metrics. - **24/7 Support and Monitoring**: Continuous support and proactive issue prevention. - **Compliance and Regulatory Knowledge**: Understanding of industry-specific compliance needs. - **Incident Response and Recovery**: Effective detection and recovery from incidents. - **Technology and Tools**: Use of advanced, compatible cybersecurity tools. - **Transparency and Reporting**: Regular, detailed performance and security reports. - **Cost and Value**: Balance of cost and service quality. - **Partnership and Communication**: Collaborative approach and strategic IT guidance. Thorough research and careful evaluation of MSPs ensure alignment with business needs and effective cybersecurity support for SMBs. #cybersecurity #MSP #MSSP
8
2 Comments -
Sherri Davidoff
LMG Security's popular Ransomware Response course is newly updated on-demand! #Ransomware is an epidemic, and this class is designed to teach #IT pros to be prepared before disaster strikes. Learn more and register for the class: https://lnkd.in/gfX_3f5N #CybersecurityTraining #IR
10
1 Comment -
Rolando Torres
A misconfigured VPN appliance is as dangerous as having RDP open to the internet. Even though CISA refers to new and innovative ways to manage risk such as Secure Service Edge (SSE) and Secure Access Service Edge (SASE), I still believe that most VPN solutions will keep your organization protected if configured properly. For starters, MFA enforcement for all users is a minimum requirement, the VPN user group needs to be reduced to a minimum set of users, and the landing VPN subnet should limit access to the minimum set of services required for employees to complete their business functions. Lastly but equally important, 24/7 SOC monitoring is the only way to detect suspicious VPN activity. #Abacode #VPN #Cybersecurity #Compliance #CISA https://lnkd.in/gar-P-MP
13
-
Amira Armond
Thoughts on Just-In-Time procedures and NIST SP 800-171 / #CMMC compliance... At Kieri Solutions - Authorized C3PAO , we figured out that people follow procedures best when they 𝘢𝘳𝘦𝘯'𝘵 𝘱𝘳𝘰𝘤𝘦𝘥𝘶𝘳𝘦𝘴. ??? Let me explain. You're onboarding a new user. To be compliant with #CMMC, your onboarding team needs to go through a convoluted process involving getting details about the new user, verifying NDA, background checks, training, requesting permissions, justifying permissions, reviewing permissions, authorizing permissions, creating accounts, creating records of the accounts, creating records of the permissions for the accounts, assigning expiration dates for each account, setting up a laptop, authorizing the laptop...!!! It goes on and on. If your strategy is to tell your HR and IT team that they need to perfectly follow a 70 step process on page 19 of ye old 𝐈𝐓_𝐏𝐫𝐨𝐜𝐞𝐝𝐮𝐫𝐞𝐬_𝐌𝐚𝐧𝐮𝐚𝐥, 𝘺𝘰𝘶 𝘮𝘪𝘨𝘩𝘵 𝘢𝘴 𝘸𝘦𝘭𝘭 𝘱𝘢𝘤𝘬 𝘶𝘱 𝘺𝘰𝘶𝘳 𝘣𝘢𝘨𝘴 𝘳𝘪𝘨𝘩𝘵 𝘯𝘰𝘸. The error rate will be upwards of 80%, unless you nag and threaten 😡 everyone constantly, in which case you might get down to an error rate of 30% (and your team will quit). Instead, if you use a combination of a well-designed Access Request Form and an Account Management database, all your team needs to do is remember to start with the correct form. 📝 The form should have fields and just-in-time instructions for each step of the process between HR and your IT Department. All your team needs to do is fill out each field in the form and they will complete the background screening, training, permissions, justifications, etc. naturally without nagging. Then, a well designed Account Management database helps your team manage the accounts long-term by including checks ◻️ for commonly-forgotten steps (like user agreements), next-review dates, annual training refresher dates, mapping the user to their supervisor, granular "should-be" permissions for both digital systems and facilities, and historic authorization notes. The last step for perfect procedures is a regular review to look for and fix errors. But again, if you want to be successful, don't expect your team to remember your dusty policies and procedures book in the corner. Instead, use a scheduled task, a ticket, or a checklist with just-in-time instructions to make sure that the review gets done. Pro-tip: next-review-dates are an excellent way to spread this task across time, instead of trying to do it all in one lump. Are your compliance policies and processes working for you, or against you? There is a better way. Use thoughtful design in your compliance system to reduce errors and streamline functionality. Screenshot below is from the Kieri Compliance Documentation's Account Management Database, showing some of the magic of our full-featured 800-171 / CMMC Level 2 compliance program. I'll put the link in comments, for anyone that is interested.
54
5 Comments
Explore collaborative articles
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
Explore More