data science, cybersecurity
builderall

I've always been a big advocate for making data-driven solutions for bit problems. I believe that the future is all about data management. Businesses generate big data, and it's a gold mine for information to optimize with the use of machine learning and data science.


Because data is so valuable, the need to protect against data breaches using the latest cybersecurity tactics has never been more important.


This is why during the pandemic I chose to invest my time studying these two areas very closely. Here's a little about my story and how it all pertains to Cybersecurity and Data Science.


I'm a Goal-driven professional with vast experience envisioning and executing growth strategies to improve business performance by enabling informed decision-making in a safe and secure way.

 

I'm a results-oriented business leader and versatile MIT graduate in Data Science and Machine Learning, and presently in Stanford University for Advanced Cybersecurity. I am proficient in Python 3, R, Tableau, Power BI, SQL, HTML, AWS, Google Cloud, Burpsuite, and Wireshark plus I have over 25 years of management and data analysis experience in various industries.

 

After attending Ryerson University (now Toronto Metropolitan University) I started a career in the hospitality and tourism industry where I worked in various senior management positions in the hotel, and airline sectors.  My focus at the time was to pioneer data analysis with revenue management, yield management, data warehousing, eCommerce, and software development.   

 

In the last few years with Signature Vacations, I built revolutionary yield management and competitive analysis pricing software tool suite used by payload managers that improved load factors and profit margins for 9 planes, 24 gateways, and 30 Destinations with 300+ hotels contracted.

 

In 2009 I started a fitness business and began teaching group and personal Mixed Martial Arts training.  I had a passion for the martial arts my whole life and I loved mentoring and helping people reach their fitness goals, plus I had a young family I wanted to raise.  


As my fitness business grew, I started leveraging a personal website, SEO, and social media to generate leads, and convert new customers.

 

Having a knack for technology and many of my friends and colleagues seeing my success, started to ask me for help.  I then started another business building online customer acquisition funnels and leveraged Elearning to help teach what I was doing, indoctrinate and build new consulting clients.  

 

I?ve helped high-level experts, entrepreneurs, and business owners turn their expertise and passions into highly profitable businesses for the past decade. (I did this by building "marketing automation vehicles" that help folks get to their income goals 6-24 months faster than they would if it was all on their shoulders).

 

My specialty was designing and optimizing behavioral-driven lead generation and conversion campaigns that target the perfect customers online for minimal costs and maximum revenue using artificial intelligence technology and SEO.

 

I did this by using machine learning algorithms that use real-time analytics to optimize custom, Facebook, Youtube, and Google PPC campaigns

 

Then the pandemic hit and both of my businesses were affected in a big way.  


I decided to do something with the time, and upgrade my skills and career.  I knew that the world was becoming all about data, and in the future, it was going to be more valuable than gold.   

 

I believe Data Science and Machine learning will revolutionize business decisions, and because data is so valuable, it needs to be protected.  


This is why I focused on data science, machine learning, and cybersecurity.

 

 Here is what I am currently studying with Stanfords Advanced Cybersecurity


Course 1:


Foundations for Information Security:

Motivation

- Introduction to Motivation

Security Goals

- Holistic Security

- Authentication

- Authorization

- Confidentiality and Data Integrity

- Accountability and Availability

- Non-Repudiation

Attacks

- Common Attacks Pt. 1

- Common Attacks Pt. 2

Attacker Life Cycle

- Introduction

- Explainer Video

- Life Cycle Pt 1,2,3

Mega Breaches

- Introduction

- 2018 - Aadhar, Exactis, Under Armour

- 2017 - Dun and Bradstreet, River City Media, WannaCry, Equifax

- 2016 - Yahoo

- 2013-14 - JPMorganChase, Target

- Defense in Depth

- Predicting Breaches

Security Design Principles

- Simple Web Server(SWS)

- Principle of Least Privilege

- Defense-in-Depth

- Securing the Weakest Link

- Fail-Safe Stance

- Secure by Default

- Simplicity and Usability

Secure System Design

- Threat Modeling

- Designing-In Security

- Convenience vs Security

- Secure SDLC Pt. 1,2

- Security by Obscurity

- Open vs Closed Source

- A Game of Economics

Client State Manipulation

- CSM Example Attacks Pt. 1,2

- POST vs GET

- Cookies

- Javascript

- Ajax

- Forceful Browsing

- Redirects

- File Upload Security

Command Injection

- Explainer Video

- CI Example Attacks Pt. 1,2

- Blacklisting

- Whitelisting

- Escaping

- Second-Order Attacks

- Prepared Statements and Bind Variables

- Impact Mitigation

- Other Command Injection

Buffer Overflows

- Anatomy of Buffer Overflow Attack Pt. 1,2

- Explainer Video

- Safe String Libraries

- StackGuard


Course 2: Exploiting and Protecting Web Applications:

Injection & Cross-Domain Attacks

- Command Injection

- Mitigation of SQL Injection

- Advanced Injection Commands

- XSS

- More XSS and Mitigation

- XSRF

- XSSI

- HTML 5 Security Issues

Web Security: HTTPS and the lock icon

- Introduction to Web Security

- HTTPS in the browser

- Problems with HTTPS and the lock icon

Web Security: Session Management

- Introduction

- Cookie Protocol Problems

- Session Management

- Session Hijacking

Web Background and Browser Security Model

- Introduction

- HTTP

- Rendering Content

- Isolation

- Navigation

- Communication

- Client State

- ClickJacking

- Frame Busting



Course 3:

Using Cryptography Correctly:

Introduction to Cryptography

Symmetric Encryption

- Brief Overview

- Stream Ciphers

- Block Ciphers

- Using Block Ciphers

- Message Integrity

- Authenticated Encryption

Public Key Cryptography

- Concepts

- Digital Signatures

- Certificates

- Key Exchange: TLS

- Diffie Helman

Identification Protocols

- Authenticating against Users

- Security against Direct Attacks

- Security against Eavesdropping Attacks

- Security against Active Attacks

- Authentication Session - Industry Expert

Advance Primitives

- Brief Overview

- Protocols

- Privacy

- Broadcast Encryption

- Quantum Computing



Course 4:

Network Security

Internet Protocols

- Internet Infrastructure & Protocols

- Routing Security

- Domain Name System

Defenses & Tools

- Protecting Network Connections

- Standard Defenses for Local Networks

- Network Infrastructure Protocols

Denial of Service Attacks

- Handling Unwanted Traffic

- DOS Mitigation



Course 5:

Writing Secure Code:

Control Hijacking Attacks

- Module Overview

- Basic Control Hijacking

- Heap Overflows

- More Control Hijacking

- Format String Bugs

- Use After Free

- Mixing Data & Control

- Platform Defences

- Hardening the Executable

- CFI and CFG

Static & Dynamic Analysis, Fuzzing

- Introduction

- Comparison - Static & Dynamic Analysis

- Static Analysis Principles

- Static Analysis for Security

- Dynamic and Black Box - Tools

- Fuzzing Methods & Examples

Language-Based Security

- Managed Code

- Rust Language

Isolation

- The Confinement Principle

- System Call Interposition

- Isolation via Virtual Machines

- SubVerting VM Isolation

- Software Fault Isolation



Course 6:

Emerging Threats & Defences:

Dealing with a Data Breach

- Why Worry about Data Breaches?

- How to reduce the possibility of a Breach?

- What is considered a Breach?

- Breach Response Planning

- During and After a Breach

Attacks and Defenses

- Attacks and Techniques

- Compression Attacks

- Password Breaches

- Certificates on the Web

- Intel SGX

- Abusing Mobile Sensors

- New Age Security Risk

Cloud Security

- Cloud Architecture, Service Levels, Trust, and Threats

- Software as a Service

- Computing on Encrypted Data

- Trusted Computing

Privacy Concerns

- Privacy and Anonymity

- Network Traffic Analysis

- Web Tracking and Defenses



I am looking to work with a dynamic team of entrepreneurial business leaders and innovators in the cybersecurity, data science, and machine learning sector to generate record revenue growth, maximize advertising ROI and improve lifetime customer value and retention.