Centro de Estudos, Resposta e Tratamento de Incidentes de Segurança no Brasil
CGI.br NIC.br

4º Fórum Brasileiro de CSIRTs


Large-Scale Cyber Breaches Targeting Privacy Information

Omar Cruz Omar Cruz
Chief, Cyber Threat Information Sharing
United States Computer Emergency Readiness Team (US-CERT)
U.S. Department of Homeland Security (DHS)

Omar Cruz is the Chief for Cyber Threat and Information Sharing at the United States Computer Emergency Readiness Team (US-CERT) with the Department of Homeland Security. Mr. Cruz leads a team responsible for researching developments from nation-state and non-nation state cyber threat actors, assessing for changes in their Tactics, Techniques and Procedures (TTP) to include identifying new cyber-related Indicators of Compromise that could be used for computer network defense purposes. He supports the information-sharing mission of US-CERT by preparing and publishing Indicator Bulletins comprised of recent activities from cyber threat actors, which are disseminated to the cyber security community within the Federal Government, Private sector and International partners.

Prior to joining US-CERT in 2013, Mr. Cruz spent over 3 1/2 years with the Federal Emergency Management Agency (FEMA) as the Section Chief for Cyber Threat Management, which focused on monitoring, safeguarding, and protecting FEMA's Enterprise Network against from foreign and domestic cyber threats. He was responsible for supporting the Chief Information Security Officer (CISO) of FEMA with Subject Matter Expertise (SME) in the areas of IT, IT Security Audit, Cybersecurity policy and Cybersecurity training. He developed the Continuity of Operations (CONOP) for the Cyber Threat Management Program at FEMA and successfully transitioned FEMA from a commercial managed service provided to a Federated in-house Security Operations Center (SOC) and Computer Security Incident Response Center (CSIRC) equipped with malware analysis capability. He provided SME support to the FEMA CSIRC providing guidance on the proper handling of all types of security incidents. He provided computer forensic support to FEMA's Law Enforcement Unit on all cases involving computers and mobile devices.

Mr. Cruz's Federal Government experience also includes time as Deputy Operations Manager for the DHS Security Operations Center (SOC); Operations Manager for the DHS SOC managed services to FEMA and Team Lead for the Customs and Border Protection (CBP) Computer Security Incident Response Center (CSIRC). In addition, Mr. Cruz served with the United States Marine Corps as a Non-Commissioned Officer (NCO) and completed a 4 year military tour of duty with an Honorable discharge and with the rank of Sergeant.

Mr. Cruz received his undergraduate degree in Network and Communications Management from DeVry University in 2005. He is a Certified Ethical Hacker (CEH) since 2007 and Computer Hacking Forensic Investigator (CHFI) since 2013.