Sean's Portfolio

3D Printing

Explore my portfolio of 3D printing projects showcasing a blend of technical expertise and creative innovation. Using tools like the Creality Ender 3 V2 and PLA filament, I specialize in designing and producing practical solutions, from custom mounts to functional prototypes. Each project exemplifies my commitment to precision engineering and practical design, highlighting skills honed through hands-on experience and a passion for pushing the boundaries of additive manufacturing.

Security Audit Implementation and Compliance Assessment

Introduction:

In response to the growing online presence of Botium Toys, a small U.S. business specializing in toy development and sales, an internal IT audit was conducted to assess and enhance the company's cybersecurity posture. This portfolio project outlines the steps taken and recommendations provided to mitigate risks and ensure compliance with industry standards and regulations.

Scenario Overview:

Botium Toys operates from a single physical location serving as both an office and a warehouse, with an expanding online market attracting customers globally. Concerned about maintaining compliance and securing critical assets, the IT manager initiated an audit focusing on infrastructure security and regulatory adherence, particularly regarding online payment processing and EU business operations.

Audit Scope and Objectives:

The audit scope included implementing the NIST Cybersecurity Framework (CSF) to establish clear goals and assess risks associated with the current security infrastructure. The primary objectives were to identify vulnerabilities, ensure compliance with regulatory standards like PCI DSS and GDPR, and enhance overall business continuity.

Steps Taken:

• Review of Scope, Goals, and Risk Assessment:
  • Analyzed the scope, goals, and risk assessment report provided by Botium Toys' IT manager to understand existing challenges and strategic objectives.
• Controls and Compliance Checklist:
  • Utilized a comprehensive controls assessment checklist to evaluate the presence of key security measures such as least privilege, disaster recovery plans, password policies, and encryption protocols.
• Compliance Best Practices Assessment:
  • Conducted a thorough review of compliance best practices including PCI DSS for secure credit card processing, GDPR for data protection, and SOC type controls for data integrity and availability.

Recommendations:

• Recommended implementing a centralized password management system and enforcing stricter password policies to enhance data security.
• Advised on the adoption of least privilege and separation of duties principles to limit unauthorized access and potential breaches.
• Suggested implementing encryption protocols for sensitive customer information and developing a disaster recovery plan to mitigate operational risks.

Conclusion:

By completing this internal audit, Botium Toys is better positioned to secure its IT infrastructure, ensure regulatory compliance, and mitigate potential risks associated with its growing online operations. This project underscores the importance of proactive cybersecurity measures in safeguarding business continuity and protecting customer trust.

Next Steps:

Continued monitoring and periodic audits will be essential to adapt to evolving cybersecurity threats and regulatory changes, ensuring Botium Toys maintains a robust security posture aligned with industry best practices.

This portfolio project demonstrates practical application of cybersecurity frameworks and best practices, highlighting expertise in risk assessment, compliance, and strategic security planning.