Dumas Cyber Security Exercises

The primary mission of Dumas Cyber Security is to reduce the risks to data within various businesses by drilling using cyber exercises.

Help organizations proactively identify and address vulnerabilities in people, process, and technology.
Assist organizations in recovering from security breaches faster.
Build and use essential playbooks for many incidents, including ransomware.
Evaluate and document the security maturity and posture of the business.
Identify the existing protections on a company’s crown jewels.
Test both cyber and physical security controls for the business through bypassing cyber and physical access safeguards to gain unauthorized access to sensitive parts of the business.
Discuss forensic analysis, archiving logs and evidence, and providing guidance to mitigate further exploitation.
Meet legal, regulatory and insurance requirements.

Get Started with Dumas Cyber Security Today

Practice & Be Prepared

Cyber Exercises

Contact us to discuss your cyber security needs

About David Dumas

David Dumas, CISO

Versatile Security Consultant with extensive experience in security regulatory compliance requirements, security support and leadership. Demonstrated expertise in reviewing and revising corporate security policies, standards, and industry accepted security practices. Adept at leading cybersecurity assessments and developing and executing detailed project plans and assessments. Proven ability to manage vendors and provide cost-effective solutions. Experience in maturing security programs. Awarded three patents and presented at many security conferences on current security risks.

Sr. Principal Security Risk Management in Network Security Operations – Wireline and Wireless

Managed the outsourcing and offshoring governance and clearance process for Wireline, Wireless, and IT businesses. Participated as an active member on the clearance council, which met weekly to review and clear 3 – 4 global projects.

Wrote, planned, and ran cyber tabletop exercises for the CISO and other business units to ensure that security operations were prepared for the next threats including ransomware.
Developed security awareness webinars, videos, classes, and electronic email cards for security operations.
Presented to Verizon’s customers the internal Wireline layers of defense and strategy. Customers included small to large enterprises and various departments of the US and State governments, including the FCC.
Participated in government security committees as requested (CSRIC, ESF, ATIS, CSCC).
Developed a HIPAA-compliant healthcare vertical and infrastructure for Wireline and HIPAA council.
Led the Wireline responses to all new global and Federal and State laws and regulations, working closely with Legal.
Supported International cybersecurity and privacy regulations and compliance.
Project manager for VLSS effort to insert security requirements into the front door of the intelligent edge network.
Editor of the Verizon Network Security Baseline document for Wireline and Wireless, as well as a participant on Enterprise-wide Security Standards.

Director - Network Security Architecture and Design Group

Supervised twenty-five security professionals, including the department vision, projects, and performance reviews. Managed a $3 million dollar department budget and helped the corporation make product and service decisions for billions of dollars in capital procurement, including labs in Waltham and Baltimore.

Provided the security architecture and design for over 50 projects per year through the technology group.

Developed and implemented security architectures and requirements for Verizon’s next generation circuit and packet networks as well as the FiOS product line (voice, video, and data). Provided security consulting and product evaluations for Verizon Telecom, Verizon Business and Information Technology.

Led the implementation of application layer firewalls for Verizon’s VoIP products for SIP Protocol filtering.
Presented Verizon’s security architecture and requirements to Verizon’s vendors and partners.
Interfaced with many internal groups including Audit, Corporate Security, Verizon Computer Incident Response Team, Verizon Information Security Council, Verizon Executive Security Council, Telcom Information Security Council and Verizon Information Security Technology Team.
Implemented a second FiOS video conditional access system, which saved $500 million over three years.

Verizon Communications, Waltham, MA

Director - Network Security Architecture and Design Group

Developed and implemented Verizon’s first carrier-class PKI Operations Support System to automate the management of private and public keys over a four-year period. Spent $4 million in software development.

The automatic re-keying of the network would be 500 times cheaper than a manual re-key. Savings of over $17 million realized by managing and issuing Verizon internal certificates to protect the networks.

Led and developed an architecture overview for security operations management that was used to build security operations centers for Verizon.
Provided industry security standards support and participated as an author for ATIS-030074.2006, “Guidelines and Requirements for Security Management Systems”.

Digital Equipment Corporation, Stow, MA; Westboro, MA,

Senior Security Consultant for the Systems Integration Consulting Organization

Established Digital’s US security consulting practice. Created multivendor sales support, training, consulting and delivery of security services and products across the U.S. for 50 companies. Designed and delivered UNIX and PC security services worldwide. Assisted customers in securing their Internet and intranet connections.