Carlos Leonardo

Cybersecurity expert with over a decade of experience in incident response and strengthening organizational cybersecurity frameworks. As Director of the National CSIRT of the Dominican Republic, I successfully spearheaded the creation of the National Cybersecurity Center and its CSIRT, contributed to the National Cybersecurity Strategy, and played a key role in drafting legislative frameworks for cybersecurity and data protection. Renowned for enhancing operational efficiency, cultivating international partnerships, and implementing innovative solutions in complex environments. Skilled in leading cross-functional teams, advancing risk management practices, and establishing robust defense mechanisms to safeguard organizational and national assets. Committed to advancing cybersecurity policies, fostering resilience across sectors, and driving impactful initiatives on both national and regional levels.

• Security Operations Manager (SOC), SANS, 01/01/24
• CSIRT Management, Carnegie Mellon University, 01/01/20
• E-Evidence Bootcamp, Interpol, 01/01/20
• CERT’s/CSIRT’s Operations, Instituto Nacional de Ciberseguridad de España (INCIBE), León, Spain, 01/01/19
• CyberSouth School on Internet Governance, Washington, DC, 01/01/18
• Cybersecurity Executive Training, Hebrew University of Jerusalem, Israel, 01/01/18
• International Law Applicable to Cyberoperations, Organization of American States (OAS), 01/01/18
• Cybersecurity Specialty – Forensic Computing, Instituto Nacional de Ciberseguridad de España (INCIBE), León, Spain, 01/01/17
• International Seminar on Cybersecurity, Instituto Nacional de Ciberseguridad de España (INCIBE), León, Spain, 01/01/17
• Cyberdefense, Ministry of Defense, SIBAT, Israel, 01/01/17
• Investigation of the Use of the Internet for Terrorist Purposes and Organized Crime, Public Prosecutor's Office, Brazil, 01/01/17
• Electronic Cybercrime Investigation, US Department of Justice, 01/01/13
• Cybercrime, French Police, 01/01/13
• ITIL V3 Foundation, Pink Elephant, 01/01/11
• Project Management and Direction Diploma, Intras, 07/01/05
• Ethical Hacking Certified, EC-Council, 2021
• ISO 31000 Risk Manager, PECB, 2021 - RMM1087991-2021-11
• ISO 27005 Lead Risk Manager, PECB, 2021 - ISRMLM1087991-2021-11
• ISO 27035 Senior Lead Incident Manager, PECB, 2021 - ISIMSLM1087991-2021-12
• CyberDefense - Strategic Planning, Inter-American Defense Board, 2021

• International Law and Responsible Cyber
• Behavior: A Practical Perspective from Cyber
• Incident Response Teams (CERT/CSIRT), LinkedIn
• Governance and trust: Pillars for sustaining a cyber ecosystem, LinkedIn
• Beer Diplomacy: Building Cybersecurity Trust through Interpersonal Relationships, LinkedIn
• Dominican Republic Advances in the National Cybersecurity Index (NCSI), LinkedIn
• Why is cybersecurity awareness so important?, LinkedIn
• New paradigms in cyber incident response, LinkedIn
• What has COVID-19 taught us about Cybersecurity?, LinkedIn
• Dominican Republic makes progress in cybersecurity, LinkedIn

• Recognition "Cybersecurity, the commitment that unites us". STIC Conference, National Cryptologic Center of Spain.

I am proud to have supported numerous governments and regional organizations worldwide in establishing national incident response capabilities and creating channels for regional cooperation and the exchange of best practices. My active engagement in the incident response community has allowed me to present at various international forums and contribute to committees and working groups of esteemed organizations such as FIRST, OAS CICTE, GFCE, Interpol, and EU CyberNet. Currently, I serve as a member of the Board of Directors of FIRST and am part of the Cyberpool Experts of EU CyberNet.

Through my regional leadership, I have played a pivotal role in building capacity and empowering CSIRTs across the region to meet the necessary controls for joining the Forum of Incident Response and Security Teams (FIRST). This effort has successfully expanded the participation of teams and countries in the region, strengthening our collective cybersecurity posture.

In the realm of cyberdiplomacy, I have actively contributed to United Nations working groups, including the Open-Ended Working Group (OEWG) on the adoption and implementation of standards for the responsible use of ICT and Confidence-Building Measures (CBMs) in cyberspace. Additionally, I have participated in the Ad-Hoc Committee tasked with drafting a new convention to combat the use of ICTs for criminal purposes.

• Research: "Evolution of Cybersecurity in Latin America and the Caribbean", Netherlans 2022

This consultancy project for the Netherlands focused on analyzing the evolution of cybersecurity in Latin America and the Caribbean, exploring its origins to its current state. It examined how countries in the region are strengthening their cyber defenses while promoting digital inclusion and economic resilience, in a context characterized by cultural and economic diversity, which presents unique cybersecurity challenges.

The analysis addressed issues such as the digital divide, sophisticated cyber threats, and opportunities for governments, businesses, and society as a whole. It also highlighted the crucial role of regional and international cooperation, policies and regulations, and education in enhancing digital resilience.

The primary objective was to provide a comprehensive view of the complexity of cybersecurity in the region, emphasizing the importance of ensuring a secure digital environment that maximizes the potential of a connected society while protecting its online future.

• Diagnostic study on digitalization in Costa Rica, LuxDev 2022

This study provided a diagnostic to identify gaps and needs for support and strengthening in cybersecurity, spatial digitalization, and digital government in Costa Rica, focusing on Luxembourg's added value. It aimed to understand the challenges of digitalization in the country and define objectives for future cooperation between Luxembourg and Costa Rica. The analysis emphasized the integration of women and youth across all areas:

In cybersecurity, the study explored research initiatives, academic and scientific partnerships, digital skills development, and the training of operational technicians with contemporary knowledge. For spatial digitalization, it assessed satellite technology, its application in environmental management, disaster risk reduction, and sustainable development, including climate change mitigation. In digital government, it reviewed Costa Rica’s digital public service delivery, the Pura Vida Digital portal, and the prerequisites for innovative e-government services, particularly in social services, migration, and forest management.

The diagnostic included an analysis of Costa Rica's digital profile, the institutional and legal frameworks, and existing achievements in the three focus areas. It identified ongoing initiatives by other partners, Luxembourg's comparative advantages, and opportunities for collaboration. Key stakeholders were mapped, and potential synergies with EU and other member states’ interventions were highlighted.

This comprehensive assessment established the foundation for defining the priorities and opportunities for future cooperation, ensuring alignment with Luxembourg’s strengths and Costa Rica’s needs.

• Audit of the Presidential CSIRT of Colombia using the SIM3 standard, EUCybernet 2023

This project involved conducting an audit of the Presidential CSIRT of Colombia using the Open CSIRT Foundation Security Incident Management Maturity Model (SIM3 v2 interim) standard. The audit took place on March 18-19, 2024, in Bogotá, Colombia. During the engagement, appropriate advice was provided to the CSIRT's managerial team to enhance their maturity in alignment with SIM3 parameters.

At the conclusion of the mission, a comprehensive SIM3 analysis and recommendations document was prepared. This report, delivered within two weeks of the mission, included the audit results, parameters, procedures, evidence, analysis, and actionable recommendations aimed at advancing the CSIRT’s maturity. The document was shared with Colombian authorities to support their cybersecurity efforts.

Throughout the project, a client-focused approach was maintained, responding to queries, reviewing related documents upon request, and offering advice and commentary to ensure the activity's success and alignment with the client’s needs.