MuneneGeo/omniRoute-cyber-preparedness-assessment

# OmniRoute Logistics — Cyber Preparedness Assessment **AH Academy Cohort 4 Capstone Project** **Role: Threat intel Lead** **Date: May 2026** ## Team — Squad 4 | Name | Role | |------|------| George Munene | Threat Intelligence Lead Emmanuel Asumwa | Squad Lead Ajagurwah Edgah | Squad Member Shannon Kihara | Detection engineer lead Maureen Maina |Squad Member John Limbe | Squad member Prisillah Nyoko | Squad Member ## Overview A board-ready cyber preparedness assessment conducted as part of the AH Academy Cohort 4 capstone programme. The assessment profiles The Gentlemen ransomware group as an active threat to OmniRoute Logistics — a fictional multinational freight and supply chain company operating across 42 countries. ## My Role As **Threat Intelligence Lead**, I was responsible for: - Adversary characterisation using the MITRE ATT&CK framework - Mapping 14 documented TTPs across the full Cyber Attack Lifecycle - Justifying adversary class selection against the Cyber Preparedness framework - Producing the adversary profile statement specific to OmniRoute - Supporting detection engineering analysis using Sysmon configuration - Presenting Section 1 to a simulated executive panel (CISO, CFO, Head of Ops) ## Repository Contents | File | Description | |------|-------------| | `OmniRoute_CyberPreparedness_Report.docx` | Full written report — Part A | | `OmniRoute_Presentation_Deck.pptx` | Panel presentation slides — Part B | ## Key Areas Covered - Adversary classification using the Cyber Preparedness adversary class framework - MITRE ATT&CK TTP mapping — 14 techniques across 7 tactic categories - Goal-to-consequence mapping — financial, operational, legal, reputational - Cyber Attack Lifecycle defensive mapping — Recon through to Maintain - Sysmon detection engineering — EID 1 (OriginalFileName), EID 6, EID 11, EID 12/13 - Multi-jurisdictional regulatory analysis — GDPR, Kenya DPA, Singapore PDPA - 14-dimension preparedness gap analysis across Governance, Operations, and Architecture - Preparedness posture recommendation — Architectural Resilience ## Frameworks & Tools Referenced ## MITRE ATT&CK Sysmon Sigma Rules NIST CSF 2.0 CIS Controls v8 Velociraptor FortiGate IPS Qualys / Nessus Splunk / Elastic SIEM Veeam TheHive + Cortex KAPE ## Threat Intelligence Sources Group-IB | Trend Micro | Cybereason | SOCRadar | eSecurity Planet | Cyber Daily | ransomware.live ## Disclaimer