image-1
Menu
Linkedin Icon Twitter Icon Github Icon Medium Icon

Unlocking Cybersecurity Insights:
Author, Teacher, Speaker.

Years nurturing expertise in Human Intelligence
0 +
Years Of Experience
0 +
Organizations strengthened
0 +
Happy Clients
0 +
Years Of Experience
0 +
Organizations strengthened
0 +

Who is Sean O’Connor?

Sean O’Connor has predominately worked in the Intelligence Community (IC), starting his career, like many do, in the US military, where he worked in various intelligence disciplines, ranging from Human Intelligence (HUMINT) to tactical Signals Intelligence (SIGINT), and later serving as a Counterintelligence (CI) contractor for the Department of Defense (DoD).

Sean has always been passionate about all things intelligence and all things cyber. With this combined passion, Sean decided after his third tour in Afghanistan, to transition to the private sector as a Cyber Threat Intelligence (CTI) researcher for Dell Secureworks in the exclusive Counter Threat Unit (CTU). “The intelligence training and experience I obtained throughout my military career and in the DoD gave me the tools necessary to build the CTU’s first ever virtual HUMINT team.” By applying traditional HUMINT tradecraft through sock puppet accounts, the CTU vHUMINT team was able to infiltrate dark web cybercriminal networks for the purpose of collecting, analyzing and producing intelligence.

After six years in the Secureworks CTU, Sean took on a new opportunity with KPMG US as their head of Threat Intelligence, where he built the CTI program for the US, LATAM, and Israel member firms. Fast forward to today, Sean is the Global Head of the Equinix Threat Analysis Center (ETAC), which is comprised of teams focused on threat intelligence research, threat hunting, consulting services and data analytics.

Author & Teacher

Sean is a Partnered Faculty member, instructor, and Project Coordinator at Georgia State University’s Evidence-Based Cybersecurity (EBCS) Research Group. Sean partnered with EBCS to coauthor GSU’s first ever Darknet Intelligence course, which is taught to various Law Enforcement agencies. Sean is a firm believer in continuing education, especially in the field of CTI. “As analysts we should always be trying to keep up with the ever-evolving threat landscape, and as an instructor, I enjoy teaching these topics to anyone who has the willingness to learn,” he says. Through years of covert cybercrime intelligence operations, Sean identified how these criminals were laundering their money, such as through the use of cryptocurrency mixing/tumbling services, illicit exchanges, and Dark Web marketplaces. “Intelligence is a crucial piece of the puzzle that can significantly benefit cyber professionals in the DFIR cases they respond to. However, the cyber threat landscape continues to evolve, and as such, so should the intelligence supporting these DFIR cases,” says Sean. With Blockchain and Dark Web Intelligence, responders can better understand the criminals involved in their investigations. In some cases, this intelligence can give Law Enforcement (LE) agencies the evidence they need to attribute activity to individuals, allowing LE to make arrests. These kind of observations are captured in the all new SANS FOR589 course, which will be available to the public in 2023. As the lead author of FOR589, Sean takes CTI a step further by teaching students how to collect, analyze, and produce intelligence derived from cybercriminals’ cryptocurrency activity and from the dark web. Take a sneak peek at SANS first ever cybercrime intelligence course.

Mentorship

Sean’s unique background enables him to share his experience with his students through the courses he has authored and through mentorship opportunities. An example of this that Sean is most proud of is the mentorship he provides to veterans who are transitioning out of the military and into the civilian workforce. “I was so fortunate to have had a successful transition out of the defense sector because I was able to translate the skills that I had obtained while in the military into the needs of the private sector, and I want to help as many veterans as I can do the same thing,” Sean explains.

Volunteering

In his spare time, Sean enjoys traveling, playing soccer (futbol), reading, working out, and spending time with his family and friends. Sean also likes to volunteer his time to non-profit organizations and causes that he supports in both the physical and cyber space, such as the CTI-League, which works side by side with law enforcement to protect healthcare organizations from cybercriminals, and was recognized by SANS as a 2020 Difference Maker. Sean founded the CTI-League’s Darknet Intelligence team (CTIL Dark), which publishes an annual dark web threat landscape report on cybercriminal threats to the healthcare sector.

Profile Summary

Sean O’Connor is an industry expert with nearly 15 years of experience in various security disciplines, ranging from Counterintelligence (CI), Human Intelligence (HUMINT), Digital Forensics & Incident Response (DFIR) for the defense sector, to managing security research teams and building Cyber Threat Intelligence (CTI) programs for the private sector. He is an author, a teacher, holds a number of industry certifications, has been invited to speak at international conferences and quoted by media outlets on various security research topics. Sean currently serves as the Global Head of the Equinix Threat Analysis Center (ETAC)™, which is comprised of some of the world’s top security experts who identify and analyze emerging cyber threats, while developing countermeasures to better protect Equinix and its customers. He is passionate about volunteering his time to causes that he supports such as the CTI League and Curated Intelligence, as well as providing mentoring opportunities to students and to veterans looking to break into the cybersecurity industry. On top of all this, Sean is the author and the course lead for the new SANS FOR589 course.

With an extensive background spanning 15 years in security leadership, Sean O’Connor stands as a distinguished expert. As both an accomplished author and dedicated educator, he imparts his knowledge with passion. Sean’s influential speaking engagements resonate widely, and his perspectives often find a place in media narratives, further solidifying his reputation in the field.

Sean O'Connor (He/Him) Follow

Head of @Equinix Threat Analysis Center (ETAC) | @sansforensics Author | @curatedintel contributor | Husband, Father, Veteran. Thoughts are my own

vHUMINT
Retweet on Twitter Sean O'Connor (He/Him) Retweeted
msftsecintel Microsoft Threat Intelligence @msftsecintel ·
8 May

@AndresFreundTec In this episode of The Microsoft Threat Intelligence podcast, @AndresFreundTec, Senior security researcher @fr0gger_ , & @sherrod_im discuss the discovery of the XZ backdoor, as well as findings in tracking its development & the actor behind it.

Reply on Twitter 1788261553441050950 Retweet on Twitter 1788261553441050950 20 Like on Twitter 1788261553441050950 65 Twitter 1788261553441050950
Retweet on Twitter Sean O'Connor (He/Him) Retweeted
jon__dimaggio Jon DiMaggio @jon__dimaggio ·
7 May

RANSOMWARE DIARIES 5 is out! Want to know more about Dmitry…I mean #LockBit?! 😹I have a LOT more intel and now so do you! https://analyst1.com/ransomware-diaries-volume-5-unmasking-lockbit/

Reply on Twitter 1787864184975512036 Retweet on Twitter 1787864184975512036 107 Like on Twitter 1787864184975512036 369 Twitter 1787864184975512036
Retweet on Twitter Sean O'Connor (He/Him) Retweeted
cyversalerts 🚨 Cyvers Alerts 🚨 @cyversalerts ·
3 May

🚨ALERT🚨Are we mistaken, or has someone truly lost $68M worth of $WBTC? Our system has detected another address falling victim to address poisoning, losing 1155 $WBTC. 😢

Victim: https://etherscan.io/address/0x1e227979f0b5bc691a70deaed2e0f39a6f538fd5

Address poisoner: https://etherscan.io/address/0xd9a1c3788d81257612e2581a6ea0ada244853a91

Poison transaction:…

Reply on Twitter 1786363410243858869 Retweet on Twitter 1786363410243858869 255 Like on Twitter 1786363410243858869 904 Twitter 1786363410243858869
Retweet on Twitter Sean O'Connor (He/Him) Retweeted
darkwebinformer Dark Web Informer @darkwebinformer ·
5 May

⚠️ProtINTelligence⚠️is a tool that helps you to find intelligence on Protonmail users. Wasn't aware of this, may have to try it out.😈

#OSINT #CTI #Clearnet #DarkWeb #DarkWebInformer #Cybercrime #Cybersecurity #Infosec

Reply on Twitter 1787268171629510966 Retweet on Twitter 1787268171629510966 20 Like on Twitter 1787268171629510966 95 Twitter 1787268171629510966
Load More

Quick Links

Social

Get In Touch

2023 Humint All Rights Reserved

Interested in Having a Chat? Schedule a consultation.

Let's Talk