Online PFIC Portal
w
Networking
Multiple Events

PFIC 2024 Summer Edition

August 21 (Eastern Time Zone)

DFIR Investigative Mindset

8:00 AM to 9:00 AM

 

The missing piece in your training and education is the DFIR Investigative Mindset. You can be the most technically skilled practitioner, but without an investigative mindset, you are second best, at best.  Brett Shavers distills decades of investigative experience and will present to you the why and how of developing your DFIR skillset to be more effective than your competitors, opposing experts, and adversaries.

Brett Shavers is a Digital Forensics Practitioner, a former law enforcement investigator at local, state, and federal task forces, an adjunct digital forensics instructor at the University of Washington, a founding member of the DFIR Review (www.dfirreview.com), an Honorary Life Member and former president of the Computer Technology Investigators Network (www.ctin.org), an award-winning author, and a prolific speaker on digital forensics topics.

Title: Charts, Heatmaps and Timelines

9:00 AM to 10:00 AM

 

Before the advent of Generative AI, Machine Learning, and Big Data, insightful data visualizations were pivotal in uncovering the hidden patterns within data. In our upcoming discussion, we will delve into a variety of data visualization techniques that are particularly beneficial for DFIR (Digital Forensics and Incident Response) and OSINT (Open Source Intelligence) investigations. Our focus will include an in-depth look at heat maps, timelines, data clustering, and geographical mappings. Throughout the session, I will showcase how the integration of Paraben’s E3 platform with OSINT LIAR tools can effectively utilize “Lagoon,” an innovative open-source data visualization platform. This integration is designed to enhance your ability to extract meaningful information and insights from your data, thereby enriching your investigative processes. Join us to explore how these advanced visualization techniques can transform raw data into actionable intelligence.

Dan is the founder behind Baker Street Enterprises, and creator of OSINT LIAR and Who Am I Chrome extension. With a wealth of experience from building software products within state, federal and private sectors, he is motivated to expand upon visualizing data within OSINT. Currently residing in the picturesque Upper Peninsula of Michigan, Dan shares his home with his three rad children and their dog, “Pippin”. During his leisure hours, you’ll find him drumming, mountain biking, or paddleboarding.

Technology Abuse Investigations

10:00 AM to 11:00 AM

 

This presentation will provide information, real world examples, and a basic overview of dealing with a Technology Abuse Case.  To investigate a case such as this, you will need DFIR and Network Security experience, by the end of the presentation you will be better equipped to handle a case such as this and collect vital information about the case.

Mr. Seanor is a Private Investigator who has spent the last six years working with technology abused women and helping them secure their lives and privacy.  Mr. Seanor has been involved in investigations for over 25 years.  Having presented a similar presentation to Google APAC, EMEA, and Americas as part of their yearly training.

Latest Trends in Business Email Compromise Investigations

11:00 AM to 12:00 PM

 

An overview of standard business email compromise investigations, discussing methodology, data collection, data analysis, and reporting. Microsoft Office 365 and Google Workspace email environments will be discussed, as well as on-premises Exchange environments. Attendees will gain insight into current tools, and methodologies, as well as how to leverage “off-the-shelf” products to perform investigations.

Bob Gaines has over 28 years of experience working in information technology. Bob deeply understands how security can protect the confidentiality, integrity, and availability of data and information systems in a regulated environment.

Throughout his career, Bob has served as a virtual information systems officer (VISO) for several multibillion-dollar organizations, an expert on risk and compliance, and a lead security officer responsible for conducting security assessments, forensic investigations, and regulatory compliance audits nationwide. He has also built, supported, and maintained technical environments for hundreds of U.S. clients.

In addition, Bob manages global incident response for international businesses, focusing on incident response, investigation, forensics, business continuity, and disaster recovery, performing numerous incident response investigations.

As a recognized subject matter expert in the IT security field, Bob has been interviewed by news outlets such as Fox Business and Business News Daily and trade magazines such as Processor Magazine and Security Business Magazine.

 

Lunch & Learn

Forensic Trek: The Next Generation

12:00 PM to 1:00 PM

 

More than 25 years ago, the digital forensics and incident response community started a very steep uphill climb. That’s when we started trying to teach mainstream users about digital forensics. They responded with blank stares. Rarely did they grasp what we were telling them.

A quarter century later, we can claim some success. They listen now, but much of the credit goes to the bad guys. The mainstream user has awakened because everyone knows someone who’s been a victim – someone whose daughter has been spied on, or whose business network was locked up. It’s no longer an abstract threat.

Mission Accomplished, sort of.  The Next Generation Must Complete the Mission

The world is awake. Now how do we persuade the mainstream how important digital forensic professionals are? The task of the next generation will be to continue to evangelize. Their focus can move to teaching better processes rather than scaring people. 

Organizations have thousands of digital forensics and incident response openings. Small and medium-sized business can’t afford in-house IT personnel, never mind incident response and forensic specialists. Meanwhile, a college degree in “cybersecurity” may leave the graduate without any grasp of how to respond to real-world incidents. What’s needed is basic training with current forensic professionals in the field. As a bonus, current professionals keep their skills current, providing better value to their clients.

 As the Generation that carried the ball to the 50-yard line, our final obligation is to equip the next generation with the tools and the real-world know-how to go the rest of the way.

Ira Victor has spent more than 25 years as a DFIR professional with six certifications from SANS and ISACA. In that time, he’s been a first responder to data incidents of all kinds and is recognized by the legal community as an expert in digital forensics and eDiscovery. Ira has advised Nevada legislators on digital security matters, and helped craft the state’s law governing information security. He is the co-developer of patented infosec technologies that rely on metadata to protect email systems.

Ira is an Ambassador for the Center for Internet Security. He has introduced CIS concepts into his avocation – teaching K-16 students about data privacy and security as a member of Nevada-based Computers for Kids Club, a unique chapter of Lions Club International.

Exploring the Future of DFIR: Beyond Traditional DFIR

1:00 PM to 2:30 PM

 

Are you tired of constantly reacting to security breaches after the damage has been done? Prepare to embark on a journey into the future of DFIR, where proactive defense strategies, state-of-the-art tools, and collaborative efforts redefine the landscape of incident response.

This talk delves into the constraints of conventional DFIR methods amidst today’s intricate attack scenarios:

Drones, Cloud, mobile, and IoT Challenges(Automobiles, Smart Watches, etc.: Are your current tools equipped to handle the expanding attack surfaces presented by these technologies?

Evolving Threats: Can your defenses keep pace with the increasing sophistication of cyberattacks?

Resource Constraints: Are you weary of firefighting instead of implementing preventative measures?

Fear not! I will explore innovative solutions to outmaneuver malicious actors and fortify digital defenses:

Automation & Artificial Intelligence: Enhance your analysis and response capabilities with lightning-fast, automated tools.

Proactive Threat Hunting: Instead of waiting for incidents to occur, learn how to actively detect and neutralize threats.

Cloud & IoT Forensics: Tackle the unique challenges posed by these emerging environments.

Threat Intelligence: Leverage invaluable insights to predict and prepare for emerging threats.

Collaboration & Knowledge Sharing: Unite with the broader security community to stay one step ahead.

 

This talk is tailored for:

Security professionals seeking cutting-edge DFIR strategies.

Individuals concerned about the evolving threat landscape.

Advocates of collaboration and knowledge exchange.

 

Prepare to:

Discover the latest advancements in DFIR methodologies.

Acquire actionable insights to enhance your organization’s security posture.

Be inspired by real-world case studies and success stories.

Depart with renewed confidence in confronting future threats head-on!

Join me and witness the evolution of DFIR firsthand!”

Talha Riaz an accomplished innovator and distinguished keynote speaker in Digital Forensics and Incident Response (DFIR) with a decade of comprehensive experience in the information technology and services sector. I offer proven expertise in Digital Forensics and Incident Response across Windows, Linux, and Mobile platforms, as well as drones. My competencies extend to Security Information and Event Management, Active Defense, Deception Techniques, Security Monitoring, Python programming, Vulnerability Assessment and Penetration Testing (VAPT), Policy and Procedure Development, Threat Hunting, and Malware Analysis.

An Attorney/Forensic Analyst’s Critical Analysis of the signal processing methods used by the FBI’s Cellular Analysis Survey Team (CAST) to support enhanced historic cell phone location testimony

2:30 PM to 4:00 PM

 

The FBI’s Cellular Analysis Survey Team (CAST) supports FBI, state, local, and tribal investigations through the analysis of cellular call detail records and their associated tower information.   Recently, the FBI has begun to use signal processing methodologies to produce more accurate analysis of cell phone and tower related data to form opinions regarding the location of cell phones.  The addition of signal processing has allegedly dramatically improved the accuracy of FBI opinions.

This seminar will review cell tower data, signal processing methodologies and linkage  to mapping technologies to support testimony.  We will also look at the process by which FBI attributes cell phone data to a specific person.

Don Wochna after serving six years in the United States Navy, and completing three “WestPac” tours of Vietnam, Don Wochna obtained his bachelor’s degree from Cal State Long Beach and his law degree from The Law School, University of Chicago, In 1983 he returned to his home-town, Cleveland, and practiced civil litigation and business work-outs with Thompson Hine and later as a partner at Baker & Hostetler.

In 1999, Don obtained one of the first civilian licenses for computer forensic software, and began a computer forensic business identifying, preserving, extracting, analyzing, and producing electronically stored information.  From 1999 to 2013, Mr. Wochna served as an expert witness regarding computer forensics in civil and criminal cases in federal and state courts, and as Chief Legal Officer with a local vendor.  As Chief Legal Officer, Mr. Wochna developed and taught his employees and other forensic experts sophisticated protocols integrating legal objectives and strategies with computer forensic expertise.

In June 2013, combining his 14 years experience as a computer forensic expert with his 30 years practicing law, attorney Wochna formed E-Data Law Group:  a consortium of experts that design, build, and defend advanced technological solutions to legal challenges in litigation, healthcare, audit, privacy and cybersecurity.  In 2016, through his law firm (www.wochnalawfirm.com), Mr. Wochna began offering his unique combination of legal and computer/cell phone forensic consulting and testifying expertise to criminal defense attorney across the United States.

Mr. Wochna has written hundreds of articles related to ediscovery, Big Data, analytics, privacy, compliance, and the challenges to the legal profession raised by electronic information systems.   His books include “E-discovery:  Making the Computer Your Best Witness” published by Ohio Bar Association; and he is a frequent and lively speaker regarding electronic data issues.  He has testified before the Advisory Committee on Amendments to the Rules of Civil Procedure, and has been influential in shaping the process by which large sparse datasets are defensibly searched to produce relevant information without reliance upon agreed-upon search terms.  His writings regarding the expert nature of searching unstructured data such as email have been cited in text books related to e-discovery; and his advocacy of advanced data analytics is regarded as defining the cutting edge of the integration of law and technology.

 

Due Diligence Investigations Using OSINT

4:00 PM to 5:30 PM

 

The Authoritative OSINT Guide to Business Due Diligence by Cynthia Hetherington is a comprehensive guide to the world of online investigations. This essential read is a treasure trove for anyone keen to delve into the realm of cyber intelligence, whether you’re a newbie looking to protect personal interests, a seasoned business due diligence analyst who wants to catch up on the new tools, or a law enforcement or military professional who wants to transition into a new career in the private investigation realm.

The Authoritative OSINT Guide skillfully covers all of the crucial topics, including researching open sources, understanding the ethical and legal aspects of online research, and mastering the art of crafting impactful intelligence reports.

Whether you’re embarking on a cybersecurity career, seeking to augment your existing skills, or acting to protect your interests, this book is an invaluable resource. Cynthia Hetherington, with her extensive experience and accolades in corporate intelligence and cyber investigations, provides insights that are both practical and profound. The Authoritative OSINT Guide is not just about learning techniques; it’s about becoming part of a larger mission to make informed decisions and protect communities from digital threats.

Cynthia Hetherington MLS, MSM, CFE, CII has more than 25 years of experience in research, investigations, and corporate intelligence. She is the founder of Hetherington Group, a consulting, publishing, and training firm focusing on intelligence, security, and investigations. Cynthia was named the 2012 James Baker Speaker of the Year for the Association of Certified Fraud Examiners. A widely-published author, Cynthia authored three books, and multiple editions on background investigations, due diligence research and public records reference resources. She is the publisher of Data2know.com: Internet & Online Intelligence Newsletter and has co-authored articles on open source intelligence gathering, computer forensics, Internet investigations, and other security-focused monographs. She is also recognized for providing corporate security officials, military intelligence units, and federal, state, and local agencies with training on online intelligence practices.

Cynthia founded the OSMOSIS Institute in 2015, the host organization of the annual OSMOSIS Conference, which provides Open Source Intelligence (OSINT) insights and due diligence investigation training, from some of the most recognized social media and open source trainers in North America.