HR has just reached out to you, the company’s IT administrator, handing you a former employee’s laptop and asking you questions about bad things they think the employee did before they left. Do you know how you’d handle it? This is a common scenario for many people who work in IT. In this presentation Kevin will walk attendees step-by-step through the activities and tools to investigate a bad leaver, including how to use open source tools to collect forensically sound disk images from Windows workstations and removable media, research network events, and interpret cloud logs and other evidence artifacts.
Kevin is a director of cybersecurity consulting, responsible for penetration testing, risk assessments, compliance audits, incident response, and cybersecurity advisory services. Kevin has 20+ years working in a variety of cybersecurity leadership roles, including application development, network management, risk management, fraud monitoring, digital forensics, and assessment services. He has worked with both large and small organizations across many industries helping them navigate complex security and compliance requirements as well as navigating them through security breaches. Kevin has a BS in Physics and Computer Science from Carroll University and an MS in Information Security Engineering from the SANS Institute. Through his career he has earned and maintained a number of cybersecurity certifications including Global Information Assurance Certified (GIAC) Security Expert (GSE), Certified Information Security Auditor (CISA), ISO 27001 Lead Auditor (ISO 27001 LA), Certified Information Systems Security Professional Official (CISSP), Certified Ethical Hacker (CEH), Project Management Professional (PMP), GIAC Certified Perimeter Protection Analyst (GPPA), GIAC Certified Forensic Analyst (GCFA), GIAC Assessing and Auditing Wireless Networks (GAWN), GIAC Experienced Incident Handler (GX-IH), GIAC Experienced Intrusion Analyst (GX-IA), and GIAC Experienced Cyber Security (GX-CS). As a leader within a PCI-focused consultancy, Kevin was a Qualified Security Assessor for nine years and lead PCI Forensic Investigator for four years. Kevin’s research interests include hardware and embedded systems, having initiated the MiniPwner penetration testing drop box project as well as designing and hosting a CypherCon hardware hacking village project since the conference’s inception.
We proudly present SecretCon, an entirely unparalleled conference for the state of Minnesota, built for our new digital reality. This conference is dedicated to the many specialties of our hacker, cybersecurity, and privacy community. We have taken it upon ourselves to construct a conference that not only embraces our past, but also looks to the future. Join us!