±Forensic Focus Partners
New Today: 0
New Yesterday: 6
±Follow Forensic Focus
· A guide to RegRipper and the art of timeline building
· Recovering Evidence from SSD Drives in 2014: Understanding TRIM, Garbage Collection and Exclusions
· FT Cyber Security Summit 2014 – Recap
· Why Offender Profiling is Changing Thanks to Mobile Forensics and Increasingly ‘Social’ Criminal Activity
· Understanding Cyber Bullying – Notes for Digital Forensics Examiners
· Investigating the Dark Web – The Challenges of Online Anonymity for Digital Forensics Examiners
· The Complete Workflow of Forensic Image and Video Analysis
· Browser Anti Forensics
· Coming apart at the SIEMs …
InterviewsBack to top Back to main Skip to menu
Jim Kent, CEO EMEA, Nuix
It has felt like a really short 12 months. In that time, Nuix’s revenues have come a whisker shy of doubling. We now have more than a thousand customers in over 45 countries. We’ve opened a training facility in Washington, DC and have more than 200 employees.
We’ve continued to develop our existing products for forensic investigation, eDiscovery and information governance. The latest release of the Nuix Engine, version 5.2, has added a big list of features including the ability to analyse Windows event logs and jump lists and a really clever ability to decode binary values – so you can take what just looks like a string of numbers and say, ’What does this translate to as a Windows date format?’
We’re working on some products for cybersecurity, focusing on four areas. First is auditing and protecting sensitive data. The idea is if the bad guys do get in, they have limited access to the high-value and high-risk information such as private, health and financial data. Second is monitoring the day-to-day changes of data at rest on computers and storage systems. And third is beefing up our ability to collect, analyse and investigate data after a breach has happened to find out what went wrong and start the remediation process. Finally, we’re also looking to help organisations build a library of incident intelligence so we can get better – as individual companies and at a global level – at responding to breaches.
We’re very shortly about to release a new product which at the moment we’re calling the Nuix Web Review and Analytics – although that may not be the final name. It does pretty much what it says on the box: allows anyone with a web browser to review and analyse case evidence. For an investigation, that means you can parcel out evidence for review to many people. You can allow external subject matter experts to look at the parts of the evidence that are relevant to them. It’s going to make a huge difference to the way organisations conduct investigations.
It’s now a lot easier for us to develop new products such as Nuix Web Review and Analytics because we’ve built application programming interfaces (APIs) into the Nuix Engine. We’re also making these interfaces available to other organisations through our OEM Program. Anyone who wants to develop an application or workflow that requires fast and scalable processing of unstructured data can now put the Nuix Engine into it. We’re also providing developer resources and a team of integration engineers to help with this.
Last year Nuix announced a technology partnership with Cellebrite to strengthen investigations in mobile forensics and eDiscovery. Could you tell us more about this?
This has proven to be a fantastic partnership. As your readers would know, extracting forensically sound data from mobile devices can be fiendishly difficult. Cellebrite is really good at this. But these days a lot of people have more than one mobile device. If you add multiple suspects, the number of smartphones and tablets and GPSes and the like quickly adds up. So being able to ingest Cellebrite images into Nuix means an investigator can search, analyse and cross-reference across all of them from a single interface.
Cellebrite and Nuix are continuing to work together at a technology level to get deeper integration so investigators can pull out richer and more detailed data.
Was 2013 the year you took on Guidance Software and AccessData in the forensic investigations market?
Absolutely. Where Nuix has really shone is in enterprise and collaborative investigation environments. This is where speed and scalability are absolutely essential, and Nuix is the star performer. We’re also offering a different pricing structure for law enforcement and government investigators and that has been really popular.
Of course when you’re dealing with law enforcement and three-letter agencies, it’s hard to get people to speak publicly about their work. But for example, the Guernsey Police and Guernsey Border Agency used Nuix Investigator Lab because their legacy forensic tools weren’t up to the task of processing large volumes of data and sharing it among multiple investigators and external experts.
The key to our success has always been working with customers, listening to their feedback and developing real solutions for their problems. As long as we keep doing that, this year we’ll be even stronger.
In your opinion, what is the biggest challenge surrounding software development for digital forensics today, and how is this addressed by Nuix?
Same as last year, it’s about dealing with a growing diversity of data sources and the volume of data they contain. For technology to make investigators’ lives easier, it must be able to churn through large amounts of data from many different sources. Which, obviously, Nuix does.
At the same time, we recognise that people have their favourite tools for dealing with particular types of evidence such as pictures or browser histories. So the other important aspect is workflow: being able to send out data to those specialist tools and then reincorporate it into the broader investigation without a lot of effort or mucking about. With our scripting capability and, increasingly, our APIs, Nuix is becoming that ‘single pane of glass’ through which investigators can view the whole investigation.
What trends do you see in in digital forensics over the next twelve months?
Three things: collaboration, analytics and intelligence.
With so much data involved, it’s impossible for just one person to look at it all in a meaningful way. So investigators will need efficient ways to bring in a team of people to look at large matters. Where they need expert knowledge, say from lawyers, doctors or forensic accountants, they’ll need an easy way to show those people the relevant parts of the evidence.
All that data also means the conventional ‘line by line’ technique for analysis becomes inefficient as well as intensely draining. We’ll need ways to visualise case data so we can look at trends and bigger picture stuff, as well as analytics capabilities to drill down to the important parts that we want to investigative.
I talked about intelligence in the context of cybersecurity but it’s something that will be important for all investigations. We need to utilise the intelligence we’ve gathered from previous cases, as well as what we can share with other agencies, to highlight patterns and find connections that wouldn’t be obvious to the naked eye.
And finally, again following on from our earlier interview, how are things going with the restoration of your vintage Porsche?
Unfortunately, very slowly! As well as CEO of Nuix EMEA, I’m now also the Global Head of Investigations and Cybersecurity. Wearing all those hats takes up a lot of time and involves quite a bit of globe-trotting. But it doesn’t leave a lot of time for hobbies.
The Porsche is 58 years old now and even in its current state, stripped and dipped, it looks amazing and you can’t help but fall in love with it. Hopefully I’ll get it on the road before its 60th birthday!
Jim Kent is the Global Head of Investigations & Cyber Security and CEO EMEA at Nuix. Nuix develops software for indexing, searching, analyzing and extracting knowledge from unstructured data and has customers in over 30 countries, as well as staff and offices in Asia, Australia, Europe, North America and the United Kingdom.