From the 28th of September to the 2nd of October 2020, the HTCIA conference will be running online. If there are any topics you’d particularly like us to cover, or any speakers you think we should interview, please let us know in the comments.
Below is an overview of the subjects and speakers that will be featured at HTCIA.
Monday September 28th
At 1pm EDT Todd Shipley, HTCIA’s International President, will open the conference. This will be followed by Nick Pailthorpe from Uber Canada, who will talk about how law enforcement operations work at the rideshare firm.
Domingo Montanaro will then present a case study of a large-scale cyber attack against a chain of stores in Brazil. Yuri Gubanov will then take to the stage to discuss iOS Forensics, and then at 5pm attendees will be given the chance to network with sponsors, speakers and each other in the breakout rooms.
Following demos from Belkasoft and Grayshift, Keith Lockhart will describe how artificial intelligence is being used in digital forensic investigations currently, and what future developments we can anticipate. Tarah Melton will then talk about forensics in corporate cloud environments, and the final session of the day will see Chet Hosmer discussing Bluetooth Low Energy Mesh threats to to law enforcement.
Tuesday September 29th
Yuri Gubanov will kick off Tuesday’s presentations with a discussion of analyzing wifi connections. Daniel Heltemes will then talk about how facial recognition is being used by law enforcement agencies, and the importance of this for digital forensic investigations.
GPS location data is becoming increasingly important in digital forensic investigations, and this will be the topic of the next presentation, in which Ross Worden will give an “IoT primer” on the subject.
Keith Elliot will take to the stage to recommend some “cyber sleuthing” resources, followed by Kenrick Bagnall talking about SIM swap investigations, and their scope and impact.
Emerging data types in ediscovery will be the next topic of the day, after which Mary Mara and Henry McGowan will talk about whether the fourth amendment applies to drones flying over people’s houses, and what legal concepts we need to keep in mind when analysing drone data.
Anyone wishing to move into cybersecurity is encouraged to check out Jason Azzarella’s 4pm talk, ‘Hacking Your Way Into Security!’ in which he will describe some of the key concepts relevant to the field and how to start out or switch careers.
Following a networking break, Skopenow and Susteen will demo some of their solutions, and then Will Baggett will discuss the “gilded cage” of smart home devices. Brad Robin will then talk us through some modern methods of mobile device extraction, followed by Ilia Lvovski discussing the “media cache”: a hidden vault of evidence in Seagate hard drives.
Wednesday September 30th
Wednesday’s sessions will begin at 10am Sasha Sheremetov providing a deep-dive into advanced chip-off forensics. Pier Luigi Putton will then speak about cell site analysis and data validation, and then Dusan Kozusnik will pick up the theme of chip-off forensics once again with a discussion of “phone forensics to the edge of possibilities in 2020.”
Yuri Gubanov will once again take to the stage to demonstrate how to analyse USB connections, followed by Arman Gungor talking about forensic investigation of emails that have been altered on the server.
Trey Amick will talk us through some of the forensic artifacts and techniques that are essential for Mac investigations, and then Kirby Plessas will show us how to identify a fraud network from a single website or email address.
Following a networking break and sponsor demos from Belkasoft and DME Forensics, Julie Clegg will present on the topic of “Why we are losing the war against cybercrime,” looking at how law enforcement are finding it increasingly hard to keep up with criminal activities and abilities.
Brian M. Chase will return us to legal topics, with discussions of the fourth and fifth amendments and how these relate to search and seizure in the digital realm.
The final session of the day will see Andy Joyce looking at Amazon Web Services as a possible digital crime scene location.
Thursday October 1st
Steve Whalen will begin the penultimate day of the conference with a discussion of the psychology of digital forensic investigations, and what people tend to miss when focusing solely on the technical aspects.
Rob Roj will then give a Shape security presentation, followed by Eric Oldenburg introducing attendees to Griffeye Analyze DI and its capabilities.
Tobi West will take to the stage to talk about digital forensics for kids, with a focus on two initiatives that aim to help girls to get into the industry.
Rob Attoe will then talk us through some updates to Microsoft 365 and OneDrive forensics, and then Jeff Hamm will talk about the importance of critical thinking in the SOC.
The networking break and sponsor demos from Skopenow and Opentext will be followed by Andrew Fredericks’ session on common errors in interpreting video evidence. Joe Cummins will then lead a security-focused discussion about the complex problems of cybersecurity and how teams can find it difficult to mitigate against the evolving threat landscape. Vendor showcases from Belkasoft and DeSales University will round up the day.
Friday October 2nd
The final day of the conference will open with networking from 9am, followed by Jeff Shackleford who will be talking about how to create VMs from forensic images to be presented in a courtroom. John Wilson will then tackle the important but challenging topic of walking the line between privacy and security, and Julie Lewis will follow with a discussion of the kinds of digital evidence we can retrieve from smartphone apps and social networking sites.
Alex Dow will then talk about how the cloud is changing the ways businesses operate, and the importance of having a solid understanding of what data might be stored in the cloud when undertaking forensic investigations.
Ronen Engler will then discuss Checkm8 and Checkra1n, and show us how to perform full file system extractions in iOS. Chet Hosmer will once again take to the stage, this time discussing DeepFake forensics.
Keith Lockhart will present the final session of the day: “What if an app is not supported?” – an important question in an industry where things get updated at breakneck speed.
The conference will end with a final networking session and opportunities to talk to speakers and sponsors.