Val-Pierre Genton is an experienced specialist within the field of B2B Internet. Val-Pierre has an established and recognised background in Business-to-Business Strategic Marketing, Business Development and Research & Development within the fields of conferences, publishing and vortals (vertical portals). After a string of appointments in middle- and senior management with companies such as Reuters, the IIR (International Institute of Research) and Reed Business Information, he co-founded Smart Media Group Ltd in 1999 and has grown the company to one of the world's leading B2B New Media companies. The company is internationally renowned for its clear, user-friendly and cutting edge industry Web sites, as well as their objective, professional content. In 2003, the company was renamed to e-symposium Ltd, changing from a corporate to a product & service-centric strategy.

Val-Pierre Genton is the founder of the e-symposium concept, a revolutionary format designed to create one-stop shop Web Sites for niche industries by supplying unique web conferences, cutting edge industry coverage and interactive supplier profiles to the sector's community. This innovative formula facilitates industry intelligence gathering and stimulates knowledge sharing amongst industry professionals. The e-symposium concept has attracted international interest and acclaim from industry. Val-Pierre Genton is a member of the Internet Society, a member of the Interactive Advertising Bureau, a member of the Institute of Directors and he is also on the advisory council of numerous communication and Internet committees. He is in demand as a speaker and is a regular writer for numerous newsletters and industry publications on topics surrounding the business-to-business new media landscape.

Knowledge Sharing is Key in the fight against cybercrime. This is the theme of the 1st International Digital Evidence Web Conference. The keynote opening will look at the role which the DIGEV Web Conferences will play in surmounting the challenges of global knowledge exchange. The presentation will also look at the status quo of the digital evidence sector and the areas which need to be stimulated and nurtured. In this context, the keynote will close on how DIGEV will contribute to continued development in the fields of computer forensics and digital evidence.

Sean joined the Hong Kong Police Force in 1996. He is currently in charge of the Technology Crime Prevention Unit, the team responsible for formulating technology crime prevention plans and implementing various prevention programmes. You may have already seen him on the RTHK TV series “Forensics Special”. Prior to joining the Technology Crime Division, he headed an investigation team in the Commercial Crime Bureau, tackling various types of business fraud. In addition to his work in field of Technology Crime, Sean is also a Police Negotiator, dealing with in a number of crisis situation such as attempted suicide and hostage taking.

Sean has a MBA and a MSc in Information Systems Management from the Hong Kong University of Science and Technology. His research interests are telecommunications, cyber crime legislations, social engineering and negotiation. He is also the President of HKUST Alumni Association and Co-Chairperson of the charity Friends Unlimited.

Computer crime has been referred mainly as to either hacking or traditional crimes now using the computer. This is a very true description. Nevertheless, having computer nowadays basically linked together globally by the Internet, new crime with a global feature comes in.

Child Pornography belongs to the traditional crime now transacted through the information superhighway. Whereas bogus websites do not exist in the old days.

The question is, given their global nature, how to police it?

Collins LEUNG, currently is the Acting Chief Inspector of Police in Technology Crime Division, Commercial Crime Bureau, Hong Kong Police. His major duties include managing the computer forensics laboratory and the technology crime initial response cadre (TCIRC). He is also responsible for computer forensics examination, training, research and scene of crime handling involving digital evidence.

Collins has a wide exposure to the investigation of technology crimes and using computer forensics techniques to retrieve digital evidence. He has over 15 years of service in the Hong Kong Police. For the past 8 years, he has anchored himself in the computer forensics field. He was specially trained in the University of Hong Kong, the Hong Kong University of Science and Technology, and the Chinese University of Hong Kong. In addition, he had attended various overseas training in computer forensics (such as the Royal Canadian Mounted Police - RCMP) and represented the Hong Kong Police to attend a number of overseas seminars on computer security and forensics.

He was one of the speakers in the Third Interpol Asia-South Pacific Working Party on Information Technology Crime in 2001. He was also invited to speak in the CIO & CEO Conference 2001 on ‘Building a corporate information protection strategy – a perspective by ISFS’.

At present, Collins is one of the Founding Members of the Information Security and Forensics Society (ISFS). Since year 2002, he has been elected as the Executive Director of the International Organization on Computer Evidence (IOCE).

Collins is interested not only in computer forensics, but also in computer hacking, computer/network security, incident response and intrusion detection.

tbc

Svein Y. Willassen is the Investigation Manager for Ibas Computer Forensics in Scandinavia. He has more than 10 years of experience managing security related incidents and computer investigations.

Svein has an M.Sc in Information Security from the Norwegian University of Technology and Science. He mastered in security in computer networks and mobile applications.

Svein has been involved in numerous international projects in the field of computer forensics. Through his assignment in the Interpol European Working Party for Information Technology Crime he was a contributing author to the Interpol Computer Crime Manual. He also participated in the standardization of guidelines for computer forensics by the International Organisation on Computer Evidence.

Through collaboration with the data recovery laboratory in Ibas, Svein has achieved substantial results within research in new applications in computer forensics, such as recovery of deleted material in mobile telephones and digital copiers.

Svein has conducted a large number of computer forensic investigations in Scandinavia. He has successfully completed a number of investigations for a wide variety of customers addressing computer intrusion, computer misuse, fraud and commercial espionage.

Many modern digital copiers store copied and printed information on internal hard drives. Such information may have value as evidence. In order to test the possiblities for evidence extraction from copiers, two digital copiers containing hard drives were dismantled and forensically analyzed. The analysis shows that it is possible to retrieve exact copies of documents that has previously been copied and/or printed on digital copiers. The analysis method was evaluated and found to be applicable on most digital copiers containing hard drives, unless special precautions have been taken to protect the stored material. The ability to retrieve documents that have previously been printed or copied on digital copiers is valuable within forensics, but also raises new questions within information security.

Peter Sommer is Senior Research Fellow and has been at the CSRC since 1994. His main research interest is the reliability of digital evidence, a subject which encompasses forensic computing and e-commerce. Together with James Backhouse he has developed the LSE’s social-science orientated courses on information security management. In the last Parliament he was Specialist Advisor to the Commons Trade & Industry Select Committee while it scrutinised UK policy and legislation on e-commerce.
Recent research contracts have been carried out for the UK Financial Services Authority and the European Commission’s Safer Internet Action Plan. He is an external examiner at the Royal Military College of Science, Shrivenham, and an advisor on a number of law enforcement and other committees concerned with cyber-crime and resilience. He is on the Advisory Council of the Foundation for Information Policy Research. He continues to act as an expert witness in a large number of important criminal and civil cases involving digital evidence and complex computer systems.

The most serious challenge to any investigation in which digital evidence is important will come from the scrutiny of experts hired by the defence. What are the current and emerging issues? Formal role of defence expert: adversarial and inquisitorial criminal procedures; duty to court / duty to instructing lawyer / duty to defendant. UK system contrasted with other jurisdictions Defence starts from precise charges, tested against precise evidence and current state of law - does not carry out any additional investigations Stages of instruction: due diligence exercise on prosecution work / testing of claims made by defendant / explanations to instructing lawyer so that advice may be given to client / production of witness statements / giving evidence under oath Defence expert may: dispute whole basis of case or only part thereof / test claims for damage or seriousness / produce mitigation arguments Defence expert relationships with prosecution experts Problems of "difficult" technical arguments before lay court - possibilities of agreements with prosecution Testing of novel scientific and technical evidence (US Daubert approach compared with UK and continental Europe) Disclosure of Forensic methodology: clash between need for fair trial and avoidance of undue publicity for law enforcement techniques; problems of preserving IP of vendors.

Robin Urry is with the Institute for the Protection and Security of the Citizen at the European Commission’s Joint Research Centre (JRC). He is well known for his leading role in the Cyber Tools On-Line Search for Evidence (CTOSE) project. The EU Cyber Tools On-Line Search for Evidence (CTOSE) project helps identify, secure, integrate and present electronic evidence on on-line criminal offences. It meets the challenge of clearly establishing what happens during an e-crime, or even a simple on-line transaction. The new approach developed in this project enables investigators to use “computer forensic tools” to gather evidence which will stand up in court or tribunal proceedings throughout Europe. EU researchers, in co-operation with European computer and security specialists, have developed new standardised procedures for this purpose.

CTOSE Abstract E-crime is costing organisations at least $3 billion and society $30 billion per year, and experts agree that it is increasing fast! Indeed we are becoming increasingly dependent on the use of computing and technology in our daily activities and our lives. Therefore, we are all potentially under threat from various forms of computer based crime! We can protect and limit the type, scale and scope of the attack and e-crime; however, we must accept that it is not realistic to believe we can eradicate all such crimes completely. And when such crime occurs, we must have the means to demonstrate to the satisfaction of a criminal court, if need be exactly what occurred. The CTOSE Foundation offers tools and processes for use both before and after an internal or external criminal attack / e-crime. The CTOSE Foundation offers tools and processes which gather information and evidence to protect against e-crime. Technology alone will not protect against the many types of e-crime attacks. It is essential that all staff have recognised procedures to follow before and during an attack, and that the necessary processes to gather the e-evidence are in place. All staff must be familiar with the necessary processes. This will help reduce the cost and disruption to an organisation and ensure that the electronic evidence is acceptable and admissible in future proceedings. Following the work of the Basel Committee on Banking Supervision (Basel 2) there are now clear guidelines and directions for the banking industry to follow to prevent and to gather electronic evidence of attacks on the bank s systems and e-banking operation. The Basel 2 group states that the banks should develop; A process for the collection and preserving forensic evidence to facilitate appropriate post-mortem reviews of any e-banking incidents as well as to assist in the prosecution of attackers During the development of the CTOSE deliverables the project team were directed and reviewed by over sixty experts from all industry sectors and functions, from the banks were members of RBS and ABN-AMRO banks. Following the successful completion of the project the experts expressed the desire for this team to continue to develop it work and highlighted the need for the deliverables to be converted to services and standards produced and maintained via an independent foundation. The CTOSE Foundation is a non-profit organisation dedicated to protecting society from computer based high - tech and cyber - crime activities, by working in partnership with its members and other organisations in the field of electronic evidence. The Primary Aims of the CTOSE Foundation are: To promote a common procedure to gather, analyse, secure store and present all types of electronic evidence. To assess the state of art in digital investigations and evidence gathering. To establish a common dialogue between companies and law enforcement on computer based crime and digital evidence. To safeguard the integrity of the CTOSE Methodology. To manage the roll out of the CTOSE Methodology into the public domain.

Dara Sewell is the Chief Digital Evidence Forensics Unit at the Federal Bureau of Investigation and the Chair of the Scientific Working Group for Digital Evidence (SWGDE). Early this year, Sewell became unit chief for the digital evidence forensics unit at the Federal Bureau of Investigation (FBI, Washington, DC). She supervises the work of forensic examiners in all FBI divisions throughout the U.S., working out of two offices, one at FBI HQ (Washington, DC) and the other at the FBI engineering research facility (Quantico, VA). Sewell joined the FBI as a special agent in 1996, with the idea of working her way into the technical area. She had a 1992 dual degree in EE and ME from the University of Maryland. Dara Sewell's initially gained her experience at the defense division of Westinghouse in Linthicum, MD, near Baltimore-Washington International airport. Most of her work at Westinghouse was electrical - digital-related jobs like laying out circuit boards and designing test boxes. She worked on radar systems including F16, B1B and AWACS. Eventually she was managing production of transmitters for the F16 radar. In 1996, she was assigned, as a new special agent, to an FBI office in West Virginia. Then in 1998 she moved to Pittsburgh and got involved with the federally funded Computer Emergency Response Team (CERT), working at the team's HQ at the Software Engineering Institute at Carnegie-Mellon University. She worked on computer-related investigations as well as digital forensic examinations in which she actually processed digital media. Her next post brought her to Washington, DC HQ as a supervisory special agent of the FBI Computer Analysis Response Team.

The Computer Forensic Community is composed of a diverse, and widespread group of professionals with varied levels of training, experience, and skill-sets, which use both commercial and custom tools to process digital evidence in legal matters. In order to reach a consensus of opinion as to a reasonable baseline of standards needed by the computer forensic practitioners, one must take into account many factors to include but not limited to legal precedence, varied skill-sets, tool availability and good practice. The complexity of establishing standards is further magnified when one considers that for many years there have been NO established baseline of standards and practices in this venue. The objective of this presentation is to shed light on how and why standards are both required and necessary in the evolving science of Computer Forensics.

Christopher M.E. Painter is a Deputy Chief of the Computer Crime and Intellectual Property Section at the Department of Justice. In that position he supervises the Section's case and policy efforts concerning computer network intrusions, intellectual property matters, legislative and other issues. From 1991 to March 2000, Mr. Painter was a criminal prosecutor in the U.S. Attorney's Office for the Central District of California (Los Angeles). During his tenure in Los Angeles, Mr. Painter specialized in the investigation and prosecution of high-tech, intellectual property and computer crimes and served as a Computer Crime and Internet Fraud Coordinator for his office.

Mr. Painter has investigated and prosecuted some of the most significant and high profile high-tech cases in the country, including the prosecution of notorious computer hacker Kevin Mitnick, the investigation of the February 2000 distributed denial of service attacks, the prosecution of the first Internet stock manipulation case-involving the posting of a bogus Bloomberg News page falsely reporting the sale of a company called PairGain that caused its stock to soar, the prosecution of former and present UCLA students who hyped stocks on Yahoo! and Raging Bull by posting false spam messages from public computers at UCLA, the prosecution of significant software piracy cases and the prosecution of one of the first Internet auction fraud cases.

Mr. Painter serves on several Department of Justice and interagency working groups relating to computer hackers, Internet fraud investigations and prosecutions, electronic evidence, intellectual property crimes, and thefts of trade secrets. He is also co-chair of an ABA White Collar Crime Subcommittee on Computer Crime and Chair of the G8 High-Tech Crime Subgroup. In addition, he has lectured extensively and has appeared on 60 Minutes, CNN, CBS Morning News, the BBC and has testified before Congress concerning computer crime issues.

Mr. Painter attended Cornell University, graduating with a B.A. in 1980, and Stanford Law School, receiving a J.D. in 1984. Mr. Painter was a Senior Editor of the Stanford Law Review and graduated Order of the Coif. He subsequently clerked for the Honorable Betty Fletcher of the U.S. Court of Appeals for the Ninth Circuit before practicing law at the Washington, D.C., law firm of Arnold and Porter.

The presentation will concern the international efforts underway to combat cybercrime (computer intrusions, viruses and worms), including work in the G8 (presenter is Chair of the High Tech Subgroup); APEC, the OAS and others. The presentation will discuss both operational cooperation and policy issues like the need to strengthen legal regimes and the need to work with private sector victims and will discuss both what is being dome within the US and on the international stage.

Pamela King has been performing computer forensic examinations in law enforcement for 14 years. She has been a member of IACIS since 1993 and now serves as IACIS on the board of directors as Vice President.

Pamela King is well known within the computer forensic community and has been one of the driving forces behind the sector's development in the US.

This presentation will explore the role of IACIS in the global regulation of industry standards. I will look at the IACIS history to date and look at the official IACIS certifications (CEECS and CFCE).

Mr. William C. Boni has spent his entire professional career as an information protection specialist and has assisted major organization's in both the public and private sectors. For more than 20 years Bill has helped a variety of organizations design and implement cost-effective programs to protect both tangible and intangible assets. In a wide range of assignments Bill has assisted clients in safeguarding their digital assets, especially their key intellectual property, against the many threats arising from the global Internet. In addition, he has pioneered the innovative application of emerging technologies including computer forensics, intrusion detection and others, to deal with incidents directed against electronic business systems.

Bill has served as a consultant in several professional service organizations and now works as the Director of Motorola Information Protection Services. He is responsible for the company's overall program to protect critical digital proprietary information, intellectual property and trade secrets. He also directs the people, processes and technology programs that safeguard the company's global network, computer systems and electronic business initiatives.

Bill has been quoted by leading print publications such as the Wall Street Journal, US News & World Report and the LA Times. He has also appeared on many network broadcasts including Prime Time Live, CNN and CNN/fn discussing espionage and cyber crimes directed against American high technology corporations. Other assignments in his distinguished career include work as a U.S. Army counter-intelligence officer; Federal agent and investigator; investigator and security consultant; Vice President of Information Security for First Interstate Bank; and project security officer for "Star Wars" programs and other defense work with Hughes Aircraft Company and Rockwell.

Professional Associations
Bill is the chairman of the American Society of Industrial Security (ASIS) Council on Safeguarding Proprietary Information http://www.asisonline.org/safeguarding.html and he co-authored the 1999 ASIS-PwC report on "Loss of Proprietary Information". He chaired the 1999 Information Systems Audit and Control Association annual conference on Computer Audit and Security. Bill is on the Board of Directors of the international Society for the of Policing Cyberspace and an industry delegate to the National Cyber crime Training Partnership (NCTP) and to the G-8 Cyber crime Task Force, both sponsored by the U.S. Department of Justice.

Professional Publications

He is co-author of "I-Way Robbery: Crime on the Internet", and "High Tech Investigator's Handbook: Working in the Global Environment" published by Butterworth-Heinemann (www.bh.com) in 1999. His most recent book "Netspionage: The Global Threat to Information" was released in September 2000.

In this session we will review the many information security challenges that must be addressed by global multinational organizations. The essential role of security safeguards, how they must be managed to create a responsible degree of protection against the depredations of cyber criminals will be discussed. The respective roles and responsibilities of private and public sector resources in addressing the increasing incidence of cyber crime will also be explored. We will outline a framework that may be used to organize the overall protection program and assure that most significant risks to an organization are prioritized,identified, and addressed.

Warren is the coauthor of “Computer Forensics: Incident Response Essentials”, published by Addison Wesley. Warren has extensive experience in computer forensic cases involving some of the largest law firms and corporations in the world. He has conducted forensics globally in support of numerous cases.. He is a frequent media commentator and lecturer on computer forensics, incident response, and cybercrime.

Warren was awarded the High Tech Crime Investigation Association's (HTCIA) "Case of the Year" award. He is an IACIS Certified Forensic Computer Examiner (CFCE) and a (ISC)2 Certified Information Systems Security Professional (CISSP).

He is a member of numerous government-sponsored initiatives, including co-chair of the National Cybercrime Training Partnership and member of the New York and European Electronic Crimes Task Forces of the U.S. Secret Service. Warren is the 2004 HTCIA International Executive Committee's 1st Vice President.

Warren previous experience includes being Investigations Manager, Cyber Investigations and Forensics, for Lucent Technologies. Warren was also a sworn Police Officer in New Jersey.

He has taught computer forensics at the SANS Institute, MIS Institute and currently instructor of the hands-on Computer Forensic Bootcamp at Intenseschool. Warren also teaches Advanced Internet Investigations at SEARCH, and Incident Response at the Federal Law Enforcement Training Center (FLETC). He has been interviewed as an expert on several articles that have appeared in InfoWorld, CNN, and others. Warren recently appeared as a "cybercrime expert" on TechTV.

tbc

Tony Dearsley is one of Vogon's three leading Forensic Consultants. Tony originated from HM Customs & Excise where his 24 year career included VAT Audit, 15 years investigating VAT, Drug Smuggling and Bootlegging offences. Tony was involved for the last 7 years in the forensic examination of computers within the National Investigation Service.

tbc

Setec Investigations provides world class expertise in efficiently and effectively identifying, preserving, retrieving, and analyzing electronic information in support of a forensic investigation or ongoing litigation.

Setec Investigations is on the cutting edge of forensic technology and provides corporations, law firms, government agencies, and regulators specialized tools and extensive processes unmatched by our competition.

Setec Investigations is a subsidiary of Setec Security, a leading independent provider of vendor neutral information security solutions, incorporating a cross-disciplinary team comprised of computer forensic investigators, attorneys, law enforcement specialists, and seasoned business professionals who have established a proven track record of success since 1997.

Maintaining offices and forensic laboratories strategically positioned throughout North America, Setec Investigations is committed to providing intelligent, effective, and forensically sound computer investigative and litigation support solutions.

As organizations rely more heavily on technology-based methods of communication, many corporations and legal professionals are increasingly looking to computer forensics for the recovery of electronic information. Computer forensics can be utilized as a means to combat corporate fraud, investigate theft of trade secrets, monitor employee misconduct or malfeasance, and support a broad range of criminal and civil litigations.

Courts are recognizing and accepting the high level of discoverability associated with technology-based communication and documents, and lawyers are hiring computer forensic consultants and experts to recover electronic documents that users have attempted to dispose of or destroy. Therefore, computer forensics and electronic discovery have become critical components to augment and support attorneys in the identification of electronic evidence, development of case strategy, and response to discovery requests for electronic data.

Carrie Morgan Whitcomb is the Director of the National Center for Forensic Science (NCFS) at UCF. She is the Executive Secretary of the Scientific Working Group on Digital Evidence (SWGDE). She has been a Federal Crime Laboratory Director in Washington DC and a forensic scientist since 1969.

Carrie Whitcomb's first brush with Digital Evidence came in 1988 when she a computer was submitted to the Postal Inspection Service Headquarters Crime Laboratory. As Director of the laboratory and she began researching how to deal with the forensic aspects of digital evidence stored on computers. In 1995, Carrie Whitcomb established the computer forensic capabilities at the Postal Inspection Service Forensic Laboratory, Dulles Virginia and field response teams across the US and attended the IOCE meeting in Baltimore, MD that same year.

In 1998, she proposed to the Federal Crime Laboratory Directors in Washington, DC, the concept of Digital Evidence, which would include computer evidence, digital audio and digital video evidence. In 1998, Carrie Whitcomb became the first Co-Chair of Scientific Working Group for Digital Evidence (SWGDE), which is supported by the FBI. SWGDE Chair, Mark Pollitt, was Chief of the FBI Computer Analysis and Response Team (CART) and remained as Chair until 2003. In 1999, she took up the position of Director of the National Center for Forensic Science at the at UCF and expanded its mission of NCFS to include Digital Evidence.

In 2000, Carrie Whitcomb developed a Graduate Certificate in Computer Forensics at UCF and was named named Chair of the Industry and Academia Portfolio of the National Cybercrime Training Partnership (NCTP). Since 2002, she has also been named to the Editorial Board of the International Journal for Digital Evidence and Co-Chair of the NIJ Cybercrime Committee on Standards and Certification.

Carrie Whitcomb is also a sough-after speaker on the international conference circuit.

tbc

Troy Larson is a well-known forensics expert. He has taught computer forensics to investigators at Ernst & Young when he was the Western States Area Leader for Computer Forensics Services. He has presented at many information technology conferences worldwide and is frequently called upon to provide expert testimony in civil and criminal cases. Troy focuses primarily on electronic evidence and legal support matters, as well as research and development of advanced forensic computing and investigative techniques and training. He specializes in assisting attorneys handle electronic evidence throughout all facets of litigation, including discovery and expert testimony. He is also a frequent speaker to attorney information systems, and information security groups on issues related to electronic evidence and forensic computing. Mr. Larson is an active member of the Washington State Bar. He received his undergraduate and law degrees from the University of California at Berkeley.

tbc

Peter Yapp joined Control Risks Group in 2000 after their acquisition of Network Forensics. He took up his current post as Deputy Director in Network Forensics incorporating audio, video, computer evidence and investigation, fingerprint and questioned document services, in March 2002. Since joining Network Forensics in 1998, he has specialised in managing and conducting sensitive and technically challenging computer investigations and carrying out IT security (and ISO7799) reviews for blue chip companies and financial institutions.

Prior to joining Network Forensics in 1998 Peter served for 15 years with HM Customs & Excise, his career culminating in the position of Senior Investigation Officer, National Investigation Service, High Tech Crime Team. Starting in October 1992, Peter was responsible for building and managing a team of 10 investigators within the computer evidence field. Working on a variety of fraud cases including VAT and bootlegging, Peter gained experience of working jointly with the Serious Fraud Office and Police. Peter also managed the National Investigation Service IT support team of 15 providing support and security advice to 1200 Investigators based at five major sites around the country and 35 sites around the world.

Peter is a member of the Fraud Advisory Panel’s cybercrime working group. While with Customs he was Chairman of the Joint Agency Forensic Computing Group, a member of the UK delegation to the G8 sub group on High Tech Crime, and a member of the International Organisation of Computer Evidence. He has lectured and trained extensively around the world on a wide range of subjects including information security, computer evidence, and investigating computer fraud and Internet crime. He has had numerous articles published in a wide variety of publications. In addition, he has contributed to radio and television programmes on these subjects. He has appeared as an expert witness on a number of occasions, receiving judicial commendation for the high standard of his presentation of fraud work in Court.

What do you do when presented with a crisis? What sort of crisis might that be? How can securing and analysing electronic evidence help? Take some steps through a hack and see what aspects are important and why.