AGENDA, 12th of June 2019
VIEW PREVIOUS CONFERENCES
| From 11:15 | Door Opening and Registration | |||
| 11:30 - 13:00 | Lunch | |||
| 13:00 - 13:15 | Welcome & Introduction | |||
| 13:15 - 14:00 | The Trouble with Terrestrial Astronauts: Considering Digital Evidence and Privacy on an Increasingly Inter-connected Planet | |||
| 14:00 - 14:45 | Cyber-Fraud Landscape | |||
| 15:15 - 15:45 | Coffee Break | |||
| Next level investigations lab [Marie Curie] |
New corporate and legal technology [Max Planck] |
Optimizing the eDiscovery Workflow [Charles Darwin] |
Mobile and Cloud challenges [Belvoir Saal] |
|
|---|---|---|---|---|
| 15:45 - 17:15 | Physical Acquisition and Analysis of T2 Protected Macs [BlackBag] |
The Power of Combining Review and AI [Reveal] |
Interdisciplinary Projects: Effectively Combining the Technical and Legal Domains [Enquire] |
Open Source Intelligence in the Context of Police Work [Kantonspolizei Aargau] |
| 17:30 - 18:30 | Drinks & Raffle @ DIC Bar, sponsored by Ernst & Young | |||
| 18:30 - 21:30 | Dinner Party | |||
AGENDA, 13th of June 2019
| Description for 12th of June 2019 | |
|---|---|
| 13:15 - 14:00 [Belvoir Hall] |
The Trouble with Terrestrial Astronauts: Considering Digital Evidence and Privacy on an Increasingly Inter-connected Planet Speaker: Ryan Costello, Head of Data Privacy Engagement Services, ProSearch Strategies >> read more << |
| 14:00 - 14:45 [Belvoir Hall] |
Cyber-Fraud Landscape Speaker: Prof. Dr. Bruce Nikkel, Bern University of Applied Sciences >> read more << |
| 15:45 - 17:15 [Marie Curie] |
Physical Acquisition and Analysis of T2 Protected Macs Speaker: Stuart Hutchinson, Vice President, APAC & LatAm, Blackbag Technologies Session description BlackBag Technologies is proud to announce the first and only solution to produce a decrypted physical image of Apple’s latest Mac systems utilizing the T2 chip. Current logical imaging solutions, including functionality available in the previous version of BlackBag’s own MacQuisition tool, and competing solutions like Sumuri Recon and EnCase, miss critical file system information that only this new level of physical access will be able to provide. |
| 15:45 - 17:15 [Max Planck] |
The Power of Combining Review and AI Speaker: Kevin Albert, Senior Consultant & Eugene O'Neill, EVP EMEA and APAC, Reveal Data Session description The legal and compliance world are under increasing pressure to achieve greater cost predictability, which is no easy task in the era of “Big Data.” This conversation will highlight the evolution of the legal review process from traditional review, through early case assessment, to how AI is the next giant leap forward. We will delve into how leveraging artificial intelligence combined with review and human input can find evidence faster, increase efficiency, and decrease errors while reducing the overall cost exponentially. |
| 15:45 - 17:15 [Charles Darwin] |
Interdisciplinary Projects: Effectively Combining the Technical and Legal Domains Speaker: Louise Dräyer-de Moor, Project Manager, Swiss FTS AG & Nadine Studer, Senior Legal Counsel, ENQUIRE Rechtsanwälte AG Session description When the news headlines report corruption or money laundering scandals, the company concerned - or the supervisory authority – needs to determine the facts of the situation in a very short timeframe: Who communicated with whom? What was the timeline of events? Who had access to what information, and whom was it shared with? For which of the thousands of financial transactions is there no plausible explanation? Which one is a bribe payment? Were employees or managers involved in any criminal activities? What evidence do we have? Senior Management, Board Members and the General Counsel of a company confronted with such allegations want to gain an overview of the situation as soon as possible in order to obtain a basis for the decision on further action. Faced with huge data volumes, time pressure and limited resources, an interdisciplinary team composed of both lawyers and IT forensic experts is best suited to plan and conduct such an investigation and to deliver reliable results – if they are speaking the same language, understand the respective needs and cooperate well. This talk will demonstrate – based on an example project – how this cooperation can work effectively. |
| 15:45 - 17:15 [Belvoir Saal] |
Open Source Intelligence in the Context of Police Work Speaker: Darja-Anna Yurovsky & Bernhard Droz, Kantonspolizei Aargau Session description In the last few years, the Art of Open Source Intelligence (OSINT) became a crucial skill in the contemporary police work. The online communication, self-representation, and presence – in short, the life of many people and their interests - on the internet became an inexhaustible source to investigate and generate additonal knowledge to solve a crime. In this presentation you will get an insight into the basic concepts of OSINT from the perspective of the police. |
| Description for 13th of June 2019 | |
|---|---|
| 09:10 - 09:55 [Belvoir Hall] |
The Legal 101 of Digital Investigations Speaker: David Rosenthal, Counsel, Homburger AG >> read more << |
| 10:15 - 11:00 [Marie Curie] |
Scaling a virtualised Nuix architecture Speaker: Nathan Coutts, Manager, DFNet Design Team, National Crime Agency Session description In order centralise and scale their digital forensics investigations, the UK National Crime Agency adopted Nuix as its primary DF tool. This talk will outline how the NCA went from desktop DF workstations, to a server-based system and then to a fully virtualised DF system operating at a national level. |
| 10:15 - 11:00 [Max Planck] |
Short Message Discovery: Regulatory and Compliance Workflows in RelativityOne Speaker: Clare Longworth, Solutions Specialist, Relativity Session description Short message communication has become as ubiquitous as email in our day-to-day activities. Organisations and individuals will often use at least two or more messaging applications. It's no longer enough to just review emails and eDocs and call it a day. In this session, you'll see an overview of RelativityOne's short message features and get a preview of the product roadmap. We'll also walk through simple use cases to help you deal with regulatory and compliance requirements and provide ideas you can implement right away in your day-to-day use of RelativityOne. |
| 10:15 - 11:00 [Charles Darwin] |
Advanced Deduplication: Beyond Digital Fingerprints Speaker: Irène Wilson, Director, Swiss FTS AG Session description In the physical world biological twins don’t share the same fingerprints, a trait which is also reflected in the digital world where the same information can have different hash values. The challenge is to create a robust, reproducible, and reliable process to identify duplicate data, while keeping in mind the logistical implications for the project. Discover how to save time and money by using powerful tools and creative workflows to de-duplicate your data in real-world complex scenarios. |
| 10:15 - 11:00 [Belvoir Saal] |
Forensics acquisition of websites and mobile with FAW and FAS Speaker: Davide Bassani, Digital Forensics expert & Matteo Zavattari, Project manager, Envolve Forensics Session description The seminar provides technical / legal content to acquire and certify web pages and screenshots of mobile devices. The seminar explains in simple and understandable language, even to users without technical skills, how to acquire web pages and any information present on mobile devices giving a certain probative value. The seminar examines the use of FAW software, the first forensic browser capable of acquiring Web pages in a very simple and fast way and of the FAS App (forensics acquisition of screenshot). |
| 11:15 - 12:00 [Marie Curie] |
NIMBUS - Integrated Case Management & Digital Forensic/eDiscovery Automation Solution Speaker: Carl Barron, Head of Technology & Innovation, BlackRainbow Session description An interactive look at NIMBUS. Nimbus can be used to track all your case work (including exhibit chain of custody, locations, notes and person information) as well as standardise and automate any Digital Forensic/eDiscovery process. |
| 11:15 - 12:00 [Max Planck] |
The Unified Single Agent Speaker: Karen Hansen, Account Executive & Ashley Page, Solutions Consultants, OpenText Session description Digital forensic, e-discovery, Endpoint Security, EDR, GDPR-issues and much more with one single agent. Intelligent Architecture. Structuring security in networks with 800.000 endpoints and more. |
| 11:15 - 12:00 [Charles Darwin] |
Casting Light on the Issue of Mass Redactions Speaker: Rafael Aggeler, IT Forensic & Security Expert, Swiss FTS Session description Even before GDPR, privacy and its protection has been a key requirement for Switzerland and Europe. Due to various legal and regulatory requirements, documents containing private information must sometimes be disclosed, and in order to ensure the privacy rights of the parties involved documents are often redacted. Doing this manually for larger document collections is resource intensive and costs tend to skyrocket, which calls for innovative approaches and technologies. In this session, SFTS will show how redactions can be applied and managed easily using modern technology for assisted redacting to overcome the challenges of mass redactions. |
| 11:15 - 12:00 [Belvoir Saal] |
WhatsApp Forensics - Advanced methods of extraction and decryption Speaker: Tanya Pankova, Senior Marketing Manager, Oxygen Forensics Session description WhatsApp is without doubt the most popular messenger in the world with over 1.5 billion users globally. Thus, extracting complete evidence from WhatsApp Messenger is essential for any investigation. In this session, we will look into all possible sources where WhatsApp data might be stored (mobile devices, computers, cloud) and present our exclusive method of WhatsApp data extraction directly from the WhatsApp Server. Moreover, we will guide you through the process of WhatsApp backups decryption offering the alternative method, not incorporated in other forensic software. Finally, we will explain how to extract WhatsApp data from a locked mobile device using a WhatsApp QR token from a PC. |
| 13:30 - 14:15 [Marie Curie] |
Learn how Digital Intelligence/ Analytics can accelerate your investigation work Speaker: Martin Pfeiffer, Sales Engineer Forensics & Peter Zontek, Senior Sales Director EMEA, Cellebrite Session description Cellebrite’s Analytics Enterprise is designed to increase the impact of digital forensic data, empowering agencies to become more productive, efficient and successful – all while managing digital data. Digital data has an important and almost existential place in peoples’ everyday lives. Consequently, digital data is an important cornerstone of any investigation. Due to the complexities inherent in analyzing digital data, most agencies are not truly benefiting from the full impact of the wealth of digital forensic data that was already collected – and is readily available. While digital data will continue to be a forensic specialist field in the area of acquisition and extraction, Analytics Enterprise provides data consumers with a tool for quicker and deeper analysis – where each event maintains a direct link to the evidence sources. The key component of Analytics Enterprise may be summarized in one word: accessibility. Analytics Enterprise enables you to: Simplify complex analysis tasks and make case resolution as easy as clicking a button. Share data among multiple agents to collaboratively accelerate investigations. Centrally manage your digital data to reduce risk and minimize storage requirements. |
| 13:30 - 14:15 [Max Planck] |
Nuix Ringtail: End-to-end discovery without compromise Speaker: Christina Mather, Solutions Consultant, Nuix Session description Nuix Ringtail is designed to reduce the complexity and workload associated with early case assessment, investigations and document review. No matter your "big content" challenges, Ringtail’s visual analytics will provide you with a unique and revealing view into the data. Join our Ringtail experts to see how Nuix and Ringtail can give you an amazingly fast, comprehensive way to get the right documents to attorneys and help legal teams win. |
| 13:30 - 14:15 [Charles Darwin] |
Contract Analytics in eDiscovery Speaker: Adrian Ott, Head of eDiscovery Switzerland, EY Session description Every now and then you come across a large amount of similar documents during a review. A prominent Example is a set of Contracts where all the interesting information like the counterparty or certain clauses are not stored in a structured database but buried somewhere in the unstructured document. Because these contracts are often quite different or have changed over time, there is often no other way than to manually review all the documents and writing down the necessary information to create a database that can be searched and filtered. In this workshop we show you the latest technologies when it comes to extracting Information out of unstructured documents automatically based on different machine learning methodologies and we provide an outlook on how eDiscovery reviews and remediation processes can benefit from smart document analytics. |
| 13:30 - 14:15 [Belvoir Saal] |
Managing the Complexities of Large File Transfers Speaker: Mattias Aggeler, Partner at Swiss FTS AG Session description Companies transfer increasing volumes of confidential data, with security often being sacrificed for the sake of convenience and ease of use due to the lack of effective and user-friendly tools. Available cloud solutions leave you uncertain about the location and security of your data, and in the realm of digital investigation security, traceability and auditability are critical to success. Swiss FTS will demonstrate its approach to these challenges and provide solutions that you can use in your company. |
| 14:30 - 15:15 [Marie Curie] |
Piecing the Story Together: Correlating Operating System, Memory, and Other Artifacts in your Forensic Examinations Speaker: Marco Klockenkämper, Sales Engineer, Magnet Forensics Session description Learn how to correlate different artifacts with each other and see the connections that occur between artifacts and pieces of evidence data. See how users interact with their content by replicating the data’s journey and learn ways you may be able to correlate activity when the files are no longer present on a system. Join Marco Klockenkämper, Sales Engineer at Magnet Forensics, to look at activity correlations not only on PCs, but across multiple types of evidence including computer, mobile devices, memory dumps, external media, and cloud. |
| 14:30 - 15:15 [Max Planck] |
Answering the six traditional investigation questions with Nuix Speaker: Mark McCluskie, Head of Investigations, EMEA, Nuix Session description Drawing on his experience as a cybercrime investigator for the Police Service of Northern Ireland, Mark will explore the impact and challenges associated with answering the six big investigation questions, in the context of today’s technology-driven investigative landscape, and how Nuix can help transform traditional digital forensic workflows and investigative strategies to future proof your investigation capabilities. |
| 14:30 - 15:15 [Charles Darwin] |
Adding Scalpel-like Precision to Relativity Speaker: Mattias Aggeler, Partner at Swiss FTS AG Session description Nearly all eDiscovery review tools apply relevancy tags and comments at a document level. This low level of precision is regularly frustrating for reviewers, whose review process could be made more effective by being able to highlight and mark specific sentences or paragraphs with annotations. Illuminate solves this problem in Relativity, giving reviewers the ability to mark and comment on granular blocks such as pages, paragraphs and single phrases instead of entire documents only. We will walk through a real world example using Illuminate and show how it helps to save time and increase efficiency in your reviews. |
| 14:30 - 15:15 [Belvoir Saal] |
Accessing Apple and Google cloud accounts to get real-time evidence: from passwords to conversations, from locations to documents Speaker: Vladimir Katalov, CEO, Elcomsoft Session description Smartphones becomes for and more secure with every new model and software update; at the same time, consumers (and especially criminals) learns more about security and protect their devices at the highest possible level, so even traditional logical acquisition is often not possible. But cloud acquisition to the rescue – in many cases you can get even more than from the device itself. Cloud data is not limited to well-known backups (that are extremely hard to obtain nowadays), but also includes tons of real-time data. Some categories are easier to download than other, and there are ones that look like totally impossible to get, such as iCloud Keychain and Health data – even Apple itself cannot provide them by Government Information Requests, as they cannot decrypt. Still, you can do that, if you have the proper tools. |
| 15:45 - 16:30 [Marie Curie] |
Passware beginners training and best practices Speaker: Toni Pärn, Director of Sales, Passware Session description Please bring your computer! If you do not have Passware, please ask a trial license from Passware booth (or toni@passware.com). We will be doing practical examples and different kind of attacks towards encrypted files. |
| 15:45 - 16:30 [Max Planck] |
Cyber Attack Simulation: Hacking a Website Speaker: Moritz Schneider, Senior Consultant Cyber Incident Response, EY Session description SQL injection is one of the biggest threats to web application security. Attackers can use SQL Injection vulnerabilities to bypass application security measures. They can go around authentication and authorization of a web page or web application and retrieve the content of the entire SQL database. Following a gentle introduction to the subject, in this session we will perform a live SQL injection and discuss how we can protect ourselves from such an attack. |
| 15:45 - 16:30 [Charles Darwin] |
Privacy Review: Use Cases and Efficient Approaches Speaker: Christian Zeunert, Managing Director eDiscoveryMinds / Founder & President SeDIV Session description The identification of different categories and appearances of personal data in communication and other data is often performed in a burdensome, highly manual process. In particular private communication, sensitive personal data as well as directly or indirectly identifying client data is hard to detect. However, the identification may be required to enable the disclosure of documents in use cases such as litigation, investigations, subject access requests or in the M&A context. This session explores the context and issues of personal data detection and approaches to minimize the burden. |
| 15:45 - 16:30 [Belvoir Saal] |
Navigating the GDPR in the Context of Cross-border Discovery Speaker: Ryan Costello, Head of Data Privacy Engagement Services, ProSearch Strategies Session description The evolving nature of data protection law across the globe, including the implementation of the EU’s General Data Protection Regulation, has had clear implications for cross-border discovery operations. While a break from previous discovery processes and a new set of best practices is surely required, the path forward has been beset by uncertainty due to regulatory enforcement risks, minimal regulatory guidance, and little applicable case law. Oh, and don’t forget the royal mess of Brexit. This session will provide attendees with an in-depth look at some of the key components of the GDPR in the eDiscovery context. We’ll consider some threshold questions, debate best practices, and shed some light on how best to facilitate the free flow of data while ALSO ensuring a high level of protection of personal data that’ll keep even the most voracious regulators at bay. |
Back to top Conference Archives Digital Investigations Conference 2018 Digital Investigations Conference 2017 Digital Investigations Conference 2016 Digital Investigations Conference 2015 Digital Investigations Conference 2014 Digital Investigations Conference 2013