Mike Andrew | David Matthews

Steve Hailey
President/CEO, Digital Forensic Examiner, Information Security Professional and Educator

Steve Hailey is an Information Technology veteran of thirty years, with twenty-three years of experience developing and delivering technical training. Steve has twenty-seven years of data recovery experience, and has been conducting digital forensic analysis professionally for sixteen years. He is a highly skilled expert witness and dynamic instructor, bringing to bear his combined skills in information security and digital forensic analysis. He currently instructs the information security and digital forensics curriculum at Edmonds Community College in Washington State.

Steve has performed work and conducted training in the fields of computer networking, information security, and digital forensics for two Fortune 100 companies, several law firms, the federal government, various law enforcement agencies, and several colleges throughout the Pacific Northwest. He is actively involved with developing and delivering training in digital forensics to members of city, state, and federal law enforcement agencies, and has been training military personnel performing forensic analysis in the Mideast since 2005.

Steve is an instructor and Subject Matter Expert for the Cyberterrorism Defense Initiative program for the Department of Homeland Security and FEMA, and has also provided course development services as a Subject Matter Expert for the course titled "Cyberterrorism First Responder," for the Criminal Justice Institute, University of Arkansas. Steve also developed the Continuing Legal Education course "Digital Forensics for Attorneys" which has been delivered to attorneys and legal professionals locally and internationally, to include the Washington State Attorney General's Office and the United Arab Emirates Ministry of Justice. In partnership with Mike Andrew, Steve recenlty developed and delivered training in conducting comprehensive digital forensic examinations to members of law enforcement for the Abu Dhabi, Ajman, Dubai, and Sharjah police departments in the United Arab Emirates.

He has authored certification practice tests for several vendors and is also a Subject Matter Expert for Comptia's Security+. Steve has processed digital forensic cases ranging from inappropriate resource use and network intrusions to cases involving identity theft, credit card fraud, child pornography and money laundering. He is creator of the CyberSecurity Forensic Analyst (CSFA)™ certification, as well as the author of several digital forensics/forensic computing course books.

Steve is co-author of the paper "Defining a Process Model for Forensic Analysis of Digital Devices and Storage Media" which was published by the IEEE in 2007. In 2008, Steve co-authored a paper entitled "A Case Study; Overcoming Anti-Forensic Methods Used on External Storage Drives" which was presented at the Annual Scientific Meeting for the American Academy of Forensic Science. The methodology developed and presented for the paper is now in use by forensic analysts worldwide.

Steve is a Certified Information Systems Security Professional (CISSP), an AccessData Certified Examiner, a Digital Forensics Certified Practitioner, and he possesses a certificate in computer forensics from Oregon State University. In addition to these credentials, Steve has 31 additional technical certifications. He is the founder and President of the Washington State High Technology Crime Investigation Association, and was formerly on the Board of Directors for the Institute of Computer Forensic Professionals. His other affiliations include The Agora, InfraGard, and the High Tech Crime Consortium. Steve has been featured on television, radio, and has authored several articles related to digital forensics and information security.

An article he co-authored with the creator of the Certified Ethical Hacker course and certification can be found here: Catch cyber criminals by thinking like them

Mike has been an Information Technology professional for fourteen years, and has been conducting training and forensic analysis since 2003 for attorneys, various law enforcement agencies, and several colleges throughout the Pacific Northwest. He is certified by the National Security Agency in INFOSEC Assessment Methodology and is a CyberSecurity Institute Certified Instructor, Certified Ethical Hacker, and AccessData Certified Examiner. Mike is actively involved with developing and delivering training in digital forensics to members of city, state, and federal law enforcement agencies, as well as training military personnel to perform forensic analysis in the Mideast. He has performed work as a forensic analyst on cases at all levels - local, state, and federal.

Mike is currently a member of the Computer Information Systems Dept. Advisory Committee and Digital Forensics Committee at Edmonds Community College in Washington State. He is an officer and founding member of the Washington State chapter of HTCIA and is also a member of both the HTCC and the Institute of Computer Forensic Professionals. Mike is a CyberSecurity Forensic Analyst and Certified Ethical Hacker, and possesses certificates in Network Security and Micro-Computer Support. Mike is an instructor and Subject Matter Expert for the Cyberterrorism Defense Analysis Center (CDAC), and has also developed a course on Cyberterrorism for them. Working with Steve Hailey, Mike developed the CLE course "Computer Forensics For Attorneys." Mike has attended and completed training from the E-Discovery Training Academy at Georgetown University Law Center.

In partnership with Steve Hailey, MIke recenlty developed and delivered training in conducting comprehensive digital forensic examinations to members of law enforcement for the Abu Dhabi, Ajman, Dubai, and Sharjah police departments in the United Arab Emirates.

Mike and Steve's paper "Defining a Process Model for Forensic Analysis of Digital Devices and Storage Media" was published by the IEEE in 2007. In 2008, Mike presented a paper entitled "A Case Study; Overcoming Anti-Forensic Methods Used on External Storage Drives" at the Annual Scientific Meeting for the American Academy of Forensic Sciences. The paper was co-authored with Steve Hailey. Mike is also co-author of the book "Computer Forensics Core Competencies - Practical Skills for the Forensic Examiner." In addition to all of his credentials, Mike recently earned the prestigious Digital Forensic Certified Practitioner certification through the National Center for Forensic Science.

David R. Matthews - CISSP, CISM, Instructor

David Matthews is currently the Deputy Chief Information Security Officer for the City of Seattle. He has worked in the Information Technology field since 1992. He began his IT career as a Network Administrator and all around IT support for a small public relations firm. He began working for the City of Seattle as the Technology Manager for the Legislative Department (City Council) in 1998. In early 2005 he was selected to be the first Deputy CISO for the City. In May, 2005, the City's CISO was hired by the University of Washington and David was made Acting CISO. He worked in that capacity until April, 2006 when the City hired a new CISO. In his work for the City he has developed and created a NIMS/ICS compliant incident response plan; updated and extensively re-written the City's Information Security Policy; developed digital investigation policies and procedures; created and taught training courses on information security policy and digital forensics processes; and created an IT primer and litigation hold procedures for the City's Law department as part of his collaboration with them on eDiscovery issues.

He is a participant and leader in regional information security organizations. He is the public sector co-chair of the US-Cert/DHS sponsored North West Alliance for Cyber Security (NWACS). With NWACS he has worked with the Pacific Northwest Economic Region non-profit (PNWER) to sponsor information security training for SCADA operators and managers; four Blue Cascades disaster scenario exercises; and is the creator and editor of a portal web-site with local information security and forensics activities; a library of best practice documents and links to information security and forensics web sites.

David is also an active participant in the Agora, Pacific CISO forum (PACISSO), Computer Technology Investigators Network (CTIN), ISSA, ISACA, InfraGard and ISC2. He participates on the local Critical Infrastructure Protection sub-committee of the Regional Homeland Security team, and also works with a national infrastructure protection group called TISP (The Infrastructure Security Partnership). He has published an article on Active Defense in the ISSA journal, and has presented at many emergency management and information security conferences. His most recent presentation on eDiscovery called "Translating Geek for Attorneys" has been presented to records managers, information technology and security audiences and was given as a continuing legal education course for the U.S. Attorney's office in Seattle and the City of Seattle's Law department.

He holds the Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and a Certification in Forensics Investigation from Highline Community College.