Conference on Digital Forensics & Cyber Security 2016
Keith Cottenden CV
1. Page 1 of 3
Keith Cottenden PgCert, EnCE, MInstLM, MBCS
07785624348
keith.cottenden@cy4or.co.uk
uk.linkedin.com/in/keith.cottenden/
PROFILE
An experienced, enthusiastic and highly motivated director with results driven, logical and methodical approach to service delivery and an established reputation as a cyber security consultant with extensive knowledge of the principles and practices of digital forensics and eDiscovery. Skilled communicator with extensive training course delivery, and design, expertise and the ability to develop productive liaison with colleagues and clients; striving for excellence in forensic computing and eDiscovery.
QUALIFICATIONS
Postgraduate Certificate in Forensic Computing;
EnCase® Certified Examiner;
European Computer Driving Licence (Certificate No: UK 0 000 400166);
One ‘A’ Level, One ‘AO’ Level & Six ‘O’ Levels (including Mathematics & English Language);
Managing Safely - The Institution of Occupational Safety & Health (Certificate No: 116,893);
City & Guilds NVQ Assessor.
PROFESSIONAL MEMBERSHIPS
Professional Member of the British Computer Society;
Member of F3 - The First Forensic Forum;
Member of the Institute of Leadership & Management.
PROFESSIONAL TRAINING
Royal Air Force Police Counter Intelligence Investigator;
National Investigative Interviewing;
Royal Air Force Police Computer Security (Phase One & Two);
EnCase® Advanced Computer Forensics;
EnCase® Intermediate Analysis and Reporting;
EnCase® Internet and E-Mail Examinations;
EnCase® Advanced Internet Examinations;
EnCase® Examination of NTFS and Artifacts;
EnCase® Network Intrusion Investigations;
EnCase® Enterprise Examinations;
AccessData® Advanced Windows Forensics;
AccessData® Advanced Internet Forensics;
AccessData® Vista Forensics;
AccessData® Windows 7 Forensics
AccessData® Mac Forensics;
X-Ways Forensics (National Centre for Policing Excellence, Wyboston Lakes);
e-fense, Inc.™ Helix Incident Response & Live Forensics;
.XRY Mobile Phone Forensic Examination;
EnCase® Mobile Phone Forensics;
Nuix Fundamentals & eDiscovery Specialist.
2. Page 2 of 3
CAREER SUMMARY
CY4OR Forensic Services Director Since 2004
Direction of a team of up to 15 forensic investigators, technicians and eDiscovery project managers, in two UK based offices, providing proactive and reactive forensic investigation and litigation support services to the public and private sector, including law enforcement agencies, solicitors, accountants and corporate organisations; ensuring mutually beneficial relationships with key customers including the Metropolitan Police, HMRC, Virgin Media, Yorkshire Building Society, Bupa, Cassidian and T-Systems.
Providing specialist knowledge of information technology investigative techniques, monitoring the progression of investigations within strict time constraints; planning case strategy in order to provide the best value for money solution for clients whilst ensuring a high quality service;
Dealing with complex evidential and legal issues and instructing investigating officers and counsel as appropriate; ensuring evidence continuity, evidential integrity and admissibility of any data collection in a manner acceptable to a Court of Law;
Preparing complex technical reports for clients and court that are easy to understand, informative and precise; investigations include fraud, deception, theft, child abuse, blackmail, terrorism, murder, kidnap, harassment, hacking and computer misuse offences;
Understanding of British, EU and US law in relation to computer based fraud and misuse and corporate IT legislative requirements; a comprehensive knowledge of the ACPO guidelines and the procedures relating to the investigation of computer crime;
Conducting investigations and consulting at clients premises worldwide; presenting seminars relating to incident response and speaking at national and international conferences;
Assisting in the preparation and execution of search and seize orders in civil proceedings; advising on investigative strategies related to litigation;
Researching and developing new techniques in response to current technologies and professional issues; ensuring that the forensic services meet the company’s business plan.
Key Achievements
Established two secure facilities ensuring compliance with industry guidelines and best practice within digital forensics (ACPO) with scalable capability to react to ever increasing demand for the provision of digital forensic services;
Developed a comprehensive business strategy detailing the technical and training requirements for a mobile device forensic analysis capability which was successfully implemented in 2006;
Personally conducted in excess of 200 investigations on behalf of law enforcement, security agencies, legal and corporate clients in criminal and civil cases; developing significant business opportunities in the forensic computing and eDiscovery sectors;
Selected overseas engagements include a covert data collection in Georgia in the early stages of a high profile litigation (2009) and a search and seize order with the Israeli police in Jerusalem on a kidnap case (2008);
Sweet & Maxwell Checked Expert Witness, with experience in the preparation and presentation of evidence before the court for both sides in criminal and civil cases; I am a Vetted Expert with the UK Expert Witnesses Directory;
Frequently quoted in the media, featured on Panorama ‘Are the Net Police Coming for You?’ (2010) and BBC Inside Out (2014); also live on Sky News (2014) and BBC London News (2008), giving expert opinion in relation to an Internet fraud;
Management of ISO9001:2008 & ISO27001:2005 implementation and accreditation;
Honorary Visiting Lecturer in Advanced Digital Forensics in the Faculty of Technology at De Montfort University since 2011;
Visiting Fellow within the School of Computing, Engineering and Physical Sciences at the University of Central Lancashire since 2012.
3. Page 3 of 3
Royal Air Force Police Investigator 1982 – 2004
An exemplary and diverse 22 year career with the Royal Air Force Police, ultimately specialising in counter intelligence and computer security duties; accustomed to working and making decisions in high pressure situations both in the UK and overseas.
Supervision of a team of specialists implementing and monitoring security in accordance with relevant legislation; planning and co-ordinating the police response to emergency and security incidents with direct reporting responsibility to the Head of Establishment;
Gathering and collating evidence, interviewing of witnesses and suspects, preparation of case files & reports and the presentation of evidence in disciplinary hearings and Court Martials;
Investigating and reporting incidents of computer misuse, virus attacks, hacking, loss or theft of data, in accordance with the Police and Criminal Evidence Act 1984 (PACE);
Carrying out security surveys and audits of computer systems and conducting investigative interviews with practitioners and business managers responsible for system security; advising on the implementation and enforcement of all InfoSec measures in accordance with JSP 440 (The Defence Manual of Security);
Performing risk analysis of complex and interconnected systems planning for InfoSec provision in new and changing computer systems using the relevant HMG InfoSec Standards; explaining the implications of current legal, national and organisational requirements for security of computer systems;
Selecting and developing system security strategies for computer systems denoting the procedures for the protection of the system and its data;
Responsible for the preparation and delivery of Counter Intelligence and computer security related subjects to audiences of varied backgrounds and status.
Identifying training gaps and designing bespoke training courses, selecting the most appropriate training methods for effective delivery of a course;
Assessing the suitability of given training objectives, developing a syllabus and instructional specification using adequate enabling objectives.
Key Achievements
Served with the Royal Falkland Islands Police, investigating several serious criminal offences including a high profile murder case;
Developed and implemented an e-learning training package to provide continuation training for 800 Royal Air Force Police personnel;
Designed and developed Defence Information Technology Security courses, due to revised MoD training requirements, consequence of the Defence Training Review;
Created, introduced and delivered a Defensive Tactics course to ensure selected law enforcement personnel were qualified to the required national standard with the subject knowledge and instructor skills to deliver staff safety training to law enforcement agencies.
PERSONAL SUMMARY
An enthusiastic traveller who has visited fifty nine countries worldwide. Socially, a member of the Sergeants’ Mess at Royal Air Force Halton and the Royal Air Force Police Association; regularly arranging networking events for former colleagues to assist their transition from public to private sector. Fitness maintained by playing squash, in a local league, and golf.
Security cleared SC.