KEYNOTE SPEAKERS AND TOPICS:
SPEAKERS AND TOPICS:
Tatiana Tropina is a senior researcher at the Max Planck Institute for Foreign and International Criminal Law in the Information Law and Legal Informatics Section. Her current areas of research include international standards to fight cybercrime, the comparative analysis of cybercrime legislation, self- and co-regulation, public private partnerships to address cybersecurity issues, and the multi-stakeholder approach to fight cybercrime.
Tatiana Tropina's background includes both academic and practical experience. She has been conducting cybercrime research for more than 12 years, starting in Russia in 2002, where she became the first Russian researcher to defend a PhD thesis on cybercrime (2005). From 2002 to 2009, she was responsible for cybercrime projects at the regional subdivision of the Transnational Crime and Corruption Centre (George Mason University, USA) in Vladivostok, Russia. At the same time, from 2003 to 2008, she worked full-time as a lawyer and then as head of the legal departments of a number of telecommunication companies. In 2008, she won the British Chevening Scholarship to study telecommunications management at Strathclyde University, Glasgow. In 2009, she was awarded a German Chancellor Fellowship (Alexander von Humboldt Foundation) and moved to Germany to pursue her research on legal frameworks for cybercrime.
Since 2009, Tatiana Tropina has been involved in both legal research and various applied cybercrime projects at the international level. This activity includes such projects as drafting model legislation on the interception of communication for the Caribbean states and adapting it via stakeholder consultations (ITU-EU project, 2010) and carrying out a cybercrime study for the Global Symposium of Regulators (ITU, 2010). Recently, she served as a consultant to the UNODC Comprehensive Cybercrime Study (2012-2013) and to the World Bank (World Development Report 2016). Tatiana Tropina has a number of publications to her credit, including a monograph on cybercrime. She is frequently invited to present on her research at various international events.
Title: Who governs the Internet?
Who sets different standards for the Internet? How the Internet standards differ from Internet-related laws and regulations? Is there any organisation or international body, which dominantly influences Internet? What does "multi-stakeholder governance" means? What happened last Autumn, when the US government has officially ended its oversight of ICANN - the organisation that coordinates the functioning of the domain name system? Why cannot we have a body within the United Nations to set the Internet standards and control the network?
This presentation will address all the issues listed above and answer many more questions that you maybe never asked. It will provide a structured and logical explanation of different layers and spheres of the Internet governance. It will explain in a simple way such acronyms as ICANN, IANA, IETF, ISO and others, so you will never have to search for their meanings. Moreover, you would be able to understand them in a broader context of Internet governance. From undersea cables and satellites to standards development, from policy-making to laws and regulation: the presentation will guide you through the maze of what is called "the multi-stakeholder environment" to ensure that you will never get lost on the issues of Internet governance again. Ultimately, you will probably see your own role in the multi-stakeholder environment and figure out how you can have a say in the global Internet governance.
Željko Ivanković became a journalist in the first half of the eighties, in the media for youth like Radio 101 and the student newspaper “Studentski list” and in a number of editions “Vjesnik” as a proofreader, journalist and editor. During this period he collaborated with a number of domestic and foreign media. In late 1992, he became the chief editor of the monthly magazine “Banka” where he worked until the end of 2002. He worked as an economy adviser in Croatian embassies in Japan (September 2005) and Australia (until August 2009).
Željko Ivanković has a Ph.D. in Philosophy of Economics from the Australian National University in Canberra (Research School of Social Sciences), one of the leading research universities in the world in theories of ownership.
He has participated in several national and international professional and scientific conferences and published papers in national and international journals and publications.
Tema predavanja: The political paradox and dilemmas of the digital society
Technology is not morally neutral. It is often said, ‘A gun doesn’t kill - a man does’. What is meant by it is - not a gun in itself is bad or to blame. However, in recent times, there have been claims that some algorithms are morally bad or even evil. They seem to be racist and discriminatory. Ethical, social and political analysis of contemporary digital technology is in full swing. Digital changes are less and less a technical matter. The problem is their economic effects, in particular the acquisition of immense political power. Digital giants determine what is true and what is a lie. They become non-elected rulers of the world.
Patricia Ayodeji, founding lawyer of E-PDP PROTECCIÓN DE DATOS PERSONALES®, is a British, dual qualified Civil Law and Common Law lawyer. Solicitor for England & Wales. Abogado for Spain. Her dual qualification means that she can practice both in Spain, & England and Wales. She has over 16 years experience providing legal services principally for SMEs and Multinationals.
Her specialties are; Information, Technology & Communications Law, Privacy, & Data Protection Law, E-Commerce Law, and Intellectual Property Law.
Patricia forms part of the list of international lawyers in different Embassies and Governmental departments, and collaborates as a voluntary lawyer in various charities, and in a human rights defence organization.
Title: Flish Flash: Spanish Approach to Digital Evidence
Lecture includes a brief look at the Spanish Law for electronic signatures which outlines the legal obligations of electronic communications service providers (inter alia; Data Protection, Security & Technical reliability, Data integrity) in addition to examining the requisites of the Spanish Organic Law on Data Protection. Brief mention will be made of the new European General Data Protection Regulation.
This brief look at the law for electronic signatures will be followed by a detailed analysis of an administrative proceeding before the Spanish Data Protection Authority, in 2016, which concerned a complaint filed by a data subject for having been included in national creditworthiness files. The issue in hand was whether consent to collect personal data (a first condition for the lawful processing of any data) was proved or not via the use of a certified electronic contracting solution.
Ing. Nicola Chemello is the chairman and co-founder of Securcube s.r.l., Italian digital forensics company specialised in the field of phone records (CDR – Call Detail Record) investigation and cell towers (BTS – Base Transceiver Station) survey at the crime scene.
Nicola Chemello is EnCE, Ufed System, Oxygen, XRY certified and he has been working on CDR analysis and BTS coverage measurements since 2007. Registered at the Italian Court as CTU (Consulente Tecnico d’Ufficio - Expert Witness), he is an expert in digital examinations and consultancy on electronic devices for several Prosecutors’ offices and private customers.
The forensics expertise of Nicola Chemello includes: computer fraud; damage to a computer system; unauthorised access to a computer system; cloning credit cards; violation of copyright law; fraudulent bankruptcy; scam; documents falsification; employees fraud; damage to public facilities; digital identity theft; doping; stalking; sexual violence; child abuse; child pornography; murder; suicide and drugs trade.
Title: Digital investigations: the increasing role of the cell towers coverage in the cross analysis of the mobile evidence to solve a murder case
The myth of the 360° all-knowing investigator able to analyze in depth and single-handed, at the same time and way, the feverish scenario of the digital forensics evidence such as computers, servers, network traffic, mobile phones, BTS coverage and video surveillance systems… went bust. The thing is, the digital investigation needs a brand-new approach. The winning idea is to think outside the box, leaving every digital forensics specialist in his own field to conduct the better analysis and finally bring the correlation of the different data sources into the play, to figure out the most accurate reconstruction of the crime. This synergic analysis of the digital data leads to a desirable outcome in which the evidence expose another side of the story or point out that, the reply received separately by the various investigators, it does not present an unambiguous confirmation of the dynamics related to the crime scene. Focusing on the branch of the mobile forensics investigations, the analysis has to consider a growing global technology that sometimes surprises the investigators about the results obtained. We mean, almost everyday telephone operators, mobile manufacturers and software teams launch a brand new system, a device model and an awaited release that leaves everybody with the understandable doubt related to the investigative results achievable at the time of the next case involving such innovation.
Judge at the Municipal Court in Velika Gorica. She participated in different stages of the implementation of joint regional project of the Council of Europe and the European Union "CyberCrime@IPA"- Regional cooperation in criminal matters - Strengthening capacities in the fight against cybercrime in South-Eastern Europe, including the following countries: Albania, Bosnia and Herzegovina, Montenegro, Croatia, Kosovo, Macedonia, Serbia and Turkey. During this project, she completed a training of trainers programme and became a trainer at the Judicial Academy of the Republic of Croatia and the pilot Regional Training Centre for judges and state attorneys from the aforementioned South East European countries, which was set up in Zagreb. By presenting the experience gained through CyberCrime@IPA project for the South East European countries, she participated as an expert in joint projects of the Council of Europe and the European Union "CyberCrime@EAP" – created with the same objective for Eastern European countries, including: Armenia, Azerbaijan, Belarus, Georgia, Moldova, Romania and Ukraine, and CyberCrime@GLACY developed for the following countries: the Philippines, the Republic of South Africa, Morocco, Mauritius, Senegal, Sri Lanka, Tonga.
Title: The most common forms of criminal offenses of child pornography on the Internet
The lecture deals with emphasizing the most common forms of criminal behavior of child exploitation for pornography on the Internet, according to reports of EUROPOL. This is a specific modus operandi where, in a very subtle way, the perpetrators of these criminal acts are endangering children. The perpetrators use the ease of communication and the ease of creating misconceptions among children on the Internet, where children or adolescents seem to be relatively certain victims. Ideas on preventing and fighting such criminal offences will also be discussed.
Title: A scary story about bears and pandas: tradecraft of advanced persistent threat actors
The term APT (advanced persistent threat) is used to signify adversaries with advanced tradecraft and operational persistence whose goals are organizations or governments with the sole purpose in obtaining access or creating an effect on high value targets.
This talk will give an overview on modern APT operations and how this affects the modern organizations.
Božo Kovačević completed his studies in Philosophy and Sociology at the Faculty of Philosophy in Zagreb. He was a Member of Parliament, Minister in the Croatian Government and the ambassador in Moscow from 2003 to 2008. He is one of the founders of the journal Gordogan. Since 2010, he works as a lecturer at the College of International Relations and Diplomacy Dag Hammarskjöld in Zagreb and a columnist for the political magazine Telegram.
Title: Cyberwar and global politics
The main obstacle to the adoption of a globally binding document to regulate behaviour in cyberspace, especially in the rules of cyber warfare, are the differences in the approach to the problems of cyber space between the US and China. While the US declaratively supports the open Internet, at the same time it is developing defensive and offensive capacities in cyber space, that is being defined as a fifth domain of warfare. China is committed to the concept of cyber sovereignty and criticizes the United States because of its double standards.
It seems that only after the probable establishment of the tightening cold war relations that could pave the way to conflicts in other domains of warfare, the conditions will be created for agreements comparable to those between the United States and the Soviet Union on the limitation and control of nuclear weapons.
He was born in Vranov nad Topľou, Slovakia. After the graduation at high school he started his study at Comenius University in Bratislava, where heI've earned PhD. in petrology. He started to work for LYNX - spoločnosť s ručením obmedzeným Košice since 2006 as the security specialist where he achieved team leader position of the „Technical analyses department“. He has passed Sun Certified System Administrator certification in 2009 and SANS GIAC Mobile Device Security Analyst certification in 2015. With over 10 years of professional experience in the area of IT security his interests are focused to forensic analysis of malware, security of mobile devices, penetration testing and mix of these fields. His key professional experiences in mentioned fields are from participation and cooperation with National Security Authority, Cyber defense exercises with NATO, and partially from projects for Ministry of Defense of the Slovak Republic.
Title: Devil lies beneath the surface
Hand by hand with the development of methods and tools to detect and eliminate malicious code goes continuous evolution of attackers’ abilities to implement the methods for elimination of such countermeasures. Presentation will discuss uses of forensic analysis to combat in the area that is very often overlooked in terms of cybersecurity and maybe no very refundable for small business, but certainly important for the critical infrastructure. The first part will consist of reasons why and how to not separate forensic analysis from the everyday cybersecurity process for the critical systems as integral part of prevention and incident response process. Using specific case study in the second part of the presentation will be illustrated by a specific case, the application of forensic analysis for the detection, analysis and elimination of specific cyber threat implemented in the software part of hardware.
Ante Markić has completed postgraduate specialist study at the Faculty of Organization and Informatics in Varaždin. Since 2004, he has worked as a permanent expert witness for Informatics and a professor of Information Systems in the Ministry of Interior. He is a qualified Internal Assessor in accordance with ISO 27001: 2005 holding a certificate "Internal Assessor for ISO 27001: 2005 Information security system”. He has ECDL Expert certification as Instructor for the National Information System for border control CRO-NBMIS N 91096. His main fields of interest are computer forensics and computer networks, information system audit, information system security, the misuse of computers and computer systems.
Title: Post-mortem Facebook forensics
Facebook is the most widespread social network that allows different communication activities. However, when these activities become illegal or turn into a form of cyber violence, criminal acts or other legally prohibited actions then it is necessary to find digital evidence that prove these illegal activities.
Each of the activities on social networks (chat, wall comments, group events ...) may leave a series of evidence at different memory locations. The purpose of this paper is to show how, where and what tools to look for in order to find digital evidence of illegal activities. The work is focused on the use of existing tools and techniques for post-mortem analysis and analysis of Internet communication.
Post-mortem analysis is performed with tools for web browsers and different memory types. The work focuses on Facebook communication. After finding illegal activities using one tool, another tool is being used to confirm the existence of the same activity. Only when two different tools confirm the existence of illegal activity, that activity can be considered as digital evidence submitted in court.
The tools for this analysis are: Internet EvicenceFinder (IEF), Facebook JPG Finder (FJF), CacheBack, Helix, ForensicToolkit (FTK) and hex editor.
Joachim Meese has over 15 years of experience both as an academic and as a practitioner. He started his academic career at the University of Ghent but moved to the University of Antwerp in 2010 (current position: 55% professor).
Joachim Meese is lecturer at numerous seminars and conferences in Belgium and abroad. He also is author of law books (“length of criminal proceedings” and “Reasonable time”) and numerous contributions to law books as well as articles in legal and other reviews on various matters of Criminal law and Criminal procedural law. He also is a member of several editorial and advisory boards. As a lawyer and managing partner of the law firm Van Steenbrugge Advocaten, Joachim Meese has been dealing with numerous criminal cases and has gained experience managing legal teams.
Title: Data retention after December 21, 2016
With the European Data Retention Directive 2006/24/EC , adopted in the aftermath of the terrorist attacks in Madrid (2004) and London (2005), the European Union decided to intensify its efforts to strengthen the judicial cooperation between the Member States in order to combat serious crime, in particular terrorism.
In a very interesting judgment of December 21, 2016, the Court of Justice of the European Union determined, among other things, that only the objective of fighting serious crime is capable of justifying the interference by national legislation that provides for the retention of traffic data and location data with the right to privacy.
Mr. Normand has taken over the management of Bluebear LES a software company specialized in the fight against online child exploitation in 2007. Mr. Normand is a technology and cybercrime expert. Mr. Normand delivered numerous conferences on the topic of cybercrime and visual data forensic to police agencies of Europe, Asia and the USA. On February 27th 2013, Antoine Normand was awarded the Queen Elizabeth II Diamond Jubilee Medal for his commitment to combating child exploitation on the Internet worldwide.
At Bluebear, Mr. Normand has the general responsibilities for Strategy, Finance, Human Resources, Sales, relations with high level customers and political relationship management. Before being the CEO and majority shareholder at Bluebear LES, Antoine Normand co founded Cactus Commerce in 1995. He was responsible of corporate governance, financial management, merger and acquisitions and operations. Between 1995 and 2006, he was instrumental in positioning Cactus as a world leader in e-commerce solutions on the Microsoft platform. In 2006, Cactus employed a team of 125 professionals located in Cactus offices of Gatineau, Toronto, Montréal and Chicago.
Title: How to use image and video database as an intelligence tool
Real case scenarios on the Search of accumulated database of hash sets and of images and videos in closed cases:
By Hash Value: MD4, MD5, SHA1, ED2K
By EXIF Data: Camera Model/Manufacturer, Date/Time, Serial Number, GPS, or any string
By Image: Visual Duplicate or Similar (by shape and color)
By face extraction and face matching.
Damir Paladin is an information security consultant. He is professionally engaged in information technology over 25 years, and in 1998th he started with his own company Borea, where he works today. His areas of expertise are computer forensics, audit and testing security of information systems. He owns professional certificates CISSP, CISA and CISM. He is a permanent court expert in IT. He cooperates with some of the most important Croatian companies and institutions providing professional services in the field of information security.
Title: How to follow the trail of advanced attacks?
The initial operational phases of advanced threats go largely unnoticed, resulting in risk of their unnoticed activities, sometimes going on in periods of up to several months. The data on the initial events remain mostly unavailable for forensic investigation. The presentation will describe the method of recording relevant events that accompany advanced threats by using freely available application systems Sysmon and ELK. It will also present the analytical procedures to identify indicators of presence of advanced threats and describe the methods of forensic analysis of data on advanced threats collected through systems Sysmon / ELK. Finally, practical aspects of implementation of the systems Sysmon / ELK will be discussed.
ROKSANDIĆ VIDLIČKA SUNČANA
Assistant Professor, Department of Criminal Law, Faculty of Law, University of Zagreb. She holds Mr.sc. (Commercial and Company Law), Dr.sc. (Criminal Law and Criminology, University of Freiburg (Germany)/University of Zagreb, doctoral candidate of the Max Planck Institute for Foreign and International Criminal Law, Germany). She serves as the Head of the UNESCO Chair Units in bioethics. She teaches Criminal Law, Economic Criminal Law and Transitional Justice, EU Substantive Criminal Law and Protection of Victims (Jean Monnet Course), Bioethics and human rights (UNESCO Course), some at the graduate and some at postgraduate level. Leader of the Jean Monet Project: Advanced Seminar on EU Criminal Law and Policy. Aside from her work as a researcher and lecturer, she co-organized several international conferences, seminars and summer schools and served as a member of several expert groups. She was member in the National Risk Assessment Group of Money Laundering and Financing of terrorism. She participated in the USA International Visitor Leadership Program in 2015 on prevention of violent extremism. She co-authored the commentary of the Croatian Criminal Code in the leading commentary edition. She (co) authored a number of articles in legal periodicals or chapters in a collective volume.
Title: The role of digital evidence in the European Agenda on Security
As stated in the Communication from the Commission to the European Parliament, the European Council and the Council (COM(2016) 230 final) delivering on the European Agenda on Security to fight against terrorism and pave the way towards an effective and genuine Security Union: A key element in successfully preventing, investigating and prosecuting serious and organised crime and terrorism-related offences is rapidly securing and obtaining digital evidence, as highlighted in the joint statement of 24 March 2016 of the EU Ministers for Justice and Home Affairs and representatives of EU institutions on the terrorist attacks in Brussels. Relevant information is frequently held by private companies, on their servers, often located outside the territory of the investigating law enforcement agency and therefore outside its jurisdiction. Aside from mutual legal assistance procedures and a few limited rules in international agreements, no harmonised approach exists on how to access such information. As a result, a wide array of different national approaches has evolved, which poses problems for investigation.
This presentation is tackling the priorities of the European Agenda on Security and the role that digital evidence could have in securing listed goals.
Ph.D. Dražen Škrtić graduated from the College of Internal Affairs in 1994 and from the Police Academy in 1999. He finished postgraduate scientific studies of criminal law at the Faculty of Law in Zagreb in 2007. He defended his doctoral dissertation Criminal law protection of informatics contents at the Faculty of Law in Zagreb in 2011. He is employed in the Ministry of the Interior, Karlovačka County Police Administration since 1990. He is working on criminal police jobs as Head of criminal police in police stations since 1994 and since 2001 in the Police Administration on tasks regarding general and economic crime. He is a lecturer for legal courses at the Karlovac University of Applied Sciences since 2012. The area of his scientific interest are criminal law, criminal procedural law, criminology and with these areas connected parts of labour law, administrative law and commercial (business) law. He is a member of the Croatian Association for Criminal Sciences and Practice. He published several scientific and expert works and lectures from the area of cyber-crime. He participated on numerous Croatian and international expert and scientific conferences. On Croatian and international expert and scientific conferences he presented works from the field of substantive criminal law respectively criminal acts of cyber-crime, special forms of cyber frauds as well as procedural criminal law related to obtaining digital proofs from media for storing computer data which are not under the control of the person providing digital proofs as legal issues of remote search and control of computers with the purpose of providing digital proofs.
Title: Acquisition, analysis and presentation of digital evidence for the purposes of court proceedings
The lecture includes a brief comparative review of modern legal framework for the identification, extraction, transmission, storage, analysis and presentation of digital evidence with examples of successfully implemented crime investigations and completed prosecutions.
Obtaining digital evidence for the purposes of evidence in judicial proceedings involves legal framework for acquisition of digital evidence from holders of digital evidence that are under national jurisdiction, under the jurisdiction of other States or from holders of digital evidence who are located on the territory of several jurisdictions, or for which it is not possible to determine jurisdiction or from holders of digital evidence that are found in the area over which no state has jurisdiction, according to the provisions of mandatory regulations or on the basis of the consent of the person who has access or who controls digital data. Analysis of digital data includes analysis of acquired digital data, reconstruction and analysis of content, media analysis, analysis of the operating system, analysis of network data, authentication data, analysis of user activity. It is necessary to present digital evidence in a way that is appropriate for the type of court proceedings (criminal or administrative proceedings) covering all the essential elements to prove certain facts relevant to the proceedings and finally, giving a summary of the ways of acquiring and preserving the integrity of digital evidence presented.
Branislav Veselinovic has a Bachelor degree in both Information Engineering and Economics. He has worked in the Serbian Ministry of Interior since 1996. First, he worked in the business network administration, and since 2003, he has dealt with the activities of forensic analysis, more precisely, the collection and processing of digital evidence. After seven years in these operations and thousands of the processed memory carriers, he became inspector in operations against electronic crime, where he still works. For the past 21 years, he has completed a number of different trainings in the field of cyber crime, forensics computers and mobile phones, as well as many others. Also, he had the opportunity to stay in the United States for an internship, in a special unit of the FBI, as well as the NCA, England. He is currently engaged in investigations of criminal offenses related to misuse of credit cards, fraud related to financial institutions and cyber security.
Title: CEO-BEC frauds
In the last few years, mostly since 2014, there is an increase of reported criminal acts performed in this way. FBI, in its analysis, says that this is one of the biggest challenges in the field of cybercrime. Interesting cases from Serbia will be presented and several questions will be discussed; What is the Modus Operandi? What we are able to isolate as a common denominator? Can we respond to the challenge?
Since 2009, Borut Zalokar has been working on digital forensic and investigating computer crime in the Computer Investigation Section. From 2003 to 2006, he worked at the Criminal Police Directorate as Coordinator Investigations against child sexual exploitation on the internet for Slovenian Police. Prior, Borut Zalokar was Criminal Police Inspector in cases concerning child sexual abuse, neglect and other crimes against children (since 1999) and Police Officer (since 1991).
Title: Specific raids in internet banking with abuse RSA SecurID
The case study, in which unknown perpetrators with phishing e-mails prepare users of Internet banking to reveale their secure data in the application form on the fake website of the banks. With that unknown perpetrators get username, PIN and RSA authentication, and use them to make transfers of money on bank accounts abroad. The case study will show, how the perpetraters hide their identity and location, with using regular services on internet. Also we will present difficulties we encountered during the investigation.
GRUIČIĆ SAVINA - Technical section
Savina graduated from Faculty of Electrical Engineering and Computing, University of Zagreb, where she obtained bachelor's and master's degree in Information and Communication Technology, Information Processing profile. She has the CAE certificate (Certificate in Advanced English), and speaks fluent Spanish and limited German and Russian. Savina works in INsig2 as a consultant in digital forensics department where she is primarily responsible for forensic training and client education and also for support during demanding and complicated investigations.
PALAVRA DAMIR - Legal section
Damir Palavra is an independent forensic investigator and court appointed expert in the field of computer science, electronics and telecommunications. He graduated from Faculty of Electrical Engineering and Computing in Zagreb in 2002 and obtained Master's degree. He was appointed as a permanent court expert in the field of Informatics in 2013. In the last 15 years Damir is working intensively in the field of digital security, computer forensics and consulting in IT technologies.
PROTRKA NIKOLA - Investigation section
Nikola Protrka graduated at the Police College in Zagreb in 1997, and finished postgraduate university studies of ICT at the University of Zagreb, Faculty of Organization and Informatics in 2008. He has been employed in the Ministry of the Interior, Police College since 1998. He has worked on criminal investigation police jobs on tasks regarding cybercrime. He is a senior lecturer, and the fields of his scientific interest are cybercrime, digital evidence and cybersecurity. He is a member of the International Criminalistic Association, and the head of ICT professional section in Croatian Association of Court Expert Witnesses and Evaluators. He published several scientific and professional articles and lectures from the field of cybercrime, digital evidence and cybersecurity. He participated in numerous Croatian and international professional and scientific conferences. At Croatian and international professional and scientific conferences he presented papers from the field of criminal acts of cybercrime, special forms of cyber frauds as well as procedural criminal law related to obtaining digital evidence from media for storing computer data which are not under the control of the person providing digital evidence as legal issues of remote search and control of computers with the purpose of providing digital evidence.
TOPOLČIĆ DAVORKA - Workshops
Davorka is a consultant in the INsig2 forensic department and responsible for clients' education, and the exploration and development of forensic tools. Her areas of expertise include digital forensics in general, the guidance software EnCase, Cellebrite UFED, PTK Forensics, OS: Windows, MacOS, UNIX administration and tools development, networks, network management, and systems and network security. She has a remarkable knowledge of programming languages. Davorka is a Master of Science in Information and Communication Technology.