TALPI Presentation 2023

Presentation to Private Investigators.

The Tennessee Association of Private Investigators (TALPI) invited Overt’s Bart Holzer to at their annual training as part of their continuing education (CE) program for private investigators. The training took place at the Nashville School of Law auditorium on October 27, 2023.

Mr. Holzer presented on two topics during the training program:

Cybersecurity and The PI
Case Management Best Practices

Below is a summary of the two sessions presented by Mr. Holzer.

Cybersecurity and The PI.

A Private Investigator (PI) should have a good understanding of cybersecurity to protect their own digital assets, maintain the privacy of their clients, and conduct their investigations effectively and ethically. .

This discussion is aimed at PIs and their businesses.

Agenda:

Introduction
State of Cyber
Cybersecurity for the PI (and their business)
Cyber skills every PI should have
Case Studies
Resources

1. Introduction.

2. State of Cyber.

There are many online resources to get an understanding of cybersecurity and cyber crime trends.

The best place to start for an overall view into the current “state of cyber” is the FBI’s Internet Crime Complaint Center (IC3) annual report.

Top Attack Vectors

Phishing

Spear phishing, whaling, smishing, vishing.

Get someone to click or provide information.

Pretexting

And other forms of social engineering.

“Sweet talk” someone to click or provide information

Insider Threats

Employees, contractors, and others with access.

Can be malicious or accidental.

3. Cybersecurity for the PI (and their business).

Three focus areas are identified for the discussion on cybersecurity for the PI and the PI’s business:

Data Protection

PIs deal with sensitive information in every case. To ensure this information is best protected, PIs should be sure to implement:

Good Passwords. Use strong, unique passwords for all accounts and devices. Use a password manager.
MFA. Enable multi-factor authentication on all accounts. Use temporary one-time password (TOTP) as the preferred method; this is most well known as an “authenticator app.”
Cloud. Collaborate in the Cloud instead of sending information back and forth in email.
Physical Protections. Secure workspace to prevent unauthorized individuals from gaining access to your equipment.
Encryption. Use encryption tools and techniques to protect data at rest and in transit. For example: did you know one can password protect a Microsoft Word document?
NGAV. Protect computers with next-generation anti-virus… or even better tools.

Processes & Procedures

As important to information security as Data Protection, PIs should have mature Processes & Procedures in their business. PIs should be sure to implement:

AP / AR. Two-step process for all incoming and outgoing payments or change to payment methods.
Secure Comms. Use more-secure communication options over less-secure, like email.
Secure Travel. Use secure Wi-Fi networks and avoid connecting to public, unsecured networks.
Data Retention. Implement data retention and disposal policies so client information is not kept longer than necessary.
Update Software. Keep operating systems and applications up to date with the latest upgrades and patches.
Compliance. Meet legal and regulatory obligations.

Security Mindset

Maintaining successful information security over time requires a commitment to security and privacy. Often, this is most successful when security becomes part of a business’ culture. PIs should take on a Security Mindset, considering:

PPT. People, Processes, & Technology… in that order.
2 is 1; 1 in None. Redundancy and oversight.
Training & Phishing. Security awareness training for teammates, partners, and customers. Phishing campaigns to stay sharp.
Insurance. Transfer risk.
Least Privilege. Grant access only to what is needed by role.
Secure-By. Secure-By-Design and Secure-By-Default operating principles.

4. Cyber skills every PI should have.

The digital age presents many challenges to classically trained PIs, with cyber skills becoming more key to success. PIs should work on improving their skills in:

OSInt. Open Source Intelligence gathering, including social media.
Account Review. Evaluate online accounts for indicators of compromise.
Digital Forensics. Examine computers and phones for electronic artifacts.
Data Analysis. Normalizing, correlating, and making sense of data.
Digital Surveillance. Methods for monitoring activities and communications, while respecting legal and ethical boundaries.
TSCM. Technical Surveillance Counter Measures… finding bugs and hidden devices.
TTPs. Knowledge of tactics, techniques, and procedures, including the most common forms.
Staying Current. Keeping abreast of latest trends.
Social Engineering. Knowledge of the #1 TTP, including pretexting, baiting, and tailgating.
Privacy Protection. Advise clients on how they can best protect their personal information.
Parental Controls. Recommend to parents ways to keep their kids safe online.
Best Practices. Able to recommend common protections for clients, including MFA.

5. Case Studies.

My phone was hacked!

Divorce case.
Spouse knew everything about the other after divorce initiated.
Spouse is “technical, and knows how to hack.”
Spouse suspected of hacking phone.
Phone was clean – no spyware or parental monitoring.
House was clean – no bugs.
Email account was clean – no forwards or filters.
Cell provider clean – no shared accounts.

Solution: Calendar was shared!

My email was hacked!

Divorce case.
Spouse knew everything about the other after divorce initiated.
Spouse had access to shared computer during marriage.
Spouse suspected of hacking email.
Email account was clean – no forwards or filters or suspicious logins.
Calendar was clean.
Phone was clean – no spyware or parental monitoring.

Solution: Cell provider – shared account! User could view SMS messages in web portal.

Physical, human, and cyber security.

SECURITY

SETS YOU FREE.

Get Started