This article is a recap of some of the main highlights from the Techno Security and Forensics Investigations Conference (TSFIC) held in Myrtle Beach, South Carolina, from the 31st of May until the 3rd of June 2015.
The conference began at midday on Sunday 31st of May, with six main strands running throughout the duration of the event. Attendees received a colour-coded programme which allowed them to easily see which of the talks were part of the Audit, Forensics, Information Security, Investigations, Cellebrite Lab or Nuix Lab parts respectively.
The Information Security session by Chris Pogue was one of the talks that introduced the conference. Pogue discussed the recent spike in reported data breaches around the world, and questioned whether more data breaches had actually been happening in recent years, or whether the media were just reporting on them more frequently. One point that was strongly emphasised was the importance of penetration testing in all businesses; paying someone to perform a penetration test will be cheaper than paying out after a breach, Pogue elaborated, adding that it is important for the computer security industry to move towards a more holistic, strategic approach to security planning.
The following talk by David Vargas gave a high-level overview of Tor and how it is used to facilitate cybercrime. Particularly interesting were the case studies of the investigations into Eric Marques, who distributed indecent images of children online, and Dread Pirate Roberts, the former owner and manager of Silk Road.