BERMUDA'SCYBERCRIMEFIGHTER
When Alan Pailing started his 30 year career in the IT field as a computer operator ? "when computers were as big as a room," he says laughing ? he probably didn't think he would eventually be helping to fight cyber crime. But his keen interest in that area has led him to starting a new business venture ? CiC Software Technologies ? that brings the fascinating world of computer forensics to Bermuda.
"The business really started out of my personal interest in the topic of crimes involving computers," says Mr. Pailing, who worked at XL Capital for the past 14 years. He was head of the company's IT department for nine years, and prior to working at XL held a variety of computing positions at former global insurance broker Johnson and Higgins, GTE and hardware and software infrastructure provider NCR in the UK. "In recent years the incidents of cyber crime, identity theft and of course hacking have just exploded, and it got to the point where I wanted to know more about how to combat them."
He adds that the rise in demand for 'ethical hacking' services in the US was also an interest.
"That's basically where information security professionals are being hired by large companies to try and break the vulnerabilities of their computer systems and literally try to hack into them," he says. "I really wanted to know more and decided to take some courses."
That simple decision to gain a little new knowledge resulted in him attending Oregon State University to become professionally certified in the field of computer forensics and he is now offering clients here in Bermuda a range of solutions to develop and protect corporate computer systems. His training in computer forensics involved becoming proficient in cyptography (hiding information within text on a computer) and steganography (hiding information inside images) analysis, and he has married his decades of experience in computer programming and IT systems management with these and other new skills encompassing all aspects of forensic analysis and data recovery.
"The strength of computer networks has taken on more importance these days, not just from a technical standpoint but given all the requirements on a company from things like the Sarbanes Oxley Act," says Mr. Pailing. "It's also important for companies to know that they can recover data from their systems with expert help from both a forensic and business continuity perspective. With the kind of business that's done here in Bermuda, those needs are growing and I set up CiC so that companies can have access to those services right here on the Island."
Mr. Pailing defines computer forensics as "the art of retrieving deleted or hidden files from any computer media". He says companies can call in a computer forensics expert for many reasons but typically they do so to trace data for evidence of criminal activity, either by an employee or from an outside attack, or to support their position in situations like wrongful dismissal cases or breach of contract disputes where tracing the chain of electronic communication can be crucial.
CiC's forensics services are wide-ranging and include analysing systems for evidence of electronic file shredding, identity theft and intellectual property theft, as well as e-mail tracking, password recovery, computer security reviews and providing expert witness testimony.
"Computer forensic experts work closely with the police when they are brought in on these cases, particularly in the (United) States" says Mr. Pailing regarding the expert witness service. "Often the police may not have the IT expertise that we can bring to support a wider criminal prosecution, so we help to fill that knowledge gap."
He adds however, that in some situations companies may prefer to conduct internal investigations to settle commercial or other types of disputes without police involvement, "and in those cases it helps to have an independent forensics consultant to assist in the proceedings." Due to CiC's affiliation with Oregon-based New Technologies Inc., an internationally recognised computer forensics firm, and where he undertook some of his preliminary training in the field, Mr. Pailing also says he is able to bring in overseas experts for Bermuda cases as required.
The company's data recovery services form the core of what CiC provides to its clients, alongside the computer forensic side of the business.
"When you delete a file you don't actually delete it," he says. "All you've done is make it invisible to the operating system, but it's still there on the computer's hard disk. Which is why you usually take a copy of the hard disk as one of the first steps in forensic analysis without disturbing the contents so as not to lose evidence.
"But we're not just talking about deleted files from a hard drive; there's software that you can get off the shelf that can undelete files, that's the easy stuff," Mr. Pailing says. "We can do that of course at one end of the spectrum, and at the other end we can rebuild the whole operating system in the event of a major system crash, or after an attack from a malicious virus that corrupts the system."
He says that the company uses a range of powerful utilities (software tools) that find and recover deleted, destroyed or damaged data ? whether text or images ? quickly, and in any file format.
The company's complete portfolio of services also includes software applications development for re/insurance and financial services companies using a plethora of programming languages, as well as crisis management consulting.
"I've can now apply the expertise I built up over the years in developing software solutions for companies while I was working in the insurance and reinsurance area for CiC clients," says Mr. Pailing. "It's great to be able to build custom applications as a complement to our core services and provide clients with exactly what they need.
"And on the crisis management side, our consulting service assists clients with conducting information risk assessments, business impact analysis and business continuity planning to round out our services," he adds.
He says that while the applications development and crisis management services fulfil a need that many of the large- and medium-sized companies in Bermuda already recognise, the area of computer forensics is still a new concept to some.
"I've already had clients for both sides of the business, but I would like to think that I'll be able to focus more and more on the forensics, along with the data recovery, as the market here becomes more familiar, and that I can help to combat any computer related crimes. The prospects are good; as well as getting interest from potential clients, the area is so fascinating I've even had people already approach me about being potential employees."
