We are electronic evidence experts

"The records and evidence uncovered by your organization proved to be the decisive factor in the litigation, and gave our organization tremendous leverage in the settlement process."

Christopher S. Miller
Chief Executive Officer, Conrad Kacsik
Solon (Cleveland), Ohio

Members

Forgot Username or Password

Events

No events

Damon S. Hacker, MBA, CCE, CISA

A veteran of the IT industry of 25+ years, Damon's current interests are in Digital Forensics, Electronic Discovery, IT Security including Data Breach/Incident Response as well as Fraud/White-Collar Crime Investigations. This arena blends his deep expertise in Information Technology, Business Management, Finance & Accounting as well as Legal.



Damon enjoys educating and sharing his expertise, knowledge and experience with individuals and organizations. He draws from experience running his own organizations as well as interfacing and working with thousands of clients to implement "best practice" solutions in their organizations.

Damon Hacker

Damon Hacker

A co-founder of Vestige, Damon has over 20 years experience working with technology. For more than 15 years, he has worked in the industry or consulted businesses on big-picture IT Management issues, as well as deeply technical issues. His foundation as a programmer/developer, formal training in IT, as well as years of experience working with businesses provides him with an extremely deep understanding of a multitude of issues that arise on the computer.

His development experience further provides him with a deep understanding of how data is stored, and where it is stored, which gives him a distinct advantage when considering how Computer Forensics can be used to obtain the evidence.

Since 2001, Damon has been involved in the computer forensics field. He has developed the techniques and procedures that protect and preserve the evidence, allowing its admissibility in courts, as well as performing the actual analyses on cases. He has testified in State and Federal courts and has been recognized as an Expert in Computer Forensics under Federal Rules of Evidence 702. He is a member of the International Society of Forensic Computer Examiners (ISFCE), Information Systems Audit and Control Association (ISACA) and stays active in several Computer Forensic-only message boards.

In addition, he is a sought-after speaker on the topic of Computer Forensics, Electronic Discovery, IT Security and IT Audit subjects and has given presentations and been part of expert panels within the region, including presentations to several Professional Associations (legal, accounting and others), in the Information Security area, as well as seminars to area attorneys and law firms. He has also been published a number of times on topics relating to Computer Forensics as well as other Technology related subjects.

Before joining Vestige, Damon successfully started from the ground up F1, Ltd., a full-service IT solutions provider. Prior to this, Damon was a Sr. Consultant at Medical Life Insurance Company and a department manager at Case Western Reserve University.

http://www.vestigeltd.com/company/management-team/7-damon-s-hacker-mba-cce-cisa

StubHub Users Stiffed for $1 Million+ in Latest Breach

Posted by Damon Hacker
Damon Hacker
A co-founder of Vestige, Damon has over 20 years experience working with technology. For more than 15 years, h...
User is currently offline
on Monday, 28 July 2014
in Business Management

This past week it was revealed that cybercriminals had heisted more than a million dollars from the popular online marketplace StubHub.  For those unfamiliar, StubHub is a subsidiary of eBay, that provides services for buyers and sellers of tickets for sports, concerts, theater and other live entertainment events.  While the news about the attack is new, the actual activity took place in March of 2013 and behind-the-scenes the investigation has been pursued by national and international law enforcement.  Total damage…over $1 million in fraudulent purchases from approximately 1,600 StubHub users.  What lessons can readers learn?  How can you protect your accounts—both corporate and personal?

Tags: Untagged
Hits: 230 0 Comments
0 votes

After the Assessment: Remediation

Posted by Damon Hacker
Damon Hacker
A co-founder of Vestige, Damon has over 20 years experience working with technology. For more than 15 years, h...
User is currently offline
on Monday, 21 April 2014
in Business Management

After the Assessment:  Remediation

The assessment is now complete and you’ve attended the closing meeting and have received the findings.  Naturally, there are items that need to be addressed.  Even in environments that are well-controlled, there are always things that can be improved.  This week we’ll look at what the findings mean and considerations for remediating the findings.

 

Tags: Untagged
Hits: 269 0 Comments
0 votes

Understanding the IT Assessment Process

Posted by Damon Hacker
Damon Hacker
A co-founder of Vestige, Damon has over 20 years experience working with technology. For more than 15 years, h...
User is currently offline
on Monday, 14 April 2014
in Business Management

Continuing with this month’s theme on IT Assessments, we will pick up this week where we left off.  Last week we looked at why you might want to consider an IT Assessment, discussed a framework for discussing and thinking about IT Assessments and introduced some terminology such that we can explore this area in more depth.  This week, I am looking at how the Assessments are conducted and what an organization can expect in going through an Assessment.  I’ll leave the tail-end of the discussion to things to consider when choosing who to provide such Assessments.

Tags: Untagged
Hits: 312 0 Comments
0 votes

An Introduction to IT Assessments

Posted by Damon Hacker
Damon Hacker
A co-founder of Vestige, Damon has over 20 years experience working with technology. For more than 15 years, h...
User is currently offline
on Sunday, 06 April 2014
in Business Management

For those of you who have read previous articles, blogs or have had the opportunity to hear me present on the topic of Information Security, you will no doubtedly recognize today’s theme.  While it is absolutely true that ownership/management at some organizations choose to put their heads in the sand when it comes to security within Information Technology, the vast majority don’t intentionally ignore it; rather, they falsely believe that it is adequately being handled within their existing IT structure.  Read along to find out why believing that may put your organization in jeopardy and what you can do about it.

Tags: Untagged
Hits: 286 0 Comments
0 votes

Responding to Litigation Holds with a Defensible Preservation Plan

Posted by Damon Hacker
Damon Hacker
A co-founder of Vestige, Damon has over 20 years experience working with technology. For more than 15 years, h...
User is currently offline
on Friday, 07 March 2014
in Legal

Over the years we have been exposed to thousands of companies’ approaches to litigation holds and I’m often surprised by the wide variance in the approaches.  One thing for certain is that the sensitivity and awareness to the need and legal requirement for litigation holds surrounding Electronically Stored Information is well entrenched with most organizations’ legal counsel.  It has taken a while, but since the 2006 amendments to the Federal Rules of Civil Procedure organizations, large and small, are getting it.  Is it all of them?  Clearly not; but hey, baby steps, right?  As an entity that lives and breathes ESI day-in and day-out, we sometimes lose sight of the fact that organizations that aren’t exposed to it all of the time have some differing opinions and points of view than perhaps what the industry views as best practices.  One area where this holds true is the comprehensiveness of the hold.  Too often stakeholders want to take the path of least resistance and end up woefully short of their duties.  Not as often, but enough to make it an issue, we find organizations that go way overboard on their preservation duties.  Clearly, there has to be a middle-ground, no?  Read on as I explore the facets of a Defensible Preservation Plan.

Tags: Untagged
Hits: 434 0 Comments
0 votes

Building a Timeline of Activity

Posted by Damon Hacker
Damon Hacker
A co-founder of Vestige, Damon has over 20 years experience working with technology. For more than 15 years, h...
User is currently offline
on Friday, 28 February 2014
in Business Management

One of the great things about enjoying a reputation of being problem solvers is the fact that clients oftentimes contact us for any and all of their digital evidence needs, even if they don't necessarily know exactly how we might be able to assist.  And this doesn't just come from those tech-savvy individuals.  Actually, sometimes it's the ones that aren't the most accomplished technologists that don't artificially dismiss an idea -- but instead bring it to us to see if we can assist.  Building a timeline of activity of what individuals have done by looking at the digital evidence is one such area where we've been called upon a number of times and the caller on the other end of the line doesn't quite know what they're looking for, whether it's something we can do or not, but they have this idea...

Tags: Untagged
Hits: 388 0 Comments
0 votes

Pre-Breach Assessments

Posted by Damon Hacker
Damon Hacker
A co-founder of Vestige, Damon has over 20 years experience working with technology. For more than 15 years, h...
User is currently offline
on Friday, 10 January 2014
in Business Management

It used to be that organizations’ information (either its own, or data that was entrusted to the organization) was relatively safe.  In the days before computers and the popularity of the Internet, someone could physically remove information.  For that part, even that could happen today.  But let’s face it, in today’s information-crazed economy, data is ubiquitous and information is golden.  Gaining access to it and stealing it is no longer a rare event, either.  Nor is it isolated to larger companies or companies that have “sexy” data (yes, I did just use those two words in the same sentence).  If you don’t believe that your organization is a target, then you must read my article “Protect Your Data”, in this month’s Smart Business Magazine.

In fact, it is not a question of “If”, but rather a question of “when” your organization will be faced with a data breach.  Your job, therefore, is to get that risk as low as possible and to make the impact of a data breach as low as possible when it does occur.

Tags: Untagged
Hits: 451 0 Comments
0 votes

Intellectual Property Theft: Analyzing the "Victim" Organization's Devices

Posted by Damon Hacker
Damon Hacker
A co-founder of Vestige, Damon has over 20 years experience working with technology. For more than 15 years, h...
User is currently offline
on Friday, 06 December 2013
in Business Management

In this month’s Vestige View blog series, we are going to be focusing on one specific type of matter that we seem to always work – IP Theft / Non-Compete matters.  Join us this week as we explore the benefits of examining the devices of the victim organization and just what can be gleaned from those – even though the actual evidence stolen is no longer in the victim’s possession.

Tags: Untagged
Hits: 284 0 Comments
0 votes

Proactive vs Reactive Security

Posted by Damon Hacker
Damon Hacker
A co-founder of Vestige, Damon has over 20 years experience working with technology. For more than 15 years, h...
User is currently offline
on Friday, 29 July 2011
in Business Management

Although your mother always told you to learn from others' mistakes, that is a tall order when having to make choices between which activities you're going to commit your scarce resources to. Like many things, when it comes to IT security, once the cat is out of the bag the costs of not having adequate security is always astronomically higher than you originally imagined.

Tags: Untagged
Hits: 877 0 Comments
0 votes