We sat down with Damian Walton, Managing Director (Designate) at IntaForensics, for an introduction and brief overview of his career. Damian has been part of the company since 2015 as an integral member of the senior management team, paving the way for IntaForensics to become the fastest-growing provider of digital forensic services in the UK.
Reflecting on an extensive career in the cyber security world and with a background in law enforcement, Damian reflects on the thrill of working in this fast paced, ever-changing industry… and even references his famous Whack-a-Mole analogy!
When did you first know you wanted a career in digital forensics?
“Actually, it wasn’t really as straightforward as that. I moved into digital investigations when I was a police officer.
“It was back to the early/mid-nineties when computers were just starting to become a little bit more mainstream as it were. The internet was in its early days, and it was something then that I simply had an interest in, but then it became part of my work in the early 2000s when I moved into the Hi-Tech Crime Unit. I was in charge of the HTCU for Northamptonshire Police where we conducted a wide variety of examinations involving digital forensics and network investigations.”
How did you get into digital forensics?
“At the time it was a case of moving from it being more of a hobby into formal police work.
“When the opportunity arose to work in the Hi-Tech Crime Unit, I took over the management of the unit, performed digital forensic examinations, network investigations and created the force covert internet investigations capability. I took the relevant industry training courses and studied at to achieve the necessary qualifications and certifications.”
What are the most rewarding aspects of your job?
“A lot of the work that we do is investigation work, so one enjoyable part is contributing to the identification and arrest of criminals.
“Much the same as police work, it’s also about helping people who are having issues of some form. Certainly in the cyber world we support many companies who have been attacked in various ways, and it’s incredibly rewarding when you can go along and work with companies or individuals who need some help and don’t really know where to turn.
“It’s’ great to know that we have got the skills and expertise to help them out and get them sorted.”
What are the most challenging aspects of your job?
“One challenge is keeping up with developments because that’s just the nature of technology. It changes so quickly and in a tongue-in-cheek way I describe it as the Whack-A-Mole game. You hit one bad guy down and as soon as you hit them, another one pops up.
“As soon as the industry works out a way to protect one area of the internet or cyber security, cyber criminals will work out another way to exploit it. It’s that battle all the time that’s quite challenging.”
How has digital forensics changed throughout your career?
“It’s the constant evolution of different threats. There are three sides to this: firstly, it’s the constant update of threats, which every day is posed as something different.
“The next change is that we’ve moved from the ‘fixed computers in houses’ world that it was when I first started, into a very mobile world. The majority of technology has moved into mobile phones, tablets, cloud-based services… whereas before it was traditionally a ‘one computer in one place’ scenario.
“Another change that we’ve encountered is data sizes. We’ve gone from those early days when a hard drive had a fairly small capacity to today where I could store more information on my mobile phone than I ever would have been able to store on a computer in the early days.
“That’s a challenge from the investigation part. The actual volume of data we have to sift through in order to find the evidence we’re looking for is another huge transformation in the industry. I would say those are the some of the most significant changes in the past twenty years or so.”
What’s the most memorable case that you’ve worked on to date?
“Without doubt the most memorable cases I have been involved in were those investigations that led to the identification and rescue of an abused child.
“When I worked at the Child Exploitation and Online Protection Centre (CEOP), we conducted many really complex investigations, often starting with the smallest clue and through the use of ground-breaking techniques, global cooperation and determination, we regularly identified child victims of abuse all over the world and ensured that their lives would change for the better. That takes some beating in terms of job satisfaction.”
What do you think the future holds for digital forensics/digital investigations?
“The challenges will grow, partly because we’ve moved into a cloud-hosted world. When I was first doing things, the majority of data was held locally so you knew exactly where to go and you knew where to find it.
“Nowadays it’s considerably more difficult to locate something when it’s hosted somewhere else. The degree of protection is another one. Services are now so much more secure than they used to be so that’s another challenge.
“Data protection and GDPR requirements also play a part when data is no longer available having be deleted or destroyed because companies need to meet the legislation requirements, and that data isn’t available anymore. It’s a multitude of different challenges in a world that never stands still, and we need to work out ways to be innovative and meet those challenges as we go along.
“It’s all about constant research, innovation and identifying the best way you can meet what you’re facing.”
What do you do at work on a daily basis?
“My role is to keep things going in the right direction, ensuring commercial opportunities are identified and exploited. It’s a combination really, it’s about ensuring all of my teams have got what they need to conduct their work – this can vary in terms of equipment, software and hardware to making sure that people are in the right place at the right time.
“Planning the next strategy with regards to what we need to look at and focus on is integral to my day-to-day activities, all while keeping a watchful eye on the industry itself to make sure that we are aware of any changes coming up and how things are moving in different directions.
“It’s having eyes in every direction ensuring I have plans in the office in the morning, but being able to change them at a moment’s notice when things crop up and have to be dealt with.”
What advice to you have to offer for someone new in the industry?
“It is such a wide and varied industry so I would advise someone not to try and cover everything or you will be completely confused. Pick out one certain area to focus on, for example, incident response, penetration testing or digital forensics. Do your reading and research, try and get some formal qualifications behind you.
“Ultimately though, make sure you’re doing something that interests you because you’re going to be far more engaged and enthusiastic if it’s an area of cyber security or something similar that excites you. There are so many different parts to it that it’s arguably impossible to be an expert in all of them, meaning that it’s more realistic to become an expert in one or two specific areas and making sure you really know what you’re doing in relation to those.”
What hard skills should someone in your field have?
“Generally speaking for our company, they need to have an inquisitive mind and curiosity. They need to be competent in problem solving, with skills and enthusiasm to solve an issue and not just relying on asking someone else to carry out a task for them. Being a team player and a focus on delivering the highest quality of work are essential requirements.
“For example, if you an encounter an issue you can go online and have so much information at your fingertips. Invariably there will be an answer out there somewhere you just need to find it, so it’s all about initiative and the invaluable problem-solving mindset that we look for at IntaForensics.
“It’s also important to keep up with all industry updates. You need to be aware of what’s changing and be able to move with it.”
Who or what inspires you?
“The what is to keep going and to keep making a difference. I see a lot of what we do really does have an impact on people’s lives for the better, and I think that’s what keeps us going.
“People don’t always understand why they’re doing a job and it’s only sometimes when you take a breath and look back that you realise what a positive difference you have made, and that makes the job well worth doing.”
How does IntaForensics company differ from other places you’ve worked for?
“I used to work at Visa which is a very different type of organisation. As a huge global commercial company you are a small cog in a large wheel, whereas IntaForensics is a smaller family-based style company with that culture.
“For me it is that real sense of community and belonging. Everybody knows everybody, we have an open-door policy and we mix all day long. That’s the set-up that makes us who we are at IntaForensics.”
IntaForensics provides a comprehensive range of cyber security services designed to prevent, monitor, and respond to security breaches.
We boast a team of 50 cyber security and digital forensic experts and a growing market presence. Our consultants will be able to assist with all digital forensic investigations, PCI DSS QSA & PFI, Cyber Security, Penetration Testing and Incident Response.
Quality underpins everything we do, and we are proud to be UKAS 17025:2017 accredited and ISO/IEC 27001:2015, ISO 9001:2015 and ISO 14001:2015 certified.
To find out more about our services Tel: 0247 77 17780 to speak with a member of our team or fill-in our contact form.