In the next instalment of our ‘meet the team’ series we caught up with Holly Jackson, Principal PCI (Payment Card Industry) Forensic Investigator at IntaForensics. As a valued and expert member of our team since joining the company in 2016, Holly has made quite the name for herself in the PFI world having assisted hundreds of merchants in helping to resolve their cardholder data breaches.
Reflecting on her career thus far, Holly reveals the most sophisticated cyber-attack she’s witnessed to-date and reflects on the growing female presence in this traditionally male-dominated industry.
When did you first know that you wanted a career in Digital Forensics?
“I went to university and I studied a related field. I wanted to do something that was crime related and something that is quite technical and involved computers. Digital Forensics fit that bill perfectly.
“My degree is in computer science. I did start out in a different degree, but I side-stepped into something similar.”
What are the most rewarding aspects of your job?
“It’s a good feeling to know that we’re helping people who are in a difficult situation. A lot of our smaller merchants who have been attacked don’t know the process and consequently don’t know what they’re doing.
“The vast majority of our clients are small-to-medium size and may not have any technical staff. Because of this, they don’t know who to turn to, so it’s nice being there to help and knowing that we can walk them through the process and share our knowledge.”
What are the most challenging parts of your job?
“A difficult part is that people don’t want to be in the types of situations they find themselves in when they turn to us for help. They’re often incredibly stressed when they get in touch with us.
“For our bigger clients who require what we call a full PFI investigation, there can be a lot of costings involved from other parties which adds to the pressure and increases the stress. It can be quite challenging to reassure people.”
What’s the most memorable case that you’ve worked on so far?
“I’ve worked on a case that lasted for over a year from beginning to end. We imaged over 100 servers – it was a very big case!
“The scale of it is something that really stuck with me. It was a change of pace for us as a company and required a huge amount of team effort, but we learned so much from it.
“Also, it was a good attack! What I like to call ‘the juicy bits’ like the malware and the attacker’s movements made it all the more interesting. It was a sophisticated attack with a number of moving parts.
“Something to bear in mind is that we rush to what is called ‘containment’ as quickly as possible. When we get involved, we jump in immediately. In this case we spent a few months imaging and that’s quite a big job in itself, but most of the time we work to get containment wrapped up within a few days or weeks. In this case they had already started containing the incident before we got involved.
“The main bulk of the work in this case was carried out in a few months, but there was a vast amount of reporting and ‘big picture’ work we have to do for these larger cases.”
What do you think the future holds for Digital Forensics?
“I think there will always be space for digital forensics. I don’t think it’s going anywhere – some might say it’s a good industry to be in!
“Society is definitely moving in a more technology-based way, so I think there will always be work here for anyone who wants it. On the attack side, attackers are evolving as new systems come in. There are more SaaS providers infiltrating the market and, in addition to this, there are many different cloud-based systems and platforms now. As a result, attackers are changing the way they operate.”
What do you do at work on a daily basis?
“Day-to-day I manage the PFI team. This involves overseeing them and being the first person there if they have any questions or need any support.
“Sometimes we have a complicated case that we’re working on, and we need to bounce ideas off one another. I also conduct QAs on all case reports and assist with the analysis. It’s a really good mix of tasks and means there’s never a dull moment!”
Did you always want to work in PFI?
“I actually wasn’t aware of PFI in the beginning and only found out about it at university. It wasn’t part of my course, but I discovered it on my placement year at a forensic company. The company visited my university and gave a talk on what PFI involves and were offering placements. I was lucky enough to get one.
“Essentially I fell into PFI. You will be amazed by how many people don’t know about PFI unless they’ve had a PFI investigation or work in the industry. There’s a vast amount of structure around it, including a council which regulates the process, but it is a bit of a secret world.”
What advice would you offer someone who was new to the industry?
“I would say that experience is the key to this industry as a whole. If you can get your foot in the door, preferably with a company that conducts investigations in fields that you’re interested in, you can build from there.
“A degree may get you in the door, but that’s it. It’s then about experience, building that knowledge and taking every opportunity that comes your way.”
What hard and soft skills would someone need to work in your role?
“Problem solving is definitely a big one. I remember an old boss of mine describing PFI as just problems to be solved!
“I think it’s good to have a curious mind – so to be questioning everything and constantly asking ‘why do we do things like that’ or ‘where did this come from’.
“General communication skills are always helpful. You have to constantly keep customers and other members of the team up to date so they know where you’re up to with an investigation. An interest and willingness to learn is another good one, because you should always be curious about what you might find.”
How does IntaForensics differ from other places that you work for?
“I have a great team and I’m really proud of every member that’s in it. We also have a great support system above and around that – when you find yourself in a difficult situation it’s always good to know that support is there if needed.”
Are there many women in the field of Digital Forensics?
“At IntaForensics in cyber there isn’t at the moment. But if we’re looking at forensics as a whole, almost half of the workforce in our digital forensic lab is female. Our side are a bit more specialised, but we have a big digital forensic lab with more traditional forensic professionals, who conduct a lot of outsourced police and government work.
“Outside of IntaForensics, back at university, there was perhaps a handful of females on my course, but the rest were male. Many of our merchants are male too, but this depends on the company. It’s definitely better than it was, but there’s still a long way to go.”
IntaForensics provides a comprehensive range of cyber security services designed to prevent, monitor and respond to security breaches.
We boast a team of 50 cyber security and digital forensic experts and a growing market presence. Our consultants will be able to assist with all digital forensic investigations, PCI DSS QSA & PFI, Cyber Security, Penetration Testing and Incident Response.
Quality underpins everything we do, and we are proud to be UKAS 17025:2017 accredited and ISO/IEC 27001:2015, ISO 9001:2015 and ISO 14001:2015 certified.
To find out more about our services Tel: 02477 717 780 to speak with a member of our team or fill-in our online contact form.