Curriculum Vitae Lee Neubecker

P‌DF Updated as of 3/21/2025

‌BIOGRAPHY

Lee Neubecker is the President and CEO of Enigma Forensics, Inc., a Chicago and Fort Lauderdale based Computer Forensics and Cyber Investigation consultancy. Neubecker assists Fortune 500 clients, government agencies, and private organizations with cyber-related investigations involving theft of electronic data, authentication of digital evidence, electronic medical records, fraud, counterfeiting, and online identity unmasking.

Neubecker also is the founder of IT Security Blog leeneubecker.com. Before starting Great Lakes Forensics, Neubecker had served as CISO for HaystackID and following the acquisition of Envision Discovery and Inspired Review by HaystackID, Neubecker was promoted to serve as CIO over the combined entities. Neubecker was named one of the top Global Computer Forensics and Cyber security experts by Who’s who Legal in 2018, 2019, 2020, 2021, 2022, 2023 and 2024 and many years prior to that.

During 2016 and 2017, Neubecker assisted the U.S. Federal Government in discovering important security compromises including, the compromise of NIST.gov wildcard certificate (boudicca.nist.gov) using deprecated encryption (December 2016), compromise of time.gov NIST time servers (December 2016), compromise of NIST NSRL Hash Set download page (December 2016) and leaked email usernames and passwords from U.S. Intelligence Agency email account credentials onto public sandbox websites such as pastebin.com. (December 2016 and January 2017). Neubecker has a track record of uncovering Cyber Data Breaches and has performed investigations on the State and Federal Government Agency levels.

Neubecker’s has performed extensive research pertaining to hardware based vulnerabilities and exploits including, Serial Peripheral Interface – chip stored malware that has been impacting individuals, companies and government agencies in the wild following the leak of

U.S. Cyber weapons cache. Neubecker identified and reported the hack of chicagoelections.com website, that resulted in millions of Chicago resident (and former resident) voting records being disseminated online. Neubecker also provided important intelligence collection and analysis services that helped bring the perpetrators of the Boston Marathon Bombing to justice. Prior to founding Enigma Forensics, Neubecker founded Forensicon, Inc. and sold the company to QDiscovery, a national eDiscovery services provider. While managing Forensicon, Mr. Neubecker provided consulting services in the areas of computer forensics, electronic discovery, data recovery and litigation support to a diverse range of clients. Mr. Neubecker has worked on both Plaintiff and Defense sides, and has served as a regular speaker on topics in the computer forensics and electronic discovery fields for Midwestern legal bar associations, Professional Associations and National Legal Conferences. Mr. Neubecker has been appointed a special master in civil litigation matters by the courts. Mr. Neubecker has been cited in the appellate court as an expert witness in the case, Liebert Corp. v. Mazur. The published opinion of Justice Wolfson, Circuit Court of Cook County, regarding Mr. Neubecker’s testimony can be found at the following link: https://caselaw.findlaw.com/il-court-of-appeals/1063543.html

Prior to founding Forensicon, Inc., Mr. Neubecker founded BuzzBolt Media, a web development and Search Engine Optimization consultancy which later became Forensicon, Inc. Before moving to Chicago in 2000, Mr. Neubecker led the online communities’ product

‌development and programming initiatives for the Lycos Network, a pioneering Web media model that included three Top 10 Web sites and was one of the most visited hubs on the Internet during Neubecker’s tenure. Neubecker was responsible for creating, launching and managing chat, instant messaging, message boards, and online games across the Lycos network. In this role, Mr. Neubecker led the company’s response to legal inquiries from law enforcement personnel and personally oversaw complicated international investigations involving transcontinental Cyber attacks against company servers and users.‌

Before joining Lycos and graduating with an MBA focused in technology, Mr. Neubecker launched and successfully managed Innovative Consulting, Inc., an information technology consulting company. Mr. Neubecker’s company deployed network management, contact management, sales automation and ERP solutions to small and mid-tier organizations. Prior to Innovative Consulting, Neubecker held operations and finance analyst positions with Ford Motor Company and Comerica Bank. Mr. Neubecker has experience in securities valuation and accounting from his position at Comerica Bank, where he served as a Trust Fund finance analyst. While serving at Ford Motor Company as an intern, Neubecker was integral in automating important processes and bringing financial forecasting methodologies online, resulting in more timely and accurate quarterly financial forecasts.

Mr. Neubecker graduated magna cum laude from Babson College with a Masters of Business Administration, focusing on Technology. Mr. Neubecker also holds an undergraduate degree in Finance, magna cum laude, from Eastern Michigan University.

‌NOTABLE CASES OF RECORD AS A COMPUTER FORENSICS EXPERT WITNESS

LESEAN DOBY v. ZIDAN MANAGEMENT GROUP, INC.

IN THE UNITED STATES DISTRICT COURT FOR THE NORTHERN DISTRICT OF ILLINOIS EASTERN DIVISION

Case No. 1:23-cv-16602

Provided affidavit regarding the analysis of a biometric fingerprint lock in support of the defendant as it relates to the Illinois Biometric Information Protection Act.

JAQUAN SHORTER v. ADVOCATE HEALTH AND HOSPITALS ) CORPORATION, ET. AL.

IN THE CIRCUIT COURT OF COOK COUNTY, ILLINOIS

COUNTY DEPARTMENT, LAW DIVISION

Case No. 2023L012024

Filed affidavit regarding user authentication to the defendant’s Electronic Medical Record system and the origins of the logon activities when accessing the patient’s health provider’s EMR system.

EUGENE EVANS v. CORRECTHEALTH CLAYTON, LLC and PAMELA BLAHA, LPN

IN THE SUPERIOR COURT OF FULTON COUNTY STATE OF GEORGIA, Case No. 2023CV379078

Filed affidavit regarding electronic medical records.

MARVA BURNETTE v. RUSSELL P. NOCKELS, M.D., IGNACIO JUSUE-TORRES, M.D., and LOYOLA UNIVERSITY MEDICAL CENTER

IN THE CIRCUIT COURT OF COOK COUNTY, ILLINOIS COUNTY DEPARTMENT, LAW

DIVISION, Case No. 2023-L-000973

Filed affidavit regarding electronic medical records and audit trails.

CHRISTINE MCLAUGHLIN, CRYSTAL VANDERVEEN, JUSTIN LEMBKE, SCOTT HARDT, ET. AL. v. SELECT REHABILITATION LLC

UNITED STATES DISTRICT COURT FOR THE MIDDLE DISTRICT OF FLORIDA

JACKSONVILLE DIVISION

CLASS and COLLECTIVE ACTION Case No: 3:22-cv-00059-HES-MCR

Filed Declaration regarding the availability of EMR audit log records to show when staff were performing work.

‌CDL 1000, INC. v. SCOTT ROBERTSON

CIRCUIT COURT OF COOK COUNTY, ILLINOIS, Case No. 2022-CV-00415

Provided affidavit detailing the lack of compliance with the courts’ order requiring handover of Robertson’s personal smartphone and computer for forensic preservation and analysis relating to a departed employee investigation and alleged electronic trade secret misappropriation.

‌DEVIN ESTIME v. SOUTHERN CALIFORNIA PERMANENTE MEDICAL GROUP

SUPERIOR COURT OF THE STATE OF CALIFORNIA COUNTY OF LOS ANGELES, Case No.: 22STCV06517

Filed affidavit regarding electronic medical records and audit trail productions.

‌ROBERT BRONSTEIN v. LATIN SCHOOL OF CHICAGO‌

‌IN THE CIRCUIT COURT OF COOK COUNTY, ILLINOIS COUNTY DEPARTMENT, LAW DIVISION,

‌Case No. 2022-L-003763

‌Completed forensics analysis of iPhone, Macbook, and iPad of defendant in the case.

‌CONNIE & GARY ANDERSON v. PATIENT FIRST MARYLAND MEDICAL GROUP‌

‌IN THE CIRCUIT COURT FOR BALTIMORE COUNTY Case No. C-03-CV-21-001814‌

‌Provided affidavit related to EMR and audit trail logs.

‌PHOTOFAX, INC. v. JOSEPH BRADY CIRCUIT COURT OF KANE COUNTY, IL Case No. 21-CH-000167‌

Provided affidavit detailing the forensic examination of the PhotoFax issued laptop by the departed employee. Reported on the destruction of evidence and provided support for a motion to compel examination of the devices still used by Joseph Brady to look for sensitive company data and trade secrets.

JAMES ABRAHAM, successor Trustee of the JOHN A. ABRAHAM TRUST v. ELIZABETH CHAPMAN

IN THE CIRCUIT COURT OF COOK COUNTY, ILLINOIS COUNTY DEPARTMENT, MUNICIPAL DIVISION

Case No. 2020 M170426

Provided affidavit regarding the authenticity of alleged lease produced by the defendant relative to a forensic analysis of computing devices.

‌JOSEPH NICOLOSI ET. AL. v. STANDARD PARKING ET. AL.

‌CIRCUIT COURT OF COOK COUNTY, IL Case No. 20-L-007912.

Provided affidavit detailing EXIF photo metadata extracted from the Plaintiff’s production of alleged photos taken of damaged artwork and other effects. Identified photos that were edited after they were taken using Photoshop.

‌PATRICK T. MCKINNEY, BY AND THROUGH HIS LEGAL GUARDIAN, RONI S. MCKINNEY, AND RONI S. AND TIMOTHY C. MCKINNEY, INDIVIDUALLY AND AS THE PARENTS AND NATURAL GUARDIANS OF PATRICK T. MCKINNEY v. THE CLEVELAND CLINIC FOUNDATION AND THE CLEVELAND CLINIC HEALTH SYSTEM

‌COURT OF COMMON PLEAS OF CUYAHOGA COUNTY, OHIO Case No. CV-20-931-660.

Provided affidavit in support of a motion to compel for supervised on-site obtainment of the plaintiff’s full medical records. Involved Epic EMR software.

‌NIMISH SHAH, AS THE NATURAL SON OF PUSHPABEN C. SHAH, v. ST. LUKE’S EPISCOPAL PRESBYTERIAN HOSPITALS, D/B/A ST LUKE’S HOSPITAL, ET. AL. CIRCUIT COURT OF ST. LOUIS COUNTY, MISSOURI. Case No. 20SL-CC04023. Div. 8.‌

Signed an affidavit exhibiting deficiencies in Defense’s production and supporting a motion to compel for an on-site collection of the plaintiff’s medical records. Involved Cerner software.

‌MARC STRAUSS v. KATHLEEN VAN VALKENBURG, M.D. and SIGHT MEDICAL DOCTORS, P.L.L.C.

‌SUPREME COURT OF THE STATE OF NEW YORK, COUNTY OF NASSAU, Index No. 608054/2020.

Submitted an affidavit in support of a motion to compel for full medical records involving MyCare iMedicWare EMR software.

‌DEBORAH CARR v. HOSPITAL SISTERS HEALTH SYSTEM

‌IN THE CIRCUIT COURT OF THE SEVENTH JUDICIAL CIRCUIT SANGAMON COUNTY, ILLINOIS, Case No. 2020-L-105

‌Provided affidavit related to EMR and audit trail logs.

RONI S. AND TIMOTHY C. MCKINNEY, v. THE CLEVELAND CLINIC FOUNDATION

IN THE COURT OF COMMON PLEAS CUYAHOGA COUNTY, OHIO

Case No.: CV-20-931660

Filed affidavit regarding electronic medical records.

AUSTIN ROBERTS v. IOWA HEALTH SYSTEM d/b/a UNITYPOINT HEALTH, TRINITY MEDICAL CENTER

IN THE CIRCUIT COURT OF THE FOURTEENTH JUDICIAL CIRCUIT ROCK ISLAND COUNTY, ILLINOIS, Case No. 2020 L 76

Filed affidavit regarding electronic medical records and audit trails.

‌SMART MORTGAGE CENTERS, INC. V BRIAN NOE, EILEEN PRUITT, AND NEXA MORTGAGE, LLC

IN THE CIRCUIT COURT OF WILL COUNTY, ILLINOIS TWELFTH JUDICIAL CIRCUIT Case No. 20 CH 292

Filed an affidavit regarding allegations of trade secret misappropriation.

PHILIPS NORTH AMERICA, LLC v. FITBIT, INC.

IN THE US DISTRICT COURT FOR THE DISTRICT OF MASSACHUSETTS

Case No.: 1:2019cv11586

Filed affidavit relating to forensic inspection of electronic data relative to allegations of trade secret misappropriation.

ROBERT WATSON and MARK SAULKA, v. RYAN TODD WEIHOFEN and POOL TECHNOLOGIES, LTD.,

IN THE CIRCUIT COURT OF COOK COUNTY ILLINOIS COUNTY DEPARTMENT, CHANCERY DIVISION, Case No. 2019 CH 12252

Filed affidavit regarding the expected cost to comply with a subpoena for production of electronic medical records.

‌LOUIS ARGIRIS v. PAUL V. FAHRENBACH, M.D., GI SOLUTIONS OF ILLINOIS LLC, ATHANASIOS D. DINIOTIS, M.D., TIESENGA SURGICAL ASSOCIATES, S.C. d/b/a SUBURBAN SURGERY CENTER INCORPORATED, JOSEPH Z. PUDLO, M.D., and JOSEPH Z. PUDLO, M.D., S.C.

‌COOK COUNTY CIRCUIT COURT, ILLINOIS, Case No. 2019 L 012187.

Provided affidavit in support of a motion to compel for the revision history of the plaintiff’s medical records. Consulted with counsel in serving subpoena to EMR system provider.

Involved Greenway Health’s EHR platform.

‌CHRISTOPHER JOHANSEN v. NOW MARKETING SERVICES INC. AND INTERCOVE, INC.

‌CIRCUIT COURT OF WILL COUNTY, IL, Case No. 19-L-989.

Provided affidavit relating to departed employee apparent deletion activities including access of emails post employee departure in support of a motion to compel forensic preservation and analysis of the departed employee’s personal electronic devices.

‌ROBERT WATSON AND MARK SAULKA v. RYAN TODD WEIHOFEN AND POOL TECHNOLOGIES, LTD.

CIRCUIT COURT OF COOK COUNTY, IL, Case No. 19-CH-12252.

Provided affidavit discussing the expected costs of a third party producing electronically stored information.

‌BYRON FOXIE, as legal guardian and parent of TIGE W. FOXIE, v. ANN & ROBERT H. LURIE CHILDREN’S HOSPITAL OF CHICAGO, and ALMOST HOME KIDS, and OTHER UNKNOWN PARTIES, JOHN DOES 1-10 and ROE CORPORATIONS 1-10 CIRCUIT COURT OF COOK COUNTY, ILLINOIS, Case No. 19 L 7430

Provided testimony in the form of three affidavits supporting a motion to compel during discovery due to deficiencies in EMR production. Involved Epic EMR software.

‌PHOTOFAX, INC. v. MICHAEL CALDARAZZO

‌CIRCUIT COURT OF KANE COUNTY, ILLINOIS, Case No. 19-CH-000217.

Performed forensic imaging of departed employee devices. Assisted with the construction of an ESI protocol. Analyzed, signed an affidavit, and testified regarding alleged misappropriation of trade secrets.

‌BLACK ROCK TRUCK GROUP, INC. FKA NEW ENGLAND TRUCK SALES AND SERVICE, INC. v. HARRY TARASIEWICZ and JOSEPH TARASIEWICZ

‌UNITED STATES DISTRICT COURT SOUTHERN DISTRICT OF NEW YORK, Case No. 7:19-cv-2367

Performed preservation of evidence, search and production of ESI. Analysis regarding allegations of trade secret misappropriation. Provided testimony regarding fabrication of emails and destruction of evidence.

TERRI BROWN v. MOUNT SINAI MEDICAL CENTER OF FLORIDA, INC. ET. AL.

IN THE CIRCUIT COURT OF THE ELEVENTH JUDICIAL CIRCUIT IN AND FOR MIAMI-DADE COUNTY, FLORIDA

Case No. 2018-016560-CA-09

Filed affidavit regarding the inadequate production of Plaintiff’s electronic medical records.

JERAME ANDREWS, and THERESA ANDREWS v ANKLE AND FOOT CENTERS OF GEORGIA. ET. AL

IN THE STATE COURT OF GEORGIA FULTON COUNTY Case No. 18EV003536

Filed affidavit regarding the inadequate production of Plaintiff’s Electronic Medical Records.

UNITED STATES DEPARTMENT OF JUSTICE V. BUYANTOGTOKH DASHDELEG, PETITION FOR REMOVAL.

Executive Office for Immigration Review Chicago, Illinois, File No. A218-056-722

Filed affidavit regarding the authenticity of email transmitted.

‌PEOPLE OF THE STATE OF ILLINOIS v. CHRISTIAN DAIGRE‌

CIRCUIT COURT OF COOK COUNTY, ILLINOIS, Case No. 2018-cr-1626801

Provided affidavit regarding the lack of the original sources of data being preserved that would allow for authentication of SMS and MMS messages allegedly sent and received.

‌RILEY ANN BERGTHOLDT v. ADVOCATE HEALTH AND HOSPITAL CORP, ET. AL.

‌CIRCUIT COURT OF COOK COUNTY, ILLINOIS, Case No. 2018-L-8647

Provided affidavit detailing deficiencies with defendant’s production of Electronic Medical Records (hereafter “EMR”) produced from Allscripts and from EPIC.

‌ANDREA BROCK, MICHAEL BROCK, S.B. v. THE UNIVERSITY OF CHICAGO MEDICAL CENTER D/B/A COMER CHILDREN’S HOSPITAL

‌CIRCUIT COURT OF COOK COUNTY, IL, Case No. 18-L-1175.

Provided affidavit in support of a motion to compel production of the Patient’s complete EMR, including Defendant’s secure file storage system, “Sticky Notes”, “In Basket” messages, audit trail records and complete revision history of the EMR as stored in the EPIC Hospital Information System.

‌TERRI BROWN, an individual, and ALAN ROCK, her husband, v. MOUNT SINAI MEDICAL CENTER OF FLORIDA, INC. d/b/a MOUNT SINAI MEDICAL CENTER, a Florida Corporation; and WILLIAM F. BURKE III, M.D., an individual; and BRETT C. FUKUMA, M.D., an individual

‌CIRCUIT COURT OF MIAMI-DADE COUNTY, FLORIDA, Case No. 2018-016560-CA-09.

Filed two affidavits in support of a motion to compel for an on-site collection of plaintiff’s electronic medical records. Involved Epic EMR software and Synapse PACS.

‌THE FOREST PRESERVE DISTRICT OF COOK COUNTY V. ROYALTY PROPERTIES, LLC; CANNON SQUIRES PROPERTIES, LLC; MERIX PHARMACEUTICAL CORPORATION, RICHARD KIRK CANNON, MERYL SQUIRES-CANNON, MCGINLEY PARTNERS, LLC, AND ROYALTY FARMS, LLC CIRCUIT COURT OF COOK COUNTY, ILLINOIS, Case No. 18 L 315.‌

Provided in courtroom testimony on the significance of electronic file metadata as it relates to when documents were received and modified.

‌BROWARD ENERGY PARTNERS v. RAPPAPORT

‌CIRCUIT COURT OF COOK COUNTY LAW DIVISION, Case No. 18 L 1096.

Provided in court testimony and testimony via affidavit to assist with eDiscovery protocol process and address allegations of spoliation, withholding of information and authenticity of email.

‌JORIE LP, KOPLIN AND CONTENT CURATION & DATA ASSET MANAGEMENT v. ROBERTS MCGIVNEY ZAGOTTA ET AL.‌

‌CIRCUIT COURT OF DUPAGE COUNTY, ILLINOIS, Case No. 17 L 728.

Provided in court testimony and testimony via affidavit involving issues of email authenticity, cell phone fabrication of evidence, and eDiscovery.

‌MCMAHON v. DIGITAL FUEL SOLUTIONS

‌CIRCUIT COURT OF WILL COUNTY, ILLINOIS, Case No. 15 L 681.

Provided written affidavits regarding alleged software code misappropriation. Assisted counsel with seeking preservation of electronic data from third parties.

‌BORCHERS V. FRANCISCAN TERTIARY PROVINCE OF THE SACRED HEART, INC., ET. AL..

‌Case No. 2011 IL App (2d) 101257.

Testified in support of violation of the Electronic Communications Privacy Act by Plaintiff’s former employer.

http://www.illinoiscourts.gov/opinions/AppellateCourt/2011/2ndDistrict/December/2101257

.pdf

‌SABAN v. PHARMACARE MANAGEMENT, LLC ET. AL.

‌NORTHERN DISTRICT OF ILLINOIS (Chicago), Case No. 1:10-cv-02428.

Rebuttal witness regarding trade secret misappropriation.

‌TRANCO INDUSTRIAL SERVICES, INC. v. CAMPBELL

‌NORTHERN DISTRICT COURT OF INDIANA, HAMMOND DIVISION, Case No. 07-CV-206.

Won TRO – Violation of Computer Fraud & Abuse Act – Trade Secret Misappropriation Supervised and prepared our testifying expert for this case.

‌VALUEPART v. ITR NORTH AMERICA ET. AL.

‌NORTHERN DISTRICT COURT OF ILLINOIS, EASTERN DIVISION, Case No. 06-CV-02709.

http://www.forensicon.com/resources/case-summary/valuepart-v-itr

‌CHARLES A. KRUMWIEDE v. BRIGHTON ASSOCIATES, LLC AND ISMAEL C. REYES

‌NORTHERN DISTRICT COURT OF ILLINOIS, EASTERN DIVISION, Case No. 05-C-3003.

Supervised and prepared our testifying expert for this case. http://www.forensicon.com/resources/case-summary/krumwiede-v-brighton-associates/

‌S.C. JOHNSON & SON, INC. v. MILTON E. MORRIS ET. AL.‌‌

‌CIRCUIT COURT OF RACINE COUNTY, WISCONSIN, Case No. 04-CV-1873.

Led the investigation and preservation effort that uncovered personal webmail, revealing a fraudulent kickback scheme, which resulted in a law enforcement sting and later a successful conviction of the accused. This ultimately resulted in an award of $203.8 million to compensate SC Johnson & Son, Inc. for its losses. https://www.forensicon.com/resources/case-summary/wisconsin-appeal-sc-johnson-vs-mor ris-schelle/

LIEBERT CORPORATION ET. AL. v. JOHN MAZUR ET. AL.

‌CIRCUIT COURT OF COOK COUNTY, CHANCERY DIVISION, Case No. 04 CH 02139.

‌Appellate Court, Second Division, Case No. No. 1-04-2794.

Provided testimony via affidavit and in court, identifying patterns of trade secret misappropriation.

‌KALISH v. LEAPFROG ONLINE ET. AL.

‌CIRCUIT COURT OF COOK COUNTY, ILLINOIS, Case No. 03-L-011695.

Performed analysis of the computer used by the recently departed employee and reported on the employee’s actions to the court.

http://www.forensicon.com/resources/case-summary/kalish-v-leapfrog-online/

‌LORILLARD TOBACCO COMPANY v. CANSTAR (U.S.A.), INC. ET. AL.

‌NORTHERN DISTRICT COURT OF ILLINOIS, EASTERN DIVISION, Case No. 03-C-4769.

Performed forensic preservation and forensic analysis that resulted in identifying a counterfeiting syndicate. Located personal email accounts and offshore wiring accounts used to perpetrate the counterfeiting scheme. More than $5 million was awarded from Neubecker’s discovery of a counterfeit scheme.

‌EDUCATION & PROFESSIONAL DEVELOPMENT‌

‌TECHNICAL SKILLS

Managed Engineering Development and data analysis activities across many disparate technologies, from legacy through more recent technologies and platforms including;

‌Database Technology:

Filemaker, MySql, Oracle, Sql, Sql Server, Law eDiscovery, & Medical ERP Patient Record Systems

‌Forensic Software:

Aircrack, Airmon, Access Data, Mobile Edit Pro, Cellebrite, Encase, Paladine, Recon Lab, Forensic Toolkit, Paraben, & WiFite

‌Online Reconnaissance:

Dark Web, IRC, GFI Languard, Maltego, & Usenet

‌Security Monitoring:

Nmap, Splunk, Snort, Wireshark, Sophos UTM, & Shodan

‌Operating Systems / Command Line Shells:

Mac OS X, Windows (Dos/3.1/NT/2000/XP/Vista/2008/2012/7/8/10), Windows Server NT, 2000, 2008, 2012 (Active Directory, Group Policy Management, Certificate Management), Bash, Busybox, Amiga, Commodore, CPM, TI 99/4a, Grub, Kali Linux, Linux, Raspbian OS, Solaris, VMware, Raspberry PI OS, & Unix

‌Programming:

C++, CVS, DOM, Pascal, Xcode, Xml, Kintone, Python, Fabric & Visual Basic

‌Software Applications:

MS Office, SDR, Webx, WebTrends, Camtasia, Adobe Photoshop, MS Office, MS Project, MS Access, MS Excel, MS Powerpoint, MS Word, MS Visio, Peachtree, Quickbooks & Quicken

‌Web:

Expert in Search Engine Optimization, ASP, Coldfusion, HTML, Java, Javascript, Python, PHP, Scripting Languages, Artificial Intelligence, & WordPress

‌EDUCATION & PROFESSIONAL DEVELOPMENT

• M.B.A., Magna Cum Laude – Babson F.W. Olin Graduate School of Business – Wellesley, MA
• B.B.A. Finance, Magna Cum Laude – Eastern Michigan University Ypsilanti, MI
• Guidance Software – EnCase® Introduction to Computer Forensics 32 credits – Sterling, VA
• Guidance Software – EnCase® Intermediate Analysis and Reporting 32 credits – Sterling, VA
• Guidance Software – Information Risk and Policy Compliance 3 credits – Chicago, IL
• Continuing Education – Computer Programming – Harry S. Truman College – Chicago, IL
• Novell Computer Network Training – Walsh College – Troy, MI

PROFESSIONAL EXPERIENCE

EnigmaForensics.com — President & CEO
Chicago, IL (8/2018 – Present)‌

• Provided direct consulting to clients involving complex issues relating to eDiscovery
• Retained by Government Agency to assist with deposing technical deponent in litigation relating to patient health care records
• Assisted with developing a court approved protocol for production of ESI
• Conducted complex investigations involving the authenticity of emails

HaystackID — Chief Information Officer
Boston, MA (4/2018 – 7/2018)

• Managed all IT resources for eDiscovery production environment and internal systems
• ‌Oversaw data center migration
• Created documentation and work ticketing system for tracking problems and improving service response
  ‌HaystackID — Boston, MA (1/2018 – 3/2018)‌Chief Information Security Officer
• Performed initial security assessment of organization
• Prepared for GDPR compliance initiatives of organization
• Outreach to potential clients

FORENSICON, a QDiscovery Company — Founder and consultant, Chicago, IL (2016 – 2017)

• Identified opportunities to provide existing client base with services available from combined companies
• Presented on the Telephone Consumer Protection Act regarding strategies towards mitigating lawsuits

‌FORENSICON, INC. — Chicago, IL (2000 – 2016)‌President & CEO

• Conducted fraud examinations involving misappropriation of funds, trade secrets, tax evasion, money laundering, and other white collar related investigations
• Supervised a team of forensics experts in providing complex litigation plaintiff and defense consulting
• Appointed by the U.S District Court of the Northern District of Illinois to assist defense counsel in the trial against accused terrorist trial of Tahawwur Rana – The single count where my firm presented testimony, the defendant was found not guilty
• Performed online investigative work to identify and assist law enforcement with the apprehension of the Boston Bombing perpetrators, Dzhokhar and Tamerlan Tsarnaev
• Uncovered and reported the third known data breach of the Chicago Board of Elections voter database and election worker personal information
• Supervised testifying experts on many cases of record to prepare technical experts for cross examination and rebuttal of their findings
• Preserved electronic evidence for a range of clients using legally sanctioned protocols
• Selected as preferred vendor by the Illinois Attorney Registration Disciplinary Commission – assisted with investigating various claims filed against licensed Illinois Attorneys
• Developed Custom ERP System for evidence management, project management, time tracking and billing
• Provided expert testimony to resolve disputes for various commercial, nonprofit, and governmental agency clients
• Appeared several times as a computer forensics expert on WCIU TV Chicago Channel 26, First Business, NPR Business News, NBC Chicago and more
• Led data breach first responder efforts for; State Government Social Services Department, Non-Profit HealthCare Organization, Financial Services Company, Accounting Firm, Private Membership Club Organization and various Corporations
• Oversaw the development and presentations made to attorneys and legal support staff at the Chicago Bar Association, Illinois Attorney & Discipline Regulatory Commission, DuPage County Bar Association, various associations and more
• Provided expert witness testimony regarding willful deletion of evidence by a departing employee where the testimony was upheld on appeal proving spoliation of evidence
• Compiled emails from numerous platforms into popular litigation support platforms
• Speaker at various events on the topic of computer forensics (see list below)
• Performed computer forensics examinations in FBI forensics labs
• Led the successful forensic analysis defense efforts against a law firm client of our firm that was accused of willful spoliation of evidence – discovered and reported our findings to Judge Mikva that no spoliation had occurred as alleged, the drive was merely encrypted and contained all information
• Led numerous anonymous online defamation investigations resulting in the identification of many anonymous persons responsible for the defaming activities
• Expert in Search Engine Optimization

LYCOS, INC. — Senior Product Development Manager, Community Products Group,
Waltham, MA (1998 – 1999)

• Managed and/or launched a large group of products including chat, message boards, and games
• Responded to SEC/FBI Inquiries pertaining to illicit behavior in Lycos network online properties
• Tracked hacker attacks on the Lycos network of sites to help identify and prosecute offenders
• Implemented safeguards against denial-of-service attacks across product group
• Instituted product development and service roadmap management system for teams
• Created & managed multiple cross-functional product teams
• Managed transition of products from external to internal hosting
• Led engineering team on the development of scalable & secure online products

‌INNOVATIVE CONSULTING, INC. — President Brownstown, MI (1994 – 1997)

• Led a company of five professionals providing IT support to various sized Companies
• Provided Network support in a multi server environment (NT, Novell, Mac, Linux)
• Implemented financial management software for tier 3 automotive suppliers
• Designed & executed disaster recovery procedures for multiple businesses
• Architected multi-office communication infrastructure for multiple companies

‌‌COMERICA BANK — Securities & Trust Fund Accountant, Detroit, MI (1994)

• Audited security transactions for bank trust funds
• Researched discrepancies in reporting
• Published & verified daily yield rates of several portfolios of marketable securities
• Initiated automation of trust fund daily reporting

FORD MOTOR COMPANY, INC. — Detroit, MI (1992 – 1994)‌Product Pricing Analyst

• Estimated cost impact on production forecast for various product design changes
• Benchmarked sourced products to ensure price competitiveness
• Designed & implemented a profit forecasting system using Excel & EDI

PRESENTATIONS

• “Keys to Unlocking Electronic Medical Records EMR”, MCLE Tuesday May 25, 2021 delivered via Zoom co-sponsored by the Illinois Public Defender Association, the Illinois Innocence Project, the Center for Integrity in Forensic Sciences, and the Family Justice Resource Center.
• Illinois Public Pension Advisory Committee: Friday, December 2nd’s IPPAC Winter Conference “The Imminent Threat of Cyber Attacks to your Pension Boards” panel
• National Society of Insurance Investigators: “Cellphones, Pictures, Videos . . . What a Cyber Forensic Investigation Can Reveal”, December 4th, 2014
• The Disaster Conferences : “Cyber Threats and Data Breaches”, September 18th, 2014
• First Chair Awards : “Data Breach & Incident Response: How to Mitigate Your Risk Exposure”, August 2014
• Cigar Society of Chicago : “How to Catch a Terrorist”, September 2013
• ICPAS Fraud Conference 2012: “What a Responsible Professional (CPA or Attorney)
• Should Know about eDiscovery and Document Management”, September 2012
• Law Bulletin E-Discovery Seminar: “Managing Scope & Review”, June 28th, 2011
• NetSecure ‘11: IT Security and Forensics Conference and Expo: “Protecting Digital Assets from Hackers and Thieves”, March 24th, 2011
• Chicago Association of Litigation Support Managers, CALSMposium: “Seventh Circuit Electronic Discovery Pilot Program”, October 7th, 2009
• National Business Institute – “E-Discovery Searching the Virtual File Cabinets”:(co-presented with Christopher S. Griesmeyer, partner at Levenfeld Pearlstein, LLC and David W. Porteous, partner at Faegre Baker Daniels LLP) “Obtaining Electronic Data & Best Practices in using Computer Forensics”, September 19th, 2008
• Law Bulletin E-Discovery Seminar — “Electronic Discovery in Practice”: (co-presented with Jennifer Wojciechowski of Kroll Ontrack) “Avoiding the Pitfalls of the Electronic Era”, October 2005
• Institute of Internal Auditors, Chicago West Chapter Meeting: (co-presented with Cameron Nelson, attorney at Greenberg Traurig) “Using Computer Forensics To Conduct Investigations”, May 9th, 2006
• Association of Certified Fraud Examiners Workshop: (co-presented with Kathryn Hoying, attorney at Johnson & Bell, Ltd.) “Using Computer Forensics to Conduct Investigations”, February 10, 2006
• Chicago Law & Technology Conference: “Computer Forensic Update”, co-presented with Greenberg Traurig LLP Attorney Cameron Nelson, February 23, 2006
• FagelHaber, LLC’s E-Discovery Conference: (co-presented with Richard Chapman, Gary Green, David Rownd and Robert Kamensky, attorneys at FagelHaber, LLC) “Avoiding the Pitfalls of the Electronic Era”, October, 2005
• Chicago Bar Association, CLE Seminar: (co-presented with Kathryn Hoying, attorney at Johnson & Bell, Ltd.) — “Deliverables to Request From Your Computer Forensics Examiner”,2005
• Chicago Economic Development Council: “Internal Fraud Investigations”, 2005
• Law Bulletin Publishing Company E-Discovery Conference 2005: “Show me the Smoking Gun!”, 2005
• American Law Firm Association’s International Client Seminar 2005: (co-presented with Joe Marconi, attorney at Johnson & Bell, Ltd and Donald Kaufman, attorney at McNees, Wallace & Nurick LLC) — “Discovery, Document Retention & eDiscovery in aPost-Enron/Andersen World”, 2005
• Chicago Bar Association, CLE Seminar: (co-presented with William J. Cook of Wildman Harrold, Jeffrey L. Hartman of Competitive Advantage Solutions and Mark S. Simon of Eclipsecurity, LLC) “Computer Forensics For Lawyers”, May 6th, 2004
• Chicago/Milwaukee Joint Midwest Law & Technology Conference 2004: “Finding the Smoking Guns: Legal Computer Forensics Without the Geekspeak”, November 30th, 2004
• Chicago Bar Association, CLE Seminar: “Resolving Intellectual Property Theft with Computer Forensics”, October 20th, 2004
• Chicago Bar Association, CLE Seminar: “Computer Forensics for Lawyers”, May 6th, 2004
• Law Bulletin Publishing Company E-Discovery Conference: “Electronic Document Collection and Processing”, April 27th, 2004
• LegalTech 2003, Chicago : “True Electronic Discovery”, October 30th, 2003
• Chicago Bar Association (Law Office Technology Committee): “Electronic Discovery 101”, 2003
• Illinois Academy of Criminology: “Electronic Discovery 101”, Circa 2003
• Greater Chicago Chapter of the Association of Legal Administrators: “Electronic Discovery 101”, Circa 2003
• Chicagoland Chamber of Commerce: “Web Page Programming For Search Engine Effectiveness”, Circa 2001
• NORBIC: “Web Page Programming For Search Engine Effectiveness”, Circa 2001
• Law Practice Today — (July 2004) — Invited to be a contributing expert on a roundtable article by Dennis Kennedy on the online magazine: http://www.abanet.org/lpm/lpt/articles/ftr07041.html

ARTICLES

• Time Is of the Essence — Provides an overview of why it is important to act fast when seeking to obtain electronic evidence: 
• The Liability of Email as Evidence — Reflects on the recent impact of the Andersen case involving Enron (Also in the Nov. 22, 2004 issue of Chicago Daily Law Bulletin): http://www.forensicon.com/resources/articles/the-liability-of-email-as-evidence/, http://www.wislawjournal.com/special/law-tech-2004/evidence.html
• Document Retention Policies — Develop, enforce and audit your document retention policy: http://www.forensicon.com/resources/articles/document-retention-policies/
• Monitoring Employees — Provides the reader with an understanding of some of the liability issues involved with employee monitoring
• Worker Beware — Why employees should be careful about what they do with their workplace computer
• Data Security — What to do when an employee leaves

‌CURRENT & PAST MEMBERSHIPS / CERTIFICATIONS

• Certified Information Systems Security Professional (CISSP) — Chicago Chapter
• HTCIA (High Tech Crime Investigation Association) — Past President — Midwest Chapter
• Illinois Academy of Criminology — Chicago Chapter
• U.S. Secret Service Electronic Crimes Task Force Member — Chicago Midwest Region
• Union League Club of Chicago — Technology Group Member
• Association of Certified Fraud Examiners — Associate Member
• State of Michigan — Private Investigator — License Number 3701205872