Forensic, General & Medical
Expert Witnesses

Computer Forensic Expert Witness: Data Breach, Information Security, Cybersecurity

Interhack Corporation

Interhack Corporation

5 East Long Street
9th Floor

Columbus, Ohio 43215

Phone(614) 545-4225
Fax (614) 545-0076

Website www.interhack.com
E-mail  Send an email

Expert WitnessForensic ExpertSpeaker
C. Matthew Curtin, CISSP is the Founder and CEO of Interhack Corporation. Curtin is Interhack’s lead computer scientist and cybersecurity expert. Curtin has been engaged in criminal, civil, administrative, and military processes by plaintiffs, defendants, and the courts directly. His opinion has been accepted by federal and state courts throughout the country in hearings, trials, and appeals.

Services

C. Matthew Curtin offers the following services:

Expert Consultation/Testimony — For privacy litigation and litigation resulting from data breach. Testimony for the court on technical matters.

Incident Response — Helping clients respond to data breaches and security incidents. Determining whether unauthorized access has happened, identifying affected individuals, preserving relevant data.

Information Security Program Assessment — Helping clients prevent data breaches and security incidents.


Litigation Support Services

Interhack Corporation also provides services in its Electronic Discovery, Forensic Computing practices, Preservation and Forensic Analysis of Data,
Computer Crime Investigations, Data Breach Response and Incident Management and Complex Analysis of Non-Standard Data Sets.
.

Areas of Expertise

Additional Expertise:

Preservation and Forensic Analysis of Data, Computer Crime Investigations, Data Breach Response and Incident Management, Complex Analysis of Non-Standard Data Sets, Cybersecurity.

Profile

C. Matthew Curtin, CISSP is the founder of Interhack Corporation, a computer expert firm based in Columbus, and Senior Lecturer in the Department of Computer Science and Engineering at The Ohio State University.

Curtin and his team help attorneys and executives understand the meaning and context of data and how they affect business, operations, or a legal case. Curtin’s vast knowledge and experience in the field of computer science and cybersecurity enables him to convey the optimal path forward and offer an opinion within a degree of scientific certainty. Curtin’s experience in the field enables him to train his team to operate in specialized task forces organized to respond to high-stakes situations such as data breaches.

Curtin's work centers on the intersection of law and technology. The U.S. Court of Appeals for the First Circuit relied on Interhack's forensic computing practice and Mr. Curtin's expert opinion when it established standards for application of Federal wiretap statutes to Web technology, In re Pharmatrak Privacy Litigation (see link above). Academic references to Interhack’s work include the Stanford Law Review and university courses throughout the world.

Curtin has held an academic post as Senior Lecturer at The Ohio State University's Department of Computer Science and Engineering and has guest lectured for a number of universities in the central Ohio area. Curtin regularly presents case studies and his general knowledge of computer science at conferences such as the Midwest Consortium for Computing Sciences in Colleges Conference, the Central Ohio Association of Criminal Defense Lawyers, and the Northern Ohio Chapter of InfraGard.

C. Matthew Curtin is available as a consulting or testifying expert in cybersecurity and other technical matters.

Consulting Practice

All States

More Information

Computer Forensics Expert Witness
Electronic Discovery Expert Witness
Incident Response Litigation Support
Data Analysis Forensic Consultant
Cybersecurity Expert Witness
Contact Interhack, Forensic Services

Interhack Corporation in the Social Networks

Google+ PageGoogle+ Profile LinkedIn PageLinkedIn

Professional Experience

Over decade of consulting and testifying expert witness experience. Leads technical teams that have been deployed in all of the aforementioned services, for both plaintiffs and defense.

Some examples:

Pharmatrak Privacy Litigation — Assessed Web traffic analysis system for civil privacy litigation and provided opinion used by the U.S. Court of Appeals for the First Circuit to establish precedent on the application of Federal wiretap statutes to Web technology, clarifying what constitutes "protected content" on the Web under the terms of the Electronic Communications Privacy Act (ECPA).

High-Profile Incident Response and Security Assessment — Led external assessment teams for a data loss incident at the Ohio Administrative Knowledge System (OAKS), a large-scale ERP system for the entire State government.

Enterprise Data Encryption — Provided technical expertise to multibillion-dollar retailer developing cryptographic controls for the protection of cardholder and other sensitive information.


Licenses

Certified Information Systems Security Professional (CISSP)


Legal Experience & Services

Since inception in 2000, retained by law firms and in-house counsel for firms of all sizes, from largest multinational firms with hundreds of attorneys to several firms with solo practitioners and a small support staff.

Most consulting work is undisclosed. Some past, publicized cases include:

Pharmatrak Privacy Litigation, 2002--3 Interhack's Interhack forensic data analysis and a report and 1,500-page compendium of exhibits ultimately led to a ruling by the U.S. Court of Appeals for the First Circuit clarifying what constitutes "protected content" on the Web under the terms of the Electronic Communications Privacy Act (ECPA).

Sony “Rootkit” Digital Rights Management — Served as technical consultant to plaintiff’s counsel in civil proceedings over the 2005 DRM released on Sony Music CDs.


Affiliations

• Association for Computing Machinery (ACM)

• Central Ohio InfraGard Members Alliance, Coordinated by Federal Bureau of Investigation

• itWORKS.OHIO Business Advisory Network, ad hoc network to advise the Ohio Department of Education on statewide content standards for information technology education programs. Chair of committee to handle recruiting issues. Chair of 2010 futuring panel.


Seminars & Training

Interhack practitioners deliver a variety of continuing legal education courses. Contact us for rates and availability.


Publications

Using Science to Combat Data Loss: Analyzing Breaches by Type and Industry

Formal, peer-reviewed research. Presentation of taxonomy to classify data loss incidents and study identifying the relationships between data loss types and industries. Significant results found for Finance, Education, Public Administration, and Health Care.

Published in I/S: A Journal of Law and Policy for the Information Society, Volume 4, Issue 3, Winter 2008–09. It represents a one-of-a-kind partnership between one of America's leading law schools, the Moritz College of Law at The Ohio State University, and the nation's foremost public policy school focused on information technology, Carnegie Mellon University's H.J. Heinz III School of Public Policy and Management.



Incident Handling: When the Breach Occurs

Article. Reputation is made or broken not on whether an incident takes place, but how well the incident is handled. Thus every security program includes a component on incident handling. Effectively handling adverse events requires planning and practice, paving the way for sound execution. In preparation, there are four questions every CIO needs to answer.


Professional References

Bill Doyle
Doyle Lowther LLP
10200 Willow Creek Rd., Suite 150
San Diego, CA 92131
+1 858 935 9960
bill@doylelowther.com

Pam Krivda
Taft Stettinius & Hollister LLP
65 East State Street, Ste 1000
Columbus, OH 43215
+1 614 334 6159
pkrivda@taftlaw.com

Earl LeVere
Schottenstein Zox & Dunn Co., L.P.A.
250 West Street
Columbus, OH 43215
(614) 462-1095
elevere@szd.com

Dino Tsibouris
Tsibouris & Associates, LLC
88 East Broad Street, Suite 1560
Columbus, OH 43215
(614) 228-9707
dino@tsibouris.com


Articles Published by Interhack Corporation

 E-Discovery: Small Steps That Can Yield Great Savings

Over the past few years, e-discovery has grown from a little mentioned, often avoided aspect of litigation into a core component that can make or break a case. It first gained widespread attention in the Zubulake and Morgan Stanley cases, and was thrust into the spotlight late in 2006 by changes to the Federal Rules of Civil Procedure that specifically targeted discovery of electronically stored information (ESI).

Read Article

 Early Engagement of a Computer Expert Maximizes the Value of Electronic Evidence

Finding answers to the questions that arise in litigation often hinges on the proper acquisition, preservation, analysis, and presentation of electronic evidence. Reliance on electronic information is sure to increase as computer systems continue to integrate into more aspects of modern life. An experienced computer expert can provide key insight into making the best use of electronic evidence in a case.

Read Article

 Using Electronic Stored Information

Information technology has come a long way since the time of cuneiform tablets. Today litigators are finding that their cases---whether "computer cases'' or not---are relying increasingly on electronic stored information (ESI). This article considers two issues of ESI: data formats and encoding, and why lawyers should not fear the technology.

Read Article




Find an Expert Witness