Welcome

Here, you’ll find a deep dive into my work in digital forensics, incident response, and cybersecurity—with a special focus on medical device security and the Internet of Things (IoT). My ongoing research, as part of my PhD at Plymouth University, centers around developing advanced logging practices for medical devices. This effort is crucial for enhancing forensic capabilities, ensuring devices that people rely on for life-saving treatments are secure from cyber threats.

As both a researcher and educator, my goal is to bridge the gap between academic knowledge and real-world application. From analyzing ransomware attacks to strengthening the security infrastructure of IoT devices, I am committed to safeguarding technologies that directly impact people’s lives.

Recorded Presentations:

This section contains the most recent recorded presentation that I have given.

2024 – SANS Into the Looking Glass, Medical Device Cybersecurity :

This session was a part of the SANS 3rd Annual Healthcare Forum 2024: Tackling Challenges, Building Cyber Resilience Healthcare and medical organizations are increasingly becoming targets of cybersecurity attacks, especially ransomware-focused attacks. These incidents can severely disrupt daily operations, causing significant challenges and delays in providing healthcare services.

2023 – SANS DFIR Summit:

The field of digital forensics and incident response (DFIR) is fast-paced and ever-evolving. The view of a single computer for an investigation was quashed long ago, every investigation now involves multiple devices and systems spread over large digital ecosystems. Globally, the average of number of devices per individual has increased, on average, from 2.4 to 3.8 in the period 2018 to 2023. New technology and systems are continually released with the potential to hold artifacts relevant to an investigation. This technology now sees an increasing synergy with a user, including the implantation of devices to assist with medical problems and to track general health, and within vehicles for increased personalized driving experiences and integration of technology. As emerging technology becomes more integrated with everyday life, it becomes increasingly smaller, more powerful, and with larger storage capabilities, meaning it also becomes more viable from a DFIR perspective. However, does emerging mean we require specialist fields within DFIR? How foreign are these devices to those in DFIR? Is it beyond the capabilities of the average DFIR practitioner? These questions have all been asked during our research and investigation of emerging technology, both in-house and with external partners. This talk looks to encapsulate thinking around emerging technology, providing an overview of the ever-evolving technical landscape and how traditional DFIR tools, systems and procedures may be re-imagined providing additional opportunities in investigations.

2022- SANS DFIR Summit:

This talk focuses on the researchers work with one of the largest medical device companies Medtronic. As a patient herself with an implanted medical device she has skin in the game. Medical devices have become more interconnected. It is estimated that there are 3-6 networked medical devices next to a patient’s bed at any given time. There are nontraditional devices in that they are implanted in a patient, it often connects to an application that has valuable logs. These are often not ingested or centralised. This talk focusses on the Project Observability which builds in Incident Response capabilities in the design phase of medical device manufacturing, measuring the logs and finally ingesting and visualising the data. This talk also focusses on nontraditional approaches to logging on low energy embedded devices. Traditional DFIR deals with data that already exists, however the line in the sand is being drawn in that building better logs for better observability allows for the understanding of threats, or attempts made to breach the medical device. From having bad or no logs to have logs that allow for early detection and threat analytics. Understanding baseline behavior of the medical device eco-system allows for earlier detection. The industry is moving away from prevention as the standards towards detecting fast and responding faster. This talk will present the good the bad the ugly and now the observable.

Latest Publications: