Chance to Mentor


I was fortunate last evening to attend my first mentoring event at the University of Central Florida, College of Business in Orlando.

Not sure what to expect as I went in excited and anxious to learn about the program and have a chance to meet a few students.

Wow, was this a great event! It started with the mentor reception prior to actually meeting students in a "speed dating" type atmosphere. ( Wish I had more time with each student ). The room was packed with enthusiastic people wanting to offer their guidance and experience. I met individuals from all facets of business. From HR to a retired engineer for power generation plants. What a diverse group of experiences and leadership that came together to offer their input.

The highlight for me was meeting the students and hearing what they hoped to obtain from a mentoring opportunity. Each one had their own reasons and they varied from looking for an internship to getting advice on what they should do to succeed in their field. ( Not sure what I could offer to the accounting majors for guidance in their field ).

At the end of the "interview" I asked each student what they felt was the one trait that is ( in my view ) the most important to have to be successful. The answers varied as you could imagine. But, one student hit it correctly COMMUNICATION. I explained that no matter what field or business you go into if you can communicate and articulate your thoughts, ideas, passions and insights to get people to listen you will be successful! Hopefully, that resonated.

I encourage everyone to take the time to get involved. It doesn't have to be a formal program at a college, it could be in your company or in your community. Each of us have something to offer.  Share it..

At the end I wonder who is the real mentor me or the students I had the honor of meeting.

What a great learning experience!


The Promise of Blockchain and The Risk of Adoption


I read with interest last week a blog by Robert Herjavec titled: Blockchain Technology Is Here to Stay. There are some predictions about blockchain being a fundamental business enabler and how it will disrupt a number of sectors from finance to real estate and transportation. That I agree. We're already seeing the financial sector pursuing an aggressive strategy for adoption. Just look at the announcement by SWIFT last October on their successful trial of blockchain. Swift Blockchain Success Sets Stage for Sibos

What stood out for me in Robert's blog is the comment: "The best part of this technology is that transactions cannot be altered!" 

One only has to do a google search to find several hacks on blockchain and crypto currency to see the financial impact. Want more proof on the risk of blockchain and how it can be hacked? Here is a good article titled:  Can The Blockchain Be Hacked?  published in Sept. 2017.  

Blockchain is an open and cryptographically signed ledger based on hashing and cryptographic private/public key technology. With the evolution of quantum computing comes the possibility of quantum attacks on blockchain and its inherent reliance on cryptographic keys. There is plenty of research and publication on how blockchain, thru quantum computing, is vulnerable. (Do some research on the Grover and Shor algorithms)

The risk of blockchain deployment and lack of standards have not gone unnoticed and has led the US Congress in 2017 to enact "The American Innovation and Competitiveness Act,”. Included in this act is a directive to the National Institute of Standards and Technology (NIST) to develop a post quantum cryptography standard. This is where “Key Shadowing” will have to be considered.

While the market races to adopt blockchain the risks are many. Finding qualified blockchain expertise, addressing the “single point of failure” of key management systems to overcoming the threat of quantum computing on cryptographic keys it will be a bumpy ride for adoption fraught with risks.

Disruptive Key Shadowing Technology Eliminates Master Key Storage, Says HyperSpace Security and Intelligence Services Group


The announcement today of our partnership with HyperSpace Security for their patented Key Shadowing technology puts us in a position to deliver a ground breaking and disruptive cryptographic key solution to the market. Now, companies will have the ability to eliminate the single point of failure, the key management system. 

Key Shadowing has been in development for over 15 years. Like most great solutions it started with a personal story of it's inventor, Dane Butzer. His bank account was hacked in 1994 and again in 1997. Driven by the question "Why should a single point of failure exist to hack my financial information" and armed with his Masters in Engineering Dane set off on a scientific and mathematical journey for over 15 years to develop a technology which had 4 goals:

The solution must (1) work every time, (2) be resistant to loss or corruption of some information, (3) be immune to more sophisticated attacks such as those using quantum computing and advances in factoring large numbers, and (4) be fast and easily used.

Thus, the idea of a totally new solution based on hyper-dimensional math was conceived. After Dane spent many years deriving, coding, testing, and patenting his invention, a new technology called Key Shadowing was born!

iSG was chosen as the first partner to bring this technology to market. We can't be more humbled and honored.

Is Your IT Department Prepared to Fight Cybercrime


I was reading an interesting article titled: Is 2018 the year cybercrime becomes mainstream and was wondering how prepared are IT/Security staffs to handle and investigate a cypercrime against their company. What expertise and training do they have to conduct investigations, comply with chain of evidence, adhere to an forensically sound processes/methodology, what forensics technology have they deployed? Are their IT vendors/partners just that, IT. Where do they go to help them conduct investigations? 

Certainly, law enforcement plays a role. But, how prepared are companies to compile the facts to even determine if there was a crime before they call law enforcement? Is the threat internal or external. If internal, what risk reduction efforts did the company deploy to prevent an internal crime from being committed? 

AI and machine learning will become more prevalent to mitigate this risk. A constant cyper awareness training framework is necessary and will certainly help. But, when there is a  hack/breach (and there will be ) how prepared are you to combat this criminal act?

I wonder.....

Mobile Communications Risk, Are You Prepared?

Enterprise Mobile Encryption is Required, But Few Companies Have It


The mobile wave is here. You can not avoid it. Everywhere I go business is being conducted on mobile devices. Last year at LegalTech in NYC everywhere you looked people were texting, talking, emailing, sharing documents and conducting business on their cell phones. What a hacker's paradise!! I stopped a few people (happened to be attorneys) if they were concerned about their communications being secure. They didn't think anyone would care. Really? Were they talking to a client discussing their defense, perhaps reviewing strategy for a company merger, how about proprietary information on market release of a new product, or a privileged communication. Not to mention the document sharing and emails containing IP, etc.

In the past few weeks we have been engaged by our clients ranging from global law firms to global manufacturers wanting to implement an enterprise strength mobile encryption platform. They are ahead of the curve for companies and understand their business is rapidly being done on a mobile platform. 

Their use cases vary and range from "out of band" communications for Incident Response to protecting privileged communications to ensuring the executives' conversations and communications are secure as they discuss mergers/acquisitions and company strategy. 

What are your thoughts? Are you prepared, do you have a defense in place, do you care?

Would like to hear what you think.




Intelligence Services Group to Sponsor NASCAR Foundation Charity Event


iSG is proud to announce their sponsorship of the Betty Jane Memorial event on February 12 during the Daytona 500 week. 

The NASCAR Foundation’s High Speed Hold ‘Em Charity Poker Tournament is a fun-filled night of Poker benefitting The NASCAR Foundation’s Speediatrics Children's Fund which is dedicated to enhancing the delivery of medical care to children in our racing communities.

The NASCAR Foundation founder, Betty Jane France, envisioned a place where kids are not intimidated by the overwhelming experience of being in the hospital. Speediatrics is helping accomplish this vision by providing a safe place for a speedy recovery through a unique combination of caring, commitment and kindness, all with a NASCAR theme. Read more about the mission of the NASCAR Foundation.

"iSG is committed to sharing it's success with those organizations that strive to do good and provide much needed services to the community. As we expand our Florida presence we are proud to be able to give back and adhere to our guiding principle of "profit with purpose"..says Helena Botticelli, VP | CFO.

If you're in the Daytona Beach during race week stop by the event at the Henderson Center at Embry-Riddle Aeronautical University, 600 S. Clyde Morris Boulevard, Daytona Beach, FL 32114 on February 12 at 6:00PM.

Post Cyber Breach - Prepared or Not?

Complacency - Biggest Weakness


Read a article this week by Robert Herjavec on Linkedin ( article  ) asking about being prepared and the role complacency plays in the preparation. Good article.

Two conversations (out of the list of 5 ) Robert mentioned that CEOs should be having were:  establishing a strong cyber hygiene program and the strengthening of your mobile and IOT security postures.

Those especially resonated with our team as we just completed an engagement where cyber hygiene could have helped avoid DDos attacks. Additionally, we're in the midst of securing several clients mobile communications infrastructure through enterprise encryption. The primary use cases centered on protecting privileged communications and enabling an " out of band" communications platform to support IR efforts. 

I couldn't agree more with Robert's article. 


Intelligence Services Group Uncovers Crypto Mining Hack


Intelligence Services Group (iSG) was engaged by major entertainment company for conducting forensics intelligence to address system corruption and possible breach. As a result of a deep and comprehensive forensics interrogation iSG identified several areas of risk/breaches which indicated a takeover of our client's systems for possible mining of cryptocurrency.

This threat, also known as "cryptojacking", is a secret method utilizing your systems to mine for cryptocurrency such as Bitcoin. One way this threat is propagated is thru adware and visiting a compromised web page. 

"Although our client had the most up to date malware and endpoint protection software this threat went undetected and caused severe system corruption. Thru our forensics technology and methodology we were able to identify the threats and present recommendations for remediation. Luckily, no data exfiltration or ransomware threats were identified"....says Bob Henderson, CEO Intelligence Services Group.

This is a great example of how companies think they have the most up to date endpoint protection platform (EPP) and will be protected. However, nothing is 100% and the 1-3% that goes undetected introduces severe risk. Digital forensics should be part of your endpoint security and incident response strategy.

Learn more about our unique services/software:


Tanium and Intelligence Services Group Partner to Deliver Unique Security Capability

MORGANVILLE, N.J. & ORLANDO, Fla. - Nov. 21, 2017 - PRLog -- Tanium (, the revolutionary and leading company for endpoint security/systems management and Intelligence Services Group, LLC (iSG)( , a unique firm for delivering intelligence/investigative capability fused with technology have announced a formal partnership today to deliver their combined capabilities to the market.

"Our DNA allows us to deliver a unique and compelling security experience to the market. Unlike other traditional partners which ISV's choose that sell a plethora of products, we only include in our portfolio a few leading technology firms which will enhance our intelligence/investigative background to deliver risk management. Tanium's vision to be a game changer aligns perfectly with our strategy to deliver a unique approach to the market", said Bob Henderson, Founder | CEO of Intelligence Services Group, LLC.

iSG will focus on delivering Tanium to its clients in the USA and have already been in discussions with global financial firms and retailers to deliver on the Tanium capability.

Intelligence Services Group. LLC is a team of intelligence operative/law enforcement executives from the federal, state, local and international (Interpol) communities. We fuse our expertise with the best in class technologies for conducting investigations, providing digital forensics, enabling cybersecurity and implementing mobile encryption capabilities to our clients for managing risk.

Intelligence Services Group, LLC can be reached at 833-623-3092 or email at:

Enhancing Client's Mobile Communication-Another First With SaltDNA

desktopcalls (003).jpg

Another first from our award winning partner, SaltDNA. 

SaltDNA, a Cybersecurity 500 company and the leader in secure mobile communications for the enterprise, is delighted to announce the extension of its product suite to support secure desktop voice calls. SaltDNA's secure desktop voice capability is available immediately for all major platforms.

Allowing for incoming and outgoing secure calls with either a desktop or smartphone, SaltDNA is ideal for legal firms and healthcare providers who are increasingly under pressure to improve the security of client and patient information. This includes clients running MacOS and Windows 10.

"This is another major milestone for SaltDNA and early customer feedback has been excellent. Having the option to make a secure call from either a smartphone or laptop is a major productivity upgrade for our enterprise customers," said Joe Boyle, CEO at SaltDNA. "Coming just two months after the secure file attachments announcement, this Secure Voice over Desktop is the fifth major product release in 2017. We continue to work very closely with our customers and are lining up for another major product release before the end of the year."

Give us a call, 833-623-3092 or email to learn more

Try a FREE Trial

SaltDNA Adds More File Attachments for Encryption

Additional Secure File Attachments Now Available on SaltDesktop


Our partner, SaltDNA, has just announced additional secure file attachments for the Saltdesktop application. They continue to advance their leading secure mobile enterprise communications platform. Want to learn more? email us at: or sign up for your FREE Trial at:  

iSG Expands With The Opening of Second Office in Florida

We are excited to announce an expansion of our firm and have chosen central Florida for opening our second office effective today.

Here is the info:

1540 International Pkwy Suite 2000 Lake Mary, FL 32746

In addition, to better serve our expansion we have added a new 800 number service for the company:


This new location will support our expanded footprint into the SE market.

iSG Wins Guidance Software's Emerging Growth Partner of Year-USA

At the Guidance Software ENFUSE 2017 event in LAS Vegas this week Intelligence Services Group, LLC was awarded the Emerging Growth Partner Of The Year USA by Guidance Software.

"For our company to win this award against much larger firms is a testament to our team and more importantly to our customers who have placed their trust in us as their provider for security and digital forensics based on the ENCASE technology"..Bob Henderson - CEO



Is Attack Attribution a Priority?

In a recent article at CSO titled: What's the value in attack attribution?  Guidance Software CEO Patrick Dennis argues for the value of attribution. 

As past intelligence operatives our initial response is of course you need to find out out who is responsible for the attack. Not only does it provide useful information on unknown vulnerabilities, but if the attack results in litigation having the ability to identify a bad actor might support your defense.

What do you think? Is attribution valuable?

Recent hacks on US law firms reinforces the need for increased Cyber Security

Wanted to share this post from our friends at SaltDNA. 

In the wake of a yet another cyber attack on a number of US law firms, the legal industry must
respond to protect their practices & their clients confidential information. In 2016, there were a number of major law firm hacks - including the leak of top-secret documents from Panamanian law firm Mossack Fonseca and the M&A hack attack by a Russian cyber criminal who targeted 48 elite law firms including Hogan Lovells, Allen & Overy, Cravath Swaine & Moore and Freshfields.

December 2016 saw Chinese Hackers target New York law firms in an attempt to gather
confidential information on recent mergers and acquisitions in order to penetrate the stock
market. Targeting the confidential communications of the law firms, the hackers netted around
$4 million in profit from the information they were able to gather. The ease with which this
appeared to have been carried out will only encourage more of the same attacks. Preet
Bharara , US attorney for the southern district of New York, said that the Chinese hackers
successfully breached “at least” two law firms, which he did not name, and targeted at least
another five.

"This case of cyber-meets-securities fraud should serve as a wake-up call for law firms around
the world,” he said. “You (law firms) are, and will be, targets of cyber hacking, because you
have information valuable to would-be criminals.”

These cyber attacks have highlighted how the interception of client-confidential information canhave meaningful consequences, and this applies to virtually every area of law. Traditional
methods of communications in law firms are no longer sufficient due to the higher levels of
sophistication in hacking, and the increasing availability of equipment and software which
facilitates interception and eavesdropping on communications. The need for a CyberSecurity
focussed solution is now a necessity within firms, and will affect individuals/enterprises decision on what law firm they wish to work with in the future.

With client information the target of recent cyber attack, legal firms must adopt new, robust
methods of communications to protect their clients, as well as their own reputation. In order to
do this, the ability to control who speaks to whom within their firm is essential, alongside the
mandate that all conversations are encrypted and private.

SaltDNA was created to specifically solve this problem for enterprises and works with all sizes of law firms to protect their practices and their clients. In the words of one of our customers, a large International law firm based in London:

"SaltDNA is part of every new case set up. We explain the reasons for using SaltDNA to our clients and they're thankful that we have this in place. It removes the need for cryptic phone conversations and is driving better communication with our clients."

SaltDNA provides a full managed software solution, on an enterprise scale, that enables
absolute privacy in mobile communications. Secure one-to-one messaging and calls,
conference calling and group chat, secure transfer and storage of files/images, better call quality and LDAP integration enable secure communication and collaboration across the enterprise. The SaltDNA solution is easy to deploy (SaaS & On-Premise) and uses multi-layered encryption techniques to meet the highest security standards. The SaltDNA Desktop and Mobile apps are intuitive and easy to install and use. The SaltDNA Communication Manager provides a console for tight management of users and can be configured for the management of regulatory compliance.

About SaltDNA

SaltDNA is headquartered in Cambridge, Massachusetts and Belfast, UK, and is funded by
Accomplice (formerly Atlas Venture) and Stonehammer Capital. .

iSG Sponsoring and Attending LegalTech NYC -1/31

We are pleased to announce we will be a sponsor and have a presence at LegalTech NYC on 1/31 - 2/1 at the Hilton mid town in NYC. We will be in the Semi-Private Meetings Area. Our founder Bob Henderson and VP | CFO Helena Botticelli will be there. Talk to us about our unique approach to risk management through our ENCASE digital forensics platform and SaltDNA mobile enterprise encryption platform. Hope to see you there.

Event Information

Are Law Firms Putting Clients' Data at Risk

Read this recent article titled: Law firms’ inability to protect client data is a national security concern.  

One item that stood out for me in this article was that by and large firms DO NOT encrypt data that is stored at rest. If that is the case I wonder if they encrypt the data in transit, especially when they utilize their mobile communications. I suspect not.

In the Sullivan & Cromwell risk management event on Dec 1 in NYC this issue arose during a panel discussion on ransomware. If the firms' (or anyone for that matter) systems are compromised how do they communicate electronically during the crisis and avoid revealing their triage activities? Typically, they turn to mobile. But, if that channel of communications is not secure and encrypted then what?

Something to consider. Be interesting to hear what law firms are doing for securing their mobile privileged communications. What do you think?

iSG to Attend 2016 Sullivan & Cromwell LLP Risk Managment Summit

On December 1st in New York City iSG will be attending the:

2016 Sullivan & Cromwell LLP / RANE Risk Management Summit
The Management of Enterprise Risk & the Evolving Role of the Chief Risk Officer

Following last year’s Cyber Risks in the Boardroom program, which was attended by 300 practitioners and leading experts in risk management, the 2016 Sullivan & Cromwell / RANE Risk Management Summit will again sponsor a seminar to discuss pragmatic ways to mitigate the risks management and boards face and identify proactive steps they can take to protect their enterprises. Sessions will focus on understanding how companies can best prepare for these exposures in advance, in response and in recovery.

As corporations struggle to define their risk exposures and identify who is responsible for protecting and mitigating against them, the Chief Risk Officer has emerged as a critical executive role to manage risk across the company.