today we have another great interview to share with you. We spoke with Kenneth Citarella Senior Managing Director at Guidepost Solutions LLC. He told us about industry events, cooperation in cyber security world and the need for educating the clients. Dive in!
[eForensics Magazine]: For those of our readers who by chance may not be familiar with Guidepost Solutions - could you tell us a little bit about it?
[Kenneth Citarella]: Guidepost Solutions LLC is an international investigations, compliance, security and due diligence firm headquartered in New York City. As part of our suite of services, we provide digital forensics and investigation services.
[eFM]: Executives from your company will take part in many seminars and conferences this month. What do you think about industry events? Which ones are the most interesting?
[KC]: The most interesting industry events are those in which the attendees are fully engaged. Even the most timely topics and the best presentations are lost on an audience that is not attentive and focused on the proceedings. Once everyone is operating in synch, the collective synergy is what makes for informative discussions.
[eFM]: Do you just mean complete and identical set of information that allows the synergy to happen, or is there something more to it?
[KC]: More than that. The most effective seminars begin with a presenter or panel that is not only knowledgeable on the subject matter but also provides the material in an interesting and effective manner, much like a good school professor. A presentation that is both lively and full of meaningful content is much more likely to keep the attendees engaged and responsive. Once the attendees start asking questions and providing their own content, the whole session moves to another level.
[eFM]: In fact, Guidepost Solutions prides itself in the management’s direct involvement in all cases you cover. Was the emergence of that model organic? What advantages does it give you?
[KC]: The top management of Guidepost Solutions is involved daily in the solicitation of new projects and in actual project activities. Our leaders meet directly with clients to determine the scope and budget of engagements. They often also work hand in hand with other professionals on projects which, by nature of the engagement or the client, require their involvement.
[eFM]: Is getting together important in the cybersecurity field?
[KC]: If by “getting together,” you mean cooperation, there is nothing more important. Cooperation is required at all levels in the cybersecurity effort. Internally, employees, contractors and vendors must adhere to your policies and procedures. Industries must share information regarding experienced avenues of attack and what is known about the intruder community. On a national scale, the private sector and the government must find a way to trust and cooperate with each other. Any failure of cooperation benefits the attackers.
[eFM]: There is still rivalry between companies that provide cybersecurity services though - do you think balance between cooperation and competition is hard to achieve?
[KC]: I was not referring to cybersecurity firms themselves but to the in-house cybersecurity efforts of all American enterprises. As for cybersecurity firms, the situation is not much different than it is for any other competitors in a given field, the balance between competition and sharing mutually beneficial information is always a delicate balance.
[eFM]: Do you think there is a reason why there has been so many cyber crimes and data breaches? What will be the tendency - more breaches, more data leaking?
[KC]: No one should doubt that there will always be more and more severe intrusions and data breaches unless we improve our defensive postures and cooperation. Attackers come in many forms, motivated by a social or political agenda, financial gain and international espionage, among other reasons. Their skills vary as widely as their causation, but the common element is that they want what is in our systems, and they only have to be successful once to wreak havoc.
[eFM]: Where should we start if we wanted to improve our defensive posture?
[KC]: At the beginning. A data protective environment begins with an understanding of what data you have, where it is, how it is used and who uses it. The whole IT infrastructure exists only to serve those needs. Start by understanding your data thoroughly. There is a lot more to it than that, but data is your starting point.
[eFM]: You motto says: “Experience is the difference” - what does that mean to you?
[KC]: We have done what the client needs in earlier engagements and succeeded. Each new engagement builds on that success.
[eFM]:What are the company’s plans for the nearest future?
[KC]: We constantly strive to educate our clients on the many risk factors they face as they go about their everyday business operations. We will continue our efforts to ensure they are kept abreast of changing regulations and trends in security threats and offer them solutions to mitigate and manage risk.
[eFM]: What do you think will be the biggest challenges you’ll have to face as a company?
[KC]: Ensuring our clients are proactive with their compliance and security needs – rather than reactive. How we achieve this circles back to the previous question.
[eFM]: Do you have any philosophy that drives you in your professional life?
[KC]: To do the right thing at all times. Give my best effort at a competitive fee. Advising the client on how to use his investigative dollar in the most productive and effective way. Guidepost believes the best marketing tool is a well-satisfied client.
[eFM]: Do you have any thoughts or advice you would like to share with our readers?
[KC]: Digital forensics, indeed, all investigative and security-related services are far more than matters of technical competence. An investigative agency must be competent at human relations with clients and outsiders, understand what constitutes relevant and admissible evidence, have outstanding contacts and communicate extremely well. All that is part of who we are at Guidepost.
Kenneth Citarella is a senior managing director for the Investigations and Cyber Forensics practice. He joined Guidepost Solutions in 2010 as a project manager to investigate fraudulent claims for the Gulf Coast Claims Facility in its administration of the $20 billion BP compensation fund. In that capacity, Mr. Citarella supervised 300 professionals, including more than 200 field investigators. Nearly 18,000 claims were referred for investigation; many involved the financial analysis of a claimant’s business operations, including numerous construction-related entities. The project team wrote thousands of fraud reports which were described by an official of the U.S. Department of Justice as the finest body of investigative work he had ever seen.
Mr. Citarella also worked as part of the Guidepost Integrity Monitor team in the New York City Rapid Repair program overseeing Superstorm Sandy-related reconstruction on Staten Island. Guidepost monitored residential repairs from initial assessment through final walk through, documenting work order authorizations and variances between authorized work and actual performance, permitting New York City to properly evaluate invoices and satisfactory performance by contractors.
Prior to joining Guidepost Solutions, Mr. Citarella worked with a commercial litigation law firm and the Corporate Investigations Division of Prudential.
Mr. Citarella had a distinguished 28-year career as a white-collar and computer crime prosecutor in the Westchester County, New York District Attorney’s Office, which he concluded as Deputy Chief of the Investigations Division. He prosecuted investment frauds, larcenies, embezzlements, anti-trust violations, public corruption, forgeries and many other economic crimes. A pioneer in computer crime prosecution, Mr. Citarella obtained convictions for computer intrusions, malicious software attacks, a software time bomb, spamming, digital child pornography, and the use of the Internet for child exploitation, among other cases.
In addition to his affiliations and designations, Mr. Citarella frequently lectures before professional, legal, academic, corporate and community groups on computer crime and fraud related issues. In 2011, he received the Lifetime Achievement Award from the High Technology Crime Investigation Association.
415 Madison Avenue
New York, NY 10017 212.817.6732 (o)
212.817.6733 (f) [email protected]
▪ Juris Doctor, New York University School of Law
▪ Master of Business Administration, Information Sciences, Pace University
▪ Bachelor of Science, Business Administration, Manhattan CollegeAFFILIATIONS & DESIGNATIONS
▪ Certified Fraud Examiner
▪ Certified Information PrivacyProfessional
▪ New York Law School, Former Adjunct Professor
AREAS OF EXPERTISE
▪ Cyber Crime & Investigations
▪ Integrity Monitoring
▪ Fraudulent Claims
▪ Field Investigations
▪ White Collar Crime
Guidepost Solutions webpage: GuidpostSolutions
Linked in: Guidepost Solutions
We are waiting for your comments in the section down below!