Bernard Regan is a principal with Baker Tilly’s forensic, litigation and valuation services practice.
Bernard specializes in the application and management of computer forensics processes, including cybersecurity and digital forensics. He has in-depth experience in data analytics and e-discovery and has worked with a number of IT systems particularly in server and email environments. His focus includes conducting investigations, implementation of document and data e-discovery systems, data analyses and data visualization. In the cyber arena, Bernard provides clients with cyber risk consultancy, cyber claims review and digital forensic investigations.
- Working with the insured to extract any potential evidence to qualify their Distributed Denial of Service insurance claim. The work involved extracting native emails, correspondence between the Insured and their host provider along with firewall/Windows/system logs. A forensic analysis was performed, and a full document review was conducted on all evidence provided
- Reviewing a forensic report submitted as part of a cyber insurance investigation claim. Discussions with the forensics provider to review their charges, remove any betterment related costs and qualify the technical analysis performed
- Reviewing insured’s infrastructure to determine the effects that two failed hard drives on their server would have on their clients’ data. We were instructed to document our findings in preparation for any claims resulting from this incident
- Investigating an incident where client funds had been used without their knowledge or authority. Conducted an on-site forensic review of the emails that had been received taking instructions on how to use the client’s money. Analysed the internal controls / procedures and policies to help identify gaps in the authorisation process
- Reviewed a cyber claim reporting a loss from malware. Disproved the claim as submitted which had alleged a connection to insider activity. Computer forensics highlighted deficiencies in the insured’s internal controls that bred the conditions that easily allowed for the malware infection and eventual loss to occur
- Reviewing a cyber claim filed by an international company reporting a multimillion-dollar loss for incident response fees. The risk of the policy had been spread out among several carriers. Reviewed invoices, statements of work and other supporting documentation for reasonableness and necessity against the respective policy coverages. The technical review demonstrated that only a portion of the claim was supported or covered by the existing policies
- Providing computer forensic analysis for a large international fraud investigation. The findings demonstrated the victim had been in regular communication with a false contact for months prior to the fraud. The computer forensics investigation was key to illustrating the extent of the social engineering attack that led to the fraud. As guidance, we recommended improvements to the victim’s payment controls and emphasized the need for cybersecurity awareness training
- Investigating a suspected insider trading and stock market manipulation required digital evidence recovery from the work PCs of 19 suspects. We conducted on-site imaging of the PCs; subsequent extraction of requested files; keyword searching, email and web- browsing history extraction; and analysis of hard-disk free space. Back-up tapes were also restored to provide full access to the users’ mailboxes
- British Computer Society, member
- Bernard has prepared expert reports for criminal matters, including fraudulent supplier fraud and theft of goods. This work has involved expert meetings, conferences with Counsel and assisting Barristers within court
- Bernard has participated in seminars and workshops to clients and colleagues on various topics including digital forensics, cyber related issues and fraud
