As Director of Stroz Friedberg’s Digital Forensics Laboratory in Dallas, Cheri Carr conducts digital forensic acquisitions, examinations, analyses, preservations, and electronic discovery productions for civil litigations, criminal matters, internal investigations, data breach investigations, and incident response efforts on laptops, desktops, file and email servers, backup tapes, personal digital assistants, mobile telephones, and removable media. A federal law enforcement trained professional with nearly 16 years of experience in digital forensics, she has conducted a wide range of computer security reviews and written customized Perl and Shell scripts to automate forensic and electronic discovery processes.
In addition to maintaining an active caseload and providing expert testimony, Ms. Carr has lead response teams in significant matters including: the investigation of a data breach within a large payment card processor’s network; the successful preservation and analysis of the network security logs of a multi-media global corporation to determine the source, duration, and extent of a compromised FTP server; the analysis of a laptop and various smartphones in a matter alleging sexual assault in which the complainant engaged in ‘sexting’ with the subject prior to the date of the alleged assault; and, in a landmark case, the preservation and harvesting of 65 computer users’ data from various electronic media located throughout the U.S. for a law firm accused of misrepresentation by its client.
Prior to joining Stroz Friedberg, Ms. Carr was the Principal Consultant at Veridicus Software in Aurora, CO. Previously, as Manager of Forensic Technology Services at KPMG, LLP, in Denver, CO, she was instrumental in developing and executing an investigative plan in an earnings management investigation of Halliburton, which spanned four countries and more than 100 employees. Ms. Carr also created bit-image copies of hard drives to tape for evidence preservation and provided cursory review for numerous cases, including alleged Ponzi schemes, financial fraud, and environmental pollution.
In her five years with the Office of Inspector General (OIG), NASA; the Air Force Office of Special Investigations (OSI); and the Department of Defense (DoD) Computer Forensics Lab, Ms. Carr’s casework included the configuration, installation, and review of logs from intrusion-detection systems to identify unauthorized access to NASA systems; the tracking of intruders for prosecution; and the secure analysis of data from Intrusion Detection Systems at U.S. Air Force bases and educational institutions worldwide.
Ms. Carr graduated summa cum laude with a B.S. in Computer Information Systems from Strayer University and holds an A.A.S. in Computer Science Technology from the Community College of the Air Force. The author of two electronic evidence guides, she also holds a number of certifications such as EnCase Certified Examiner (EnCE), Seized Computer Evidence Recovery Specialist (SCERS), Payment Card Industry QSA (Qualified Security Assessor), and Digital Forensic Certified Professional (DFCP). She has also received Evidence Custodian Training from the Air Force OSI. A qualified expert witness in digital forensics, she is also a member and current President of the High Technology Crime Investigation Association (HTCIA) Southwest chapter, a member of the High Tech Crime Consortium, a member of the Consortium of Digital Forensic Specialists, and a licensed Texas Private Investigator. Throughout her professional career, Ms. Carr has taught digital evidence preservation and analysis techniques at several law enforcement agencies.
Education
A.A.S., Community College of the Air Force; B.S., Strayer University
