CERT-SEI

Staff Profile

Christian Roylo

Member of Operational Staff

Key Responsibilities

Digital Forensics, Malware Analysis, Digital Crime Investigations, Incident Response, Platform Development, Operational Support

Professional Background

Christian Roylo has 17 years of investigative and law enforcement experience, 8 of them in the field of digital forensics and investigations.  He previously worked as the Director of Cyber Forensic Investigations at Barclays, a Special Agent with the U.S. Secret Service, and a Metropolitan Police Officer with the Honolulu Police Department. 

With Barclays, Christian built a cyber forensic and investigation capability and facility for one of the largest global financial companies.  The dual mission of the U.S. Secret Service gave him the opportunity to take part in dignitary protective missions of the POTUS and other Heads of States throughout the US and the Asia/Pacific region as well as conduct digital forensics and investigations on high profile cyber criminal organizations.   This includes leading the digital forensics analyses and responses on the investigations of Max Butler (Iceman), and the organization responsible for the TJMaxx, Hannaford, and Heartland compromises.   His work was pivotal in the successful prosecutions of those cases.

His current work at DIID remains pivotal in the investigation of high profile cyber criminal organizations by the FBI, U.S. Secret Service, and the U.S. Postal Inspection service.  This includes the continual operational support and response as well as spearheading the creation and development of specialized methodologies and platforms.  This includes MCARTA, DIID's Malicious Code Automated Run Time Analysis environment and specialized malware analysis methodologies and training for DIID's US Government Sponsors.

His current certifications are CISSP, GIAC GREM, and ACE.  He has held a past EnCE certification.

Publications (recent or significant)

Nick Ianelli, Ross Kinder, Christian Roylo.  "Malware Analysis in Support of Law Enforcement", CERT Coordination Center, July 11, 2007.

Contact Christian Roylo

SEI Blog