SHAWN DAVIS is the Director of Digital Forensics at Edelson PC where he leads a technical team in investigating claims involving privacy violations and tech-related abuse. His team’s investigations have included claims arising out of the fraudulent development, marketing, and sale of computer software, unlawful tracking of consumers through digital devices, unlawful collection, storage, and dissemination of consumer data, large-scale data breaches, receipt of unsolicited communications, and other deceptive marketing practices.
Shawn has experience testifying in federal court, briefing members of U.S. Congress on Capitol Hill, and is routinely asked to testify before legislative bodies on critical areas of cybersecurity and privacy, including those impacting the security of our country’s voting system, issues surrounding children’s privacy (with a special emphasis on surreptitious geotracking), and other ways data collectors and aggregators exploit and manipulate people’s private lives. Shawn has taught courses on cybersecurity and forensics at the undergraduate and graduate levels and has provided training and presentations to other technology professionals as well as members of law enforcement, including the FBI.
Shawn’s investigatory work has forced major companies (from national hotel chains to medical groups to magazine publishers) to fix previously unrecognized security vulnerabilities. His work has also uncovered numerous issues of companies surreptitiously tracking consumers, which has lead to groundbreaking lawsuits exposing this behavior and preventing its occurrence in the future.
Recently, Shawn was appointed to the Federal Government Advisory Committee on Evidence Building with the U.S. Department of Commerce which will focus on evaluating and providing recommendations on how to facilitate data sharing, enable data linkage, and develop privacy enhancing techniques.
Certifications and Training:
Shawn holds a wide variety of certifications including ISC2 CISSP, GIAC Forensic Examiner, GIAC Incident Handler, GIAC Web App Pen Tester, GIAC Mobile Device Security Analyst, Security+, Network+, A+ and maintains a Technician class Amateur Radio license with the FCC. Additionally, Shawn has attended the following six day courses from the SANS group: SEC504 (Hacker Techniques, Exploits & Incident Handling), SEC542 (Web App Penetration Testing and Ethical Hacking), as well as SEC575 (Mobile Device Security and Ethical Hacking). Shawn is also a member of the GIAC Advisory Board. Shawn has attended a course on Practical IoT Exploitation from Attify and recently completed a four-day training from X-Ways Forensics.
Shawn is an Adjunct Industry Professor for the School of Applied Technology at the Illinois Institute of Technology (IIT) where he has been teaching since December of 2013. Additionally, Shawn is a faculty member of the IIT Center for Cyber Security and Forensics Education which is a collaborative space between business, government, academia, and security professionals. Shawn’s contributions aided in IIT’s designation as a National Center of Academic Excellence in Information Assurance by the National Security Agency. At IIT, Shawn designs the curriculum and teaches the following courses at the undergraduate and graduate levels:
- ITMO 456: Intro to Open Source Operating Systems
- ITMS 448/548: Cyber Security Technologies
- ITMS 579: Data Breach Analysis & Defense
- ITMS 583: Digital Evidence
- ITMS 597: Special Problems in Information Technology
Shawn’s research includes network and system security, threat detection and remediation, digital forensic imaging and analysis, and malware reverse engineering. His students have performed and presented research in areas such as mobile certificate pinning, malware analysis, phishing detection and remediation, website defacement, network indicators of compromise (IOC) detection, and registry analysis.
Shawn was the recipient of IIT’s 2017 Jeffrey Kimont Memorial Teaching Award which is in recognition of superior teaching and commitment to students.
Publication appearances include the New York Times, Chicago Tribune, Mother Jones, ProPublica, Infosecurity Magazine, The American Lawyer, Legaltech News, Technology Executives Club, and Dice.com, among others.
- Panelist for National Association of Attorneys General (NAAG) for “The Surveillance Economy: How Attorneys General Protect Privacy, Safety, and Equality in the Information Age.” in Burlington, VT. (Oct. 7, 2021)
- Presented “Privacy and Confidentiality: Concepts and Challenges” for the Federal Advisory Committee on Data for Evidence Building in a public meeting. (Mar. 16, 2021)
- Guest for Non-Compliant Podcast: “The One Where We Discuss The SolarWinds Cyberattack With Edelson’s Digital Forensics Director Shawn Davis” produced by Edelson Creative. (Feb. 18, 2021)
- Speaker for “Safety, Security, Liability, and a Bear Market…Oh My!” for the Hospitality, Financial and Technology Professionals Cyber Hitec Conference (Oct. 27, 2020)
- Panelist for Attorney General Alliance (AGA) Cybersecurity Working Group (Aug. 10, 2020)
- Presented “Accelerated Underwriting: Potential Data Collection Methods and Concerns” for National Association of Insurance Commissioners (NAIC) Working Group webinar. (Mar. 12, 2020)
- Panelist for Conference of Western Attorneys General (CWAG) Chair’s Initiative in Santa Fe, NM. (Jan. 14, 2020)
- Presented briefing on data privacy and user tracking for members of Congress on Capitol Hill. (Sept. 30, 2019)
- Guest for Curiosity Unplugged: “One Year Out, How Close Are We to a Secure 2020 Election?” produced by WIIT Radio 88.9FM/Podcast. (Oct. 11, 2019)
- Panelist for “E-Filing: How to File Properly While Meeting Privacy Obligations” sponsored by the Illinois State Bar Association. (Sept. 18, 2019)
- Trainer for a half day course on defending against web application attacks for a Chicago area Fortune 500 company. (May. 17, 2019)
- Speaker for “Cybersecurity Forum” sponsored by IL State Representative Barbara Hernandez. (Apr. 25, 2019)
- Speaker for “Data Protection and Privacy Forum” sponsored by IL State Senator Cristina Castro. (Apr. 18, 2019)
- Presented “Using Technology to Uncover Privacy Violations and Digital Evidence” for the Violent Crime Conference – Forensic Edition put on by the Cook County State’s Attorney’s Office and the Illinois Office of the State’s Attorney’s Appellate Prosecutor (Jan. 18, 2019)
- Panelist for “Cybersecurity Forum” sponsored by IL State Representative Al Riley. (Aug. 14, 2018)
- Delivered testimony to Illinois House of Representatives Cybersecurity, Data Analytics & IT Committee as a subject matter expert on an “Overview of privacy/security risks from student data collection.” (Aug. 7, 2018)
- Panelist for “Digital Privacy and Data Collection Forum” sponsored by IL State Representatives Laura Fine & Robyn Gabel. (Feb. 21, 2018)
- Presented “Privacy Implications of Retail Credit Card Transactions” as a subject matter expert at Chicago City Hall for the Committee on License and Consumer Protection. (Dec. 6, 2017)
- Delivered testimony to joint IL Senate (Telecomm & IT) and House of Representatives (Elections & Campaign Finance) committees as a subject matter expert regarding a security overview of the Interstate Crosscheck System. (Nov. 15, 2017)
- Delivered testimony to Illinois House of Representatives Cybersecurity, Data Analytics & IT Committee as a subject matter expert on an “Overview of prevalent data collection practices, uses, and methodology by private entities” (Mar. 1, 2017)
- Speaker for Chicago Security Meetup on “Building an IoT Exploitation Lab” (Feb. 16, 2017)
- Creator and Moderator of Security Challenge for ForenSecure Conference (Apr. 18, 2014)
- Creator and Moderator of Malware Challenge for ForenSecure Conference (Apr. 19, 2013)
- Provided training on Cloud Forensics for Cyber Special Agents and Forensic Examiners at the FBI’s Chicago Regional Computer Forensic Laboratory (May 2, 2012)
- Speaker for ForenSecure Conference on the topic of Cloud Forensics (Apr. 19, 2012)
- Speaker for 2011 NetSecure Conference on the topic of Effective Training and Policy Takes the Fear out of Social Networking (Mar. 24, 2011)
- Contributing Reviewer for Information Privacy Engineering and Privacy by Design: Understanding Privacy Threats, Technology, and Regulations Based on Standards and Best Practices (Dec. 22, 2019)
- Contributing Reviewer for Curriculum Guidelines for Post-Secondary Degree Programs in Cybersecurity, Joint Task Force on Cybersecurity Education (Dec. 31, 2017)
- Shawn Davis, Effective Training and Policy Takes the Fear out of Social Networking (Nov. 25, 2010)
Shawn graduated with high honors from the Illinois Institute of Technology with a Masters of Information Technology Management with a specialization in Computer and Network Security. During graduate school, Shawn was inducted into Gamma Nu Eta, the National Information Technology Honor Society.
Prior to joining Edelson PC, Shawn worked for Motorola Solutions in the Security and Federal Operations Centers as an Information Protection Specialist. Shawn’s responsibilities included network and computer forensic analysis, malware analysis, threat mitigation, and incident handling for various commercial and government entities. Shawn also spent many years as a consultant in the architecture of client, network, server, software, and security solutions for medium and enterprise-sized organizations.
Prior to his technology career, Shawn played drums in an original rock band that toured the nation and was offered demo deals with Hollywood and Capitol Records. Shawn still works professionally as a musician and sound engineer around the Chicago area.Read More