Cameron H. Malin
Newport Beach, CA 92663
Cameron H. Malin, JD, CISSP, is a Cyber Behavioral Profiler and former Supervisory Special Agent/Behavioral Profiler with the Federal Bureau of Investigation (FBI), specializing in the assessment of Cyber Threat Actor Decision Making, Adversary Tradecraft, Cyber Deception and Cognitive Vulnerabilities. He has more than 22 years of experience investigating, analyzing, and profiling cyber adversaries across the spectrum of criminal to national security attacks.
During his tenure in the FBI, he was the founder of both the FBI Behavioral Analysis Unit’s (BAU) Cyber Behavioral Analysis Center (CBAC)—the FBI BAU's methodology and application of science-based behavioral profiling and assessment to national security and criminal cyber offenders—and the BAU’s Deception and Influence Group (DIG), a uniquely trained and experienced cadre of Behavioral Profilers specialized in analyses and countermeasures to adversary cyber deception campaigns and influence operations.
Mr. Malin is the developer of the Digital Behavioral Criminalistics™, a combined application of numerous forensic disciplines—digital forensics, criminalistics, and behavioral sciences—to meaningfully uncover offender thoughts and actions in digital artifacts. He formally introduced this discipline in his book chapter, “Digital Behavioral Criminalistics to Elucidate the Cyber Pathway to Intended Violence,” in the International Handbook of Threat Assessment, 2nd Edition (Oxford University Press, 2021).
Mr. Malin is a co-author of the authoritative cyber deception book, Deception in the Digital Age: Exploiting and Defending Human Targets Through Computer-Mediated Communications (published by Academic Press, an imprint of Elsevier, Inc.) and co-author of the Malware Forensics book series: Malware Forensics: Investigating and Analyzing Malicious Code, Malware Forensics Field Guide for Windows Systems, and Malware Forensics Field Guide for Linux Systems (all published by Syngress, an imprint of Elsevier, Inc.).
- Crime Scene Analysis
- Criminal Law
- Cybersecurity
- Evidence Analysis & Preservation
- Information Technology
- Terrorism
- Violent Crimes
- Workplace Violence
- Q: Please list your professional accreditations, degrees, licenses, and certificates granted:
- A:
• Juris Doctor – University of Florida, Levin College of Law
Florida Bar Association (Admitted 1998; in Good Standing)
• Bachelor of Science, Legal Studies (Pre-Law) – Nova Southeastern University
• Private Investigator License, Virginia Department of Criminal Justice Services
Certifications:
• Behavioral Analysis Certification, FBI, National Center for the Analysis of Violent Crime (NCAVC)
• Certified Information Systems Security Professional (CISSP), (ISC)²
• Certified Ethical Hacker (C|EH), EC-Council
• Certified Network Defense Architect (C|NDA), EC-Council
• Digital Behavior Change Certified (DBCC), Behavioral Design Academy
• Emotional Design Psychology Certified (EDPC), Behavioral Design Academy
• GIAC Reverse Engineering Malware (GREM), SANS Institute
• GIAC Certified Incident Handler (GCIH), SANS Institute
• GIAC Certified Intrusion Analyst (GCIA), SANS Institute
• GIAC Certified UNIX Security Administrator (GCUX), SANS Institute
• GIAC Penetration Tester (GPEN), SANS Institute
• GIAC Certified Forensic Examiner (GCFE), SANS Institute
- Q: Please list your affiliations or memberships in any professional and/or industry organizations:
- A:
• NATO Cognitive Warfare Community of Interest, Warfare Development Imperative
• Association of Threat Assessment Professionals
• The Authors Guild
• Information System Security Certification Consortium (ISC)²
• Florida Bar Association
• United States Intelligence Community (USIC) Active Measures Working Group
• USIC Foreign Denial & Deception Committee
- Q: Please list any teaching or speaking experience you have had, including subject matter:
- A:
• Adjunct Professor, Computer Fraud Investigations Master’s Program – George Washington University
Speaking Engagements:
• Cognitive Security: Preparing for Cyber Deception Through Synthetic Media Attacks, Black Hat USA Conference, 2024.
• Asymmetric Cyber Deception: Understanding Deepfakes and Synthetic Media, Cyber Security at Massachusetts Institute of Technology Sloan, February 2024
• Behavioral Profiling in Ransomware Engagements, International Conference on Cyber Security, Fordham University, January 2024
• Cognitive Vulnerabilities in Cyber Attacks, Cornell Tech Board of Directors Forum, November 2023
• Symposium: FVEY Behavioral Analysis Consortium to Combat Ransomware, Creator and Moderator, September 2022
• The Art and Science of Information Elicitation, Counterintelligence Training Center, July 2022
• Digital Behavioral Criminalistics, International Homicide Investigator's Association, April 2022
• Cyber Deception Through Reflexive Control, NATO Cognitive Warfare Symposium, October 2021
• Assessing and Engaging Cyber Attackers, U.S. Joint Special Operations Command (JSOC), July 2021
• Dissecting Russian Information Operations, U.S. Foreign Denial & Deception Committee, February 2021
• Foreign Cyber Influence, U.S. Intelligence Community (USIC) Active Measures Working Group, January 2021
• Cyber Information and Psychological Operations, USIC Active Measures Working Group, November 2020
• Online Influence and Persuasion, Joint Counterintelligence Training Academy (JCITA), August 2019
• Cyber Attackers and Dark Personality Characteristics, National Security Psychology Symposium, July 2019
• Cyber Adversary Assessment and Engagement, U.S. Central Command, June 2019
• Malware Profiling: Applying Human Sciences to Malware Attacks, USIC Partner Symposium, April 2019
• Cyber Behavioral Analysis and the New Threatscape, Association of Threat Assessment Professionals, February 2019
• Cyber Behavioral Analysis for Intelligence Matters, JCITA Cyber Threat Seminar, August 2018
• Cyber Behavioral Profiling, U.S. JSOC, August 2017
• Cyber Psychology & Online Persona Analysis, Joint U.S./Canadian Government Cyber Workshop, July 2017
• Profiling Cyber Attackers: Mindset and Motivations, U.S. Sentencing Commission, April 2017
• Behavioral Profiling of Cyber Attackers, Joint United States/Australian Government Cyber Workshop, August 2016
- Q: Have any of your accreditations ever been investigated, suspended or removed? (if yes, explain)
- A: No
- Q: What services do you offer? (E.g.: consulting, testing, reports, site inspections etc.)
- A: Analysis of digital evidence, behavioral analysis (“profiling”) based on digital and other evidence, consultation, reports, testimony
- Q: What is your hourly rate to consult with an attorney?
- A: Hourly rates are the same for all activities and are available on request.
- Q: What is your hourly rate to review documents?
- A: Hourly rates are the same for all activities and are available on request.
- Q: What is your hourly rate to provide deposition testimony?
- A: Hourly rates are the same for all activities and are available on request.
- Q: What is your hourly rate to provide testimony at trial?
- A: Hourly rates are the same for all activities and are available on request.
- Q: Please list any fees other than those stated above (E.g.: travel expenses, copy fees, etc.)
- A: Travel expenses and other expenses specified in the engagement letter or contract.
Available Upon Request