460 Alexandra Road, mTower, #22-05
Rob Phillips is a Senior Managing Director at Ankura based in Singapore where he has lived for more than 22 years. Covering APAC as the Regional Cyber Leader, he brings over 30 years of professional experience with particular expertise in areas such as cyber incident response, computer forensic investigations, litigation support and e-discovery.
Rob has assisted law firms, financial institutions, the insurance industry, small- to medium-sized enterprises (SME) and, global multinational corporations (MNC) in industries such as: manufacturing, aerospace, pharma, oil and gas, education, online retail, logistics, healthcare and telecommunications.
Rob also possesses expertise in conducting investigations pertaining to fraud and white-collar crime, along with regulatory inquiries such as FCPA, SEC, and bribery act investigations. Moreover, he has a wealth of experience in strategically planning and executing search and seizure operations across multiple locations in Asia.
Previously Rob was APAC Head of Incident Response & Digital Forensics at a major consultancy. Prior to that Rob founded cyber firm RP Digital Security in 2004 in Singapore which provided deep cyber investigation and computer forensic expertise in areas such as data breach, ransomware attacks, business email compromise, and insider threat investigations services.
- Assisted a large manufacturing client in Singapore, APAC, and Europe in dealing with a complex ransomware and data breach incident that involved multiple jurisdictions and time zones. Provided support for containment, investigation, environment rebuild, ransom negotiation, PII review, and MDR implementation.
- Provided assistance to a group of international schools in APAC that had been affected by a series of ransomware incidents over several months. Conducted investigative and recovery work and provided medium to long-term advisory services to address infrastructure weaknesses identified during the investigation.
- Supported a client in Jakarta who had experienced a cyber breach of their on-site and public-facing cloud systems. Traced the root cause through analysis of many disparate data sources and assisted in securing the environment through a large-scale compromise assessment and threat hunting exercise.
- Assisted a financial institution in Tokyo. Investigated a cyber breach of a third-party provider conducting an investigation of affected systems and an environment compromise assessment to inform regulators about the extent of the data breach.
- Conducted a multi-jurisdiction e-discovery of large amounts of forensically acquired data, backed-up email, files, and other cloud-stored data across Singapore, China, and Hong Kong. Managed the review and production of relevant data with the assistance of an on-site legal reviewer team.
- Led a digital forensic investigation that followed a large search and seizure order (Anton Pillar) in Singapore, which led to the discovery of criminal intent and industrial espionage.
- Performed a cyber incident response for an airline in Jakarta that had come under cyber-attack.
- Conducted a large-scale forensic collection of over 120 computers and mobile devices in Bangkok in two days with his regional team, in support of an FCPA investigation.
- Led and conducted a civil search and seizure order (Anton Piller) and forensic analysis in Hong Kong, resulting in the detection of a deliberate data breach.
- Led an investigation in Singapore that successfully determined the incidence of data theft, identified a malicious key logger, and the destination of stolen data, enabling further criminal investigation.
- Investigated the theft of approximately USD $20 million of crypto currency in Singapore and Hong Kong, with the results of the cyber forensic investigation supporting parallel work done by authorities and ongoing efforts to recover the stolen funds.
- Conducted data collection from several ERP systems in Taiwan for a U.S. e-discovery order, securing raw data in forensically sound containers and extracting relevant filtered and de-duplicated records for attorney review. Assisted with further client computer-based collection for about 200 custodians.
- Conducted covert digital forensic investigation on-site at the offices of an Asian financial institution in the Indian sub-continent, forensically imaged 10 suspect’s systems and two servers while remaining covert. Evidence of criminal activity was subsequently uncovered through further forensic investigation conducted off-site at the RP-DS lab in Singapore.
- University of Wales Trinity Saint David
- Certified Fraud Examiner (CFE)
- Carbon Black CB Response Administrator
- Carbon Black CB Response Advanced Analyst
- EC Council Certified Incident Handler (ECIH)
- EC Council Certified Threat Intelligence Analyst (CTIA)
- Certificate in Insurance (Cert CII - Chartered Insurance Institute)
- Computer Hacking Forensic Investigator (CHFI)
- EC Council Security Analyst (ECSA)
- Certified Ethical Hacker (CEH)
- ISO 27001 (Information Security) Lead Auditor
- Cellebrite Certified Physical Analyst
- Video Forensic Investigator
- Paraben Certified Handheld Examiner
- EnCase Certified Examiner (EnCE)
- Microsoft Certified Systems Engineer, MCSE
- Association of Certified Fraud Examiners (CFE)