Kevin Fairbanks

Every James Bond Needs a Q: A Cyber Forensics Expert Assists Law Enforcement Behind the Scenes

By Catherine Trifiletti

Kevin Fairbanks draws on his cyber know-how to build community and help sponsors catch criminals. 

When friends and family ask the ever elusive “What do you do?” question, Kevin Fairbanks, a cyber forensics expert, has a standard response: “I write tools to help catch bad guys.” Due to its sensitive nature, his work often can’t be explained in too much detail beyond that.

“Ever since I was a kid, I wanted to be Q from James Bond,” he says. He's referring to the quartermaster of the fictional research and development arm of the British Secret Service. “I get to make cool stuff in the lab, then hand it over to the secret agents of the world.” 

In high school, Fairbanks followed his proclivity to operate behind the scenes and officially became “a computer guy.”

He later received a bachelor’s degree in computer engineering from Tennessee State University, and a master’s and Ph.D. from Georgia Tech, where he immersed himself in the world of computer security and cyber forensics. 

Fairbanks describes two kinds of experts comprising the forensic process—technical experts who dig through data to find artifacts and investigative experts who analyze the artifacts and make sense of the data. He is the former. “I tear stuff apart, figure out how it works, and retrieve artifacts that could potentially serve as evidence,” he says. Investigators then apply context to his findings to establish connections, draw conclusions, and catch or prosecute criminals.

Becoming Everyone’s Buddy

After several years at the Johns Hopkins University Applied Physics Laboratory (APL), Fairbanks tried his hand teaching cybersecurity to non-cyber majors at the U.S. Naval Academy. He recalls returning to APL as a temporary on-call employee and feeling an overwhelming sense that he was missing out on cutting-edge research. 

“I gave it a shot,” he says of his three-year assistant professorship. “But ultimately, I wanted to be in research land. I also realized I see myself more as a mentor than a teacher.” Thus he returned to APL for another five years. Throughout his career, he attended several digital forensic conferences where he became close with members of MITRE’s cyber forensics community. He credits those relationships with swaying him to apply for a job here in 2021. 

Two and a half years later, MITRE has allowed Fairbanks to have his cake and eat it too, balancing sponsor projects with his passion for mentorship. 

As chair of our Black Culture Network’s Social and Professional Growth Committee, Fairbanks is responsible for its mentorship program. He recently helped launch the “Buddy Experience™” which connects employees who’ve been at MITRE less than a year with employees outside of their management chain. For six to eight weeks, the pairs meet weekly to discuss challenges in a safe, judgment-free zone. 

“In my position, I get to be everyone’s buddy!” says Fairbanks. 

I tear stuff apart, figure out how it works, and retrieve artifacts that could potentially serve as evidence [for law enforcement].

Kevin Fairbanks, Deputy Capability Area Lead, Cyber Forensics

Nailing the Bad Guy— Impact Realized

Fairbanks is quick to explain that his work is not typical of what’s depicted on TV or, "the CSI effect,” as he refers to it. “It's hard to visualize cyber forensics because it’s a lot of watching a computer process data or staring at data,” he says.

Even though his impact is not always easily seen, Fairbanks was drawn to MITRE for the opportunity to be intimately part of the process. He had a uniquely gratifying experience last year when the U.S. Attorney’s Office for the District of Arizona tapped him to help with a case brought against an individual for child exploitation online. 

In his not guilty plea, the defendant claimed his computer was infected with malware that triggered nefarious searches and content downloads without his knowledge. The reverse engineering exercise Fairbanks performed on the defendant’s computer refuted the possibility of such a claim. 

His findings resulted in the defendant changing his plea to guilty, ultimately bypassing trial and saving the District Attorney significant time and money. 

Building a Stronger Community 

Fairbanks noticed a communication lapse between the many cyber forensics practitioners across MITRE. Entrenched in their respective sponsor spaces, his colleagues were often not current on each other’s work. He kicked off a Cyber Forensics Roundtable series for people to “break out of their silos of excellence” to swap ideas, share information, and build on their skillsets. 

Some sessions feature a guest speaker highlighting a project while others open the floor for discussion about internal research and development opportunities. The group has met every month for the last year.

For those interested, Fairbanks often invites others to join him and Justin Grover, cyber forensics capability area lead, for a happy hour afterward. The intention is to let those not comfortable in a group format break out of their shells to share ideas and challenges in a more relaxed environment, he explains. 

From mentoring efforts to cybersecurity community building, Fairbanks shrugs off the prospect of an overfilled schedule. “I’m just happy to do my part!” he says.

Interested in solving problems for a safer world? Join our community of innovators, learners, knowledge-sharers, and risk takers. View our Job Openings and Student Programs. Subscribe to our MITRE 360 Newsletter.