Certifications compared: GCFE vs. CFCE vs. CCE
Introduction: What role does forensic science play in cybercrime investigations?
As cybercrimes grow in terms of number of attacks and cost to organizations and businesses, it is obvious that concentrating not only on the prevention but also on the investigation of cases is paramount.Â
Digital forensics, then, is playing a growing role and companies are more and more on the lookout for knowledgeable professionals, including investigators and examiners. This branch of forensic science encompasses the collection, preservation, analysis and reporting of evidence for many purposes, including legal proceedings. The investigator/examiner will be involved in the recovery and scrutiny of material found in electronic systems or digital devices to identify the cause of data breaches or leaks.
Considering computers as a crime scene, a digital forensic examiner will move just like any other criminal investigator to understand the nature and extent of an incident. They will use analysis techniques, reconstructing the events relating to an intrusion or extracting data needed for a case.Â
Forensic examiners have the task of collecting data and information from electronic systems (e.g., computers, laptops, tablets, smart phones, digital cameras, flash drives and more) and are responsible for independently analyzing evidence from hardware or files located on a computer. They are also responsible for the proper handling and examination of digital evidence. Then they’ll produce written analysis of their findings and may be called to testify in court as an expert witness.
The field is quickly evolving and examiners’ techniques are becoming more sophisticated, which requires them to have specialized, up-to-date knowledge. As digital forensics can be central to case, examiners are often also involved in larger settings than cybercrimes when their input is requested in seeking data for extra-cyberspace criminal proceedings.
How to enter this field
An investigation requires examiners to (Read more...)
*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Daniel Brecht. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/J3VZ1AHpsP8/
