Introduction: The importance of forensic analysts
An increase in computer crimes is driving the need for more certified forensics analysts. These specialists have a crucial role in gathering information from computer systems to support investigations. These analysts can successfully retrieve previously deleted or erased files and recover information from any electronic device or storage media to build a case against lawbreakers.
Analysts not only perform technical tasks but write detailed reports based on their findings or conclusions as asked by law enforcement. They may be called to testify in court as expert witnesses to give information on motives and connections. Their importance is not only essential in resolving digital crimes but their forensic testimony can confirm or dispute alibis.
Roles and skills of digital forensic experts
Forensic science technicians (or analysts) either travel to the scene of the crime to collect evidence themselves or fill laboratory roles. They are responsible for the preservation, identification, extraction, documentation and interpretation of the source material and are responsible for sufficiently explaining and justifying their findings before a court of law.
Forensic analysts may work independently retrieving and analyzing data, or they may work alongside a team of digital forensic examiners and cyber intrusion analysts for crime scene investigations and event reconstructions. They may also work in conjunction with highly specialized police units.
Their job is, in any case, to apply methods and computer forensic tools to gather the data needed to support an investigation. For example, they could be asked to examine the actions linked to the loss of a company’s confidential data and intellectual property. The professional would then explore the involvement of the computer hardware or software used, as well as the possible vectors of attack and the damage done.
Although the job duties of forensic analysts will vary, they (Read more...)
*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Daniel Brecht. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/T-7eAq4Am3U/