The Emerging Science of Digital Forensics

Without question, the rise in cyberleaks, nation-state cyber terrorism and the beach of consumer data across multiple industry domains has led to a heightened awareness of the enterprise and personal responsibilities associated with cybersecurity. The consumerization of IT and the adoption of cloud, mobile and social media by enterprise organizations is opening a new threat landscape and new threat vectors. Everyone is affected and everyone is talking about it, from senior executives to teenagers.

In its SecureWorks “The Next Generation of Cybercrime” executive brief, Dell cites a study conducted by the Ponemon Institute, which found that “the average cost of a data breach was $7.2 million in 2010.” The rate of cybercrime and the impact of cyberbreaches have exponentially accelerated since then. This has resulted in the emerging science of digital forensics.

Digital forensics can be described as the science of preserving and analyzing digital evidence useful in the development of legal cases against cyber criminals. This new and growing field includes high-tech crime investigation and computational defense across traditional IT like hardware, servers, operating systems and networks, as well as the new digital environments of social, mobile and cloud. The emerging science of digital forensics and cybercrime investigation has become very important for national security, law enforcement, and information assurance. This convergent science combines law, computer science, finance, telecommunications, data analytics, and policing disciplines.
There are a number of companies that are responding with new digital forensic processes, methods tool and solutions. In its digital forensics solution, Dell cites the use of a six-step digital forensic life cycle designed to leverage cloud computing and data center operations in the processing of digital evidence. Chief information security officers are using these new frameworks to:

•        Improve incident response
•        Develop new digital forensic techniques
•        Drive new investigatory standards

The cybersecurity landscape is constantly evolving, and it’s up to business and technical leaders to evolve their cyberdefenses in response. Here are key recommendations leaders should consider:

•        Update and complete an enterprise-wide security risk assessment. Identify security gaps and emerging threats
•        Link strategic technology investments in security with robust and flexible processes for incident response
•        Develop real-time monitoring and automated response techniques that provide real-time threat analysis
•        Move from cyberdefense to cyberthreat intelligence. Develop a cyber toolkit which is more proactive than reactive

Given the continued growth of cyber activity, the emerging science of digital forensics is sure to grow along with the sophisticated frameworks required to gather, analyze and investigate evidence that leads to an increased level of cybersecurity.

(This post was written as part of the Dell Insight Partners program, which provides news and analysis about the evolving world of tech. To learn more about tech news and analysis visit TechPageOne. Dell sponsored this article, but the opinions are my own and don’t necessarily represent Dell’s positions or strategies.)

( Thank you. If you enjoyed this article, get free updates by email or RSS – © Copyright Kevin L. Jackson 2015)