Digital forensics has been a discipline of Information Security for decades now. Its principles, methodologies, and techniques have remained consistent despite the evolution of technology, and, ultimately, it and can be applied to any form of digital data. However, within a corporate environment, digital forensic professionals are particularly challenged. They must maintain the legal admissibility and forensic viability of digital evidence in support of a broad range of different business functions that include incident response, electronic discovery (ediscovery), and ensuring the controls and accountability of such information across networks.
Digital Forensics and Investigations: People, Process, and Technologies to Defend the Enterprise provides the methodologies and strategies necessary for these key business functions to seamlessly integrate digital forensic capabilities to guarantee the admissibility and integrity of digital evidence. In many books, the focus on digital evidence is primarily in the technical, software, and investigative elements, of which there are numerous publications. What tends to get overlooked are the people and process elements within the organization.
Taking a step back, the book outlines the importance of integrating and accounting for the people, process, and technology components of digital forensics. In essence, to establish a holistic paradigm—and best-practice procedure and policy approach—to defending the enterprise. This book serves as a roadmap for professionals to successfully integrate an organization’s people, process, and technology with other key business functions in an enterprise’s digital forensic capabilities.
Table of Contents
Section A. Enabling Digital Forensics 1. Introduction to Digital Forensics 2. Investigative Process Methodology 3. Education, Training, and Awareness 4. Laws, Standards, and Regulations 5. Ethics and Professional Conduct Section B. Enhancing Digital Forensic Capabilities 6. The Business of Digital Forensics 7. Controlling Mobile Devices 8. Cloud Computing Enablement 9. Combatting Anti-Forensics 10. Digital Evidence Management 11. Digital Forensic Readiness Section C. Integrating Digital Forensic Capabilities 12. Incident Management and Response 13. Electronic Discovery and Litigation Support 14. Information and Cyber Security Section D. Appendixes. Section E. Templates.
Jason Sachowski has over twelve years of experience in digital forensic investigations, secure software development, and information security architecture. He currently manages a team of forensic investigators and data breach analysts for The Bank of Nova Scotia, commonly known as Scotiabank, Canada’s third largest and most international bank.
Throughout his career, Jason has performed hundreds of digital forensic investigations involving Enterprise servers, network logs, smart phones, and database systems. Complimentary to his technical experiences, he has also developed and maintained processes and procedures, managed large information security budgets, and governed the negotiation of third-party contracts.
In addition to his professional career, Jason is the author of book ‘Implementing Digital Forensic Readiness: From Reactive to Proactive Process’. He also serves as a contributing author and content moderator for DarkReading, is a subject matter expert for (ISC)2 professional exam development, and volunteers as an advocate for CyberBullying prevention and CyberSecurity awareness.
He holds several Information Security and Digital Forensic certifications including: Certified Information Systems Security Professional - Information Systems Security Architecture Professional (CISSP-ISSAP), Certified Cyber Forensics Professional (CCFP), Certified Secure Software Lifecycle Professional (CSSLP), Systems Security Certified Practitioner (SSCP), and EnCase Certified Examiner (EnCE).