348 pages | 40 B/W Illus.
Digital forensics has been a discipline of Information Security for decades now. Its principles, methodologies, and techniques have remained consistent despite the evolution of technology, and, ultimately, it and can be applied to any form of digital data. However, within a corporate environment, digital forensic professionals are particularly challenged. They must maintain the legal admissibility and forensic viability of digital evidence in support of a broad range of different business functions that include incident response, electronic discovery (ediscovery), and ensuring the controls and accountability of such information across networks.
Digital Forensics and Investigations: People, Process, and Technologies to Defend the Enterprise provides the methodologies and strategies necessary for these key business functions to seamlessly integrate digital forensic capabilities to guarantee the admissibility and integrity of digital evidence. In many books, the focus on digital evidence is primarily in the technical, software, and investigative elements, of which there are numerous publications. What tends to get overlooked are the people and process elements within the organization.
Taking a step back, the book outlines the importance of integrating and accounting for the people, process, and technology components of digital forensics. In essence, to establish a holistic paradigm—and best-practice procedure and policy approach—to defending the enterprise. This book serves as a roadmap for professionals to successfully integrate an organization’s people, process, and technology with other key business functions in an enterprise’s digital forensic capabilities.
"In Digital Forensics and Investigations: People, Process, and Technologies to Defend the Enterprise, author Jason Sachowski creates a helpful reference on how to effectively use digital forensics in a manner that can stand up in court in front of a judge, jury, and aggressive defense attorney … this book stands out by effectively detailing how to make all of the various elements of a forensics program realistically work together. Those looking for a tactical guide to the topic will find it here."—Security Management Magazine, February 2019
Section A. Enabling Digital Forensics
1. Introduction to Digital Forensics
2. Investigative Process Methodology
3. Education, Training, and Awareness
4. Laws, Standards, and Regulations
5. Ethics and Professional Conduct
Section B. Enhancing Digital Forensic Capabilities
6. The Business of Digital Forensics
7. Controlling Mobile Devices
8. Cloud Computing Enablement
9. Combatting Anti-Forensics
10. Digital Evidence Management
11. Digital Forensic Readiness
Section C. Integrating Digital Forensic Capabilities
12. Incident Management and Response
13. Electronic Discovery and Litigation Support
14. Information and Cyber Security
Section D. Appendixes
Section E. Templates