Implementing Digital Forensic Readiness: From Reactive to Proactive Process, Second Edition presents the optimal way for digital forensic and IT security professionals to implement a proactive approach to digital forensics. The book details how digital forensic processes can align strategically with business operations and an already existing information and data security program.
Detailing proper collection, preservation, storage, and presentation of digital evidence, the procedures outlined illustrate how digital evidence can be an essential tool in mitigating risk and redusing the impact of both internal and external, digital incidents, disputes, and crimes. By utilizing a digital forensic readiness approach and stances, a company’s preparedness and ability to take action quickly and respond as needed. In addition, this approach enhances the ability to gather evidence, as well as the relevance, reliability, and credibility of any such evidence.
New chapters to this edition include Chapter 4 on Code of Ethics and Standards, Chapter 5 on Digital Forensics as a Business, and Chapter 10 on Establishing Legal Admissibility. This book offers best practices to professionals on enhancing their digital forensic program, or how to start and develop one the right way for effective forensic readiness in any corporate or enterprise setting.
Table of Contents
PART 1. Introduction to Digital Forensics
1. Understanding Digital Forensics
2. Investigative Process Methodology
3. Digital Evidence Management
4. Code of Ethics and Standards
5. Digital Forensic as a Business
PART 2. Digital Forensic Readiness
6. Understanding Forensic Readiness
7. Define Business Risk Scenarios
8. Identify Potential Data Sources
9. Determine Collection Requirements
10. Establish Legal Admissibility
11. Establish Secure Handling and Storage
12. Enable Targeted Monitoring
13. Map Investigative Workflows
14. Maintain Evidence-Based Presentation
15. Ensure Legal Review
16. Achieving Forensic Readiness
PART 3. Addenda
A. Tool and Equipment Validation
B. Service Catalogs
C. Cost-Benefit Analysis
E. Risk Assessments
F. Threat Modelling
G. Data Warehousing
H. Requirements Analysis
PART 4. Appendixes
A. Investigative Process Models
B. Education and Professional Certifications
C. Investigative Workflows
Jason Sachowski has over twelve years of experience in digital forensic investigations, secure software development, and information security architecture. He currently manages a team of forensic investigators and data breach analysts for The Bank of Nova Scotia, commonly known as Scotiabank, Canada’s third largest and most international bank.
Throughout his career, Jason has performed hundreds of digital forensic investigations involving Enterprise servers, network logs, smart phones, and database systems. Complimentary to his technical experiences, he has also developed and maintained processes and procedures, managed large information security budgets, and governed the negotiation of third-party contracts.
In addition to his professional career, Jason is the author of book ‘Implementing Digital Forensic Readiness: From Reactive to Proactive Process’. He also serves as a contributing author and content moderator for DarkReading, is a subject matter expert for (ISC)2 professional exam development, and volunteers as an advocate for CyberBullying prevention and CyberSecurity awareness.
He holds several Information Security and Digital Forensic certifications including: Certified Information Systems Security Professional - Information Systems Security Architecture Professional (CISSP-ISSAP), Certified Cyber Forensics Professional (CCFP), Certified Secure Software Lifecycle Professional (CSSLP), Systems Security Certified Practitioner (SSCP), and EnCase Certified Examiner (EnCE).