Week 8 Chapter 9 Assignment

Exploring Cyber Forensics: Unveiling the Essentials and Applications

Balamanikanta Aluri

Webster University

ITM 5000: Information Technology Management

Professor Kyle Dagan

March 8th, 2024

1
Introduction:

Cyber forensics, also known as digital forensics, is an evolving discipline encompassing

various techniques and methodologies to investigate cybercrimes and analyse digital

evidence. Rooted at the intersection of computer science, law, and criminal justice, cyber

forensics plays a pivotal role in the modern landscape of cybersecurity. This paper delves into

the realm of cyber forensics, employing the 5 W’s - What, Who, When, why, and Where - to

elucidate its significance, principles, applications, and implications.

What:

The field of cyber forensics involves the systematic collection, preservation, analysis, and

presentation of digital evidence to uncover cybercrimes and support legal proceedings

(Omeleze & Venter, 2019). Its main principles revolve around maintaining the integrity of

digital evidence, ensuring the chain of custody, and adhering to legal standards and

procedures. Chain of custody is paramount in cyber forensic investigations as it establishes

the chronological documentation of evidence handling, ensuring its admissibility in court.

Cyber forensic examiners are employed or contracted by various organizations, including law

enforcement agencies, government entities, corporations, and consulting firms. Their role

encompasses conducting forensic analysis on digital devices, networks, and systems,

identifying security breaches, and providing expert testimony in court. Essential skill sets for

cyber forensic examiners include proficiency in digital forensic tools, understanding of

cybersecurity concepts, critical thinking, attention to detail, and knowledge of legal

frameworks.

Certifications such as Certified Information Systems Security Professional (CISSP), Certified

Forensic Computer Examiner (CFCE), and EnCase Certified Examiner (EnCE) are strongly

recommended for cyber forensic investigators (Alghamdi, 2021). The current market starting

2
salary for a cyber forensics investigator varies depending on factors such as location,

experience, and industry, with average salaries ranging from $60,000 to $100,000 annually.

Who:

Entities hiring cyber forensics examiners include law enforcement agencies such as the FBI,

Homeland Security, and state police departments, as well as private sector organizations like

cybersecurity firms, financial institutions, and technology companies. Universities, training

institutes, and professional organizations offer cyber forensic training and education

programs catering to individuals aspiring to enter this field or enhance their skills.

Applicants for cyber forensics positions comprise a diverse pool of professionals, including

computer scientists, IT professionals, law enforcement officers, cybersecurity specialists, and

forensic analysts.

When:

Cyber forensic investigations are performed in various circumstances, including cybercrimes

such as hacking, data breaches, intellectual property theft, fraud, and cyber espionage.

Investigations may also occur in response to incidents like employee misconduct, policy

violations, and civil litigation. The actions of a cyber forensic investigator may be called into

question, disallowing the admission of digital evidence, when protocols are not followed,

evidence is mishandled, or methodologies lack scientific rigor.

Why:

Cyber forensics is integral to cybersecurity as it enables the detection, attribution, and

mitigation of cyber threats, thereby safeguarding digital assets, privacy, and critical

infrastructure. Certified cyber forensic examiners instil trust in the integrity of digital

evidence and enhance the credibility of legal proceedings. The Daubert standard, which

3
evaluates the admissibility of scientific evidence in court, is crucial in ensuring the reliability

and validity of cyber forensic methodologies and techniques.

Where:

Cyber forensics finds applications across various industries and professions, including law

enforcement, government agencies, financial institutions, healthcare organizations, and

technology companies. It is used to identify and recover digital evidence in criminal

investigations, civil litigation, regulatory compliance, incident response, and corporate

security.

One notable case illustrating the application of cyber forensics is the investigation into the

2014 Sony Pictures Entertainment hack. Cyber forensic processes were instrumental in

identifying the perpetrators, analysing the malware used in the attack, and tracing the digital

footprints to North Korea, leading to diplomatic repercussions and sanctions.

In conclusion, cyber forensics serves as a critical tool in combating cybercrimes, protecting

digital assets, and upholding the rule of law in the digital age. Its interdisciplinary nature,

coupled with advancements in technology and evolving legal frameworks, underscores its

growing importance in addressing the complexities of cybersecurity threats and digital

investigations.

4
 References

Alghamdi, M. I. (2021). Digital forensics in cyber security—recent trends, threats, and

opportunities. Cybersecurity Threats with New Perspectives.

Omeleze, S., & Venter, H. S. (2019). Digital forensic application requirements specification

process. Australian Journal of Forensic Sciences, 51(4), 371-394.