Week 8 Chapter 9 Assignment
Exploring Cyber Forensics: Unveiling the Essentials and Applications
Balamanikanta Aluri
Webster University
ITM 5000: Information Technology Management
Professor Kyle Dagan
March 8th, 2024
1
�Introduction:
Cyber forensics, also known as digital forensics, is an evolving discipline encompassing
various techniques and methodologies to investigate cybercrimes and analyse digital
evidence. Rooted at the intersection of computer science, law, and criminal justice, cyber
forensics plays a pivotal role in the modern landscape of cybersecurity. This paper delves into
the realm of cyber forensics, employing the 5 W’s - What, Who, When, why, and Where - to
elucidate its significance, principles, applications, and implications.
What:
The field of cyber forensics involves the systematic collection, preservation, analysis, and
presentation of digital evidence to uncover cybercrimes and support legal proceedings
(Omeleze & Venter, 2019). Its main principles revolve around maintaining the integrity of
digital evidence, ensuring the chain of custody, and adhering to legal standards and
procedures. Chain of custody is paramount in cyber forensic investigations as it establishes
the chronological documentation of evidence handling, ensuring its admissibility in court.
Cyber forensic examiners are employed or contracted by various organizations, including law
enforcement agencies, government entities, corporations, and consulting firms. Their role
encompasses conducting forensic analysis on digital devices, networks, and systems,
identifying security breaches, and providing expert testimony in court. Essential skill sets for
cyber forensic examiners include proficiency in digital forensic tools, understanding of
cybersecurity concepts, critical thinking, attention to detail, and knowledge of legal
frameworks.
Certifications such as Certified Information Systems Security Professional (CISSP), Certified
Forensic Computer Examiner (CFCE), and EnCase Certified Examiner (EnCE) are strongly
recommended for cyber forensic investigators (Alghamdi, 2021). The current market starting
2
�salary for a cyber forensics investigator varies depending on factors such as location,
experience, and industry, with average salaries ranging from $60,000 to $100,000 annually.
Who:
Entities hiring cyber forensics examiners include law enforcement agencies such as the FBI,
Homeland Security, and state police departments, as well as private sector organizations like
cybersecurity firms, financial institutions, and technology companies. Universities, training
institutes, and professional organizations offer cyber forensic training and education
programs catering to individuals aspiring to enter this field or enhance their skills.
Applicants for cyber forensics positions comprise a diverse pool of professionals, including
computer scientists, IT professionals, law enforcement officers, cybersecurity specialists, and
forensic analysts.
When:
Cyber forensic investigations are performed in various circumstances, including cybercrimes
such as hacking, data breaches, intellectual property theft, fraud, and cyber espionage.
Investigations may also occur in response to incidents like employee misconduct, policy
violations, and civil litigation. The actions of a cyber forensic investigator may be called into
question, disallowing the admission of digital evidence, when protocols are not followed,
evidence is mishandled, or methodologies lack scientific rigor.
Why:
Cyber forensics is integral to cybersecurity as it enables the detection, attribution, and
mitigation of cyber threats, thereby safeguarding digital assets, privacy, and critical
infrastructure. Certified cyber forensic examiners instil trust in the integrity of digital
evidence and enhance the credibility of legal proceedings. The Daubert standard, which
3
�evaluates the admissibility of scientific evidence in court, is crucial in ensuring the reliability
and validity of cyber forensic methodologies and techniques.
Where:
Cyber forensics finds applications across various industries and professions, including law
enforcement, government agencies, financial institutions, healthcare organizations, and
technology companies. It is used to identify and recover digital evidence in criminal
investigations, civil litigation, regulatory compliance, incident response, and corporate
security.
One notable case illustrating the application of cyber forensics is the investigation into the
2014 Sony Pictures Entertainment hack. Cyber forensic processes were instrumental in
identifying the perpetrators, analysing the malware used in the attack, and tracing the digital
footprints to North Korea, leading to diplomatic repercussions and sanctions.
In conclusion, cyber forensics serves as a critical tool in combating cybercrimes, protecting
digital assets, and upholding the rule of law in the digital age. Its interdisciplinary nature,
coupled with advancements in technology and evolving legal frameworks, underscores its
growing importance in addressing the complexities of cybersecurity threats and digital
investigations.
4
� References
Alghamdi, M. I. (2021). Digital forensics in cyber security—recent trends, threats, and
opportunities. Cybersecurity Threats with New Perspectives.
Omeleze, S., & Venter, H. S. (2019). Digital forensic application requirements specification
process. Australian Journal of Forensic Sciences, 51(4), 371-394.
