Implementing Digital Forensic Readiness: From Reactive to Proactive Process, Second Edition presents the optimal way for digital forensic and IT security professionals to implement a proactive approach to digital forensics. The book details how digital forensic processes can align strategically with business operations and an already existing information and data security program.
Detailing proper collection, preservation, storage, and presentation of digital evidence, the procedures outlined illustrate how digital evidence can be an essential tool in mitigating risk and redusing the impact of both internal and external, digital incidents, disputes, and crimes. By utilizing a digital forensic readiness approach and stances, a company's preparedness and ability to take action quickly and respond as needed. In addition, this approach enhances the ability to gather evidence, as well as the relevance, reliability, and credibility of any such evidence.
New chapters to this edition include Chapter 4 on Code of Ethics and Standards, Chapter 5 on Digital Forensics as a Business, and Chapter 10 on Establishing Legal Admissibility. This book offers best practices to professionals on enhancing their digital forensic program, or how to start and develop one the right way for effective forensic readiness in any corporate or enterprise setting.
I: ENABLING DIGITAL FORENSICS. Understanding Digital Forensics. Investigative Process Methodology. Digital Evidence Management. Ethics and Conduct. Digital Forensics as a Business. II: ENHANCING DIGITAL FORENSICS. Understanding Digital Forensic Readiness. Defining Business Risk Scenarios. Identify Potential Data Sources. Determine Collection Requirements. Establishing Legal Admissibility. Establish Secure Storage and Handling. Enabling Targeted Monitoring. Mapping Investigative Workflows. Establish Continuing Education. Maintaining Evidence-Based Reporting. Ensuring Legal Review. Accomplishing Digital Forensic Readiness. III: INTEGRATING DIGITAL FORENSICS. Forensics Readiness in Cloud Environments. Forensics Readiness with Mobile Devices. Forensics Readiness and the Internet of Things. IV: ADDENDUMS. A: Tool and Equipment Validation Program. B: Service Catalog. C: Cost-Benefit Analysis. D: Building a Taxonomy. E: Risk Assessment. F: Threat Modelling. G: Data Warehousing Introduction. H: Requirements Analysis. V: APPENDIXES. A: Investigative Process Models. B: Education and Professional Certifications. C: Investigative Workflow. VI: TEMPLATES. 1: Test Case. 2: Logbook. 3: Chain of Custody. 4: Investigative Final Report. 5: Service Catalog. 6: Business Case. 7: Net Present Value (NPV). 8: Threat Risk Assessment. 9: Data Source Inventory Matrix. 10: Project Charter. 11: Requirement Analysis Report.
