Computer Forensics

What is the Role of Computer Forensics?

In Cybersecurity by Ian CarnaghanLeave a Comment

Computer forensics can play a vital role in an organization’s recovery from a cyber attack. By properly following forensics processes carefully in the aftermath of an attack, recovery can begin to play out. According to Čisar & Maravić Čisar (2012), in accordance with digital forensic analysis methodology three processes are essential, which include preparation, identification, and analysis. It is during these processes that a post-mortem analysis occurs including file system, event logs, and recovery of deleted files.

A lot of the research and work has gone into the discipline of digital forensics over the last decade, which has been shared with the greater community. This has enabled a greater understanding of how to identify as well as how to recover digital artifacts that may have been deleted or damaged due to malicious activity. Beeb (2009). As the field of digital forensics continues to mature, so to do the methods and processes used in order to help organizations recover from cyber attacks, which will continue to evolve as attacks continue to grow in sophistication and severity.

References:

Beebe, N. (2009). Digital forensic research: The good, the bad and the unaddressed. Advances in digital forensics V, 17-36. (http://dl.ifip.org/db/conf/ifip11-9/df2009/Beebe09.pdf)

Čisar, P., & Maravić Čisar, S. (2012). GENERAL DIRECTIONS OF DEVELOPMENT IN DIGITAL FORENSICS. Acta Technica Corvininesis – Bulletin Of Engineering, 5(2), 87-91.

Series Navigation<< Malicious Code DetectionForensics in Business Continuity Planning >>

Leave a Comment

CommentLuv badge