Cybersecurity

Presenting Digital Evidence

Digital ForensicsImportant Cybercrime LawsYet More Theft of Information AssetsPreparation Phase of a Digital SearchData Hiding and SteganographyConfusion over TerminologyPresenting...

· 1 min read >
presenting digital evidence

Testifying and writing a report are both essential ingredients to a successful digital forensics investigation. Digital forensics personnel will potentially spend months of time working with complex data and processes. The delivery and result of this work is reflected in the forensics report and then ultimately testified in court. Cohen (2012) discussed the report as integral to the overall investigation. Evidence, analysis, interpretation, and attribution, must ultimately be presented in the form of expert reports, depositions, and testimony. The report will present the data captured during the investigation in a way that can be communicated with other people. In addition to this, it serves as a living record that will be referenced and updated throughout the investigation.

While the report is extremely important to an investigation, it is the testimony that will ultimately yield the fruits of all the labor involved within the process. A solid report that is consistent with all of the facts gathered remains essential for a successful testimony. Carney & Rogers (2004) stress the importance of having a standardized method to approaching the testimony. They also note that forensics experts may leave the jury confused while explaining details of the complex investigative process. Others argue that the presentation of evidence is more an art and should be approached with care. Regardless of how this is viewed, testifying is and will remain the most important part of a forensics investigation and will be the ultimate measure of success or failure.

References:

Cohen, F. B. (2012). Digital forensic evidence examination. Fred Cohen & Associates. Retrieved from: http://all.net/books/2013-DFE-Examination.pdf

Carney, M., & Rogers, M. (2004). The Trojan made me do it: A first step in statistical based computer forensics event reconstruction. International Journal of Digital Evidence, 2(4), 1-11.

Series Navigation<< Confusion over TerminologyRemote Access Trojans >>

Written by Ian Carnaghan
I am a software developer and online educator who likes to keep up with all the latest in technology. I also manage cloud infrastructure, continuous monitoring, DevOps processes, security, and continuous integration and deployment. In my spare time I teach undergraduate classes in web development. Profile
SSL Labs Rating Woes

SSL Labs Rating Woes

Ian Carnaghan in Coding, Cybersecurity
  ·   1 min read

Leave a Reply

avatar
  Subscribe  
Notify of