Chapter 13

Digital Forensics and Incident Response

The greatest danger in times of turbulence is not turbulence itself, but to act with yesterday’s logic.

Peter Drucker

In a perfect world, bad things would never happen. Electronic banking would be safe, email would be private, and data would never be stolen. These are admirable goals that cybersecurity professionals strive toward every day. Alas, the world is not perfect and cyber incidents are guaranteed to continue, no matter how fervently we wish otherwise. To that end, and because we want to hold attackers accountable, digital forensics and incident response are the domains of investigation for those inevitable situations.

Digital Forensics and Incident Response (DFIR) is part art and part ...

Get Cybersecurity Myths and Misconceptions: Avoiding the Hazards and Pitfalls that Derail Us now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.