O'Reilly logo

Digital Forensics by André Årnes

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

4Digital Forensic Readiness

Ausra Dilijonaite

Cyber Risk Services, Deloitte AS, Oslo, Norway

By failing to prepare, you are preparing to fail.

—Benjamin Franklin

4.1 Introduction

Many television series with forensics subject matter depict gadgets and amazing hackers who can expose tiny, revealing details to investigators. These details then lead to breakthroughs in their cases. With the spice of drama and suspense, digital forensics seems truly exciting. But while the television series makes it seem convenient, exciting, and easy, real-life investigations require far more effort and preparation. This chapter examines the preparation part of the digital investigation process, which is called digital forensic readiness.

This chapter details the definition and rationale for digital forensic readiness, lays down main components to be included (people, processes, procedures, and technology), and discusses the difference between corporate and law enforcement digital forensic readiness. The chapter is based on the research performed in Dilijonaite (2014).

4.2 Definition

Digital forensic readiness is defined by answering the question “What does it mean to be ready?” Simply put, it means being prepared. The goal of digital investigation is to reconstruct the incident and find supporting or refuting evidence. Ultimately, the collected digital evidence can be used in a court of law. Thus, it follows: to be forensically ready means to be prepared to efficiently execute digital investigations ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required