“Ok Google. What is Forensic Analysis?”

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATION
Already a Member Login Here

“Ok Google. What is Forensic Analysis?”

Author: Tatianna | Published on February 12, 2019 | Views: 1202

Okay Google, hey Alexa, hey SiriYep, we’ve all been there, whether it’s Alexa, Google, Siri, or some other ambiguous AI that helps answer our questions; I often find myself starting my morning with “Alexa, what’s the weather?” or “Alexa, how’s traffic?” and that’s not all she helps me with. It’s those random parts in the day that putting in effort to type out a question seems dumb when we have the power of voice at our fingertips. Now that the Artificial Intelligence icebreaker/tangent is done, let’s get down to the real reason you’re here: Forensic Analysis.

If I lost you, here’s the TL;DR for you-
Forensic analysis is the collection, analysis, and reporting of information critical to investigations by law enforcement and private organizations. Digital forensics is the application of this to digital devices, and forensic data analysis is the process of analyzing digital data acquired for forensic analysis.

If the TL;DR didn’t really make sense (and you’re still interested), here’s what you’ve been waiting for.

Alexa, Where’s the beef?!

What is forensic analysis and how does it relate to cybersecurity? More specifically, what is forensic data analysis and what role does it play in digital forensics? This section will explore forensic analysis, digital forensics, and forensic data analysis as an application of digital forensics. These concepts play an important role in computer forensics, and knowing them is essential to their practice. After getting a basic idea of forensic analysis, we can explore the role of digital forensics and how it differs from other types of analysis. Finally, break down forensic data analysis and how it’s used in digital forensics to gather information.

First, define forensic analysis. Forensic analysis is an investigation or analysis of a crime or security incident. A security incident is any security event that distorts or breaches an organization’s rules of security. Forensic analysis involves identifying the suspect, how the suspected culprit caused the incident, and when the incident occurred. This information is critical for courts of law, law enforcement agencies, private interests, and secured organizations. Forensic analysis is typically carried out by third-parties from outside the organization or an internal team within the organization. The ultimate goal is to extract as much useful information as possible.

Next, digital forensics is the collection and analysis of digital data in relation to crime and security incidents. This differs from forensic analysis of other materials in that special skills are required to identify and analyze digital devices. Law enforcement agencies have established specialized teams to handle these tasks, and private industry of computer network security grew along with it. Private organizations have an incentive to secure their data from malicious hackers, and government agencies have an incentive to develop their resources for high-tech crimes. The process of gathering and analyzing data for digital forensics is known as forensic data analysis.

Now, forensic data analysis is carried out in three stages. Stage one is known as acquisition and involves gathering all possibly useful data. The acquisition stage is done to gather (or acquire) enough material for the analysis stage.
Stage two, analysis, involves analyzing the acquired data in the same way forensic analysis is done. Identifying information, data that indicates time and location, data that indicates how the crime or security incident occurred, and anything else that might be useful to the investigation. The third and final stage in forensic data analysis is reporting. I think I heard some people yawn at the last one, but it’s arguably the most important stage. Why? This means compiling a final report on your analysis based on the data acquisition. This could differ on a case-by-case basis depending on what organization you are working with, but it helps you and your org learn for future incidents.

Forensic analysis is a crucial component of cybersecurity and the foundation of the forensic data analysis. Digital forensics is an application of forensic science towards the investigation of digital devices, and there is a demand for digital forensics skills in the public and private sector. Forensic data analysis is a method of digital forensics that involves acquiring data relevant to the investigation, analyzing the data acquired and compiling a report on the findings of the analysis. The development of digital forensics is a product of adapting forensic analysis to high-tech devices, but the core practices of forensic analysis remain the same.

Alexa: “Does that answer your question?”
You: “No”
Alexa: “I found something that may answer your question.”
–> Computer Forensics Jobs (Part 1)

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel