Saturday, May 7, 2011

Trends & Challenges in Incident Response and Digital Forensics

Several months ago, a colleague suggested that I develop a presentation about the challenges facing the field of digital forensics.  After some discussion and an informal poll among several information security practitioners I developed the topic and delivered it on May 3rd at the SecureWorld Expo in Atlanta.  The presentation titled "Trends in Incident Response and Digital Forensics" is available as a PDF.

The presentation included audience participation and covered topics such as:  cloud computing, imaging and analyzing RAM, storage challenges, encryption, mobile devices, and the "CSI effect."  Due to time constraints, there were a number of topics that were not covered in the presentation so they have been listed here in no particular order.
  • Hybrid challenges
    • Mobile devices that use Internet (cloud based) storage
    • High capacity hard drives and data hoarding
  • Social Networking
    • FaceBook, FourSquare, MySpace, Twitter, etc
  • Cache-less web browsing
  • The law (or lack thereof)
  • Encryption
    • Full or Whole Disk Encryption
    • Inexpensive and readily available encryption applications
  • Cloud technologies
  • Storage
    • Solid State Drives
    • Storage Area Networks
    • Network Attached Storage
    • Extremely large RAID arrays
    • Inexpensive high capacity storage
  • Mobile devices (smart phones, cell phones, and tablets)
  • Photocopiers & printers
  • Entertainment devices such as televisions and game consoles
  • Massive volumes of data
  • GPS units
Feel free to comment if you have a suggestion to include on the list.  Future posts will address potential solutions to some of the topics listed above.
    Posted by at No comments:
    Labels: , , ,
    Subscribe to: Posts (Atom)