Digital CSI market on the rise

Use of digital investigation tools and services is on the rise as organizations struggle with regulatory compliance and litigation requirements, according to a recent paper published by Forrester Research Inc.

Rising incidents of Internet fraud and the lack of consumer confidence around financial institutions’ handling of personal information are also driving the need for organizations to have digital investigative capabilities, said Michael Gavin, Forrester analyst and author of a research paper titled, CSI: Cyberspace.

Gavin defined digital investigation as the “entire investigative process, from a triggering event that starts the investigation through the final presentation and use of the evidence gathered during investigation.” Digital forensics, on the other hand, is the acquisition, analysis and presentation of digital evidence, he said.

The market for such products was previously focused mainly on digital forensics, said Gavin, such as data acquisition and data analysis leading to evidence.

“Those were all primarily based on incident response-type of things. But there are actually a number of different types of investigation that companies need to support and I think it is driving part of the growth in (the digital investigation) area,” said Gavin.

The so-called e-discovery (electronic discovery), for instance, or the use of stored electronic documents as part of the discovery process in civil litigation, is driving the need to have digital investigation tools and expertise in many organizations, especially those without proper document management systems in place, Gavin said.

Digital investigation also allows organizations to document the steps taken during an investigation and the evidence that is found. This would aid companies in setting up “sanitized” case studies and best practices to help improve the capabilities of the digital investigation team, he said.

Despite a growing recognition of the need for digital investigation tools and services, certain barriers could impede their continued growth, and most of them have to do with the general attitude of companies towards handling security.

In 2005, the CSI/FBI Computer Crime and Security Survey found that only 20 per cent of respondents that suffered security breaches reported them to law enforcement.

Firms also don’t see a compelling reason to invest in digital forensics and investigative capabilities. While they view losses associated with breaches as a “cost of doing business,” they tend to look at maintaining digital investigative capability as “extra cost that provides little or no benefit,” said Gavin.

While digital forensics and investigation tools have now become more affordable, getting enough expertise to enable widespread adoption remains a challenge as well. “You don’t want to have someone who deals with these investigations once a year. You want somebody who does it all the time,” Gavin said.

The Forrester research paper also predicted demand for digital investigation expertise and personnel certification will increase, making it easier for firms to evaluate prospective digital investigation partners and job candidates even without having the expertise themselves.

Financial institutions, government agencies and technology companies are ideally the ones that need to have digital investigation capabilities, whether in-house or outsourced to a third-party agency, said Gavin. But firms need to learn the capabilities of digital investigation before deciding on what approach is best for their respective organizations, he added.

There are five types of digital investigations, according to the research paper: incident response, which investigates attacks on computers and networks; internal investigations, which probe employees for inappropriate conduct violating company or regulatory policies; criminal investigations that searches for evidence in relation to a crime involving the use of computers or other electronic devices; e-discovery, a court-ordered search for relevant documents including e-mail, instant messaging transcripts and text messages from mobile phones; and data recovery, a search for lost data from equipment failure to malicious erasures, often using digital forensic tools.

QuickLink 060553

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Empowering the hybrid workforce: how technology can build a better employee experience

Across the country, employees from organizations of all sizes expect flexibility...

What’s behind the best customer experience: How to make it real for your business

The best customer experience – the kind that builds businesses and...

Overcoming the obstacles to optimized operations

Network-driven optimization is a top priority for many Canadian business leaders...

Thriving amid Canada’s tech talent shortage

With today’s tight labour market, rising customer demands, fast-evolving cyber threats...

Staying protected and compliant in an evolving IT landscape

Canadian businesses have changed remarkably and quickly over the last few...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now