Cybercrime is not showing any sign of relenting.
The Identity Theft Resource Center, a nonprofit supporting victims of identity theft, showed that in 2016, U.S. data breaches were up by 40% over the previous year, hitting a record 1,093 incidents, with hacking, skimming and phishing as the leading causes. The business and healthcare sectors were most affected. In some cases individuals and their devices may inadvertently lead to cyber breaches.
The trends have led to a need for computer forensics experts who can uncover cyber crimes, and collect and preserve the evidence about them.
Computer forensics is the practice of identifying, collecting, examining and preserving digital evidence of crimes, whether employee Internet abuse, industrial espionage, or criminal fraud and deception. It must be done in a way that is legally admissible. An examination has six distinct phases – readiness, evaluation, collection, analysis, presentation and review. It also requires the practitioner to be prepared to handle not just legal issues, but technical issues like keeping apace with new technologies and the ability to counter anti-forensics tactics.
A 2015 Techwire.com article reported that when the FBI received funds to hire 2,000 new agents from Congress the previous year, cybercrime specialists were at the top of the list to hire. Projected job growth for forensic science technicians (which includes computer forensics) is projected to grow 27% through 2024, according to the U.S. Bureau of Labor Statistics. The 2016 average annual salary was listed at $60,690. A candidate’s educational attainment, professional experience and regional market conditions may affect salary potential and job opportunities. Prospective students are encouraged to conduct independent research.
A number of paths may lead to a computer forensics career. A degree in computer information systems is helpful, as is an education in law enforcement with a specialty in cybersecurity. Any knowledge in STEM (Science, Technology, Engineering and Mathematics) equips the individual to do the kind of analytical thinking that is invaluable for forensics work.
At a broad level, people suited to a job in computer forensics have a solid grasp of computer science, networking protocols, operating systems and software and IT security issues. They have mastered the software and tools by which evidence is collected and analyzed, but also have a good understanding of the legal system – from evidentiary data to rules of evidence.
Those who are recently graduated or who have had training in any of those areas and are thinking of transitioning should also consider obtaining certain certifications that speak to the core competencies required of computer forensics specialists:
- Certified Cyber Forensics Professional. Awarded by the (ISC)2, this designation requires an undergraduate degree plus three years of full-time experience in digital forensics or IT security.
- Certified Forensic Computer Examiner. This is awarded by the International Association of Computer Investigative Specialists. It requires a series of core competencies, reinforced through a peer review and certification phase that speaks to those competencies.
- Certified Computer Examiner, a certification of the International Society of Forensic Computer Examiners (ISFCE). It is the culmination of ISFCE training and proficiency testing.