Implementing Digital Forensic Readiness

Jason Sachowski has over twelve years of experience in digital forensic investigations, secure software development, and information security architecture. He currently manages a team of forensic investigators and data breach analysts for The Bank of Nova Scotia, commonly known as Scotiabank, Canada’s third largest and most international bank. Throughout his career, Jason has performed hundreds of digital forensic investigations involving Enterprise servers, network logs, smart phones, and database systems. Complimentary to his technical experiences, he has also developed and maintained processes and procedures, managed large information security budgets, and governed the negotiation of third-party contracts. In addition to his professional career, Jason is the author of book ‘Implementing Digital Forensic Readiness: From Reactive to Proactive Process’. He also serves as a contributing author and content moderator for DarkReading, is a subject matter expert for (ISC)2 professional exam development, and volunteers as an advocate for CyberBullying prevention and CyberSecurity awareness. He holds several Information Security and Digital Forensic certifications including: Certified Information Systems Security Professional - Information Systems Security Architecture Professional (CISSP-ISSAP), Certified Cyber Forensics Professional (CCFP), Certified Secure Software Lifecycle Professional (CSSLP), Systems Security Certified Practitioner (SSCP), and EnCase Certified Examiner (EnCE).

I: ENABLING DIGITAL FORENSICS. Understanding Digital Forensics. Investigative Process Methodology. Digital Evidence Management. Ethics and Conduct. Digital Forensics as a Business. II: ENHANCING DIGITAL FORENSICS. Understanding Digital Forensic Readiness. Defining Business Risk Scenarios. Identify Potential Data Sources. Determine Collection Requirements. Establishing Legal Admissibility. Establish Secure Storage and Handling. Enabling Targeted Monitoring. Mapping Investigative Workflows. Establish Continuing Education. Maintaining Evidence-Based Reporting. Ensuring Legal Review. Accomplishing Digital Forensic Readiness. III: INTEGRATING DIGITAL FORENSICS. Forensics Readiness in Cloud Environments. Forensics Readiness with Mobile Devices. Forensics Readiness and the Internet of Things. IV: ADDENDUMS. A: Tool and Equipment Validation Program. B: Service Catalog. C: Cost-Benefit Analysis. D: Building a Taxonomy. E: Risk Assessment. F: Threat Modelling. G: Data Warehousing Introduction. H: Requirements Analysis. V: APPENDIXES. A: Investigative Process Models. B: Education and Professional Certifications. C: Investigative Workflow. VI: TEMPLATES. 1: Test Case. 2: Logbook. 3: Chain of Custody. 4: Investigative Final Report. 5: Service Catalog. 6: Business Case. 7: Net Present Value (NPV). 8: Threat Risk Assessment. 9: Data Source Inventory Matrix. 10: Project Charter. 11: Requirement Analysis Report.