Real-World CF Appli...
 
Notifications
Clear all

Real-World CF Applications

9 Posts
3 Users
0 Likes
438 Views
(@unclebuki)
Posts: 12
Active Member
Topic starter
 

Hello, I’m trying to get a handle on the various real-world applications of Computer Forensics/Security knowledge. Aside from the common application to criminal investigations, what are some other services CF/S firms and individuals provide? (I presume data recovery is one.) Which of these are growing the fastest? Can someone with in-depth CF/S knowledge and a related degree prosper solely by delivering these ancillary services, perhaps via a small start-up? Is the recent trend of corporations hiring CF/S people genuinely promising or more of a fad which will soon fade? Many thanks for any info you provide.

UB

 
Posted : 30/12/2006 10:02 pm
keydet89
(@keydet89)
Posts: 3568
Famed Member
 

I've worked in the security industry for a few years, so I'll provide some input based on my experiences and what I see going on in the industry. Keep in mind that this is only my perspective, and may be totally different from someone else's…

One does not survive on CF services alone…most folks may be part of a company that provides other services, as well. These services may include data recovery, ediscovery, IR, etc. In the consulting field, you may also end up doing a considerable amount of "staff augmentation" work. However, the point is that you will rarely see someone who does *only* CF…ancillary services must be offered.

Re hiring. IMHO, it's a fad. I do IR/CF on an emergency basis, which means that I get called b/c someone does not have the capability that our team offers. Most times when I've been on-site, the client barely even has admins…the infrastructure has too few admins, and they are doing their best just to keep up.

I do think that CF is growing…many schools in the US, to include community colleges are providing courses and even degree programs in the field. However, as far as companies go, I would expect that in the near term, only large companies and federal gov't agencies will hire CF folks, but their roles will not be *purely* CF.

H

 
Posted : 31/12/2006 4:56 pm
(@unclebuki)
Posts: 12
Active Member
Topic starter
 

H, that's exactly the info I was looking for. May I ask how you established yourself in the industry? What is your educational background?

 
Posted : 31/12/2006 7:24 pm
keydet89
(@keydet89)
Posts: 3568
Famed Member
 

Sure. I have a master's degree in EE, but that didn't do much beyond get my foot in the door early on when I started doing vulnerability assessments and pen testing.

I think that the single biggest thing that I can point to with regards to "establishing myself" in the industry is that I stopped listening to the "experts". I found that I wasn't progressing if all I did was simply listen to others, particularly when they weren't correct (or as correct as they could be).

I also found that contributing made a big difference, as well. Rather than simply sitting back and waiting for someone else to figure something out, I put aside the excuses and just did it. If there was something I couldn't do, because I didn't have the resources, I partnered with someone who did.

HTH,

H

 
Posted : 01/01/2007 3:49 am
(@unclebuki)
Posts: 12
Active Member
Topic starter
 

You mentioned government agencies. Working for a U.S. intelligence agency is a big goal of mine. However, I'm not sure I understand what exactly a CF-trained person does for such an organization. Other than US-CERT, I have this impression that they're all math-savant cryptologists or global network analysts. Can you clarify this for me?

 
Posted : 03/01/2007 12:50 am
keydet89
(@keydet89)
Posts: 3568
Famed Member
 

> I'm not sure I understand what exactly a CF-trained person does for such
> an organization.

Well, some with CF training who is hired into a CF position will do CF, most likely.

> Other than US-CERT, I have this impression that they're all math-savant
> cryptologists or global network analysts. Can you clarify this for me?

Yes. There's a lot more to the federal gov't than just a narrow view of the NSA. Most gov't organizations have computer networks and IT depts. Federal regulations/laws (such as FISMA) mandate certain requirements that, at least on paper, require knowledgeable, trained CF personnel.

In addition, some LE-based agencies will hire contractors to provide expertise in such areas as storage management and CF.

 
Posted : 03/01/2007 1:19 am
az_gcfa
(@az_gcfa)
Posts: 116
Estimable Member
 

Computer Network Defense in the government is governed by different groups, Intelligence is responsible for basically gathering all the information about hacks, hackers and things along this line; Operations is responsible for controlling and maintaining the networks and systems security based upon BBP and threat profiles; Security is responsible for compliance and setting policies and insuring everyone play fairly in each other's sandbox - and other stuff.
Most CF positions will be located in the CERT's or with OSI, CID, NCIS for military organizations. Incidents involving John Q. Public are handled between the appropiate military LE and the FBI - then the FBI takes the leads.
DHS, SS, DEA, ATF, NSA and IRS and Department of Treasury, BP or ICE all have CF analyst on their staff as well.

However, the CF positions in the Intelligence community will be quite different that those in the LE organizations.

So there are a lot of choices each with different possibilities.

 
Posted : 03/01/2007 10:04 am
(@unclebuki)
Posts: 12
Active Member
Topic starter
 

Speak of the devil. I just finished reading a great, albeit short article in the January 2007 issue of Wired. It profiles DoD digital forensics guru Jim Christy. Very interesting.

 
Posted : 04/01/2007 2:48 am
(@unclebuki)
Posts: 12
Active Member
Topic starter
 

Jeez. My bad.

 
Posted : 04/01/2007 5:02 am
Share: