/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsBANAGALORE, INDIA: IT has engulfed our lives so much that most of our daily activities are dependent on it. And with so many people using it as part of their lives, it has also emerged as a means for criminal activities. It is not just an individual who is threatened by illegal activities in cyber space, but even an entire country's security could be at risk.
For instance in 2008, there was news that the email system of the Indian Prime Minister's Office was affected by a computer virus for three months, and upon investigating it was revealed that its computers were being remotely controlled. One might also recall the 2006 train bombings in Mumbai, where terrorists used advanced techniques such as IP address masking for funds transfer and other communications.
Most terrorists groups now communicate through masked IP addresses and use proxy services so that their activities become hard to trace. To make matters worse, there are always cases where sensitive data has been stolen through a network attack or identity theft. It is in such cases that a cyber forensic expert dons his gloves to follow the digital trail left by criminals and helps bring perpetrators of such criminal activities to justice.
Why society needs Cyber Forensics pros
Cyber Forensics is a new and developing field, which can be described as the study of digital evidence resulting from an incidence of crime. The science involves the investigation and a computer to determine the potential of legal evidence. It helps create preventive intelligence and threat monitoring besides post incident investigations.
The growing spectre e-commerce and web-based business transactions has changed the way white- collar crime is committed. Enterprises have become increasingly concerned about the use of computer networks for corporate spying and other similar threats. In addition, extraordinary risk factors such as terrorism in India are also witnessing a strategic change from an operational perspective. India, like elsewhere, is also witnessing an exponential rise in the number of frauds done through computers and IT systems.
From the government's perspective, cyber security has become as important a parameter for national security as physically safeguarding the nation's borders. In fact, there exists a critical dependence of various industries and business sectors on the government-controlled IT infrastructure and networks. And if any vulnerability is attacked by terrorists, it can be disastrous for the country's corporates and businesses.
For instance, the banking sector's inter-bank financial settlement process is based on a centralized IT infrastructure that's managed by RBI, and any disruption in the system can cause tremendous loss to the sector. Such high IT dependence is also present in national assets like oil and gas networks, national stock exchanges, railways, air traffic controls, etc. Such systems are prime targets for hackers as well as terror organizations to cause severe business and economic losses to the country.
This has further escalated the need to have Cyber Forensics experts in India to preserve country's IT assets against operational and reputation risks. Thus, Cyber Forensics professionals are not just required by enterprises for their information security, but also by government agencies to keep track of nation's cyber security and preserve it from malicious attacks.
Murali Talasila, Director-Forensic, KPMG |
Opportunities in Cyber Forensics
A Cyber Forensics professional is required to gather electronic evidence of misuse of computer networks and provide evidence in a court of law to bring the culprits to justice. A Cyber Forensics pro is sought by both public as well as private sector. In the public sector, people are mostly absorbed in law enforcement agencies like cyber crime cells, state forensics departments and central agencies like the CBI. In the private sector, it's the information that is of paramount importance for the enterprises, and so they require professionals to safeguard their data from being stolen and misused and also preserve them from hackers.
Additionally, there are specialist companies that work on ethical hacking, Cyber Forensics and IT security. A budding Cyber Forensics expert can start his career as a cyber analyst or engineer for an enterprise after gaining experience and domain knowledge can proceed to niche areas in Cyber Forensics. Also, professionals can divert to freelancing and become independent security consultants.
Keeping the increasing data thefts and information breach in enterprises in mind, there is an increasing realization worldwide for establishing internal controls and policy compliance as part of corporate governance for organizations. There is already a lot of regulation internationally, such as the Sarbanes Oxley Act, Basel II, Patriot Act and Data Protection Act.
All these require organizations to take responsibility to manage their operational risks, ensure data protection, prevent corporate fraud, and enable their storage and archive systems for e-discovery requirements, for litigation purposes. Even the recent fraud in Satyam is a prime example of why such regulations have become the need of the hour. Demand for Cyber Forensics pros is already high in developed countries like the US and Europe and there is also a large demand-supply mismatch in the availability of experienced professionals.
The Indian market is also rapidly evolving in the same manner requiring information security norms and governance policies be followed by corporates in accordance with the Indian IT Act. And the demand/ supply ratio for Cyber Forensics professionals is 10:1 in India, thus, creating vast opportunities for professionals to enter this domain.
Skills required
The field requires professionals who have specialized in gathering evidence over IT networks. This requires in-depth understanding of networking technologies, operating systems, storage and memory devices, and how various applications interact with hardware and operating systems. Specialized forensic skills can be only built upon the above pre-requisites. The other requirement is expertise in cyber threat investigation, evidence management, legal knowledge, encryption and cryptography, and search technologies. Specialized training and experience is required to acquire these skills.
The field welcomes professionals from the networking domain and those who specialize in security can also venture in this field to give their careers a new dimension. Since technologies for cyber security are fast evolving, hackers are also getting smarter and continuously developing new techniques to disrupt computer networks. A Cyber Forensics expert should have the capability to think like hackers and look for vulnerabilities in an enterprise's security. Thus, a cyber forensic person should also have the knowledge about hacking, viruses, tracking user activity, password breaking, and experience on tools used for forensic imaging, data recovery and analysis, etc. Results or opinions obtained from cyber forensics tools like Encase and Forensic Tool Kit (FTK) are acceptable in court of law, and a cyber forensic expert never works on original media of evidence. He creates Image file of that and then follows up on the investigation on duplicate media using FTK tools.
The other facet of Cyber Forensics is the criminal litigation process, which requires the knowledge of the cyber laws and security compliance. An expert in these areas can advise companies on how to proceed with a cyber crime investigation. Also, since most Indian companies do business in the US and European countries, it's mandatory for them to comply with laws of respective countries while doing business there. Hence, the knowledge of such laws can be an advantage for a Cyber Forensics expert.
| Key Certificate Courses in Cyber Forensics |
Certifications
Currently, the demand curve for cyber forensics professionals is very sharp in our country while the number of experts in the field is still meager. The importance and scope of the field is visible from the fact that universities have started courses on cyber forensics, and training institutes are being set up to provide training to individuals and corporates to fight the cyber crime.
A certified Cyber Forensics expert can play a dual role, firstly as a Cyber Forensics expert in Cyber Crime Investigation (CCI) and secondly, as a Data Recovery (DR) expert in corporate sectors. It can be said that Cyber Forensics is a part of CCI. The certifications give a professional a grounding in computer ethics, evidence gathering, corporate and cyber laws, besides enhancing his IT knowledge. Thus, the professionals choosing cyber forensics as a career will be highly sought after by the enterprises, government agencies for law enforcement and criminal justice, and also by the armed forces.