What do incident response practitioners need to know? A skillmap for the years ahead
The result's identifiers
Result code in IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26230%2F21%3APU142900" target="_blank" >RIV/00216305:26230/21:PU142900 - isvavai.cz</a>
Result on the web
<a href="https://www.sciencedirect.com/science/article/pii/S2666281721000925" target="_blank" >https://www.sciencedirect.com/science/article/pii/S2666281721000925</a>
DOI - Digital Object Identifier
<a href="http://dx.doi.org/10.1016/j.fsidi.2021.301184" target="_blank" >10.1016/j.fsidi.2021.301184</a>
Alternative languages
Result language
angličtina
Original language name
What do incident response practitioners need to know? A skillmap for the years ahead
Original language description
Digital forensics incident response (DFIR) specialists are expected to possess multidisciplinary skills including expert knowledge of computer-related principles and technology. On the other hand, recent studies suggest that existing training and study programs may not fully address the needs of future DFIR professionals. To reveal possible gaps in practitioners education and identify the most needed skills, we built a skillmap for DFIR where we followed a threefold approach: (1) an online survey among DFIR experts; (2) a review of training programs; and (3) an analysis of job listings on LinkedIn. Each source was first analyzed on its own and the findings were merged into a DFIR skillmap which is the main contribution of this article. The results show that network forensics and incident handling are the most demanded domains of skills. While these are covered by existing courses the newly desired skills, in particular, cloud forensics and encrypted data, need to get more space in training and education. We hope that this article provides educators with information on ways to improve in the years ahead.
Czech name
—
Czech description
—
Classification
Type
J<sub>imp</sub> - Article in a specialist periodical, which is included in the Web of Science database
CEP classification
—
OECD FORD branch
10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)
Result continuities
Project
—
Continuities
S - Specificky vyzkum na vysokych skolach
Others
Publication year
2021
Confidentiality
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Data specific for result type
Name of the periodical
Forensic Science International: Digital Investigation
ISSN
2666-2825
e-ISSN
—
Volume of the periodical
37
Issue of the periodical within the volume
2
Country of publishing house
US - UNITED STATES
Number of pages
11
Pages from-to
23-34
UT code for WoS article
000686127700002
EID of the result in the Scopus database
2-s2.0-85112473761