What do incident response practitioners need to know? A skillmap for the years ahead

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26230%2F21%3APU142900" target="_blank" >RIV/00216305:26230/21:PU142900 - isvavai.cz</a>

Výsledek na webu

<a href="https://www.sciencedirect.com/science/article/pii/S2666281721000925" target="_blank" >https://www.sciencedirect.com/science/article/pii/S2666281721000925</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1016/j.fsidi.2021.301184" target="_blank" >10.1016/j.fsidi.2021.301184</a>

Jazyk výsledku

angličtina

Název v původním jazyce

What do incident response practitioners need to know? A skillmap for the years ahead

Popis výsledku v původním jazyce

Digital forensics incident response (DFIR) specialists are expected to possess multidisciplinary skills including expert knowledge of computer-related principles and technology. On the other hand, recent studies suggest that existing training and study programs may not fully address the needs of future DFIR professionals. To reveal possible gaps in practitioners education and identify the most needed skills, we built a skillmap for DFIR where we followed a threefold approach: (1) an online survey among DFIR experts; (2) a review of training programs; and (3) an analysis of job listings on LinkedIn. Each source was first analyzed on its own and the findings were merged into a DFIR skillmap which is the main contribution of this article. The results show that network forensics and incident handling are the most demanded domains of skills. While these are covered by existing courses the newly desired skills, in particular, cloud forensics and encrypted data, need to get more space in training and education. We hope that this article provides educators with information on ways to improve in the years ahead.

Název v anglickém jazyce

What do incident response practitioners need to know? A skillmap for the years ahead

Popis výsledku anglicky

Digital forensics incident response (DFIR) specialists are expected to possess multidisciplinary skills including expert knowledge of computer-related principles and technology. On the other hand, recent studies suggest that existing training and study programs may not fully address the needs of future DFIR professionals. To reveal possible gaps in practitioners education and identify the most needed skills, we built a skillmap for DFIR where we followed a threefold approach: (1) an online survey among DFIR experts; (2) a review of training programs; and (3) an analysis of job listings on LinkedIn. Each source was first analyzed on its own and the findings were merged into a DFIR skillmap which is the main contribution of this article. The results show that network forensics and incident handling are the most demanded domains of skills. While these are covered by existing courses the newly desired skills, in particular, cloud forensics and encrypted data, need to get more space in training and education. We hope that this article provides educators with information on ways to improve in the years ahead.

Druh

J_imp - Článek v periodiku v databázi Web of Science

CEP obor

—

OECD FORD obor

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Projekt

—

Návaznosti

S - Specificky vyzkum na vysokych skolach

Rok uplatnění

2021

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název periodika

Forensic Science International: Digital Investigation

ISSN

2666-2825

e-ISSN

—

Svazek periodika

37

Číslo periodika v rámci svazku

2

Stát vydavatele periodika

US - Spojené státy americké

Počet stran výsledku

11

Strana od-do

23-34

Kód UT WoS článku

000686127700002

EID výsledku v databázi Scopus

2-s2.0-85112473761