Detail publikačního výsledku

What do incident response practitioners need to know? A skillmap for the years ahead

HRANICKÝ, R.; BREITINGER, F.; RYŠAVÝ, O.; SHEPPARD, J.; SCHAEDLER, F.; MORGENSTERN, H.; MALIK, S.

Originální název

What do incident response practitioners need to know? A skillmap for the years ahead

Anglický název

What do incident response practitioners need to know? A skillmap for the years ahead

Druh

Článek WoS

Originální abstrakt

Digital forensics incident response (DFIR) specialists are expected to possess multidisciplinary skills including expert knowledge of computer-related principles and technology. On the other hand, recent studies suggest that existing training and study programs may not fully address the needs of future DFIR professionals. To reveal possible gaps in practitioners education and identify the most needed skills, we built a skillmap for DFIR where we followed a threefold approach: (1) an online survey among DFIR experts; (2) a review of training programs; and (3) an analysis of job listings on LinkedIn. Each source was first analyzed on its own and the findings were merged into a DFIR skillmap which is the main contribution of this article. The results show that network forensics and incident handling are the most demanded domains of skills. While these are covered by existing courses the newly desired skills, in particular, cloud forensics and encrypted data, need to get more space in training and education. We hope that this article provides educators with information on ways to improve in the years ahead.

Anglický abstrakt

Digital forensics incident response (DFIR) specialists are expected to possess multidisciplinary skills including expert knowledge of computer-related principles and technology. On the other hand, recent studies suggest that existing training and study programs may not fully address the needs of future DFIR professionals. To reveal possible gaps in practitioners education and identify the most needed skills, we built a skillmap for DFIR where we followed a threefold approach: (1) an online survey among DFIR experts; (2) a review of training programs; and (3) an analysis of job listings on LinkedIn. Each source was first analyzed on its own and the findings were merged into a DFIR skillmap which is the main contribution of this article. The results show that network forensics and incident handling are the most demanded domains of skills. While these are covered by existing courses the newly desired skills, in particular, cloud forensics and encrypted data, need to get more space in training and education. We hope that this article provides educators with information on ways to improve in the years ahead.

Klíčová slova

Digital Forensics, Incident Response, Skills, Skillmap, Survey, DFIR

Klíčová slova v angličtině

Digital Forensics, Incident Response, Skills, Skillmap, Survey, DFIR

Autoři

HRANICKÝ, R.; BREITINGER, F.; RYŠAVÝ, O.; SHEPPARD, J.; SCHAEDLER, F.; MORGENSTERN, H.; MALIK, S.

Rok RIV

2022

Vydáno

13.07.2021

ISSN

2666-2825

Periodikum

Forensic Science International: Digital Investigation

Svazek

37

Číslo

2

Stát

Spojené státy americké

Strany od

23

Strany do

34

Strany počet

11

URL

https://www.sciencedirect.com/science/article/pii/S2666281721000925

BibTex

@article{BUT175777,
  author="HRANICKÝ, R. and BREITINGER, F. and RYŠAVÝ, O. and SHEPPARD, J. and SCHAEDLER, F. and MORGENSTERN, H. and MALIK, S.",
  title="What do incident response practitioners need to know? A skillmap for the years ahead",
  journal="Forensic Science International: Digital Investigation",
  year="2021",
  volume="37",
  number="2",
  pages="23--34",
  doi="10.1016/j.fsidi.2021.301184",
  issn="2666-2825",
  url="https://www.sciencedirect.com/science/article/pii/S2666281721000925"
}

Dokumenty

DFIR_Alliance_DFRWS_US_2021_paper