What do incident response practitioners need to know? A skillmap for the years ahead

Hranický, Radek and Breitinger, Frank and Ryšavý, Ondřej and Sheppard, John and Schaedler, Florin and Morgenstern, Holger and Malik, Simon (2021) What do incident response practitioners need to know? A skillmap for the years ahead. Forensic Science International: Digital Investigation, 37. ISSN 2666-2825

Full text not available from this repository. (Request a copy)

Abstract

Digital forensics incident response (DFIR) specialists are expected to possess multidisciplinary skills including expert knowledge of computer-related principles and technology. On the other hand, recent studies suggest that existing training and study programs may not fully address the needs of future DFIR professionals. To reveal possible gaps in practitioners education and identify the most needed skills, we built a skillmap for DFIR where we followed a threefold approach: (1) an online survey among DFIR experts; (2) a review of training programs; and (3) an analysis of job listings on LinkedIn. Each source was first analyzed on its own and the findings were merged into a DFIR skillmap which is the main contribution of this article. The results show that network forensics and incident handling are the most demanded domains of skills. While these are covered by existing courses the newly desired skills, in particular, cloud forensics and encrypted data, need to get more space in training and education. We hope that this article provides educators with information on ways to improve in the years ahead.

Item Type: Article
Additional Information: Funding Information: We like to thank Pavel Laskov from the University of Liechtenstein for valuable discussions and feedback on this article. This material is based upon work supported by the Agentur für Internationale Bildungsangelegenheiten (AIBA) under Agreement No. 2020-1-LI01-KA203-000185 and by Brno University of Technology , Grant No. FIT-S-20-6293 . Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of funding agencies. Funding Information: We like to thank Pavel Laskov from the University of Liechtenstein for valuable discussions and feedback on this article. This material is based upon work supported by the Agentur f?r Internationale Bildungsangelegenheiten (AIBA) under Agreement No. 2020-1-LI01-KA203-000185 and by Brno University of Technology, Grant No. FIT-S-20-6293. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of funding agencies. Publisher Copyright: © 2021 The Authors
Uncontrolled Keywords: /dk/atira/pure/subjectarea/asjc/1700/1706
Departments or Groups:
Depositing User: Admin SSL
Date Deposited: 19 Oct 2022 23:04
Last Modified: 15 Aug 2023 06:00
URI: http://repository-testing.wit.ie/id/eprint/3929

Actions (login required)

View Item View Item
SETU Libraries Repo - Testing is powered by EPrints 3.4 which is developed by the School of Electronics and Computer Science at the University of Southampton. About EPrints | Accessibility