Lack of Standardization and Skills Hinders Digital Forensics
Dr. Santosh Khadsare on Digital Forensics as an Integral Part of Incident ResponseDigital forensics is becoming a crucial part of cyber incident response plans. It helps determine the details of a cyberattack, but standardization and skilled resources are needed to address the current gaps in digital forensic investigations, says Lt Col (Dr.) Santosh Khadsare (Retd.), VP of digital forensics and incident response at eSec Forte Technologies.
See Also: 2024 Global Data Protection Index
"The challenge is particularly exacerbated by the wide variety of digital assets available with each team working on multiple operating systems, file systems and formats, including proprietary software. There are also challenges around fragile hardware and unstable firmware," Dr. Khadsare says.
In this interview with Information Security Media Group, Dr. Khadsare discusses:
- The importance of integrating digital forensics with cyber incident response and current gap areas;
- Applying DFIR tools to investigate cyberthreats;
- Incident response techniques for investigation and recovery during ransomware attacks.
Dr. Khadsare is an Indian army veteran with more than 23 years of experience in the area of DFIR with the Indian Army and CERT-India. He has led two national-level cyber forensic laboratories and was responsible for notification, overall functioning, upgradation, training, analysis and preparation of reports.