In April 2005, I received a telephone call from Humana Press Senior Editor, Harvey Kane, inquiring whether there might be a need for a book to be published concerning the different aspects of computer forensics. During a subsequent meeting to discuss the current state of available texts covering this topic, I noted to Mr. Kane that there were several excellent computer forensics books already published and readily available. Mr. Kane then inquired as to what were some of the commonalities and differences between those books. My response was that they all discussed computer forensics analysis in detail. (Indeed, the purpose of one in particular was to guide the individual to becoming a skilled computer forensics examiner.) Furthermore, I indicated that some of the books included topics such as different operating systems as well as chapters on evidence collection and processing. Still others dealt specifically with incident response. Mr. Kane then asked me two questions: “If a person wanted to pursue a areer in computer forensics, is there any one book currently available that provides an overview?” and if not, “If you were to write a book on computer forensics, what topics would you include in the book?” The meeting ended with Mr. Kane asking me to draft a scope document concerning a possible book on computer forensics.
Shortly thereafter, I attended a local Infragard meeting. The speaker’s topic for the meeting was incident response and the role that computer forensics can play in identifying the evidence of a Denial of Service (DoS) attack. After the presentation, a number of those present asked the speaker such questions as: “What training is necessary to become an examiner in this field?” “How and where can you obtain such training?” “Where can you get the software to investigate this type of crime?” “Does an information technology (IT) person have to be certified?” “How do I go about obtaining certification?” “What certifications are available?” “What are the legal issues involved in searching and seizing digital data?” “What education is necessary to be hired in the IT field?” “What happens if you have to testify in court?”
Over the past several years, I have been asked many of those same questions by high school and college students and other individuals interested in entering the computer forensics field. One question in particular stands out: “How and where does a person look to obtain the necessary information if he or she is thinking of a career in this field?” All of these questions exemplify how difficult it is at times to obtain necessary information to make career choices.