Friday, 27 May 2016

On 02:15 by admin   1 comment
It is a huge privilege to be granted an interview with Ramandeep Singh, a Digital Forensic expert whose contributions are acknowledged by government and private sectors. 

So now without wasting the time, lets start interview with him and find out more !

1. How did you come to be involved in this area of work?

  I started my career in InfoSec as an Information Security Expert trainer with a renowned institute and successfully trained a number of students including few from colleges, defense departments, bank officials and university students. I then got a chance to join a very Well-Known forensic science laboratory cum institute, where I started working as an Information Security Consultant and performing various duties. My primary job role there is giving services to legal advisors, counsels and solicitors of District Courts, High Courts and Supreme Court of India and provide them Forensic Reports (Under Section 45 - Indian Evidence Act) in the cases of Cyber Forensics including Data Forensics, Network Forensics, Mobile Forensics, Image and Audio-Video Forensics etc. I have also given forensic services to MNC companies, Government and Private Banks and various Law Firms in the case of departmental inquiries.  EC|ECSS, CompTIA Security +, CompTIA Networking+, CompTIA A +, OPSEC (ICS-CERT U.S. Department of Homeland Security), CISE and few more. I have successfully given my expert opinion for more than 300 cases and have submitted expert opinion in various courts of Law and state police departments.

I have earned a number of certifications including EC|CHFI, EC|CEH, EC|W5.

2. What do you think are some of the most challenging aspects of your line of work?
The most challenging aspects of Cyber Forensics is, keeping a case on a track by maintaining the confidentiality of the clients related to court cases, their data related to it and ensuring the data security in a safe place as we usually receive cases related to marital affairs, pornography, mobile forensic which contains sensitive data of users. It usually takes a week to examine evidences and prepare a report accordingly, so maintaining confidentiality and getting the genuine output for the report, doesn’t matter whether it goes against the client or it comes in favor, providing a genuine report is the main challenge of my line of work. Affairs around the country (I hope telling this is enough instead of the department name). Dealing with their data sometimes is the most challenging part as they provide “the single evidence” for the whole investigation. Special audit teams, CBI Officials and other concerned departments then wait for us to get the data in a readable format. To sum-up, maintaining the data confidentiality, providing the report on time, standing up confidently in the court of law for the opinion we give in the report are few things that are most challenging aspects. Also, sometime we get cases from department which usually deal with the money.

3. How has the field of digital forensics changed during the time you have been involved?

Digital forensics is a wide field with a lot of streams to get involved in, like Data Forensics, Network Forensics, Mobile Forensics etc. Each individual stream has defined subdomains, for example when it comes to mobile forensics we need to perform Android Forensics, iPhone, BlackBerry and Windows Mobile Forensics. Every new day we deal cases from around the country. Year back, we were dealing with the cases like email spoofing, spear-phishing, mail bombing, fake calling, image forgeries, audio forgeries (including phone call recording tempering etc.). Now days we getting cases like one I recently did, it was an image verification case with a person standing in it, and we have to verify that image was not tempered and the person standing in the image who’s face is not visible in the image, is the same as shown in the exhibit. So the questioned image and specimen provided, are matched
on different basis, and then we give our opinion. Cyber/Digital Forensics is a wide field in which we deal with new kind of cases usually. Every case is one of its kind.

4. Has the field of digital forensics been affected by the major changes to forensic science services in the India in recent years?

Yes, Indian Government is playing a major role in making things better for forensic
investigators. Recently, at a national level conference (Jhansi), it was announced that a bill has been passed by the government to open about Twenty new forensic science labs around the country, in which Cyber Forensic Science Laboratories will also be there, giving an opportunity to the upcoming investigators. Also, it’ll effect the case report dispatch time in a positive manner by reducing the case pendency period which is about 12-18 months right now. Government is also investing a lot of money on latest hardware devices, forensic toolkits and updated debugging devices, providing them to the FSLs (Forensic Science Laboratories).

5. Do you have any advice for those seeking a career in digital forensic science?

 My apologies, but I would suggest all to read this till the last line to understand it in a better way. Always work with Ethics, Honesty and confidence. Practical approach is very much required, but theory is the base. It makes the foundation of your knowledge. Those who are seeking their career in digital forensics, one should start from hardware skills, then to Networking skills and programming, software or any other level skills. To be more detailed with it, everything will be somewhere implemented on the hardware. If a system goes down, there can be a hardware error, a Software level error as well. If a server goes down, hardware error can be there. If your whole enterprise network goes down, hardware skills can take you out of the issue, Network skills can also help. Then how to find out the traces of the incident. Being a Cyber Forensic Investigator, I would recommend all those who are seeking their career in the same, that you must have knowledge of all three major domains of Computer World. Hardware, Network, Software and then move on to Information Security. Being an Investigator, we don’t just make reports and give opinions on what we see. It is a Real-World responsibility of an Investigator to provide a Legit, Genuine and technically correct report with a confident conclusion. In Digital forensics, one should know how a cyber-crime or a breach can take place.

1 comment: