http://seattletimes.nwsource.com/html/businesstechnology/134531230_forensics08.html By Suzanne Monson Special to The Seattle Times September 08, 2002 Dick Tracy had it easy. Today's real-life crime-fighters battle villains more sophisticated than those the comic-book character ever faced — and these modern-day crooks often set their sights on threatening business, government and national security using computers. That's why it takes more than a simple high-tech wristwatch to beat computer crime. It takes cybersleuths — experts trained in Information Systems (IS) security, or computer-program protection, and the more advanced skills of computer forensics. "There simply are not enough people to do this work," says Scott Pancoast, a Seattle-based certified forensic computer examiner with the Washington state Attorney General's Office. One of just 180 forensics investigators certified worldwide by the International Association of Computer Investigative Specialists, Pancoast is among the 15 to 20 computer forensics examiners who work in this state. These "digital detectives" collect, preserve and analyze computer evidence according to careful style so that it can be criminally prosecuted. Not only is demand for computer forensics investigators hot, but several labor forecasts predict a shortfall of nearly 50,000 within the IS security profession, too. In police parlance, if computer forensics investigators are detectives, then IS security experts are the patrol cops who protect computers and network systems from high-tech safecrackers and vandals. Businesses, government and law-enforcement agencies all are "scrambling" for such workers, says Lake Washington Technical College dean Mike Potter. That's why, Potter says, the Kirkland school is adding a two-year computer forensics degree program to its existing three-quarter computer/network security certificate program this fall; Eastside police chiefs and local business leaders stressed the need. No wonder. Cases of computer hacking and network viruses have skyrocketed in the past 14 years. The number of computer/network security incidents reported to the Carnegie Mellon Software Engineering Institute has exploded from six in 1988 to more than 52,658 last year. And increasingly, other cases involve the perpetrators using their personal computers or the Internet to commit such crimes as embezzlement, drug dealing and child pornography. That's the typical workload facing computer forensics specialists such as Pancoast. "When I tell people what I do, they often say, 'God, that must be fun,' " says Pancoast. "I try to dispel that myth as much as possible. When you boil down the stories that we've seen, there are some great ones. But often it's long hours with tedious and sometimes boring work." Pancoast recently was combing through "tidbits" on a computer hard drive with more than 40 billion bytes. His job was to narrow the search down to 2,000 bytes that might be important in building a criminal case. "It's like searching for a needle in a haystack," he says. His meticulous work has been integral to prosecuting various cases throughout the state, including the high-profile mail-order bride murder case in Snohomish County earlier this year. With so few computer forensic specialists in the state, counties and other law-enforcement agencies around Washington often turn to him. Computer forensics investigation, Pancoast says, is for people who "gotta like law enforcement, are very curious and want to follow leads when things just don't look right." However, he warns, it's also a job that requires "mental toughness" to deal with the darker, sometimes intensely graphic side of crime. Performing "exacting, detailed work" can mean the difference between a conviction and a case being thrown out of court. Typically, computer forensics specialists start out in law-enforcement and expand their skills into cyber-sleuthing, says Lake Washington Technical College computer forensics instructor Marvin Everest, who has about 30 students enrolled in his course. However, civilians with computer forensic training may become qualified to work for law-enforcement and government agencies, he believes. Many of these high-tech civilians start out with slightly different skills — IS security training that is more often employed in businesses, protecting internal computer systems and external networks. Employers who are tired of "getting beat up by viruses and much more sophisticated hackers," Potter says, are hiring security professionals to protect them from bugs such as "Code Red" to the "I Love You" virus. Network-security specialists must be able to think like hackers, Potter says. In one class, students practice "intrusion detection" by playing "good guy, bad guy," he adds. "One half of the class is trying to break into the network, while the other half is using prevention tools." Several other local schools — including Bellevue Community College, the University of Washington's Extension Continuing Education program and ITT Technical Institute — offer training in IS security. With advanced skills, security professionals are among the technology industry's highest-paid workers, according to a recent survey by the System Administration Networking and Security Institute. Security consultants tended to earn the highest average at $79,395, followed by security auditors at $71,404, security administrators at $63,598, system administrators at $61,440 and at $58,399 a year, network administrators. FACTS For more information about the growing field of computer forensics: ITT Technical Institute: www.itt-tech.edu or 206-244-3300. Lake Washington Technical College: www.lwtc.ctc.edu or 425-739-8100. University of Washington Educational Outreach: www.outreach.washington.edu/ or 206-543-2320. Certified Information Systems Security Professional: www.isc2.org or 888-333-4458. Computer Technology Investigators Northwest: www.ctin.org. High Technology Crime Investigation Association: www.htcia.org or 540.937.5019. International Association of Computer Investigative Specialists: www.cops.org or 877-890-6130. System Administration Networking and Security (SANS) Institute: www.sans.org or 866-570-9927. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Mon Sep 09 2002 - 01:33:59 PDT