By Lt Col (Dr) Santosh Khadsare (Retd): The 8th Interpol Digital Forensic Expert Group (DFEG 2023) meeting was held from 15 – 17 Aug 2023 at Kuala Lumpur, Malaysia on the backdrop of Cybersecurity Malaysia conference. It was attended by 44 countries including India and the attendance comprised of Law Enforcement Agencies(LEAs), Academia and Industry. The twentieth Annual IFIP WG 11.9 International Conference on Digital Forensics is also planned to be held at New Delhi India on 3-4 January 2024. This conference alternately is conducted in US and India and in India being coordinated by Dr Gaurav Gupta, a well-done digital forensic expert. Such conferences help in planning a future roadmap and understanding the pace at which global entities or addressing this issue which is very important from a national perspective.
In last few years global entities are looking at India as a futuristic market for selling the digital forensic products and have started aligning to India’s Make In India(MII) initiative. One good thing that has happened is that now you have a basket of solutions available for performing a particular task whether it is traditional forensics, mobile forensics or any other forensic stream which has evolved lately.
The Atmanirbhar Bharat call by the government of India has motivated indigenous entrepreneurs to come out with varied, competitive and cheap solutions in every segment of the forensic field. Academic institutions such as Rashtriya Raksha University (RRU) and National Forensics Science University (NFSU) have been acknowledged by the government for capacity building in the niche field. Many private universities and academic institutions offering post graduate courses on digital dorensics. Private forensic laboratories have cropped up in addition to the government Cyber Forensic Laboratories (CFLs) which are there at national and state level. Government expenditure has grown multifold for development of infrastructure and procurement of solutions that can help the law enforcement agencies to investigate cases involving cybercrime and national security.
But is it really enough……
In spite of the above initiatives taken in the niche field there is a lot more to do and achieve so that India becomes a leader in services and a solutions provider in the coming decade. To understand this we have to accept few shortcomings and find constructive solutions to address the same. The initial phase of motivating enthusiasts and professionals to accept this field as a career is on the right track and many are being influenced to join this and make it as the primary career. We have also achieved the part one of our goal in providing infrastructure and solutions for a limited scope of computer, mobile, drone and network forensics to the concerned. Notification of Laboratories under 79A of the Information Technology Act has notified 15 government laboratories as Examiner of Electronic Evidence(EEE) till date.
So now what should be the roadmap for the coming decade so that India can spearhead this Digital Forensics revolution……
- There is a requirement of creating a Joint Working Group (JWG) for Digital Forensics so that research and product development is planned, measured and delivered in time. It should constitute of experts from the Government, Law Enforcement, Accademia and the Industry. The five year and ten year plan should be prepared by this team.
- Academic institutions have started multiple courses but lack the infrastructure and expertise in terms of faculties to impart training to the students and professionals. The syllabus is outdated and theoretical which needs a change and should be more practical in nature. Industry experts should be utilised for imparting training in form of guest lectures or workshops.
- More Laboratories needs to be notified under the section 79A of the Information Technology Act, as 15 laboratories will not be sufficient for catering the present pendency at various computer forensic laboratories. There should also be a strong consideration of notifying private laboratories under this scheme, as it will assist in achieving faster analysis of case wherever digital forensic analysis is required. The process of notification should be expedited as the strike rate seems to be very low. The scope provided for notification also needs to be re-looked and other emerging forensics should also be notified under the scheme.
- Shortage of human resource in this niche field is a big problem and needs to be addressed from a long-term perspective. Law Enforcement Agencies and Cyber Forensic Laboratories is should catch talent early and make sure that the retention policies are in place. Present resources should be assisted in enhancing the skill sets by means of certifications and continuity training.
- It is observed that as on date skill sets and infrastructure related to limited scope is available which needs to be enhanced. Advance solutions and infrastructure should be made available to handle futuristic crimes involving technologies such as deep fakes and crypto currencies. Use of advanced technologies such as Blockchain and artificial intelligence should be incorporated into the development so that it can address the issue of problem of plenty and problem of capacity faced by the analysts.
- Digital Forensic fields such IOT, Drone, Cloud, Vehicle, ICS/SCADA, etc should start taking centre stage in addition to the traditional forensics been carried out. Capacity building and infrastructure development should begin so that when such cases arrive we are prepared to handle the same.
- Indigenous product development involving both hardware and software is the need of the hour. We not only will be able to capture the world attention by providing skilled manpower but also providing better, competitive and cheap solutions. Indian companies such as eSec Forte Technologies (www.esecforte.com) have developed DRONA series of hardware solutions such as Drona Workstations, Drona Labstation, Drona faraday bags, Drona Incident Response Kit and Drona Kiosk under this initiative. CDAC has also developed indigenous products and solutions to cater for Digital Forensics which need to be available with all law enforcement agencies so that they can be utilised and compete with the other solutions available.
- At present certification bodies such as CDAC, EC Council, CISA, SANS, etc providing certifications in this niche filed. CDAC Trivandrum which is the centre of excellence for Digital Forensics in India should come up with many more such certifications which can be acceptable at the global level and endorse the skill set of the individual undertaking the certification course.
India is on a progressive path and will continue to lead the world in various spheres. There is a need of a clear roadmap in case we want to be a leader in providing skilled manpower to the world and also provide cheaper and competitive solutions in the Digital Forensics field. The journey has already started but far from over as for this we need to be continuously at it and contribute whatever we can. We have intrapreneurs, start-ups, policies in place but need to have a vision to be a global leader in this niche field of Digital Forensics.
About The Author: Lt Col (Dr) Santosh Khadsare (Retd) VP – Digital Forensics & Incident Response, eSec Forte Technologies Pvt Ltd. Santosh Khadsare is an InfoSec and DFIR professional who specializes in Digital Forensics and is presently heading a Digital Forensic Lab at New Delhi.
Follow The420.in on