Add to collection(s) Add to saved
  1. Social Science
  2. Law
  3. Forensic Science

DFCB Roundtable II Meeting (May 24

advertisement 
Report of the
Second Roundtable on Digital Evidence Practitioner Certification
May 24-26, 2005
Hosted by the
National Center for Forensic Science
University of Central Florida
Orlando, Florida
INTRODUCTION
On May 5-6, 2004, the National Center for Forensic Science (NCFS) hosted a two-day
meeting, in which twelve (12) individuals representing a cross-section of government,
industry, and academia assembled to discuss the current state of certification for digital
forensic practitioners. They included representatives of existing certification and
accreditation programs from the International Association for Identification (IAI), the
Institute for Communications, Arbitration and Forensics (ICAF), the International
Association of Computer Investigative Specialists (IACIS), and the System
Administration and Network Security (SANS) Institute. In addition, representatives of the
Federal Bureau of Investigation, the Internal Revenue Service/Criminal Investigative
Division, and the United States Secret Service participated. A complete report was
furnished to all attendees and other interested parties. At that time, the participants
decided to report the consensus views back to their organizations and would meet
again to decide on a further course of action.
The National Center for Forensic Science issued a subsequent invitation to all of the
participants in the First Roundtable, as well as additional participants from government,
the private sector and international representatives to attend a second Roundtable to be
held from May 24-26, 2005. Sixteen participants attended (see Appendix B). The
meeting was hosted by Carrie Whitcomb (NCFS), Moderated by Mark M. Pollitt (Digital
Evidence Professional Services, Inc.) and facilitated by Ed Hampton, Jr. (TransformU).
This report contains the results of this meeting. The travel for the meeting participants
was not financially supported by NCFS. However, NCFS has recently received funds
from NIJ, E-Crimes for this project under the Cooperative Agreement 98-IJ-CX-K003
which will be used to support state and local travel and other committee fees and
consultants.
DFCB Roundtable II Meeting (May 24-26, 2005), Abridged Version (jb)
Page 1 of 8
MEETING REPORT
After brief introductions and an overview of previous work, the meeting was turned over
to Dr. Ed Hampton to conduct a facilitated discussion to develop group consensus on
why, if and how the community might want to pursue the certification of practitioners.
The first discussion item concerned why (what purpose) we might want to develop a
certification program. The group agreed on the following:
Purpose Statement
To promote trust and confidence in the Digital Forensics Profession.
There were a number of discussions concerning the core values that would drive the
organization. After several iterations, the group reached the following consensus:
Strategic Core Values
Excellence
Integrity
Objective and Independent of undue influence
Professionalism
The Greater Common Good
These core values provide touchstones for organizational behavior, but a slightly more
granular set of guidance for how an organization operates is very useful. The group
defined how this organization would function in the following:
Guiding Philosophies
1. We will accept only funding which will not adversely influence our independence
or inclusive representation
2. We will move from an all volunteer organization to a member-governed,
professionally staffed organization.
3. Make strategic decisions by committee
4. Use a three-legged governance model: Board of Directors (strategy and vision),
Executive Committee (Operations), and Advisory Committee (Advice)
5. No debt
6. Certification will be available to all practitioners (reasonable cost and
requirements)
7. Designated positions and functions will be held by certified professionals
8. Non-profit forever
9. There will be different levels of certification
10. Membership criteria to be determined
11. We will take input from the community but will act/respond in an autonomous
way.
DFCB Roundtable II Meeting (May 24-26, 2005), Abridged Version (jb)
Page 2 of 8
12. Community involvement is essential
13. Term limits for board members
14. Forensic Specialties Accreditation Board (FSAB) and National Commission on
Certifying Agencies (NCCA) will be used as guidelines but not necessarily as
authoritative documents
15. Board of Directors will be a hybrid of funding/influence providers and business
advice/oversight providers
In order to be successful, it is important to define not only what business you are in, but
what the basic value propositions are to the organization, its customers and the public.
This is sometimes called a business or strategic hypothesis. The group settled on the
following:
Strategic Hypotheses
1. Our core product will be certification
2. By certifying professionals, the public will benefit from an independent
certification of a practitioner’s competence
3. An objective certification process in digital forensics will help the maturation of
digital forensics as a science
4. By meeting the criteria, an individual will posses a professional certification that
will hold them accountable to a high level of excellence
5. Employers/consumers will benefit from an objective professional certification
program
6. Our primary focus is to benefit the profession, not profit motives
7. We provide an inclusive professional body to promote collaboration for the
advancement of the digital forensics profession
Organization Name
The choice of an organizational name was the very last item on the agenda, but we are
including it here for reference. There were two major variations which reached the final
round of discussion: Digital Forensics Certification Board and Digital Forensics
Professional Certification Board. It was felt that the latter might be somehow more
restrictive and the final choice was:
Digital Forensics Certification Board (DFCB)
DFCB Roundtable II Meeting (May 24-26, 2005), Abridged Version (jb)
Page 3 of 8
SWOT Analysis
There was considerable discussion concerning the fact that there are currently
organizations which certify people in this field. The group agreed that while the
currently offered certifications are useful, they do not encompass the full range of roles,
positions, employment, environments, or practices which exist and continue to expand
in breadth. And while the group concluded that there was a need for a new organization
to undertake practitioner certification, that it would not be in a vacuum and further, there
needed to be a realistic view of the current environment. To this end, the group
conducted a strengths, weaknesses, opportunities and threat analysis of the proposed
DFCB with the following results:
STRENGTHS
1.
2.
3.
4.
Independence and Neutrality of Process
Diversity of contributors
Strength of founders
Inclusive and progressive process being
developed
5. Small working group = more agile
WEAKNESSES
1. Funding
2. Finite amount of time, founders and key
resources
3. Lack of organizational framework
4. Lack of dedicated people (full time)
5. Not everybody recognizes need = need for
marketing
6. Lack of definitions of levels of certification,
expertise, etc.
7. Lack of big dog champions (especially regarding
funding and
8. acceptance) (need to get “our” story straight 1st)
9. Lack of large corporation and military/defense
involvement
10. Lack of market analysis; ID players
11. Lack of international reach
OPPORTUNITIES
THREATS
1. To bring the community together by inviting a
wider group
2. Chance to move ball forward in digital
forensics
3. Timing is right, i.e. demand is growing
4. Legal profession is seeking something to
solve dilemma of whether evidence is “good”
5. Establishing parallel/concurrently running
committees
6. Gain participation thru republican form of
governance
7. To grow by invitation
8. Gain federal and state law enforcement,
1. Politics and competing agendas; interagency,
vendors, etc.
2. Possible rejection by community we will serve
3. Vendors or private certification companies,
including product-based training
4. Permanent nay-sayers/anarchists
5. Hurdles gaining consensus on structure, e.g. role
definition
6. Possible competition from international bodies
corporate, defense involvement thru an
advisory board
9. Research needed to keep certification
current
10. International reach
DFCB Roundtable II Meeting (May 24-26, 2005), Abridged Version (jb)
Page 4 of 8
Stakeholder Map
In order to form and successfully operate an organization, it is crucial to identify not only
the people and organizations that are your customers, but those who have a stake in
the operation of the program. These are often called stakeholders. The group
undertook to identify the groups and organizations that would have a stake in the
operation of the proposed DFCB. Further, they organized these by function and
mapped the relationships. This resulted in a stakeholder map which is useful for
developing a strategy for both communicating with and serving the needs of the
stakeholder communities. The result of the group’s analysis is as follows:
Digital Forensics Certification Board
Stakeholder Map
Competitors
State and Local
Professional
Law Enforcement
Associations
Government
Government
Legislators
And
Federal
Military
Criminal
akingLaw Enforcement
M
s
d
r
a
d
Stan odies
Prosecution Defense
B
Legal
Certifying
Legal Profession
Body
Academia
Public
Judicial
Civil
Scientific
Community
Funding
Vendors
Organizations
Private
Private Sector
Sector
Industrial
Financial
International
Technical
Military
Organizing Committees
It was recognized that in order to implement this very ambitious program, that
committees needed to be formed as well as management of the process. What the
group decided was that there would be five substantive committees with oversight by a
sixth, ad hoc committee formed from the chairs of the other committees. This committee
would be termed the Governance Committee. The group agreed to the following
committee structure:
DFCB Roundtable II Meeting (May 24-26, 2005), Abridged Version (jb)
Page 5 of 8
Governance Committee – Carrie Whitcomb, Chair
- Charged with overall management of the development process
- Comprised of Committee Chairs
Certification Process Development Committee - Peter Stephenson and Scott
Turner, Co-Chairs
-Members: Chuck Davis, Marc Rogers, Jim Lyle, Howard Ommert, Toni Moore,
Greg Hudson, Kelly Rhodes, Luke Erickson, Eric Walton , Gaylon Thompson.
Organization Committee – Chuck Davis, Chair
- Members: Mark Pollitt, Gregg Hudson, Eva Vincze, Jim Lyle
Charged with infrastructure development, board structures, external accreditation
of DFCB
Communications and Outreach – Mark Pollitt, Chair
- Members: Marc Rogers, Kelly Rhodes, Luke Erickson
- Charged with responsibility of communicating with stakeholders concerning the
DFCB
Business Planning Committee – Gaylon Thompson, Chair
- Members: Eva Vincze, Marc Rogers
- Responsible for market analysis and business plan formulation
Finance Committee– Carrie Whitcomb, Chair
- Members: Chuck Davis, Peter Stephenson
- Charged with investigating and securing funding
THE WAY FORWARD
The group reached a consensus on a vision for the future. The group, now transitioning
into organizing committees, has set a goal to begin offering certification at the beginning
in 2007. This is a very ambitious goal.
To achieve this, the committees will work in parallel to: develop a certification process,
consider external accreditation of that process, develop and implement the legal and
organizational structure of the DFCB, establish an interim facility and staff, and develop
and implement funding mechanism(s).
DFCB Roundtable II Meeting (May 24-26, 2005), Abridged Version (jb)
Page 6 of 8
The members of this group have committed to this goal, but their efforts will not be
enough. They recognize that there are many groups and individuals who need to be at
the table and share in this vision before it can become reality. We will need to reach out
to both individuals and groups which make up our stakeholders.
The people who attended both of the Roundtable Workshops were convinced that the
community needs practitioner certification. Not everyone will embrace the notion of
certification or this organization. Where their reservations and constructive criticisms are
shared it will benefit the community. Then we must embrace their issues. The DFCB is
very much a work in progress and we need to make it the best that it can be. The
DFCB is, and should always be, an organization for the community.
Towards that end, members of the organizing committees will be talking to individuals
and groups in the community. Please give us your candid input.
Shortly, we will be announcing the next meeting of the Organizing Committees. We
encourage interested parties to participate.
Digital Forensics Professional Certification Board
Draft Strategy Map
2005
2006
Develop Certification
Process
Interim
External
Facility
Accreditation
2007
2008
2009
Application
Sustain/Validate
One
Certification
1 Jan
Process
Est Marketing &
Legal
Communications
Digital
CPA Spt
Plan
Forensics
Seat 1st
Manage
Governing
Certification
Board of Directors
Growth
Structure
Board
Strategic
Incorporation
501c
Incorporation
Vision
501c Prov
Status
OD
Structure
Director
500k
Organizing $$
200,000
P/T, the
Sustaining
$150,000
Annual Budget
Full Time
Marketing
Clerical
Analysis
Staff
DFCB Roundtable II Meeting (May 24-26, 2005), Abridged Version (jb)
Page 7 of 8
List of Participants
Kelly Rhodes
Scott Turner
Chris Pater
Marc Rogers
Jim Lyle
Toni Moore
Howard Ommert
David Dunn
Greg Hudson
Alan Marder
Eva Vincze
Peter
Stephenson
Mark Pollitt
Gaylon
Thompson
Carrie Whitcomb
Chuck Davis
Philip Craiger
Eric Walton
Luke Erickson
US Army Crime Lab: Forensic Computer Media Examiner
US Army Crime Lab: Forensic Computer Media Examiner
IACIS: Director of Certification
Purdue: Professor
National Institute of Standards & Technology: Computer Scientist
Bank of America: Vice President
Bank of America: Vice President
North Carolina State Bureau of Investigation: SAC/Documents& Digital
Evidence Section
Center of Forensic Sciences: Senior Forensic Scientist
UCF: Assoc. Director-Research & Commercialization
George Washington University
Norwich University
Digital Evidence Prof. Serv. Inc.
DCITP
NCFS
NCFS
UCF
UCF Police/EFTF/FLEET
NCFS
DFCB Roundtable II Meeting (May 24-26, 2005), Abridged Version (jb)
Page 8 of 8
Related documents
PRESS RELEASE: McCoy Bolt Works, Inc. announced the receipt of
PRESS RELEASE: McCoy Bolt Works, Inc. announced the receipt of
Fire hazard properties certification form
Fire hazard properties certification form
CURRICULUM & INSTRUCTION AND SPECIAL EDUCATION
CURRICULUM & INSTRUCTION AND SPECIAL EDUCATION
Project Compliance Report: Rental Housing Monitoring HOME
Project Compliance Report: Rental Housing Monitoring HOME
Download
advertisement