This fascinating and highly topical subject has a history dating back to the secret world of 1970s Cold War espionage, when the US military and Central intelligence agencies, aided by the latest mainframe systems, were the first to use computer forensics techniques in counterintelligence. In the decades since, cybercrime has emerged from the obscurity of low-level prosecution evidence to become a serious cross-border crime issue, while cyberforensic investigators have moved on from drug, murder, and child pornography crimes that were facilitated by computers, and are now tackling headline-grabbing cyber bank robbery, identity theft, and corporate spying. With little consensus as yet on the qualifications required to become a cyberforensic investigator, Cyberforensics: Understanding Information Security Investigations assembles the varying perspectives of pioneers and key figures in the field. All the authors have more than 10 years’ experience in successfully investigating cybercrime, and some more than 20. Through real-life case studies the chapters introduce the reader to the field of cybersecurity, starting with corporate investigation, and progressing to analyze the issues in more detail. Taking us from accounting cyberforensics to unraveling the complexities of malware, the contributors explain the tools and techniques they use in a manner that allows us to map their methodology into a more generic understanding of what a cybersecurity investigation really is. Above all, Cyberforensics shows that there is a cohesive set of concepts that binds cybersecurity investigators to a shared vision. These core ideas are now gaining importance as a body of knowledge that cyberforensics professionals agree should be a prerequisite to the professional practice of information security.