This chapter outlined the nature of forensics, provided a potted history of the development of digital forensics, and defined its purpose in light of more established forensic disciplines. An outline was presented of its value in public and private investigations and the rise and nature of cybercrime. The role of digital forensic practitioners, the skills and experience required, and the challenges they face were provided along with some case studies of digital forensic crime scenes to highlight the topic. The chapter provided not only a brief insight into the challenges the discipline faces but also some solutions to better manage them through enhanced forensic processes and tools that are emerging. Finally, the chapter endeavored to share some basic ideas for those of you considering becoming a practitioner, which you will hopefully find insightful and constructive.

Digital evidence was presented in this chapter and will be described in detail in Chapter 3, The Nature and Special Properties of Digital Evidence. Understanding the qualities of digital evidence, and indeed its vagaries, is essential groundwork for practitioners. Digital evidence can provide a rich treasure chest of clues about a transgression. A clue may be considered a mistake by another name, and finding and interpreting them is what really adds to the excitement of a forensic examination. Analyzing digital evidence can be rewarding, disappointing, and often a frustrating process, but a greater understanding is always gained.

Chapter 2, Hardware and Software Environments, will outline the basic workings of computer hardware and operating systems and applications typically installed on them. It will describe how these environments are used to create, store, and transfer electronic data. An insight will be provided into the workings of computers and storage devices and the location of datasets where digital evidence may be located. This sets the scene for introducing digital evidence and the analytical approach to digital forensics.