Jonathan Krause, Forensic Control

by

Jonathan Krause is the owner of Forensic Control, which he established on 2008. Based in London they provide computer forensics services to law firms and corporate clients.

Jonathan, can you tell us something about your background? How did you get started in computer forensics?

Well, I’ll begin by saying I’m not from a completely techie background! I’ve got an MA in Town Planning which I guess may be unique in computer forensics? I’ve also worked as an English teacher in Japan and in the book trade in London so you could say my career has been diverse, which I definitely see as an advantage. Varied career and life experiences certainly help in contributing to my investigative ‘mind-set’ and in dealing with people from many different backgrounds.I’ve been working in IT security for over 8 years, the first 4 of those years working as a firewall administrator for a central government department. I felt my career wasn’t progressing there and saw that the Metropolitan Police in London were looking for computer forensic analysts at their Hi-Tech Crime Unit at New Scotland Yard. After a lengthy selection process I was fortunate enough to be asked to join and feel that I probably had the best introduction to computer forensics I could’ve hoped for. It was an excellent environment staffed by highly talented people and my time there really emphasised the importance of procedures and quality control alongside technical competence as key areas of a successful forensic operation. Since then I’ve worked at a variety of places both on temporary contracts and permanent positions including at QCC Information Security and a short spell at BDO Stoy Heyward, both in London. I’m lucky in that I’ve worked in a variety of forensic organisations which has given me a good perspective on understanding what makes for a quality forensic service.

What trends do you see in the industry and what new challenges do you envisage in the future?

That’s an easy one; I predict there will continue to be rapid change. Apologies if that sounds like a cop-out but it’s a truism and one of the things I like most about this field; what you’ve learnt is good enough for today but you have to keep learning, testing and experimenting to keep on top of things. Having said that, some things don’t change such as the basic principles of evidence handling.


Get The Latest DFIR News

Join the Forensic Focus newsletter for the best DFIR articles in your inbox every month.


Unsubscribe any time. We respect your privacy - read our privacy policy.

On a more specific note, we’re seeing storage moving away from the end user’s machines and towards being accessed increasingly through networks on centralised servers which may be difficult or impossible for an investigator to access. As such there may be less to be gained from looking at local hard disks and more emphasis required on extracting and analysing local volatile data. This can be a complex area but the techniques here are improving all the time.

What does the phrase "best practice" mean to you in relation to computer forensics?

That’s an interesting question. Within computer forensics the aim of best practice should be to provide an efficient method of producing the best possible end product which is admissible in a court of law. In the UK this is likely to mean adhering to the Association of Chief Police Officers’ Good Practice Guide for Computer Based Electronic Evidence. This is a respected guide but does not suit all being primarily aimed at law enforcement so its relevance may be limited. I believe the industry would benefit from a more inclusive approach to best practice being developed; one that could be applied broadly to both law enforcement and non-law enforcement work, that all were welcome to contribute to and that isn’t tied to a specific legislature.

We should also bear in mind that best practise is most effective when it fits in with individual needs and circumstances and not the other way around!

What would you most like to see improved within the computer forensics industry?

I can only answer this from a UK perspective; I think in order to improve the reputation of computer forensics and its practitioners we’re in need of a professional body that all practitioners are obliged to join which publishes standards that members must adhere to. I’m thinking of a body similar in role to the Solicitors Regulation Authority or the General Medical Council. I think we’re quite far from this though; first there needs to be an agreed set of standards and second, which organisation could carry out this role?

What qualities do you think are most important for work in this field?

A good computer forensic analyst needs to be a ‘jack of all trades’. Technical competency on its own isn’t enough; you should also be good at explaining technical matters to non-technical people, be able to communicate your findings clearly in reports and presentations, think objectively and above all to have an open mind. Don’t assume or second anything without testing and proving your assumption.

One of the questions we're often asked at Forensic Focus is "how do I get started in a computer forensics career?" What advice would you give?

Qualifications and training do go a certain way to the ‘making’ a computer forensic analyst but I think someone wishing to enter the field needs to show a bit more than that.

As well as having the qualities as in the previous answer I think if an individual could display their enthusiasm and ability it would be impressive. This could range from having set up some sort of home ‘lab’ (cheaply done with old computers and something such as Helix) to even offering to work for free or for a reduced rate for a set amount of time to show your capability; however this won’t be an option in most law enforcement roles unfortunately.

What is the most rewarding part of computer forensics? What aspect do you find most challenging?

I’ll combine my answer and say that I find it rewarding because it is challenging. Every day is different and it’s a constant learning process; there’s no time to get bored or complacent. Each case is a challenge in itself and can almost be viewed as a game; you’re pitting your wits and experience against a computer/its users and you have limited time and resources to complete your task. It’s just an enjoyable job.

When working on behalf of law enforcement the rewards are even more tangible – feeling that you’ve played a key part in contributing to the justice system (whether putting away the bad guy or clearing someone’s name) is very satisfactory.

What do you do to relax when you're not working?

We’ve got a one year old boy so much of my time is taken up with playing with and looking after him. Apart from that I go and watch Nottingham Forest whenever I can, and enjoy all sorts of music and film. I’m fortunate enough to live within walking distance of London’s South Bank area so the family is often there on weekends taking advantage of their events and exhibitions. Travel is something else I also greatly enjoy with Japan and Andalucía being two particular favourites.

Further information about Forensic Control can be found at www.forensiccontrol.com. Jonathan can also be contacted by email on info@forensiccontrol.com

Leave a Comment

Latest Videos

Forensic Focus

Forensic Focus
Read more on all these stories at https://www.forensicfocus.com/news/digital-forensics-round-up-april-17-2024/ #digitalforensics #dfir

Read more on all these stories at https://www.forensicfocus.com/news/digital-forensics-round-up-april-17-2024/ #digitalforensics #dfir

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_wY4_T8IUuxY

Digital Forensics News Round Up, April 17 2024 #digitalforensics #dfir

Forensic Focus 17th April 2024 5:30 pm

Read more at https://www.forensicfocus.com/news/forensic-focus-digest-april-12-2024/

Read more at https://www.forensicfocus.com/news/forensic-focus-digest-april-12-2024/

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_DTjUBPIzVNs

Forensic Focus Digest, April 12 2024 #digitalforensics #dfir

Forensic Focus 12th April 2024 2:31 pm

Join Si and Desi for another episode of the Forensic Focus Podcast. This week, they discuss the lack of transparency and potential misrepresentation in the cybersecurity industry, particularly regarding the use of open-source tools by companies and the questionable interpretation of data and statistics in marketing and advertising. The conversation also delves into the implications of relying on computer systems and algorithms to make important decisions, such as in the case of the Post Office scandal in the UK and the Centrelink repayment debacle in Australia. They emphasize the importance of human oversight, critical thinking, and considering the human impact of such decisions, rather than blindly trusting the outputs of computer systems. 00:00 – The state of the digital forensics industry 02:30 – Desi’s talk at BSides Brisbane 05:30 – Sweaty Cyber Advice and Strongman 09:40 – Companies integrating open source software 23:00 – Advertising, statistics and logical fallacies 28:00 – The Post Office scandal and computer accountability 49:00 – Security, compliance and regulations 56:00 – Closing thoughts Show Notes Hardly Adequate YouTube - https://www.youtube.com/@hardlyadequate Oxfordshire’s Strongman & Strongwoman - https:\oxfordshire.rocks\ CPS, Computer Records Evidence - https://www.cps.gov.uk/legal-guidance/computer-records-evidence Your Logical Fallacyis - https://yourlogicalfallacyis.com/ British Post Office Scandal - https://en.wikipedia.org/wiki/British_Post_Office_scandal The Guardian, Robodebt Scandal - https://www.theguardian.com/australia-news/2023/mar/11/robodebt-five-years-of-lies-mistakes-and-failures-that-caused-a-18bn-scandal Tyler Vigen, Spurious Correlations - http://www.tylervigen.com/spurious-correlations Forensic Focus Discord - https://discord.gg/97zKvTXHeS

Join Si and Desi for another episode of the Forensic Focus Podcast. This week, they discuss the lack of transparency and potential misrepresentation in the cybersecurity industry, particularly regarding the use of open-source tools by companies and the questionable interpretation of data and statistics in marketing and advertising.

The conversation also delves into the implications of relying on computer systems and algorithms to make important decisions, such as in the case of the Post Office scandal in the UK and the Centrelink repayment debacle in Australia. They emphasize the importance of human oversight, critical thinking, and considering the human impact of such decisions, rather than blindly trusting the outputs of computer systems.

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_LtdulCL39AU

Cyber Scandals And When (Not) To Trust Computers

Forensic Focus 10th April 2024 6:40 pm

Load More... Subscribe
This error message is only visible to WordPress admins

Important: No API Key Entered.

Many features are not available without adding an API Key. Please go to the YouTube Feeds settings page to add an API key after following these instructions.

Latest Articles

Alex Beddard, Investigator, Chainalysis
Interviews

Alex Beddard, Investigator, Chainalysis

ByForensic FocusApr 18, 2024
Digital Forensics Round-Up, April 17 2024
News

Digital Forensics Round-Up, April 17 2024

ByForensic FocusApr 17, 2024
Magnet Forensics Announces Magnet One, A Revolutionary Platform For The Pursuit Of Justice
News

Magnet Forensics Announces Magnet One, A Revolutionary Platform For The Pursuit Of Justice

ByMagnetForensicsApr 16, 2024
UPCOMING WEBINAR – Fireside Chat: Navigating The Cloud – Expert Insights On Emerging Cloud Threats And Complexities
News

UPCOMING WEBINAR – Fireside Chat: Navigating The Cloud – Expert Insights On Emerging Cloud Threats And Complexities

ByCado SecurityApr 16, 2024
Maltego Acquires PublicSonar And Social Network Harvester To Propel Vision Of An All-in-One Investigation Platform
News

Maltego Acquires PublicSonar And Social Network Harvester To Propel Vision Of An All-in-One Investigation Platform

ByForensic FocusApr 15, 2024
Filip Kachnic, Business Development Manager, Eyedea Recognition Ltd
Interviews

Filip Kachnic, Business Development Manager, Eyedea Recognition Ltd

ByForensic FocusApr 15, 2024