Cyber Threat Investigation

Through my coursework in cybercrime and cybersecurity, I’ve built a strong foundation in cyber threat investigation. This skill involves analyzing digital evidence, identifying indicators of compromise, and understanding the tactics, techniques, and procedures (TTPs) used by attackers. While my artifacts i have chosen to share here has been developed through academic scenarios and mock investigations, these exercises closely reflect real-world processes. The following artifacts represent this developing skillset through hands-on academic work.

My first artifact is a mock digital forensic report I completed in Digital Forensics CYSE 407 back in the fall of 2023. This course introduces the basic concepts and technologies of digital forensics. Students will learn the fundamental techniques and tools utilized for collecting, processing, and preserving digital evidence on computers, mobile devices, networks, and cloud computing environments. Students will also engage in oral and written communication to report digital forensic findings and prepare court presentation materials.

It involved acting as a Forensic Analyst tasked to analyze digital evidence, reconstruct events from the incident, and preparing documentation that could be used in a legal context. It’s a strong representation of both my technical and analytical abilities and ties closely to my career goals.

My second artifact is a mock search warrant I created as part of Cyber Law CYSE 406 class assignment, where I took on the role of an FBI agent investigating a cybercrime case. This course tackles two major cyber law subjects. The first part of the course examines various U.S. laws and legal considerations that impact the digital and cyberspace worlds from traditional civil, and to a lesser extent, traditional criminal perspectives. The second part will familiarize cyber operations professionals about the extent of and limitations on their authorities to ensure operations in cyberspace are in compliance with U.S. law, regulations, directives and policies. The course will also introduce students to miscellaneous cybersecurity topics such as the Federal Acquisition Requirements.

The warrant outlines the legal justification for accessing a suspect’s digital devices and online accounts in connection with a cyber fraud investigation. This assignment helped me understand the legal procedures involved in cyber investigations and reinforced the importance of proper documentation and evidence handling when pursuing digital threats.

My third artifact is a lab assignment I did for my cybercriminology course CRJS 310 in which I observed digital behaviors in a public setting to analyze how individuals unknowingly expose themselves to cybercrime risks. This course provides students with an overview of computer-related crimes and how law enforcement officials investigate them. The course begins by describing the environment that has been created through information and communication technologies, and how this new environment facilitates different types of behavior. The course then moves into defining and describing the different types of computer-related crimes, the techniques used by officials, and the legal issues inherent in combating cybercrime.

Using concepts from cybercriminology and cybervictimization, I applied theories like Routine Activity Theory, Rational Choice Theory, and Environmental Criminology to interpret my findings. This assignment helped me understand how everyday environments and human behavior can create opportunities for cyber-offending, and how these insights can inform both prevention strategies and investigative approaches in cybersecurity.