I collect quotes. Quoting something or someone is fun and entertaining; sometimes it is challenging – much like delivering a joke, timing is everything.<\/p>\n
During the holidays as I was performing my yearly household purge of both true junk and digital junk, I came across a handful of quotes that I had collected over the years and thought each of them were applicable to the world of DFIR so I thought I would share… I hope if you have similar, short quotes, you will share too. For me, keeping a quote in mind while conducting an examination is relaxing and helps me focus on the task at hand. \u00a0Maybe the following will strike you in a similar way, let me know.<\/p>\n
From \u00a0a conference I attended in Atlanta in March 2005 as part of ISSA’s CISO\u00a0Executive\u00a0Forum Conference:<\/p>\n
That which is unrecorded did not occur; \u2015\u00a0Jeffrey Ritter, Waters Edge Consulting, LLC <\/p>\n I first stumbled upon the following quote after<\/em> someone told me that I had too much DF training “experience” and not enough practical “experience”; I suggested at the time that practice is experience, just in a more controlled setting. \u00a0Thankfully that sentiment was expressed to me many cases ago, so I think I now have a good balance between\u00a0theory (training)<\/em> and\u00a0practice (casework.)\u00a0<\/em><\/p>\n As it turned out, I think the end result has provided me with a strong foundation so for those new to the DFIR world, do not be discouraged because someone says you DO or DON’T have something on your CV. You’ll get the “experience” and “practice” when the time is right in your situation.<\/p>\n The other reason for including the quote is – who doesn’t like to read and re-read Yogi Berra quotes.<\/p>\n In theory, there is no difference between theory and practice. <\/p>\n Finally, probably the best quote of the three (with a great DFIR twist)…<\/p>\n Sometimes the QUESTIONS are complicated and the answers are SIMPLE!<\/strong> When conducting an investigation, do not let things get so crazy that you loose focus on the ultimate goal of those making the request. \u00a0This Dr. Seuss quote I think helps keep that in perspective as DFIR analyst work towards answering\u00a0The Question!<\/em><\/p>\n Do you have some DFIR Turisms to share?<\/p>\n","protected":false},"excerpt":{"rendered":" I collect quotes. Quoting something or someone is fun and entertaining; sometimes it is challenging – much like delivering a joke, timing is everything. During the holidays as I was performing my yearly household purge of both true junk and digital junk, I came across a handful of quotes that I had collected over the … <\/p>\n
\n<\/strong><\/em>That which is undocumented does not exist;
\n<\/strong><\/em>That which is unaudited is vulnerable.<\/strong><\/em><\/p>\n
\nwww.johnritter.com<\/p>\n
\nBut in practice, there is.<\/strong>
\n\u2015 Yogi Berra<\/p>\n
\n\u2015Dr. Seuss<\/p>\n