A Guide to Forensic Testimony: The Art and Practice of Presenting Testimony As An Expert Technical Witness [Paperback]

Fred Chris Smith (Author), Rebecca Gurley Bace (Author)

Book Description

Publication Date: October 19, 2002 | ISBN-10: 0201752794 | ISBN-13: 978-0201752793 | Edition: 1

Today technologists need expert witness skills. In addition to understanding the technologies that may be at issue in a given case, an effective expert witness must have an understanding of the legal system, specific courtroom communication skills, skills for enduring cross-examination and preparing for legal testimony. When new technologies are introduced, litigation about the technology and its uses is quick to follow. There are new forms of legal claims for everything from damages for the failures of enterprise networks to new uses of surveillance and the authenticity of digital evidence. Over 90 percent of all information is now created and stored in computers. Technical experts routinely come into play in investigations where evidence is suspected or where computer system behavior is relevant to the case. IT professionals, system administrators, and security consultants are increasingly being brought into the legal world, and they need to prepared.

Editorial Reviews

From the Back Cover

Information technology is an increasingly large factor in legal proceedings. In cases large and small, from the U.S. Government's antitrust suit against Microsoft Corporation, to civil lawsuits filed over the failure of a network, to criminal cases in which the authenticity of electronic evidence is questioned, the testimony of a technical expert is essential. But in order to be effective, an expert technical witness needs much more than an understanding of the technology in question.

A Guide to Forensic Testimony is the first book to address the specific needs of the IT expert witness. It will arm you with the tools you need to testify effectively. Inside you'll find everything from an overview of basic witness responsibilities and challenges to a deeper exploration of what produces successful technical testimony. Written by a computer security authority who has served as a technical witness, and a trial attorney who focuses on how digital evidence and computer forensics are altering litigation, this book is your guide to the complicated forensic landscape that awaits the expert technical witness.

This book contains a wealth of wisdom and experience from the front lines, including firsthand accounts of the challenges faced by expert technical witnesses, practical in-court examples, and helpful advice. Among the topics covered are:

• The evolution of the expert IT witness and the growing legal dependence on technical expertise
• Legal criteria established to determine the qualifications and abilities of a technical expert to stand as a witness
• The kinds of cases and problems that are apt to be encountered in digital forensic assignments
• Damage caused when the rules of professionalism and ethics are ignored or misapplied
• The construction and maintenance of a solid professional relationship between expert and attorney
• The creation and use of visual tools in courtroom testimony
• Ways to improve the demeanor and non-verbal communication skills of the technical witness

Whether you are an information technologist asked to serve as an expert witness, a legal professional who works with information technology experts, a corporate risk manager, or a client whose interests are affected by the performance of IT experts, you will benefit greatly from A Guide to Forensic Testimony.

0201752794B09092002

About the Author

Fred Chris Smith is an experienced trial attorney who directed economic crime prosecutions for four consecutive New Mexico state attorneys general. For nearly twenty years he has also provided education and training programs throughout the country and abroad, in digital evidence and computer forensics. He has been involved as an attorney, business advisor, and teacher with information technology and legal professionals who are encountering the rapidly changing problems presented by electronic evidence in criminal cases, in the investigation of corporate network fraud and abuse, and in civil litigation. He currently serves as an Assistant United States Attorney.

Rebecca Gurley Bace is a recognized network security authority and consultant. Her career includes work with the National Security Agency, where her contribution to building the national intrusion detection research community earned her an NSA Distinguished Leadership Award. After the NSA, she became the Deputy Security Officer for the Computing Information and Communications Division of the Los Alamos National Laboratory, where she was responsible for one of the world's most complex security-critical computing environments. She is currently President/CEO of Infidel, Inc., and a Venture Partner for Trident Capital. Bace is the author of Intrusion Detection (Macmillan Technical Publishing, 2000).

0201752794AB06252002

See all Editorial Reviews

Product Details

• Paperback: 560 pages
• Publisher: Addison-Wesley Professional; 1 edition (October 19, 2002)
• Language: English
• ISBN-10: 0201752794
• ISBN-13: 978-0201752793
• Product Dimensions: 9.2 x 7.3 x 1.4 inches
• Shipping Weight: 2.1 pounds (View shipping rates and policies)
• Average Customer Review: 4.3 out of 5 stars  See all reviews (9 customer reviews)
• Amazon Best Sellers Rank: #1,107,322 in Books (See Top 100 in Books)

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

Most Helpful Customer Reviews

4 of 4 people found the following review helpful:

5.0 out of 5 stars Leads through a legal minefield, June 29, 2004

By 

Mike Tarrani "www.tarrani.com" (Deltona, FL USA) - See all my reviews
(COMMUNITY FORUM 04)    (REAL NAME)   

This review is from: A Guide to Forensic Testimony: The Art and Practice of Presenting Testimony As An Expert Technical Witness (Paperback)

After reading this book - more than once, I might add, I came away with a few impressions:

(1) Law and the legal domain are as logic-driven as the IT profession for which this book is written.
(2) What may make perfect common sense to a non-legal professional is not necessarily in line with the legal view.
(3) The scope of this book goes far beyond how to present forensic testimony as an IT security professional.

The authors establish a context for what it means to be an expert witness, and the basics (testimony, key cases to lay groundwork, and illustrating examples).

By chapter 4, Understanding the Rules of the Game, you may find yourself mired down in more detail than you think necessary; however, it is within the morass of details where you'll start to see the complexity of the legal process. And complex it is. The dissection of key cases, how experts made a difference (either way), and cited cases that show how the law is evolving are necessary background information for any IT professional, either as an expert witness, as a plaintiff, or as a defendant.

If you do wind up in court as a witness (expert or not) in a security, contract or other case (criminal or legal), turn to chapters 9 (testimony), 11 (demeanor and credibility), and 12 (non-verbal communication). These will quickly prep you. If you are going as an expert witness I advise you to cram, especially every chapter starting with Chapter 5.

Who else should read this book? Any IT professional who is involved with contracts, quality, consulting, or product development. Chances are you may wind up in court at some point, and this material is as applicable in many cases to anyone called as a witness as it is to expert witnesses.

While this book is not easy to plow through, and the details may seem to fine-grained or to overwhelming, it will prepare you for your day in court.

3 of 3 people found the following review helpful:

4.0 out of 5 stars Should be much thinner, but informative nonetheless, December 14, 2002

By 

Richard Bejtlich "TaoSecurity" (Metro Washington, DC) - See all my reviews
(REAL NAME)   

This review is from: A Guide to Forensic Testimony: The Art and Practice of Presenting Testimony As An Expert Technical Witness (Paperback)

My four star rating of "A Guide to Forensic Testimony" (AGTFT) is based on the text's novelty and its desire to truly help expert witnesses. Anyone who expects to testify regarding technical issues will benefit from reading this book, although they could learn just as much by reading the "Cliff Notes" version.

AGTFT shines in certain respects. Chapter 2's excerpts from Bill Gates' testimony in Microsoft's trial, chapter 4's description of the roles of expert witnesses, and chapter 8's discussion of expert witness qualifications were excellent. Succinct, educational guidance on producing effective visual aids appeared in chapter 10. I also appreciated the wisdom Gene Spafford shared with readers in chapter 13.

Elsewhere, however, I repeatedly question the dozens of pages devoted to irrelevant digressions. Before chapter one even begins, the reader is faced by 45 pages of preface, introductions, and so on. Once in the main text, the reader must contend with far too many lengthy excerpts from court decisions. I'm sure the authors and editors wrestled with the problem of how much of each reference should be included. Unfortunately, they erred on the side of too many citations. Many are simply silly -- "We sometimes don't imagine so because of the main enemy of human compassion, sloth." Good grief. I also didn't need to read about Viagra, cattle guards, Houdini, "grinners," aikido, "the unbroken circle," and other topics and metaphors intended to convey the author's intentions.

AGTFT is a good book, but I recommend waiting for someone else to read and highlight it. Then, piggyback on that person's work and pay attention to the main points. Incidentally, my copy, already highlighted, stays in my library.

2 of 2 people found the following review helpful:

4.0 out of 5 stars Very good book, but a bit wordy., September 2, 2003

By 

Eric Kent (USA) - See all my reviews

This review is from: A Guide to Forensic Testimony: The Art and Practice of Presenting Testimony As An Expert Technical Witness (Paperback)

This is a very good book, but a bit wordy.

The authors go into a lot of legal detail. If you are not a lawyer, you can skip these sections, which make up about a third of the book.

But besides that, it is a very good book.