ABSTRACT
The chain of custody for cybersecurity operations may appear rather simple but it is certainly worthy of attention. The most common, primary use of the chain of custody concerns the complete, true, and veritable recount of the acquisition, utilization, and handling of digital evidence in a cybersecurity proceeding. Careful consideration should be given by homeland security practitioners and those involved in the chain of custody of digital evidence. Advances in technology and sophistication of criminal cyber activity mean that the chain of custody is becoming increasingly complex. Advances in technology mean that there are numerous evolving ways to validate that a chain of custody of digital evidence is sound. The chain of custody may be simply known as having the proof that evidence has changed hands and how, but as it stands, may also be as complex as it is important in homeland security.
