The Future of Computer Forensics

by | Aug 10, 2015 | Uncategorized

By Steve Burgess

A student asked me an interesting question today, regarding what I foresee in the field of computer forensics in the coming years: 5, 10, & 50. Having not thought about it before , my answers surprised me a bit.

Mr. Burgess,

I would like to thank you again for taking the time to speak with me. I would like to ask you another question if you don’t mind, it is regarding the future challenges and/or issues in the field of computer forensics. In your expert opinion, how do you see it 5, 10, and 50 years from now? I am looking forward to your response.

My response:

An interesting question!

First, let me say that I don’t have an expert opinion about the future, just a personal and educated one. In my profession, I can only really have an expert opinion about stuff I’ve worked on and so can’t have one about the future until I get my time machine fixed!

5 years

As for 5 years from now, I see three things continuing to advance at a rapid clip:

1: Hardware -The size of storage media & memory and the speed of processors.

I expect that in 5 years, computers will come standard with 5TB or more of storage and that portable media like flash drives will carry something like 250GB of data – what the average hard drive was holding one or two years ago. In 5 years, computers will probably be 7 or 8 times faster. So these things will hold lots and lots more data and people will fill them up with lots & lots more data.Therefore, each computer forensics job will require sorting through and analyzing many times more data than today.

2: Computer Forensic Tools – The capabilities, automated nature and cost of computer forensic tools.

I expect that in 5 years, computer forensic tools will be about 5 times as fast, and twice as sophisticated. That means that even with all the additional data, the average, non-automated job will take about the same effort as it does now.

However, a lot of automated tools for collection and initial processing are starting to be released. These tools can be used by less-trained people, so it may be that data collection and preliminary processing will be faster due to automation.

I expect that the cost of computer forensic tools will not go down in relative terms. However, more Open Source forensic tools will be available for free for those willing to learn to use them.

3: Bad guys – Anti-forensics tools & schemes, sophistication of hackers

There’s always a race between how harmful software and cyber-marauders can be and the defenses against them. There is also software constantly being developed to stump investigation by erasing or scrambling traces of wrongdoing. This trend will continue to accelerate and there will continue to be an uneasy balance between the two sides, with lots of collateral damage. In most cases, people will continue to forget to hide or cover all of their tracks and there will still usually be evidence to find.

Ten Years

Ten years from now is much harder to predict.

The field itself is not too much older than that.

Everything I said for the 5-year time frame will continue to be somewhat true.

Tiny storage devices weighing an ounce will hold multiple Terabytes of data; hard drives or their replacements will hold Petabytes and both kinds of devices will be very affordable.

Computers themselves may be quite different than what we are used to, will probably understand human speech well and will probably be quite intelligent, speeding up the ability to use them.

Because computers will be so smart, the role of the computer forensics examiner may change. Testifying experts will need to have an even more sophisticated knowledge of the software /hardware /wetware interactions and may have to specialize further.

Malware may have gotten the upper hand by then, or may not have – it is very hard to say.

Fifty Years

Just about impossible for me to say sitting where I am right now. Computers will be much smarter than humans by then. If human computer forensics experts still testify in court, they’ll be computer augmented, but then again, we probably all will be. Whatever replaces hard drives on your local device (if we have local devices) will store half a Zettabyte or more. We’ll be carrying around 5 Exabytes in our pockets or dental fillings. That’s if all storage isn’t in the Cloud and is essentially unlimited. Although from where I sit, a Petabyte seems pretty limitless.

Fifty years from now, our adversarial legal system may not have changed much. On the other hand the capabilities of humans, computers, and hybrids of the two may be near unrecognizable, but still inevitable.

Best Regards,

Steve Burgess

Copyright Steve Burgess, 2009

Subscribe to our free and informative weekly forensics newsletter!

 

Related Posts

Text Messages as Evidence: Harder Than You Think

Copyright 2026, Steve Burgess Somewhere along the way, text messages became some of the most important evidence in litigation that nobody quite knows how to handle properly. A few years ago, that would have been an email thread, such as in the Case of the Computer...

Digital Privacy vs. Discovery: Where the Line Is Drawn

Copyright 2026, Steve Burgess Every so often I’ll sit across the Zoom from an attorney—or from a pro se litigant—who wants everything. Every text message the opposing party has ever sent. Every photo on their phone. Every search query. Every deleted file. Every app....

Your Preservation Letter Is Missing These 6 Data Sources

I’m sure that you have reviewed a lot of preservation letters. Some of them are excellent — thorough, specific, and sent at exactly the right moment. Others read like they were written in 1997 and then never updated, which, in fairness, some of them were. Still others...

Deleted Does Not Always Mean Gone (But It Doesn’t Mean Recoverable Either)

(copyright Steve Burgess 2026) One of my favorite client conversations goes something like this: Client: “I deleted it.” Attorney: “Can you get it back?” Forensic examiner: “…define ‘it.’” Television has taught us two completely opposite and equally wrong ideas:...

Digital Evidence Is Bigger Than Most Cases Realize

Digital Evidence Is Bigger Than Most Cases Realize copyright Steve Burgess 2026 There’s a scene in television forensics that appears in approximately 94.27% of all episodes. Someone in a dark room says, “Pull up the computer.” Then ten seconds later, another person...

Metadata as a Silent Witness: What It Can Reveal About Your Case

Metadata as a Silent Witness: What It Can Reveal About Your Case Copyright 2026, Steve Burgess Every digital file has two stories to tell. The first is the one you can read — the contract, the email, the photograph. The second story is invisible, buried in the file...

Where Critical Evidence Hides: Email, Texts, & Cloud Data Part II

Email, Texts, & Cloud Data: Where Critical Evidence Hides, Part II        Copyright 2026, Steve Burgess In over four decades of digital forensics work, I've examined more than 20,000 devices and pieces of digital evidence. And in that time I've developed a...

Can You Trust What You See? The Rise of Deepfakes and What It Means for Justice

Can You Trust What You See? The Rise of Deepfakes and What It Means for Justice Copyright 2026, Steve Burgess I've been working with digital evidence since 1985, and I've seen a lot of changes. Back then, the biggest challenge was recovering data from a 10 MB hard...

Deepfakes, AI, and the New Frontier of Digital Evidence

Deepfakes, AI, and the New Frontier of Digital Evidence Copyright 2026, Steve Burgess It was true forty years ago and it's truer today: "Just because it's digital doesn't mean it's true." We're now facing a challenge that would have seemed like science fiction when I...

Top 5 Mistakes Lawyers Make With Digital Evidence

Top 5 Mistakes Lawyers Make With Digital Evidence  -      Copyright 2026, Steve Burgess After forty years working with attorneys on digital evidence, I've seen the same mistakes cost cases time and again. Here are five of the most common – and how to avoid them....

Pin It on Pinterest

Share This