Forensic Contingency Planning
Enterprise Systems: Forensics seems like something police or attorneys need to know about. But with cybercrime on the rise, we're seeing more about the science of evidence preservation in the IT trade press. In the past, articles focused on the need to hire or create an on-staff specialist — both of which rate right up there with flossing on your IT to-do list, no doubt. This article offers a simpler, more business-friendly view on creating your own digital forensics readiness program. The piece is based on information from the Information Assurance Advisory Council, a private group that includes corporate leaders, security experts, law enforcement gurus and public policy makers. Most of the article summarizes a report published by the IAAC and written by a senior research fellow at the London School of Economics. In that report, author Peter Sommer outlines the business case for creating a forensics contingency plan. For instance, insurance companies may demand evidence before they reimburse cyber attack claims. The plan should outline how the company will preserve digital evidence — e-mails, PC files, cell phone logs, even PDA backups — if an incident should occur. Obviously, all of the details of the report aren't in this article — but it does offer a convincing argument for why organizations should create their own digital forensics plan.
source : IT Business Edge [knowledgereports@itbusinessedge.com]
Comments