Name
Abstract | ||
|---|---|---|
Corporate forensics is rapidly becoming an essential component of modern business. Having no a priori knowledge on whether a security related event or corporate policy violation will lead to litigation, it is argued in this paper that digital forensics principles need to be applied to all corporate investigatory, monitoring and auditing activities. Corporate forensics are also necessary in modern organizations in order to credibly investigate what and how it happened, what part of the security policy was breached, whether existing corporate security mechanisms are sufficient and responding promptly, help investigate the impact and costs of a security incident, help management take well documented actions, and so forth. Forensic practices are therefore departing fast from the niche of law enforcement and becoming a business function and infrastructural component. This migration poses new challenges to security professionals that must be resolved. Furthermore, protecting information and information assets solely through technical means and security procedures is also no longer sufficient in modern corporate environments, as accountability from management is also needed. Forensic readiness helps enhance the security strategy of an organization, reduce the impact of a security incident and provide management with the means to demonstrate that reasonable care has been taken to protect information resources. Forensic readiness is becoming important for modern corporate environments and a significant component of the Information Security Good Practice. In this paper we also advocate that the scope of forensics needs to be expanded in order to encompass the whole information security domain and we address a number of related issues that need further attention or must be resolved in order to take full advantage of forensic readiness in a corporate environment. The expanded scope of information security due to the inclusion of forensic readiness is expected to disturb established information security good practices. As such we challenge the concept of a generic good practice, its applicability to a specific organizational context and we investigate alternatives for adapting information security good practices to accommodate digital forensics processes. |
Year | DOI | Venue |
|---|---|---|
2010 | 10.1109/WETICE.2010.57 | WETICE |
Keywords | Field | DocType |
corporate forensics,security incident,information security framework,modern corporate environment,security professional,security policy,corporate forensic readiness,forensic readiness,security procedure,information security,corporate security mechanism,information security good practice,environmental management,resource management,organizations,information protection,computer forensics,digital forensics,a priori knowledge | Computer science,Information security standards,Asset (computer security),Computer security,Information security,Information security management,Security information and event management,Corporate security,Information security audit,Security management | Conference |
ISSN | Citations | PageRank |
1524-4547 | 7 | 0.71 |
References | Authors | |
4 | 3 | |
Name | Order | Citations | PageRank |
|---|---|---|---|
| George Pangalos | 1 | 215 | 23.63 |
| Christos Ilioudis | 2 | 32 | 10.41 |
| Ioannis Pagkalos | 3 | 9 | 2.78 |