Organizations need to get ready with Digital Forensic: Part 2

Integrating Forensic with other IT security activities

Forensic readiness is complementary to, and an enhancement of, many existing information security activities. 

  1. Policy Update – Updating IT policies appropriately for inclusion of Digital Forensic related terms
  2. Asset Management – It is important to know which assets are subject to target and potential sources for evidence gathering
  3. Risk Management – It should be part of an information security risk assessment to determine the possible disputes and crimes that may give rise to a need for electronic evidence. 
  4. Incident Response – It is closely related to incident response and business continuity, to ensure that evidence found in an investigation is preserved and the continuity of evidence maintained. 
  5. Security Monitoring – It is part of security monitoring, to detect or deter disputes that have a potentially major business impact. 
  6. Security Training – Forensic readiness also needs to be incorporated into security training, particularly for middle managers who have to deal with an incident in a multi-disciplinary team. 
  7. DR/BCP – Forensic readiness can be tested as part of business continuity and disaster recovery exercises

Cost associated with Forensic readiness

The sorts of activities where costs will be incurred include: 

  • Training IT and other relevant staff
  • Systematic gathering of potential evidence
  • Secure storage of potential evidence
  • Preparation for incidents
  • Enhanced capability for evidence retrieval
  • Legal advice
  • Developing an in-house Digital Forensic Investigation capability, if required

One response to “Organizations need to get ready with Digital Forensic: Part 2”

  1. It’s very interesting! You may check another blog which I have read it on search. It Seems it’s similar to this article.

Leave a Reply

Your email address will not be published. Required fields are marked *