Corporate Cyber Forensics

147 views

Embed
Email

From

Username or Email (please add comma after each username or email)

Name	Email

Back

Menu 3

Eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo.

SkyHighTech

Uploaded on Dec 6, 2021

Category Technology

Cyber forensics is the process of finding, collecting, preserving, and analyzing data for evidence in computer-related crimes. When someone suspects that their business has been hacked or an employee uses their position to steal data it's time to call in the cyber forensics team. There are three basic steps in this process: Investigation, Analysis, and Presentation. The investigation starts by taking apart the network (or at least isolating compromised hosts) to make sure nothing can propagate across machines or infect other people's systems. Then there's a lot of looking around at user behavior; when did they log on? What were they working on? Which external IP addresses were used recently? And then there's making copies of hard drives (if appropriate) for analysis.

Category Technology

Comments

                     Corporate Cyber Forensics
                     Corporate Cyber Forensics
Cyber forensics is the process of finding, collecting, preserving, and 
analyzing data for evidence in computer-related crimes. When 
someone suspects that their business has been hacked or an 
employee uses their position to steal data it's time to call in the 
cyber forensics team. There are three basic steps in this process: 
Investigation, Analysis, and Presentation.
Investigation
The investigation starts by taking apart the network (or at least 
isolating compromised hosts) to make sure nothing can propagate 
across machines or infect other people's systems. Then there's a lot 
of looking around at user behavior; when did they log on? What were 
they working on? Which external IP addresses were used recently? 
And then there's making copies of hard drives (if appropriate) for 
analysis.
Analysis
The next stage is staging the data to make it presentable to the 
analysts who will do the real work. This means organizing all of the 
information according to time, date and files accessed. It's also 
critical that this process be done completely in-house to guarantee 
nothing is lost or tainted during copying over externally e.g., via 
network traffic dumps).
The last step in this phase is scrubbing out any personally identifiable 
information which could get into the wrong hands if it fell into 
someone else's investigation e.g., being subpoenaed by legal counsel 
on behalf of a client). With this preparation phase complete, 
investigators are ready to begin analyzing the collected data to find 
incriminating evidence against employees or other wrong-doers.
More about Corporate Cyber Forensics
Presentation
Once the analysis is complete, the findings must be presented in a 
way that makes them understandable and useful to whoever is in 
charge of making decisions - whether that's the board of directors or 
law enforcement. The presentation should include not just what was 
found but how it was found and what implications it has for the 
company.
It's also important to remember that cyber forensics is an evolving 
field, so any new techniques or methods used during the 
investigation should be included in the presentation as well. This 
ensures that those in charge are aware of potential future threats and 
can take steps to prevent them from happening.
In short, cyber forensics is a critical process for businesses (and 
individuals) who want to make sure that they're taking all the 
necessary precautions to protect themselves from computer-related 
crimes. By following the three basic steps of investigation, analysis 
and presentation, businesses can rest assured that they're doing 
everything possible to get to the bottom of any potential security 
breaches.