In physical crimes, such as robbery and murder, special investigative teams are trained in the science of collecting and analyzing crime-scene data. These teams include on-scene personnel as well as forensic scientists in labs. Computer forensics is no different in its practice. In fact, many people are shocked to find that computer attack forensics is more concerned with law and evidence gathering, handling, and preservation than with computers. Most companies today don't prepare or understand the forensics process until after an attack has occurred. It is our goal in this section to show you what is required and how to prepare before an attack occurs.
First things first—computer crime is increasing and our ability to cope with the complexity of the networks and software applications that are being created is decreasing. Now, this is most certainly a generalization, but it holds true for many of the clients and companies we see every year. Another truth is that given enough time, energy, and incentive, just about any network can be hacked. If you can accept these basic truths, the time you spend planning and training in areas such as computer forensics will seem less like a waste of time and more like an investment.
Computer forensics is about collecting and analyzing data so it can be used and presented in court. Without proper forensic techniques, you are likely to destroy valuable data or render it inadmissible because it was improperly obtained, collected, or stored. Without evidence, you can't prosecute offenders, properly terminate employees for inappropriate behavior, or seek damages when corporate espionage hits home.
No comments:
Post a Comment