Forensic Readiness Planning
Forensic Readiness Planning and Implementation
Effective preservation of data and the appropriate analysis of it is now a pre-requisite for investigations where data has been compromised or is required for review as part of any type of litigation or regulatory enquiry. Failure to act swiftly and preserve data could be costly. Prompt effective action will help to reduce litigation, minimise business disruption and limit any regulatory investigation.
In this digital age, electronic information is prevalent in all areas of business. This information may be required in many and varied investigative situations including eDisclosure requests, data breaches, commercial disputes, fraud or employee disciplinaries. If an organisation has not considered forensic readiness as part of an information security policy, it is likely to be unprepared for an investigation involving digital evidence.
Effective forensic readiness planning can assess your organisation’s readiness to respond to a compliance requirement, to support a digital forensic investigation, or as part of an internal investigation.
Forward planning through adopting a forensic readiness policy can bring many benefits to your organisation:
- Maintaining proportionality of litigation and investigative costs
- Increasing the speed at which digital evidence can be produced
- Acting as a deterrent to computer misuse
- Reducing the occurrences of digital technology abuse
- Assisting with internal security awareness training
Forensic Readiness Review
CYFOR’s qualified forensic consultants will assess your organisation’s readiness to undertake or support a digital forensic investigation and cover the following areas:
- Policy and procedure
- Legal and regulatory
- Public relations and messaging
- Incident tracking and risk decisions
- Enterprise documentation
- Asset inventory and profiling
- Information gathering points
- Auditing and logging
- Infrastructure and tools
Forensic Readiness Training
1. Understanding the goals of forensic readiness
To gather admissible evidence legally and without interfering with business processes.
To gather evidence targeting the potential crimes and disputes that may adversely impact the organisation.
To allow an investigation to proceed at a cost in proportion to the incident.
To minimise interruption to the business from any investigation; and to ensure that evidence makes a positive impact on the outcome of any legal action.
2. The magnitude of information
Where can a user store data?
Detecting computer misuse
3. Preservation of evidence
What is computer evidence?
Incident response – dos and don’ts
Identifying other relevant devices
4. Securing exhibits
‘Bagging & tagging’
Maintaining evidential continuity
INCIDENT RESPONSE : TEL 0800 169 4442
CYFOR provides a 24 hour 7 day a week response service for incidents involving digital security.
- Gain immediate insight into the security posture of your networks, operating systems, databases and Web applications.
- Automate all steps in your vulnerability management life-cycle from discovery to prioritisation and issue resolution.
- Get enterprise-class protection with up to date scans for over 14,000 vulnerabilities and 54,500 checks.
- Ensure compliance with policies, auditing guidelines and regulations.
- Mitigate risk by identifying and fixing the most critical security threats in your infrastructure with customisable risk scoring.
- Increase productivity and reduce resolution times through streamlined step-by-step re-mediation reports and task delegation.
- Deploy a complete managed service.
Benefits of using CYFOR include:
- Experienced case managers
- Court trained forensic investigators
- ISO 9001:2008 Accredited
- Court ready reports from industry experts
- Secure collection and delivery of exhibits via security cleared CYFOR couriers
Please contact us on 0207 438 2045 to speak with a dedicated Case Manager, who will be happy to assist you.
Alternatively, you can email firstname.lastname@example.org