A Theoretical Framework for Organizational Network Forensic Readiness

Abstract: <p class="MsoNormal" style="text-align: left; margin: 0cm 0cm 0pt; layout-grid-mode: char;" align="left"><span class="text"><span style="font-family: ";Arial";,";sans-serif";; font-size: 9pt;">This paper discusses breaking the escalation cycle that locks cyber intruders and their targets in a state where targets are perennially resigned to attacks and intruders are at liberty to exploit and disrupt networks without much risk of suffering consequences. Using systems and case analyses, several … Show more

“…Following the accepted notion that security-related forensic readiness is not possible unless basic information security processes (e.g., logging and incident reporting) are in place [8,22], we hold that the same is true for a forensic readiness capability for information privacy incidents. An enterprise must implement information privacy practices to maintain a forensic readiness capability for information privacy incidents.…”

“…The framework also incorporates established concepts from securityrelated forensic readiness [8,19,22,23], namely a policy and a process approach to forensic readiness. Indeed, the primary contributions are the combination of these established concepts with information privacy protection measures and the definition of the relation between the policies, processes and procedures with respect to information privacy incidents.…”

“…Other efforts related to forensic readiness have concentrated on tools and techniques [8]. Several researchers have focused on the organizational aspects of forensic readiness.…”

“…The work of Endicott-Popovsky, et al [8] focuses on forensic readiness at the enterprise level. It deals with network forensic readiness as a means for breaking the cycle of attack and defense.…”

“…Maintaining an effective forensic readiness capability requires carefully considered and coordinated participation by individuals and departments throughout the enterprise [19]. A forensic readiness capability developed or executed in an ad hoc manner is unlikely to succeed [8].…”

A Forensic Framework for Handling Information Privacy Incidents

“…Following the accepted notion that security-related forensic readiness is not possible unless basic information security processes (e.g., logging and incident reporting) are in place [8,22], we hold that the same is true for a forensic readiness capability for information privacy incidents. An enterprise must implement information privacy practices to maintain a forensic readiness capability for information privacy incidents.…”

“…The framework also incorporates established concepts from securityrelated forensic readiness [8,19,22,23], namely a policy and a process approach to forensic readiness. Indeed, the primary contributions are the combination of these established concepts with information privacy protection measures and the definition of the relation between the policies, processes and procedures with respect to information privacy incidents.…”

“…Other efforts related to forensic readiness have concentrated on tools and techniques [8]. Several researchers have focused on the organizational aspects of forensic readiness.…”

“…The work of Endicott-Popovsky, et al [8] focuses on forensic readiness at the enterprise level. It deals with network forensic readiness as a means for breaking the cycle of attack and defense.…”

“…Maintaining an effective forensic readiness capability requires carefully considered and coordinated participation by individuals and departments throughout the enterprise [19]. A forensic readiness capability developed or executed in an ad hoc manner is unlikely to succeed [8].…”

A Forensic Framework for Handling Information Privacy Incidents

References

An extensive review of data security infrastructure and legislature