Businesses of every type and size cannot run without information technology. The benefits and opportunities for innovation are numerous, but so are the risks.
Should the business fall victim to a security breach, or a natural disaster that brings it to a standstill, it needs to recover and get up and running as soon as possible. “For this reason, all organisations need to have strategies in place to cover incident response, awareness training, disaster recovery and business continuity,” says Simon Campbell-Young, Managing Director at Credence Security.
Not only can security events cause downtime and recovery hassles, they can also result in legal complications, insurance claims and regulatory issues. During the course of recovery and investigation, there may be claims against third-party partners, employees or even the business itself, depending on what led to the incident.
“The company needs to establish what caused the event. It could be carelessness or negligence; it could be malfeasance or fraud,” he adds. “This is why analysing the event and collecting digital evidence has become crucial.”
According to Campbell-Young, all incidents will leave digital footprints. “Irrespective of the system or device, a trail is always left. This is where cyber forensics, or using IT and legal knowledge to analyse and use the digital evidence found, comes in.’
Cyber forensics is mostly used for investigations that, due to regulatory or criminal elements, will end up in court, and as such, the evidence needs to be collected and stored in a legally acceptable manner. “This evidence is easy to lose or distort, and must be handled and preserved in a manner that guarantees that this hasn’t happened.”
He says there are several digital forensics tools and techniques that can be used to trace the trail of an event, recover any lost data and files, as well as for monitoring to establish whether any abuse has occurred. “But perhaps its most valuable application is the way these tools can be used to identify what caused the incident, and to gather evidence for use by law enforcement and the legal system.”
Every day, in the course of the running of the business, a slew of digital data and records are generated. “All these records and other bits of information can become critical pieces of the puzzle in the event of a security breach. Much of this data is stored and preserved as a matter of course by the disaster recovery and business continuity processes, as well as the data retention policies. All businesses have backup files, system monitoring logs, and even camera footage. However, there is a lot of digital information that isn’t stored automatically, and might be needed should a security event occur.”
Campbell-Young says this evidence could take the form of IM chats or emails, or even SMS messages on smartphones and other devices. “It is impossible to predict exactly what data may be required in the event of an incident, or whether it will be needed for regulatory purposes, or merely for an internal investigation.”
He says this is why forensic readiness is so important. “Forensic readiness helps a business automate its actions and activities so that retrieving digital evidence becomes second nature, without any issues. “The ideal is to have systems in place that record and store digital evidence in the legally appropriate manner as a matter of course. In this way, irrespective of the incident, the evidence is available, without having to impact on operations or productivity.”
About Credence Security
Established in 1999, Credence Security, previously ARM, the regions speciality distribution company, specializes in IT security, Forensics and Incident Response. Working closely with leading IT security vendors including AccessData, Fidelis CyberSecurity, eSentire and Digital Guardian, Credence Security delivers Cyber and IT Security technologies and solutions that protect organisations against advanced persistent threats, malicious adversaries and internal malpractice.
- Sharing more about RETT SYNDROME and how you can help! | #BusinessBrunch | Bjorn Salsone | #PayItForward | Rett-SA | #ebizradio - October 26, 2021
- Equality, diversity and inclusion – starts with YOU | #Insights | #Diversity | Pabi Mogosetsi | Universum Global | #ebizradio - October 26, 2021
- Cyber Security Awareness Month Is a Good Time to Review Your Payroll Provider | #Insights | Sandra Crous | PaySpace | #ebizradio - October 26, 2021
- Motoring News of the Week | Diesel and Dust | Tumelo Maketekete | #Motoring | #ebizradio | #Podcast - October 25, 2021
- Robotics in Retail – What does this mean for you and your business? | #Marketing | Kevin Britz | Craig Page-Lee | #Podcast | #ebizradio - October 22, 2021
- The Youth Unemployment Crisis – What is the impact on individuals and the economy | #Insights | Bryden Morton | Chris Blair | 21st Century | #ebizradio - October 20, 2021
- Going Digital against #GBV | MIP partners with TEARS Foundation | Richard Firth | Mara Glennie | #Digital | #ebizradio - October 19, 2021
- Firstwatch announces 2021 initiative to support entrepreneurs | #Entrepreneurs | #PayItForward | #ebizradio - October 19, 2021
- See me, Understand me, Learn with me | #Insight | #Education | The Montessori model enters your home | Madeline Hoban | InHome Montessori - October 19, 2021
- Is your business ready for the new frontier of hybrid working | Business Brunch with Björn | #Entrepreneur | #Technology | Craig Johnson | NSN.CO.ZA - October 19, 2021