Digital Forensic Readiness as a Component of Information Security Best Practice
In a world where cyber crime is constantly increasing, pervasive computing is on the rise and information is becoming the most sought after commodity making an effective and efficient Information Security (IS) architecture and program essential. ‘With this improved technology and infrastructure, ongoing and pro-active computer investigations are now a mandatory component of the IS enterprise’ . Corporate governance reports require that organizations should not only apply good corporate governance principles, but also practice good IT governance and specially IS governance. Organizations develop their security architectures based on current best practices for example  and . These best practices do not consider the importance of putting controls or procedures in place that will ensure successful investigations. There is a definite need to adapt current Information Security (IS) best practices to include for example certain aspects of Digital Forensics (DF) readiness to the current best practices to address the shortcomings. Whilst IS and DF are considered as two different disciplines, there is a definite overlap between the two . The aim of this paper is to examine the overlap between DF and IS, to determine the relevance of DF readiness to IS and propose the inclusion of certain aspects of DF readiness as a component for best practice for IS.
KeywordsCorporate Governance Information Security Good Corporate Governance Digital Evidence Information Asset
- 1.American Heritage Dictionary (4th Edition), (New York, NY: Houghton Mifflin, 2000).Google Scholar
- 2.Cullery A, Computer Forensics: Past Present And Future, Information Security Technical Report, Volume 8, number 2, (Elsevier, 2003), p 32–35.Google Scholar
- 3.Dictionary.Com, (June 31, 2006), http://www.dictionary.reference.com.
- 4. Digital Forensic Research Workshop, A Roadmap for Digital Forensics Research,(2001), http://www.dfrws.org.
- 5.Endicott-Popovsky B, Frincke D, Adding the 4th R: A Systems Approach to Solving the Hackers Arms Race, Proceedings of the 2006 Symposium 39th Hawai International Conference on System Sciences, (2006).Google Scholar
- 6.Garcia J, 2006, Pro-Active and Re-Active Forensics, (September 5, 2006), http://www.jessland.net.
- 7.Gordon La, Loeb M, Richardson R, Lucyshyn W, 2006 CSI/FBI Computer Crime and Security Survey, (Computer Security Institute, 2006).Google Scholar
- 8.Grobler CP, VonSolms SH, A Model To Assess The Information Security Status of an Organization with Special Reference to the Policy Dimension, Master’s Dissertation, (2004).Google Scholar
- 9.Hilley, 2004, The Corporation: The Non-Policed State, (September 24, 2006), http://www.infosecurity-magaqzine.com/features/novdec04/corpnovdec.htm.
- 10.Hoffman T, 2004, Sarbanes-Oxley Sparks Forensics Apps Interest, (March 29, 2004), http://www.Computerworld,com/action/article. do?command=viewarticlebasic&a rticleid=91676.
- 11.Inforenz, 2006, Are You Ready For Forensics?, (September 14, 2006), http://www.Inforenz.com/press/20060223.html.
- 12.Cobit: Control Objectives for Information and related technologies, (IT Governance Institute, 3rd edition, 2000)Google Scholar
- 13.King II Report on Corporate Governance, (August, 2003), http://www.iodsa.co.za/lod%20draft%20king%20report.pdf.
- 14.Kruse II, Warren G, Jay G Heiser JG, Computer Forensics Incident Response Essentials, (Addison Wesley, Pearson Education 2004).Google Scholar
- 15.Louwrens B, Von Solms SH, Reeckie C, Grobler T, A Control Framework for Digital Forensics, Advances in Digital Forensics, (Springer, 2006).Google Scholar
- 16.Patzakis J, Computer Forensics as an Integral Component of Information Security Enterprise, Guidance Software, (October 24, 2005), http://www.guidancesoftware.com.
- 17.Quinn S, Examining The State of Preparedness of IT Management in New Zealand for Events that may require Forensic Analysis, Digital Investigation, December 2005, Volume 2, Issue 4, (Elsevier, 2005), p. 276–280.Google Scholar
- 18.Reith M, Varr V, Gunch G, An Examination of Digital Forensic Models. International Journal Of Digital Evidence Volume 1, Issue 3, (Elsevier, 2002), (February 15, 2005), http://www.ijde.org/docs/02art2.pdf.
- 19.Rosseau Von Solms, SH (Basie) Von Solms, Information Security Governance: Due Care, Computers And Security, (August 13, 2006), doi:10:1016/Jcose.Google Scholar
- 20.Rowlingson, A Ten Step Process for Forensic Readiness, International Journal of Digital Evidence, Volume 2 Issue 3, Winter 2004, (Elsevier, 2004). 24Google Scholar
- 21. SABS ISO/IEC17799. SABS Edition 11/iso/iec Editionl, South African Standard, Code of Practice for Information Security Management, (South African Bureau of Standards, 2001).Google Scholar
- 22.Sheldon A, Forensic Auditing, The Role of Computer Forensics in the Corporate Toolbox, (March 25, 2004), http://www.itsecurity.com/papers/pll.htm.
- 23.Sinangin D, Computer Forensics Investigations in a Corporate Environment, Computer Fraud and Security Bulletin, Volume 8, p. 11–14, June 2002, (Elsevier, 2002).Google Scholar
- 24.Stephenson P, Conducting Incident Post Mortems, Computer Fraud and Security, April 2003, (Elsevier, 2003).Google Scholar
- 25.The Electronic Communications and Transactions Act, (2003), http://www.gov.za/gazette/regulation/2003/24594a.pdf.
- 26.Sarbarnes-Oxley Act of 2002, (October 20, 2006), http://www.frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname=107_cong_bills&docid=f:h3763enr.txt.pdf.
- 27.Von Solms SH, Information Security Governance: Cobit or ISO17799 or both, Computers and Security, Volume 24, Issue 2, March 2005, (Elsevier, 2005).Google Scholar
- 29.Von Solms SH, Louwrens CP. Relationship between Digital Forensics, Corporate Governance, Information Technology and Information Security Governance, (Information Security Of South Africa Conference 2005 Proceeding, 2005).Google Scholar
- 30.Wolfe H, The question of organizational forensic policy, Computer Fraud and Security, Volume 6, June 2004, (Elsevier, 2004), p. 13–14.Google Scholar