Abstract
Egalitarianism and justice are amongst the core attributes of a democratic regime and should be also secured in an e-democratic setting. As such, the rise of computer related offenses pose a threat to the fundamental aspects of e-democracy and e-governance. Digital forensics are a key component for protecting and enabling the underlying (e-)democratic values and therefore forensic readiness should be considered in an e-democratic setting. This position paper commences from the observation that the density of compliance and potential litigation activities is monotonically increasing in modern organizations, as rules, legislative regulations and policies are being constantly added to the corporate environment. Forensic practices seem to be departing from the niche of law enforcement and are becoming a business function and infrastructural component, posing new challenges to the security professionals. Having no a priori knowledge on whether a security related event or corporate policy violation will lead to litigation, we advocate that computer forensics need to be applied to all investigatory, monitoring and auditing activities. This would result into an inflation of the responsibilities of the Information Security Officer. After exploring some commonalities and differences between IS audit and computer forensics, we present a list of strategic challenges the organization and, in effect, the IS security and audit practitioner will face.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Antiphishing Working Group. Phishing Activity Trends Report Q2, 2008 (2008), http://www.antiphishing.org/reports/apwg_report_Q2_2008.pdf
Parliamentary Office of Science and Technology. Computer Crime. POSTNOTE, 271 (2006)
Harris, S.: To Catch A Thief: Bringing Forensics In-House And The Necessary Tools To Succeed. Amazines (2008)
Grobler, T., Louwrens, B.: Digital Forensic Readiness as a Component of Information Security Best Practice. In: Venter, H., Eloff, M., Labuschanc, L., Eloff, J., von Solms, R. (eds.) New Approaches for Security, Privacy and Trust in Complex Environments. IFIP, vol. 232, pp. 13–24. Springer, Boston (2007)
Information Systems Audit and Control Association: CISA Review Manual 2008 (2007)
Kruse II, W., Heiser, J.: Computer Forensics: Incident Response Essentials. Addison Wesley, Reading (2004)
Rowlingson, R.: A Ten Step Process for Forensic Readiness. Int. Journal of Digital Evidence 2(3) (2004)
Sinangin, D.: Computer Forensics Investigations in a Corporate Environment. Computer Fraud & Security 8, 11–14 (2002)
EDRM, The E-Discovery Reference Model, http://edrm.net
Chen, L., Wang, G.: An Efficient Piecewise Hashing Method for Computer Forensics. In: 2008 Workshop on Knowledge Discovery and Data Mining, pp. 635–638 (2008)
Kotze, D., Olivier, M.: Patlet for Digital Forensics First Responders. In: 18th International Workshop on Database and Expert Systems Applications, pp. 770–774 (2007)
US Court, Amendments to the Federal Rules of Civil Procedure (2006), http://www.uscourts.gov/rules/EDiscovery_w_Notes.pdf
Marcella, A.: Electronically Stored Information and Cyberforensics. Information Systems Control Journal 5, 44–48 (2008)
Information Systems Audit and Control Association, Guidline G28: Computer Forensics (2000)
Endicott-Popovsky, B., Frinke, D.: Adding the 4th R: A Systems Approach to Solving the Hackers Arms Race. In: Proc. of the 2006 Symposium 39th Hawaii International Conference on System Sciences (2006)
Computer Security Institute CSI Survey 2007 (2007), http://i.cmpnet.com/v2.gocsi.com/pdf/CSISurvey2007.pdf
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Pangalos, G., Katos, V. (2010). Information Assurance and Forensic Readiness. In: Sideridis, A.B., Patrikakis, C.Z. (eds) Next Generation Society. Technological and Legal Issues. e-Democracy 2009. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 26. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-11631-5_17
Download citation
DOI: https://doi.org/10.1007/978-3-642-11631-5_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-11629-2
Online ISBN: 978-3-642-11631-5
eBook Packages: Computer ScienceComputer Science (R0)