Information Assurance and Forensic Readiness

Pangalos, Georgios; Katos, Vasilios

doi:10.1007/978-3-642-11631-5_17

Georgios Pangalos¹⁶ &
Vasilios Katos¹⁷

Part of the book series: Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering ((LNICST,volume 26))

Included in the following conference series:

International Conference on e-Democracy

1518 Accesses
11 Citations

Abstract

Egalitarianism and justice are amongst the core attributes of a democratic regime and should be also secured in an e-democratic setting. As such, the rise of computer related offenses pose a threat to the fundamental aspects of e-democracy and e-governance. Digital forensics are a key component for protecting and enabling the underlying (e-)democratic values and therefore forensic readiness should be considered in an e-democratic setting. This position paper commences from the observation that the density of compliance and potential litigation activities is monotonically increasing in modern organizations, as rules, legislative regulations and policies are being constantly added to the corporate environment. Forensic practices seem to be departing from the niche of law enforcement and are becoming a business function and infrastructural component, posing new challenges to the security professionals. Having no a priori knowledge on whether a security related event or corporate policy violation will lead to litigation, we advocate that computer forensics need to be applied to all investigatory, monitoring and auditing activities. This would result into an inflation of the responsibilities of the Information Security Officer. After exploring some commonalities and differences between IS audit and computer forensics, we present a list of strategic challenges the organization and, in effect, the IS security and audit practitioner will face.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Antiphishing Working Group. Phishing Activity Trends Report Q2, 2008 (2008), http://www.antiphishing.org/reports/apwg_report_Q2_2008.pdf
Parliamentary Office of Science and Technology. Computer Crime. POSTNOTE, 271 (2006)
Google Scholar
Harris, S.: To Catch A Thief: Bringing Forensics In-House And The Necessary Tools To Succeed. Amazines (2008)
Google Scholar
Grobler, T., Louwrens, B.: Digital Forensic Readiness as a Component of Information Security Best Practice. In: Venter, H., Eloff, M., Labuschanc, L., Eloff, J., von Solms, R. (eds.) New Approaches for Security, Privacy and Trust in Complex Environments. IFIP, vol. 232, pp. 13–24. Springer, Boston (2007)
Chapter Google Scholar
Information Systems Audit and Control Association: CISA Review Manual 2008 (2007)
Google Scholar
Kruse II, W., Heiser, J.: Computer Forensics: Incident Response Essentials. Addison Wesley, Reading (2004)
Google Scholar
Rowlingson, R.: A Ten Step Process for Forensic Readiness. Int. Journal of Digital Evidence 2(3) (2004)
Google Scholar
Sinangin, D.: Computer Forensics Investigations in a Corporate Environment. Computer Fraud & Security 8, 11–14 (2002)
Article Google Scholar
EDRM, The E-Discovery Reference Model, http://edrm.net
Chen, L., Wang, G.: An Efficient Piecewise Hashing Method for Computer Forensics. In: 2008 Workshop on Knowledge Discovery and Data Mining, pp. 635–638 (2008)
Google Scholar
Kotze, D., Olivier, M.: Patlet for Digital Forensics First Responders. In: 18th International Workshop on Database and Expert Systems Applications, pp. 770–774 (2007)
Google Scholar
US Court, Amendments to the Federal Rules of Civil Procedure (2006), http://www.uscourts.gov/rules/EDiscovery_w_Notes.pdf
Marcella, A.: Electronically Stored Information and Cyberforensics. Information Systems Control Journal 5, 44–48 (2008)
Google Scholar
Information Systems Audit and Control Association, Guidline G28: Computer Forensics (2000)
Google Scholar
Endicott-Popovsky, B., Frinke, D.: Adding the 4^th R: A Systems Approach to Solving the Hackers Arms Race. In: Proc. of the 2006 Symposium 39^th Hawaii International Conference on System Sciences (2006)
Google Scholar
Computer Security Institute CSI Survey 2007 (2007), http://i.cmpnet.com/v2.gocsi.com/pdf/CSISurvey2007.pdf

Download references

Author information

Authors and Affiliations

Aristotle University of Thessaloniki, Greece
Georgios Pangalos
Democritus University of Thrace, Greece
Vasilios Katos

Authors

Georgios Pangalos
View author publications
You can also search for this author in PubMed Google Scholar
Vasilios Katos
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Informatics Laboratory, Agricultural University of Athens, 75, Iera Odos Street, Botanikos, 11855, Athens, Greece
Alexander B. Sideridis & Charalampos Z. Patrikakis &

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Pangalos, G., Katos, V. (2010). Information Assurance and Forensic Readiness. In: Sideridis, A.B., Patrikakis, C.Z. (eds) Next Generation Society. Technological and Legal Issues. e-Democracy 2009. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 26. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-11631-5_17

Download citation

DOI: https://doi.org/10.1007/978-3-642-11631-5_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-11629-2
Online ISBN: 978-3-642-11631-5
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics