CERIAS - Center for Education and Research in Information Assurance and Security

Skip Navigation
Purdue University - Discovery Park
Center for Education and Research in Information Assurance and Security

Investigating Computer Security Incidents

Peter Stephenson - Netigy

Nov 08, 2000

PDF Slides PDF () Size: 227.8MB

Download: Video Icon MP4 Video  
Watch in your Browser   Watch on Youtube Watch on YouTube


The studies all say that 70% to 80% of information security incidents involve "insiders". However, today, it is becoming increasingly difficult to pinpoint exactly what we mean by an insider. Complicating the issue, law enforcement is increasingly overloaded and the FBI has gone on record as saying that the victims of such incidents should begin their own investigation.

The good news is that the victim will likely be in a position to respond much more rapidly than will law enforcement. The bad news is if the victim does not respond correctly, evidence may be irretrievably lost or damaged limiting or eliminating the effective response by law enforcement at a later point. Where law enforcement is not to be involved, such errors can have a devastating effect on civil litigation.

This seminar will explore the resources available for investigating a computer security incident, discuss the investigative process, explore the underlying legal issues and specific laws and introduce some forensic techniques that a victim may use to preserve evidence correctly.

About the Speaker

Peter Stephenson is the director of technology for the global security practice of Netigy Corporation. He has been in technology-related positions for over 35 years, and has operated his own consulting practice for 15 years. He is the author of 13 books on computer topics, the most recent of which is Investigating Computer-Related Crime published by CRC Press. He has contributed over 400 articles to trade publications and is a regular columnist for Auerbach\'s \"Information Security Journal\" and \"SC InfoSecurity News\". He currently is a PhD student at Oxford Brookes University in Oxford, England.

Unless otherwise noted, the security seminar is held on Wednesdays at 4:30P.M. STEW G52 (Suite 050B), West Lafayette Campus. More information...


The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.