Investigating Computer Security Incidents
Peter Stephenson - Netigy
Nov 08, 2000PDF () Size: 227.8MB
Download: MP4 Video
Watch in your Browser Watch on YouTube
AbstractThe studies all say that 70% to 80% of information security incidents involve "insiders". However, today, it is becoming increasingly difficult to pinpoint exactly what we mean by an insider. Complicating the issue, law enforcement is increasingly overloaded and the FBI has gone on record as saying that the victims of such incidents should begin their own investigation.
The good news is that the victim will likely be in a position to respond much more rapidly than will law enforcement. The bad news is if the victim does not respond correctly, evidence may be irretrievably lost or damaged limiting or eliminating the effective response by law enforcement at a later point. Where law enforcement is not to be involved, such errors can have a devastating effect on civil litigation.
This seminar will explore the resources available for investigating a computer security incident, discuss the investigative process, explore the underlying legal issues and specific laws and introduce some forensic techniques that a victim may use to preserve evidence correctly.
About the SpeakerPeter Stephenson is the director of technology for the global security practice of Netigy Corporation. He has been in technology-related positions for over 35 years, and has operated his own consulting practice for 15 years. He is the author of 13 books on computer topics, the most recent of which is Investigating Computer-Related Crime published by CRC Press. He has contributed over 400 articles to trade publications and is a regular columnist for Auerbach\'s \"Information Security Journal\" and \"SC InfoSecurity News\". He currently is a PhD student at Oxford Brookes University in Oxford, England.
The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.