TY - GEN
T1 - A framework to guide the implementation of proactive digital forensics in organizations
AU - Grobler, C. P.
AU - Louwrens, C. P.
AU - Von Solms, S. H.
PY - 2010
Y1 - 2010
N2 - Most organizations underestimate the demand for digital evidence [1]. Often, when evidence is required to prove fraudulent transactions, not enough or trustworthy evidence is available to link the attacker to the incident. It is essential for organizations to prepare themselves for Digital Forensic (DF) investigations and ensure that entire organizational operating environment is prepared for example for an investigation (criminal or internal) or a compliance tests. The accepted literature on DF readiness concentrates mainly on evidence identification, handling and storage, first line incident response and training requirements [2]. It does not consider the proactive application of DF tools to enhance the corporate governance structures (specifically Information Technology (IT) governance). Pro-active DF (ProDF) as defined in this paper will enable an organization to take the initiative by implementing adequate measures to become DF ready, demonstrate due diligence for good corporate Governance, specifically IT Governance and provide a mechanism to assess and improve IT Governance frameworks. The purpose of this paper is to define, identify goals, steps, and deliverables of ProDF, identify dimensions of DF, and propose a theoretical DF management framework to guide the implementation of ProDF in an organization.
AB - Most organizations underestimate the demand for digital evidence [1]. Often, when evidence is required to prove fraudulent transactions, not enough or trustworthy evidence is available to link the attacker to the incident. It is essential for organizations to prepare themselves for Digital Forensic (DF) investigations and ensure that entire organizational operating environment is prepared for example for an investigation (criminal or internal) or a compliance tests. The accepted literature on DF readiness concentrates mainly on evidence identification, handling and storage, first line incident response and training requirements [2]. It does not consider the proactive application of DF tools to enhance the corporate governance structures (specifically Information Technology (IT) governance). Pro-active DF (ProDF) as defined in this paper will enable an organization to take the initiative by implementing adequate measures to become DF ready, demonstrate due diligence for good corporate Governance, specifically IT Governance and provide a mechanism to assess and improve IT Governance frameworks. The purpose of this paper is to define, identify goals, steps, and deliverables of ProDF, identify dimensions of DF, and propose a theoretical DF management framework to guide the implementation of ProDF in an organization.
KW - Comprehensive digital evidence
KW - Digital forensics management framework
KW - IT governance
KW - Proactive digital forensics
UR - http://www.scopus.com/inward/record.url?scp=77952413466&partnerID=8YFLogxK
U2 - 10.1109/ARES.2010.62
DO - 10.1109/ARES.2010.62
M3 - Conference contribution
AN - SCOPUS:77952413466
SN - 9780769539652
T3 - ARES 2010 - 5th International Conference on Availability, Reliability, and Security
SP - 677
EP - 682
BT - ARES 2010 - 5th International Conference on Availability, Reliability, and Security
T2 - 5th International Conference on Availability, Reliability, and Security, ARES 2010
Y2 - 15 February 2010 through 18 February 2010
ER -