digital forensics: yesterday, today, and the next frontier
DESCRIPTION
Presentation on where digital forensics is going, and disperse accessibility (not the cloud!). Data will be available everywhere, like a personal Max Headroom avatar to assist you. If you're not protecting data from the ground up (hint, it's not at the servers), then you're not protecting data.TRANSCRIPT
(C)2012 The Lorenzi Group - All Rights Reserved
95,000
ISACA160 Countries
C-Level Executives Auditors & Educators
IT Professionals & Students
Leading GLOBAL provider of education and certificates for IT Assurance, Security, Risk &
Compliance
Set it and Forget it Security
Is DEAD
YOUR Time is NOW
Concepts of Security are Changing
The only thing you should be secure about is that nothing is secure
Organized CrimeRandom
Hacktivists Employees
Greatest Risk to Business?
• Employees, Contractors, Vendors & Partners
• Inside vs. Outside• Don’t stop protecting outside…..
Here lies another big Co.
Didn’t care about security and always said
“NO”.
While fighting off buying more
A/V…
Employees and Vendors stole its
Money!
(C)2012 The Lorenzi Group - All Rights Reserved
(C)2012 The Lorenzi Group - All Rights Reserved
(C)2012 The Lorenzi Group - All Rights Reserved
(C)2012 The Lorenzi Group - All Rights Reserved
Are DEAD
R.I.P.
(C)2012 The Lorenzi Group - All Rights Reserved
(C)2012 The Lorenzi Group - All Rights Reserved
COULD be
NEXT…..
The Future of Data is…..
Disperse Accessibility
NOTE: This is NOT the “cloud”, mobile devices, or partner networks….
(C)2012 The Lorenzi Group - All Rights Reserved
(C)2012 The Lorenzi Group - All Rights Reserved
Mark Pincus
ISACA – The Maine EventDigital Forensics: Yesterday, Today, & the Next Frontier
The Lorenzi Group
Digital Forensics & eDiscovery
• 2 Step Process– Capturing and preserving everything– Preparing the “Useful” information
SMILE!
Digital Forensics Using a 35mm Camera
Create a Forensic Image (Preserve Data) Take a Picture
Restore the Forensic Image Develop the Film
Analyze the Information Choose the Pictures you want
Report (and Testify) as necessary Build a Scrapbook
Digital Forensics
E-Z eDiscovery
1. Convert paper to electronic images2. Combine images with Digital Forensics
results3. Filter out Unnecessary Info 4. Review Results5. Submit
Litigation Hold
Legal Notice
Starts the moment litigation becomes reasonably possible
Requires parties to preserve all potential evidence
Failure to abide could bring sanctions, fines, dismissal of case, & criminal charges
SPOLIATION
• The alteration and/or destruction of data
• Examples:– Resending an email– Opening a Word document– Deleting a picture– Turning on a computer
(C)2012 The Lorenzi Group - All Rights Reserved
In the Beginning…….
• Digital Forensics was about DATA
• Mainly, RECOVERING data
Limited UseLimited Exposure
Limited Risk
(C)2012 The Lorenzi Group - All Rights Reserved
4 Step Process
PreserveRestoreAnalyze
Testimony
NOTE: This IS all or NOTHING.
(C)2012 The Lorenzi Group - All Rights Reserved
Today it’s……..
• eDiscovery is about CYA
• Mainly, making sure only SOME documents go
Expanded UseExponential Exposure
Exponential Risk
(C)2012 The Lorenzi Group - All Rights Reserved
eDiscovery Steps
InputReview
CullReview
ApproveDeliver
(C)2012 The Lorenzi Group - All Rights Reserved
The Future…..
• Data Security is about protecting data FIRST
• Digital Forensics is critical• eDiscovery is limited (b/c you KNOW)
Unlimited Use (Work/Life is gone)Limited Exposure
Limited Risk
(C)2012 The Lorenzi Group - All Rights Reserved
Security Analytics
The analysis of device and user generated data to understand patterns, usage, and anomalies.
Provides hard and soft results on:Security
ComplianceProductivity
User/Device Monitoring• Improves Data Security Exponentially
– Mistakes– Desperate– Criminal
• Makes Compliance Easier• Can provide Productivity metrics
– Termination Justification– Training Needs– Resource Allocation– Cost Saving Opportunities
Examples:Lockheed, Fidelity, USPS, Kaiser Permanente (many others)
FCPA & UKBA2010
Your BEST Friend Your CLIENTS WORST Nightmare
The tentacles of Govt regulation are spreading
Are YOUR clients ready?Are YOU ready?
Stored Communications Act
Who Owns the DATA?
Accessing personal emails and texts – Illegal
Unless…Company owns the device (looking locally)
Company pays for device service
BYOD?
BYOD
• Stored Communications Act
• Employee Owned/Company Paid
• Company Owned
ADA
EU says web surfing is an addiction
What does the US say?
REALLY????
(C)2012 The Lorenzi Group - All Rights Reserved
If the data is protected FIRST…
eDiscovery is EASYDigital Forensics (your analysis) is INSTANT
The money shifts from THERE to HEREData, Clients, & Organizations are PROTECTED
NEED to promote the value of Compliance Audits
(C)2012 The Lorenzi Group - All Rights Reserved
OUR Future?
HERE
Tech
Speaker
Legal
Logic
Stats
Project Manager
Psych
Writer
Final ThoughtsSocial Media is good for business
Acceptable Use Policies are required
BYOD isn’t necessary
Ongoing Training & Reminders are critical
The future of Digital Forensics is protecting is before it’s lost!
Who will ensure data is protected? YOU
(C)2012 The Lorenzi Group - All Rights Reserved
Robert FitzgeraldThe Lorenzi Group
866-632-9880 x123 www.thelorenzigroup.com