±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 0 Overall: 36568
New Yesterday: 3 Visitors: 221

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Videos

±Latest Jobs

Corporate Forensics - OMG!

Computer forensics discussion. Please ensure that your post is not better suited to one of the forums below (if it is, please post it there instead!)
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
Page Previous  1, 2, 3, 4, 5  Next 
  

farrahyde
Member
 

Re: Corporate Forensics - OMG!

Post Posted: Mar 06, 07 00:21

Educate, consult, even give a presentation if you have to.
I'm faced with similar situation on a regular basis, and for the most part my clients show a blank expression and a big question mark when the words computer and forensics come out in the same sentence. (Maybe it's still too early for this small but growing region.) Nobody wants to admit they've been compromised. If they do admit it.. after some prodding and a absurd amount of explaining, they want it kept quiet as possible.
I suppose this is what some people would call a "tough crowd".
_________________
If you're gonna do it, do it well, or not at all. 
 
  

keydet89
Senior Member
 

Re: Corporate Forensics - OMG!

Post Posted: Mar 06, 07 01:04

> and I believe that live response COULD help alleviate some of the corporate anxiety

You're right. Many times when I've responded and the client has already "investigated" or shut the system down, I'm _then_ asked, "was any sensitive data leaving the infrastructure?" Issues like theft of intellectual capital, theft of sensitive data (requiring notification per HIPAA, FISMA, SB1386, Visa PCI, etc) are hot points for corporations.  
 
  

whitecap
Member
 

Re: Corporate Forensics - OMG!

Post Posted: Mar 06, 07 01:14

- hogfly

You know it seems like ethics is something that's always forgotten in the face of financial loss. Seeing it 4 weeks in to your post is kind of amazing.


LOL came up in my arrival interview......needless to say I soon put my interviewer right. Integrity is paramount to me, may be wrong but.... Sad  
 
  

mmurr
Newbie
 

Re: Corporate Forensics - OMG!

Post Posted: Mar 06, 07 06:32

As many folks have already stated, what whitecap is experiencing is fairly common in corporate environments...

One approach that has worked on occasion is to explain computer forensics from the perspective of risk management. Since the concept of risk management is something a fair number of CxOs (CIO/CEO/etc.) are familiar with, it might be easier for them to relate.

You mentioned resistance from IT managers / departments / etc. Think back to your law enforcement days, did you ever deal with a person who was less than forthcoming? I've dealt with corporate employees who feel that "forensics" and "investigation" groups are the equivalent of corporate law enforcement, since you only see them when something goes wrong. There are a number of things you can do to help reduce this friction. For instance, one organization I worked at had the infosec group (which also handled computer forensics) do a 15 minute presentation at every new hire orientation. Other things included recognizing system administrators who had done something good (e.g. reported an incident, been particularly helpful with an investigation, etc.) by way of a monthly lunch, the occasional "good job" in front of their group, etc. Perhaps nothing will completely eliminate this friction, but making sure you have upper management agree that this type of resistance shouldn't happen goes a long way.

I'm not sure how to handle the lack of teamwork issue, as this really is specific to the particular team. People tend to bond during high stress situations, so the next major incident may help this, but it could also cause the team to crumble. Perhaps working with your manager to try and determine how to increase the sense of "team" would be a good start.

One thing you'll likely have to work hard against are common misconceptions about the legal system. This is perhaps one of the most recurring themes I've seen across a number of corporations.  
 
  

deckard
Senior Member
 

Re: Corporate Forensics - OMG!

Post Posted: Mar 06, 07 22:48

Today I wrote a new segment of my blog about live forensics and corporate responsibility in performing them. Depending on a companies business they may have a moral and societal responsibility to perform such analysis not just even a compliance issue.

It has to be approached from a bottom line oriented solution to their problems.
_________________
Replicants are like any other machine - they're either a benefit or a hazard. If they're a benefit, it's not my problem 
 
  

keydet89
Senior Member
 

Re: Corporate Forensics - OMG!

Post Posted: Mar 07, 07 02:21

> Depending on a companies business they may have a moral and societal
> responsibility to perform such analysis not just even a compliance issue.

How do you convince these companies of this?  
 
  

deckard
Senior Member
 

Re: Corporate Forensics - OMG!

Post Posted: Mar 07, 07 06:10

simple answer is you don't .. at least not directly. Noticed I folowed it by saying it had to be a bottom line solution. You must convince them that meeting that obligation can pay off, or just convince them the solution itself will positively impact the bottom line. I have seen some CEO's that would rather see themselves as doing good than satisfying a compliance issue.
_________________
Replicants are like any other machine - they're either a benefit or a hazard. If they're a benefit, it's not my problem 
 

Page 3 of 5
Page Previous  1, 2, 3, 4, 5  Next