Join Us!

Applying the Law (U...
 
Notifications
Clear all

Applying the Law (UK) to an Incident Response Plan  

  RSS
cmann
(@cmann)
New Member

I am currently planning ahead for my dissertation that starts in September, I am writing an IRP for an intrusion on a Linux machineā€¦
I want to introduce law (UK statutes) to my IRP as well as ACPO guidelines and ISO standards..

To introduce Computer Misuse Act 1990, is providing an Authorisation of Access form to the owner of the hacked machine enough to demonstrate this statute? If, not is there anything else I could demonstrate / look into???

Thanks

FYI I've already planned ahead for Data Protection Act with non-disclosure agreements etc..

Quote
Posted : 29/03/2020 2:54 pm
trewmte
(@trewmte)
Community Legend

I am currently planning ahead for my dissertation that starts in September, I am writing an IRP for an intrusion on a Linux machineā€¦
I want to introduce law (UK statutes) to my IRP as well as ACPO guidelines and ISO standards..

To introduce Computer Misuse Act 1990, is providing an Authorisation of Access form to the owner of the hacked machine enough to demonstrate this statute? If, not is there anything else I could demonstrate / look into???

Thanks

FYI I've already planned ahead for Data Protection Act with non-disclosure agreements etc..

What is the intended purpose of referencing the law?

Is this for Criminal Investigations/Cases or Civil Investigations/Cases?

https://www.cps.gov.uk/legal-guidance/computer-misuse-act
http//www.computerevidence.co.uk/Cases/CMA.htm
https://www.north-wales.police.uk/media/654115/2018-209-computer-misuse-act.pdf
https://www.ncsc.gov.uk/collection/incident-management/cyber-incident-response-processes

Civil Procedure Rules (CPR)?

When you state Authorisation of Access is that to avoid "intrusive surveillance" for criminal investigations, in which case you may wish to consider Regulation of Investigatory Powers Act 2000 http//www.legislation.gov.uk/ukpga/2000/23/data.pdf

ReplyQuote
Posted : 29/03/2020 6:11 pm
Share: