Organisations and individuals currently have little idea how to collect and preserve evidence from computers and the Internet. As a result criminal prosecutions become difficult, businesses fail to get redress in the civil courts or are unable to make proper insurance claims, and business value is lost.
That’s the message of Digital Evidence, Digital Investigation and E-Disclosure: A Guide to Forensic Readiness for Organisations, Security Advisors and Lawyers (PDF file) to be launched by the Information Assurance Advisory Council on Wednesday 21 March 2012…“The need for digital evidence is not confined to obvious cybercrime events such as hacking, fraud and denial of service attacks, “ says report author Professor Peter Sommer, “it’s also required when transactions are disputed, in employee disputes, and almost all forms of non-cyber crime, including murder, forgery, industrial espionage and terrorism. With the vast proliferation of computer ownership and usage plus the growth of low-cost always-on broadband connectivity, all organisations require a Forensic Readiness Program. Businesses don’t realise that when they enter litigation they are compelled to assist the other side via E-Disclosure. Too many are unprepared for this eventuality”
Sommer, who has appeared as an expert witness in many high profile cases involving computer and Internet evidence, says: “Most businesses and individuals don’t need to have on their staff a Digital Sherlock Holmes but they should have plans to identify and preserve important digital evidence from email, web transactions, PCs, tablets and smartphones – and have a broad understanding of some of the associated legal problems such as admissibility and privacy. Often what is technically easy may be illegal or inadmissible. It is very odd that organisations have in place contingency plans for low likelihood/high impact events like fire and terrorism but nothing for common-place high frequency events like disputed transactions and suspicious employee behaviour.”
The first third of the Guide gives general management advice; the remainder provides details of procedures, techniques, applicable law and sources of further information.
IAAC are making the publication free to download in view of its general importance and the lack of any other comparable advice. This is the third, considerably updated and expanded, edition of a publication now widely used in universities and in training schemes, which first appeared in 2005.
Download site: http://www.iaac.org.uk/_media/DigitalInvestigations2012.pdf
About Peter Sommer
Peter Sommer taught and researched information system security at the LSE for 17 years, ending up as a Visiting Professor. He is now a Visiting Reader at the Open University where he is consultant for its computer forensics and investigations course. He read law at Oxford and has had earlier careers as a book and electronic publisher and as a risk analyst for major corporates and insurers. In the mid 1980s he was the pseudonymous author of The Hacker’s Handbook and his co-written OECD study Reducing Systemic Cyber Security Risk attracted wide praise for its sober analysis n 2011. He appears frequently on TV and radio as an authority on cyber war, digital crime and cyber security. His main income comes from acting as an expert witness. More details: www.psommer.com
About IAAC
The Information Assurance Advisory Council is a unique partnership that brings together corporate leaders, public policy makers, law enforcement and the research community to address the challenges of managing risks to information. Our mission is to advance Information Assurance and Cyber Security to ensure that the UK’s Information Society has a robust, resilient and secure foundation. We are engaged in the development of policy recommendations to government and corporate leaders at the highest levels. Our recommendations are influential because IAAC’s Sponsors and Members comprise leading commercial end-users, government policy makers and distinguished academics. www.iaac.org.uk.
Contact Details
Peter Sommer peter@pmsommer.com
Information Assurance Advisory Council