cybercrime investigation body of knowledge · cybercrime investigation body of knowledge shane d....
Post on 24-Mar-2020
13 Views
Preview:
TRANSCRIPT
Cybercrime Investigation
Body of Knowledge
Shane D. Shook, PhD
1
What is CIBOK?
1st Edition of Body Of Knowledge to help Law Enforcement, Judiciary, and Corporate cyber
security practitioners and investigators understand:
What is Cybercrime?
Who performs Cybercrime - and how?
Why does Cybercrime happen - and to whom?
How should public and private organizations investigate?
How should public and private organizations staff and train?
2
Challenges addressed
Challenges for Investigators
Limited resources
Many responsibilities
Different stakeholders
Conflicting objectives
Lack of coherency
Challenges for Judiciary
Incomplete context
Focus on attribution
Imperfect evidence
Challenges for Corporate
Competing guidance
Risk management
3
Requirements taxonomy
CIBOK provides execution and management frameworks based upon a taxonomy of defined
requirements to address cybercrimes investigation and cybersecurity improvements
By subscribing to a common taxonomy, law enforcement / judiciary / corporate investigators
and management can communicate more efficiently, and address cybercrimes productively
4
Approach for investigations
Cybercrime investigations involve a combination of procedural and technical requirements
Successful Cybercrime investigations (and organizations) will involve experienced staff and
appropriate tools, and knowledgeable management with supporting policies
The focus of a Cybercrime investigation should be on the crime, not only the medium
5
CIBOK
Editorial Committee
Contact us: secretariat@cibok.org
top related