digital forensics: yesterday, today, and the next frontier

(C)2012 The Lorenzi Group - All Rights Reserved

95,000

ISACA160 Countries

C-Level Executives Auditors & Educators

IT Professionals & Students

Leading GLOBAL provider of education and certificates for IT Assurance, Security, Risk &

Compliance

Set it and Forget it Security

Is DEAD

YOUR Time is NOW

Concepts of Security are Changing

The only thing you should be secure about is that nothing is secure

Organized CrimeRandom

Hacktivists Employees

Greatest Risk to Business?

• Employees, Contractors, Vendors & Partners

• Inside vs. Outside• Don’t stop protecting outside…..

Here lies another big Co.

Didn’t care about security and always said

“NO”.

While fighting off buying more

A/V…

Employees and Vendors stole its

Money!

(C)2012 The Lorenzi Group - All Rights Reserved

(C)2012 The Lorenzi Group - All Rights Reserved

(C)2012 The Lorenzi Group - All Rights Reserved

(C)2012 The Lorenzi Group - All Rights Reserved

Are DEAD

R.I.P.

(C)2012 The Lorenzi Group - All Rights Reserved

(C)2012 The Lorenzi Group - All Rights Reserved

COULD be

NEXT…..

The Future of Data is…..

Disperse Accessibility

NOTE: This is NOT the “cloud”, mobile devices, or partner networks….

(C)2012 The Lorenzi Group - All Rights Reserved

(C)2012 The Lorenzi Group - All Rights Reserved

Mark Pincus

ISACA – The Maine EventDigital Forensics: Yesterday, Today, & the Next Frontier

The Lorenzi Group

Digital Forensics & eDiscovery

• 2 Step Process– Capturing and preserving everything– Preparing the “Useful” information

SMILE!

Digital Forensics Using a 35mm Camera

Create a Forensic Image (Preserve Data) Take a Picture

Restore the Forensic Image Develop the Film

Analyze the Information Choose the Pictures you want

Report (and Testify) as necessary Build a Scrapbook

Digital Forensics

E-Z eDiscovery

1. Convert paper to electronic images2. Combine images with Digital Forensics

results3. Filter out Unnecessary Info 4. Review Results5. Submit

Litigation Hold

Legal Notice

Starts the moment litigation becomes reasonably possible

Requires parties to preserve all potential evidence

Failure to abide could bring sanctions, fines, dismissal of case, & criminal charges

SPOLIATION

• The alteration and/or destruction of data

• Examples:– Resending an email– Opening a Word document– Deleting a picture– Turning on a computer

(C)2012 The Lorenzi Group - All Rights Reserved

In the Beginning…….

• Digital Forensics was about DATA

• Mainly, RECOVERING data

Limited UseLimited Exposure

Limited Risk

(C)2012 The Lorenzi Group - All Rights Reserved

4 Step Process

PreserveRestoreAnalyze

Testimony

NOTE: This IS all or NOTHING.

(C)2012 The Lorenzi Group - All Rights Reserved

Today it’s……..

• eDiscovery is about CYA

• Mainly, making sure only SOME documents go

Expanded UseExponential Exposure

Exponential Risk

(C)2012 The Lorenzi Group - All Rights Reserved

eDiscovery Steps

InputReview

CullReview

ApproveDeliver

(C)2012 The Lorenzi Group - All Rights Reserved

The Future…..

• Data Security is about protecting data FIRST

• Digital Forensics is critical• eDiscovery is limited (b/c you KNOW)

Unlimited Use (Work/Life is gone)Limited Exposure

Limited Risk

(C)2012 The Lorenzi Group - All Rights Reserved

Security Analytics

The analysis of device and user generated data to understand patterns, usage, and anomalies.

Provides hard and soft results on:Security

ComplianceProductivity

User/Device Monitoring• Improves Data Security Exponentially

– Mistakes– Desperate– Criminal

• Makes Compliance Easier• Can provide Productivity metrics

– Termination Justification– Training Needs– Resource Allocation– Cost Saving Opportunities

Examples:Lockheed, Fidelity, USPS, Kaiser Permanente (many others)

FCPA & UKBA2010

Your BEST Friend Your CLIENTS WORST Nightmare

The tentacles of Govt regulation are spreading

Are YOUR clients ready?Are YOU ready?

Stored Communications Act

Who Owns the DATA?

Accessing personal emails and texts – Illegal

Unless…Company owns the device (looking locally)

Company pays for device service

BYOD?

BYOD

• Stored Communications Act

• Employee Owned/Company Paid

• Company Owned

ADA

EU says web surfing is an addiction

What does the US say?

REALLY????

(C)2012 The Lorenzi Group - All Rights Reserved

If the data is protected FIRST…

eDiscovery is EASYDigital Forensics (your analysis) is INSTANT

The money shifts from THERE to HEREData, Clients, & Organizations are PROTECTED

NEED to promote the value of Compliance Audits

(C)2012 The Lorenzi Group - All Rights Reserved

OUR Future?

HERE

Tech

Speaker

Legal

Logic

Stats

Project Manager

Psych

Writer

Final ThoughtsSocial Media is good for business

Acceptable Use Policies are required

BYOD isn’t necessary

Ongoing Training & Reminders are critical

The future of Digital Forensics is protecting is before it’s lost!

Who will ensure data is protected? YOU

(C)2012 The Lorenzi Group - All Rights Reserved

Robert FitzgeraldThe Lorenzi Group

866-632-9880 x123 www.thelorenzigroup.com