Education Across the Nation
1 / 21

Education Across the Nation - PowerPoint PPT Presentation

  • Updated On :

Education Across the Nation 1 st Quarter 2005. Business Computing Forensics. Jo Stewart-Rattray. Education Across the Nation. The EdXN seminar series provides topical issues quarterly, in free to Member Forums. This presentation will be available on the ACS website

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Education Across the Nation' - Olivia

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Slide1 l.jpg

Education Across the Nation

1st Quarter 2005

Business Computing Forensics

Jo Stewart-Rattray

Education across the nation l.jpg
Education Across the Nation

  • The EdXN seminar series provides topical issues quarterly, in free to Member Forums.

  • This presentation will be available on the ACS website

  • Members earn Practising Computer Professional (PCP) points for attending EdxN.

Defining computer forensics l.jpg
Defining Computer Forensics

  • Forensic means to use in court.

  • Computer forensics is the collection, preservation, analysis and in some cases, the court presentation of computer-related evidence which has either been generated by a computer or has been stored on computer media.

What s it all about then l.jpg
What’s it all about then?

  • “…Computer forensics is not solely about computers. It is about the rules of evidence, legal processes, the integrity and continuity of evidence, the clear and concise reporting of factual information to a court of law, and the provision of expert information concerning the provenance of that evidence. “ Marcella & Greenfield

Why do we need forensics l.jpg
Why do we need Forensics?

  • Computer crime is escalating!

  • Australia is becoming a more litigious society

  • Employment issues

  • Contract disputes

  • Management decisions are challenged by shareholders

Computer forensics the beginning l.jpg
Computer Forensics – the Beginning

  • In 1984 in the FBI laboratory where programs were developed to assist in examining computer evidence.

  • Soon after the FBI established the Computer Analysis Response Team (CART)

  • By 1995 48% of US Government law enforcement agencies had computer forensics labs

Some other startling stats l.jpg
Some other Startling Stats

  • Companies will generate 17.5 trillion electronic documents this year

  • The worldwide internet population is 349 million

  • 12 Gb of printed text would create a stack of paper 24 stories high!

The dimension of the problem l.jpg
The Dimension of the Problem

  • 85% of respondents to Computer Security Institute Computer Crime Survey detected security breaches in the past 12 months

  • 64% of respondents reported financial losses including theft of information, financial fraud, system penetration, data or network sabotage and denial of service attacks.

What constitutes digital evidence l.jpg
What Constitutes Digital Evidence?

  • Digital evidence is any information whether subject to human intervention or not, that can be extracted from a computer.

  • Digital evidence must be in human-readable format or able to be interpreted by a person who is skilled in the area. Computer programs may be used to assist in gathering the information.

Computer assisted crimes l.jpg
Computer-assisted Crimes

Computer assisted crime includes a range of activities including:

  • Theft

  • Extortion

  • Fraud: telephone, securities, government

  • Industrial espionage

  • Intellectual property breaches

  • Unauthorised use of personal information

Workplace issues that may require forensic capability l.jpg
Workplace Issues that may require Forensic Capability

  • The spy and the typewriter ribbon

  • The old porn in the proposal trick

  • Selling company bandwidth

  • Wrongful dismissal claims

  • Defending corporate decision making processes

Handling digital evidence l.jpg
Handling Digital Evidence

  • “IT evidence is a tool to confirm or deny the reality of a given set of purported facts and under Australia’s adversarial system of law, it allows organisations to protect themselves by:

    • Taking action against those causing or facilitating damage;

    • Referring such action to the relevant authorities; or

    • Protecting themselves from litigation.”

Handling evidence images l.jpg
Handling Evidence Images

  • Investigators take an image of the information in question regardless of the kind of device that it may be stored on. Investigators rarely use the actual machine and information in order to preserve it as even logging into a system can be enough to change or destroy certain vital information such as date stamps etc.

Handling originals l.jpg
Handling Originals

  • “In exceptional circumstances, where a person finds it necessary to access original data held on a computer or on storage media, that person must be competent to do so and be able to give evidence explaining the relevance and implications of their actions.”

    Association of Chief Police Officers, UK

Handling evidence l.jpg
Handling Evidence

  • If evidence is not handled according to best practice guidelines it is possible for its evidentiary weight to be changed therefore making it less valuable or perhaps even unusable in a court proceeding.

Chain of custody l.jpg
Chain of Custody

  • “Organisations must be able to identify who has access to a particular electronic record at any given time from collection, to creation of an evidence image to presentation as evidence.”

    Standards Australia HB 171

In summary l.jpg
In summary…

  • The moral of this story and indeed to forensic evidence collection, analyses and presentation is ‘when in doubt, call in an expert’ in order to preserve and protect the validity of the evidence which in turn may preserve the reputation of your organisation.

Question time l.jpg
Question Time

  • Facilitated by Branch Contact

Slide19 l.jpg

  • Business Computer Forensics, as discussed in this Education Across the Nation session, is included in the ACS Certification Program.

  • To learn more call 1800 671 003 and discuss:

    • Technology Trends

    • Business, Legal and Ethical Issues

Vote of thanks l.jpg
Vote of Thanks

  • Facilitated by Branch Contact

Evaluation form now l.jpg
Evaluation Form Now

  • Please complete your evaluation forms. Your response will assist in planning future forums and tell ACS what topical issues are relevant to Members.

  • Thank you.