slide1 l.
Skip this Video
Loading SlideShow in 5 Seconds..
Education Across the Nation 1 st Quarter 2005 PowerPoint Presentation
Download Presentation
Education Across the Nation 1 st Quarter 2005

Loading in 2 Seconds...

play fullscreen
1 / 21

Education Across the Nation 1 st Quarter 2005 - PowerPoint PPT Presentation

  • Uploaded on

Education Across the Nation 1 st Quarter 2005. Business Computing Forensics. Jo Stewart-Rattray. Education Across the Nation. The EdXN seminar series provides topical issues quarterly, in free to Member Forums. This presentation will be available on the ACS website

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Education Across the Nation 1 st Quarter 2005' - Olivia

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

Education Across the Nation

1st Quarter 2005

Business Computing Forensics

Jo Stewart-Rattray

education across the nation
Education Across the Nation
  • The EdXN seminar series provides topical issues quarterly, in free to Member Forums.
  • This presentation will be available on the ACS website
  • Members earn Practising Computer Professional (PCP) points for attending EdxN.
defining computer forensics
Defining Computer Forensics
  • Forensic means to use in court.
  • Computer forensics is the collection, preservation, analysis and in some cases, the court presentation of computer-related evidence which has either been generated by a computer or has been stored on computer media.
what s it all about then
What’s it all about then?
  • “…Computer forensics is not solely about computers. It is about the rules of evidence, legal processes, the integrity and continuity of evidence, the clear and concise reporting of factual information to a court of law, and the provision of expert information concerning the provenance of that evidence. “ Marcella & Greenfield
why do we need forensics
Why do we need Forensics?
  • Computer crime is escalating!
  • Australia is becoming a more litigious society
  • Employment issues
  • Contract disputes
  • Management decisions are challenged by shareholders
computer forensics the beginning
Computer Forensics – the Beginning
  • In 1984 in the FBI laboratory where programs were developed to assist in examining computer evidence.
  • Soon after the FBI established the Computer Analysis Response Team (CART)
  • By 1995 48% of US Government law enforcement agencies had computer forensics labs
some other startling stats
Some other Startling Stats
  • Companies will generate 17.5 trillion electronic documents this year
  • The worldwide internet population is 349 million
  • 12 Gb of printed text would create a stack of paper 24 stories high!
the dimension of the problem
The Dimension of the Problem
  • 85% of respondents to Computer Security Institute Computer Crime Survey detected security breaches in the past 12 months
  • 64% of respondents reported financial losses including theft of information, financial fraud, system penetration, data or network sabotage and denial of service attacks.
what constitutes digital evidence
What Constitutes Digital Evidence?
  • Digital evidence is any information whether subject to human intervention or not, that can be extracted from a computer.
  • Digital evidence must be in human-readable format or able to be interpreted by a person who is skilled in the area. Computer programs may be used to assist in gathering the information.
computer assisted crimes
Computer-assisted Crimes

Computer assisted crime includes a range of activities including:

  • Theft
  • Extortion
  • Fraud: telephone, securities, government
  • Industrial espionage
  • Intellectual property breaches
  • Unauthorised use of personal information
workplace issues that may require forensic capability
Workplace Issues that may require Forensic Capability
  • The spy and the typewriter ribbon
  • The old porn in the proposal trick
  • Selling company bandwidth
  • Wrongful dismissal claims
  • Defending corporate decision making processes
handling digital evidence
Handling Digital Evidence
  • “IT evidence is a tool to confirm or deny the reality of a given set of purported facts and under Australia’s adversarial system of law, it allows organisations to protect themselves by:
    • Taking action against those causing or facilitating damage;
    • Referring such action to the relevant authorities; or
    • Protecting themselves from litigation.”
handling evidence images
Handling Evidence Images
  • Investigators take an image of the information in question regardless of the kind of device that it may be stored on. Investigators rarely use the actual machine and information in order to preserve it as even logging into a system can be enough to change or destroy certain vital information such as date stamps etc.
handling originals
Handling Originals
  • “In exceptional circumstances, where a person finds it necessary to access original data held on a computer or on storage media, that person must be competent to do so and be able to give evidence explaining the relevance and implications of their actions.”

Association of Chief Police Officers, UK

handling evidence
Handling Evidence
  • If evidence is not handled according to best practice guidelines it is possible for its evidentiary weight to be changed therefore making it less valuable or perhaps even unusable in a court proceeding.
chain of custody
Chain of Custody
  • “Organisations must be able to identify who has access to a particular electronic record at any given time from collection, to creation of an evidence image to presentation as evidence.”

Standards Australia HB 171

in summary
In summary…
  • The moral of this story and indeed to forensic evidence collection, analyses and presentation is ‘when in doubt, call in an expert’ in order to preserve and protect the validity of the evidence which in turn may preserve the reputation of your organisation.
question time
Question Time
  • Facilitated by Branch Contact
  • Business Computer Forensics, as discussed in this Education Across the Nation session, is included in the ACS Certification Program.
  • To learn more call 1800 671 003 and discuss:
    • Technology Trends
    • Business, Legal and Ethical Issues
vote of thanks
Vote of Thanks
  • Facilitated by Branch Contact
evaluation form now
Evaluation Form Now
  • Please complete your evaluation forms. Your response will assist in planning future forums and tell ACS what topical issues are relevant to Members.
  • Thank you.