Security Basics mailing list archives
RE: Spam: RE: Forensic/Cyber Crime Investigator
From: "dave kleiman" <dave () davekleiman com>
Date: Wed, 8 Feb 2006 23:00:50 -0500
Craig, First let me say I do not know AU law, I do however have a grasp on US law. Are employee misconduct, internal theft of trade secrets, a DoS attack on a business, or virus a purposely released on an important business day to disrupt business INCIDENTS? (just to name a few) Do we respond to them? Is that not incident response? When we look into these, are we not conducting an investigation? (In many states it is required that you must be a licensed investigator to do so) If we do not do so in a forensically sound manner, and we have to pursue the matter; will we be able to? I believe you are contradicting yourself unknowingly. You said "Most cases and disputes are settled outside of court and do not involve the legal jurisdictional control". But, I do not think you realize how accomplish staying out of court, we do this by presenting the evidence in such a way that it is overwhelming, air-tight, and the other side concedes. This evidence must be gathered properly, or the other side will contest and bring it to tribunal. You said "Many organizations have a policy of not going to litigation." Do you mean they would rather not pursue the issue? If so then that is their policy so there is no need to investigate. However, if they require the incident investigated, you better have your ducks in a row. (conduct it in a forensically sound manner) I can personally tell you, I love it when a case does not make it passed the deposition stage, or even not that far, if the evidence is solid!! Remember a deposition, sworn statement, stipulation of expected testimony, and courtroom testimony are all affirmations under oath / sworn testimony. You said Investigation and Forensics are separate disciplines. Investigations are the systematic and thorough gathering, examining, and studying of factual information that results in the factual explanation of what transpired. So explain the difference to us, not just your opinion. Maybe you are trying to explain the difference between imaging a H/D and conducting an investigation?? Respectfully, ______________________________________________________ Dave Kleiman, CAS,CCE,CIFI,CISM,CISSP,ISSAP,ISSMP,MCSE http://www.southeastforensics.com/services.php --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- RE: Spam: RE: Forensic/Cyber Crime Investigator Craig Wright (Feb 06)
- <Possible follow-ups>
- RE: Spam: RE: Forensic/Cyber Crime Investigator Craig Wright (Feb 07)
- RE: Spam: RE: Forensic/Cyber Crime Investigator dave kleiman (Feb 08)
- RE: Spam: RE: Forensic/Cyber Crime Investigator Mark Teicher (Feb 07)
- RE: Spam: RE: Forensic/Cyber Crime Investigator Bob Radvanovsky (Feb 08)
- RE: Spam: RE: Forensic/Cyber Crime Investigator Robinson, Sonja (Feb 08)
- RE: Spam: RE: Forensic/Cyber Crime Investigator Craig Wright (Feb 08)
- Re: Spam: RE: Forensic/Cyber Crime Investigator Jason Coombs (Feb 09)
- RE: Spam: RE: Forensic/Cyber Crime Investigator dave kleiman (Feb 09)
- RE: Spam: RE: Forensic/Cyber Crime Investigator Craig Wright (Feb 09)
- Re: Spam: RE: Forensic/Cyber Crime Investigator Jason Coombs (Feb 10)
- RE: Spam: RE: Forensic/Cyber Crime Investigator Craig Wright (Feb 09)
- RE: Forensic/Cyber Crime Investigator evb (Feb 10)
- Re: Spam: RE: Forensic/Cyber Crime Investigator Bob Radvanovsky (Feb 09)
- Re: Spam: RE: Forensic/Cyber Crime Investigator Jason Coombs (Feb 09)
- RE: Spam: RE: Forensic/Cyber Crime Investigator Craig Wright (Feb 10)
- Re: Spam: RE: Forensic/Cyber Crime Investigator Craig, Tobin (OIG) (Feb 13)