Security Basics mailing list archives
RE: Forensic/Cyber Crime Investigator
From: "Craig Wright" <cwright () bdosyd com au>
Date: Thu, 9 Feb 2006 22:02:49 +1100
Hi Dave, To further add weight to the argument and as you seem to think I base comments on opinion, please read the following as an introduction. I can keep going if you wish? Please look at Bayne (2003) (p293) s8.470 as a particular reference. [see also Idoport Pty Ltd v National Australia Bank Ltd [2001] NSWSC 995 [181], [182] and [188]ff] [see also Ocean Marine Mutual Insurance Assoc. (Europe) OV v Jetopay Pty Ltd [2000] FCA 1463 at [21]-[23] (in Makita at 744 [86]] [ See also Makita (Australia) Pty Ltd v Sprowles (2001) 52 NSWLR 705 at 744 [85]] The following academic texts are helpful. The references are not extensive. Reed, Chris. (2004), "Internet Law, Text and Materials", 2nd Ed. University College London, Cambridge University Press. UK p263, s43 p111 Coderre, David G. (2004) "Fraud Detection, A revealing look at fraud, Data Analysis Techniques and Methods", Ekaros Analytical Inc, Vancouver, CA pp 51-64, pp 211-224 Turnbull, C. Stephen (2003) "Fraud Investigation using Idea" Ekaros Analytical Inc, Vancouver, CA p11, pp15-16, p 21, p 35 Allen, Mark (2002) "e-business, the law and you", Pearson Education Australia pp 95-108, p 130 Odgers, S; Peden, E; Kumar, M (2004) "Companion to Uniform Evidence Law", Thomson Lawbook Co. Part 3 - Adminssibility of Evidence, s7 (Hearsay), s 8 (Opinion), s 9 (Admissions) Part 4 - s 17, (Facilitation of Proof) Calvert M, Reid I (2002) "Technology Contracts", 2nd Ed. LexisNexis Butterworths Part II, s 7, Part IV, s 16, s17 Cairns B (2005) "Australian Civil Procedure", 6th Ed. Thomson Lawbook Co. p 567-568, p466, p 59,65,78, 79,457-466,472 Hunter, Cameron & Henning (2005) "Litigation II, Evidence and Criminal Process", 7th Ed. LexisNexis Butterworths s 20.1, s 20.4, s11.7, s 11.6 see also Coco principles (Coco v R (1994) 179 CLR 427 Hunter, Cameron & Henning (2005) "Litigation I, Civil Procedures", 7th Ed. LexisNexis Butterworths ses Evidence; Relivance Bayne, Peter (2003) "Uniform Evidence Law, Text and esential cases" The Federation Press, Au See "Presumptions of accuracy of scientific instruments" S.a "Burden of Proof" The College of Law (2005) "Practice Papers, Select Papers", Volume 1 s A8 p179- Would you like more cases? I am happy to supply case law to support my argument as well? Craig -----Original Message----- From: Craig Wright Sent: Thu 9/02/2006 5:02 PM To: 'dave kleiman'; security-basics () securityfocus com Cc: Subject: RE: Forensic/Cyber Crime Investigator Original Message----- From: dave kleiman [mailto:dave () davekleiman com] Sent: 9 February 2006 3:01 To: security-basics () securityfocus com Subject: RE: Spam: RE: Forensic/Cyber Crime Investigator Craig, First let me say I do not know AU law, I do however have a grasp on US law. Are employee misconduct, internal theft of trade secrets, a DoS attack on a business, or virus a purposely released on an important business day to disrupt business INCIDENTS? (just to name a few) Do we respond to them? Is that not incident response? When we look into these, are we not conducting an investigation? (In many states it is required that you must be a licensed investigator to do so) If we do not do so in a forensically sound manner, and we have to pursue the matter; will we be able to? I believe you are contradicting yourself unknowingly. You said "Most cases and disputes are settled outside of court and do not involve the legal jurisdictional control". But, I do not think you realize how accomplish staying out of court, we do this by presenting the evidence in such a way that it is overwhelming, air-tight, and the other side concedes. This evidence must be gathered properly, or the other side will contest and bring it to tribunal. You said "Many organizations have a policy of not going to litigation." Do you mean they would rather not pursue the issue? If so then that is their policy so there is no need to investigate. However, if they require the incident investigated, you better have your ducks in a row. (conduct it in a forensically sound manner) I can personally tell you, I love it when a case does not make it passed the deposition stage, or even not that far, if the evidence is solid!! Remember a deposition, sworn statement, stipulation of expected testimony, and courtroom testimony are all affirmations under oath / sworn testimony. You said “Investigation and Forensics are separate disciplines.” Investigations are the systematic and thorough gathering, examining, and studying of factual information that results in the factual explanation of what transpired. So explain the difference to us, not just your opinion. Maybe you are trying to explain the difference between imaging a H/D and conducting an investigation?? Respectfully, ______________________________________________________ Dave Kleiman, CAS,CCE,CIFI,CISM,CISSP,ISSAP,ISSMP,MCSE http://www.southeastforensics.com/services.php Liability limited by a scheme approved under Professional Standards Legislation in respect of matters arising within those States and Territories of Australia where such legislation exists. DISCLAIMER The information contained in this email and any attachments is confidential. If you are not the intended recipient, you must not use or disclose the information. If you have received this email in error, please inform us promptly by reply email or by telephoning +61 2 9286 5555. Please delete the email and destroy any printed copy. Any views expressed in this message are those of the individual sender. You may not rely on this message as advice unless it has been electronically signed by a Partner of BDO or it is subsequently confirmed by letter or fax signed by a Partner of BDO. BDO accepts no liability for any damage caused by this email or its attachments due to viruses, interference, interception, corruption or unauthorised access.
Current thread:
- Re: Forensic/Cyber Crime Investigator, (continued)
- Re: Forensic/Cyber Crime Investigator Brandon Steili (Feb 04)
- Re: Forensic/Cyber Crime Investigator Mark Teicher (Feb 05)
- Re: Forensic/Cyber Crime Investigator Dragos Ruiu (Feb 06)
- RE: Forensic/Cyber Crime Investigator Craig Wright (Feb 05)
- RE: Forensic/Cyber Crime Investigator Robinson, Sonja (Feb 06)
- Re: Forensic/Cyber Crime Investigator Mark Teicher (Feb 07)
- RE: Forensic/Cyber Crime Investigator Craig Wright (Feb 08)
- Forensic/Cyber Crime Investigator Craig Wright (Feb 09)
- RE: Forensic/Cyber Crime Investigator Craig Wright (Feb 09)
- RE: Forensic/Cyber Crime Investigator dave kleiman (Feb 10)
- RE: Forensic/Cyber Crime Investigator Craig Wright (Feb 09)
- RE: Forensic/Cyber Crime Investigator Craig Wright (Feb 10)
- RE: Forensic/Cyber Crime Investigator Craig Wright (Feb 10)
- RE: Forensic/Cyber Crime Investigator Craig Wright (Feb 10)
- Re: Forensic/Cyber Crime Investigator Bob Radvanovsky (Feb 10)
- Re: Forensic/Cyber Crime Investigator Bob Radvanovsky (Feb 10)
- RE: Forensic/Cyber Crime Investigator Craig Wright (Feb 11)
- RE: Forensic/Cyber Crime Investigator Craig Wright (Feb 13)
- RE: Forensic/Cyber Crime Investigator Craig Wright (Feb 17)