Effects on reputation need to be considered the

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: documentation, with the goal of continual improvement. Instituting a formal process for the briefing will provide the team with the ability to start collecting data that can be used to track its performance metrics. ch10.indd 886 12/4/2009 11:39:11 AM All-in-1 / CISSP All-in-One Exam Guide, 5th Ed. / Harris / 160217-8 Chapter 10: Legal, Regulations, Compliance, and Investigations 887 Cops or No Cops? Management needs to make the decision as to whether law enforcement should be called in to handle the security breach. The following are some of the issues to understand if law enforcement is brought in: • Company loses control over investigation once law enforcement is involved. • Secrecy of compromise is not promised; it could become part of public record. • Effects on reputation need to be considered (the ramifications of this information reaching customers, shareholders, and so on). • Evidence will be collected and may not be available for a long period of time. It may take a year or so to get into court. Other issues to think through when a company is developing incident response procedures include deciding how the incident will be explained to the press, customers, and shareholders. This could require the collaboration of the public relations department, management, human resources (if employees are involved), the IT department, and the legal department. A cybercrime may have legal ramifications that are not immediately apparent and must be handled delicately. The company should decide how it will report the matter to outsiders, to ensure that the situation is not perceived in a totally different light. Computer Forensics and Proper Collection of Evidence I just spilled coffee on our only evidence. Response: Case closed. Let’s all go home. Forensics is a science and an art that requires specialized techniques for the recovery, authentication, and analysis of electronic data for the purposes of a criminal act. It is the coming together of computer science, information te...
View Full Document

This note was uploaded on 06/01/2013 for the course NET 125 taught by Professor Hurst during the Fall '12 term at Wake Tech.

Ask a homework question - tutors are online