You’ve certainly heard the term ‘cybersecurity’ plenty in the last year. Between the high profile cyber attacks on big box retailers to the newsworthy ransomware attacks on hospitals, if you haven’t heard it, you must be intentionally living off the grid, and we don’t blame you. Getting in front of cybersecurity issues is front of mind as we enter the new year. But, breaches can occur an average of 140 days before being detected. That’s a long time for someone to have access to your data without your knowledge! Once the breach has occurred, how do you determine its source and scope? Digital forensics.
According to Techopedia, “Digital forensics is the process of uncovering and interpreting electronic data. The goal of the process is to preserve any evidence in its most original form while performing a structured investigation by collecting, identifying and validating the digital information for the purpose of reconstructing past events. The context is most often for usage of data in a court of law, though digital forensics can be used in other instances.”
After you’ve determined a breach has occurred, the legal ramifications must be considered. “Breaches often involve complying with multiple state data breach notification laws because of affected individuals residing in different states. Lawyers must know the facts to provide appropriate legal advice. Information security professionals that can analyze how a breach occurred and what information was impacted can thus be invaluable for a breach response. An information security professional can provide a clearer picture of the scope and impact of a security incident. Ultimately, that information is what drives the response and is the foundation for a lawyer to provide legal counseling about whether a breach has occurred under any applicable law and, if so, how to respond.” (Read our full whitepaper, Crossing the Breach, below)
What does a digital forensic specialist do?
- Identifies the cause and assesses the scope of an incident
- Preserves the evidence to support any notification duties and potential litigation
- Understands the totality of the situation to ensure remediation is complete
- Recommends an appropriate course of action to prevent/follow-on or mitigate future attacks
There’s a war between hackers and IT security professionals, and the battle field and weapons are evolving every day. How can we possibly win the battle? Proactive and vigilant cybersecurity procedures are critical. If we can stop them from getting in to our networks, we can protect our data. If they manage to get by our defenses, we need to know how and to what end in order to prevent the same thing from happening in the future.
If you are ready to take your cybersecurity seriously, contact the experts at Great Lakes Computer. We have an extensive offering of antivirus, antimalware, data backup, and monitoring services to help keep your data secure. If you suspect you’ve been a victim of a breach, we have computer forensic investigators to help you determine the source and scope of the breach.