Professional Documents
Culture Documents
Digital Forensics The Laws and Governance Slides
Digital Forensics The Laws and Governance Slides
Governance
Joe Abraham
IT SECURITY PROFESSIONAL
@joeabrah www.joestechinsights.com
Importance of laws and governance
Laws vs. standards vs. policies vs. best
practices
Overview
Governing bodies and laws
Best practices, standards, and policies
within the branches
Incident handling standards and
procedures
Evidence handling standards and
procedures
Everyone should know and
play their part in a forensic
investigation!
Law
A binding custom or practice of a community: a rule or
action prescribed or formally recognized as binding or
enforced by a controlling authority.
-Merriam-Webster Dictionary
Standard
Something established by authority, custom, or general
consent as a model or example.
-Merriam-Webster Dictionary
Policy
A high-level overall plan embracing the general goals
and acceptable procedures especially of a governmental
body.
-Merriam-Webster Dictionary
Best Practice
A procedure that has been shown by research and
experience to produce optimal results and that is
established or proposed as a standard suitable for
widespread adoption.
-Merriam-Webster Dictionary
Governing Bodies and Laws
Which laws and regulations
do I need to know about?
Convention on
Cybercrime
US Computer Fraud
and Abuse Act
PACE Act (UK)
Computer Misuse Act
US Federal Rules of
Evidence
Best Practices
Policies - Reporting
Forensic Science
Other
Forensic Digital Forensics
Subdivisions
Get buy in from legal
representation, law
enforcement, and
management.
Incident Response
Preparation
Identification
Containment
Incident Response Steps
Eradication
Recovery
Lessons Learned
Who Is in Yours?
Maintaining integrity of
Don’t just “pull the plug”
evidence is key
47%
Training employees on policies
40%
“The one who adapts his policy to the
times prospers, and likewise that the
one whose policy clashes with the
demands of the times does not.”
Niccolo Machiavelli