COMPUTER SECURITY AND FORENSICS

1.TAGI MARVINE

2.STACY MUKAMI

3.IVAN KIPROTICH

4.RAMSLEY KIPROTICH

QUESTION: Enumerate all professional malpractice that are common in Computer security and
forensics

Professional malpractice in computer security and forensics refers to instances where individuals or
organizations involved in these fields fail to meet the expected standards of care and professional
conduct, resulting in harm, negligence, or breaches of ethical, legal, or industry standards. Common
examples of professional malpractice in computer security and forensics include:
1. Inadequate Security Practices: Failing to implement reasonable security measures, leaving
systems vulnerable to cyberattacks and data breaches.
2. Failure to Update and Patch: Neglecting to apply security updates and patches, which can lead
to known vulnerabilities being exploited.
3. Ineffective Access Control: Poorly managing user access permissions, leading to unauthorized
individuals gaining access to sensitive information.
4. Data Breach Response Delays: Slow or inadequate response to data breaches, which can
exacerbate the impact and legal consequences.
5. Inaccurate Forensics Analysis: Providing inaccurate or incomplete digital forensics analysis,
potentially leading to false accusations or incorrect legal outcomes.
6. Chain of Custody Violations: Mishandling evidence or failing to maintain the chain of custody in
digital forensics investigations, rendering evidence inadmissible in legal proceedings.
7. Lack of Expertise: Providing services beyond one's level of expertise or certification, leading to
errors and misjudgments.
8. Conflict of Interest: Failing to disclose conflicts of interest, such as a financial stake in the
outcome of a security assessment or forensic investigation.
9. Inadequate Documentation: Not documenting security procedures, assessments, or forensics
processes properly, making it difficult to track and verify the work performed.
10. Failure to Follow Legal Protocols: Ignoring legal requirements and regulations when conducting
investigations or handling sensitive data, leading to legal consequences.
11. Violation of Privacy Rights: Collecting or handling personal data without appropriate consent or
in violation of privacy laws.
12. Inadequate Incident Response Plans: Failing to establish and follow proper incident response
plans, which can lead to uncontrolled damage during a security incident.
13. Non-Compliance with Standards: Not adhering to industry standards, regulatory compliance, or
best practices, which can result in security or legal issues.
14. Miscommunication: Failing to communicate security or forensics findings effectively to
stakeholders, which can lead to misunderstandings and errors.
15. Data Destruction Mistakes: Mishandling the disposal of digital evidence or data, potentially
compromising the integrity of evidence.
16. Neglecting Legal Boundaries: Overstepping legal boundaries in digital investigations, which can
lead to legal challenges and issues with admissibility.
17. Failure to Preserve Evidence: Not properly preserving and protecting digital evidence, making it
vulnerable to tampering or loss.
18. Overpromising and Under delivering: Making unrealistic claims about security services or
forensic capabilities, leading to disappointment and potential legal action.
19. Unlawful Hacking: Engaging in unauthorized hacking or cybercriminal activities as part of a
security assessment or forensic investigation, which is illegal and unethical.
20. Lack of Continuing Education: Failing to stay current with evolving cybersecurity and forensics
Question: What are future life commitment as a professional in cyber security now that i
know my purpose or existence

As a professional in cybersecurity, our future life commitments typically revolve around ensuring the
security and integrity of digital systems, networks, and data. Here are some common commitments and
responsibilities for professionals in the field:
1. Continuous Learning: Cybersecurity is a rapidly evolving field, and staying updated on the latest
threats, vulnerabilities, and security technologies is essential. Commit to continuous learning
through certifications, training, and staying informed about industry developments.
2. Protecting Data and Systems: Your primary commitment is to protect sensitive data and critical
systems from unauthorized access, data breaches, and cyberattacks. This includes implementing
security measures, access controls, and encryption.
3. Compliance and Legal Responsibilities: Adhere to relevant laws and regulations related to data
protection and privacy, such as GDPR, HIPAA, or industry-specific standards. Ensure that your
organization is compliant with legal requirements.
4. Ethical Conduct: Maintain high ethical standards in your work. Be committed to conducting
security assessments and investigations with integrity, honesty, and transparency.
5. Vulnerability Management: Regularly identify, assess, and remediate vulnerabilities in your
organization's systems and applications. This includes patch management and risk assessments.
6. Incident Response: Develop and maintain an effective incident response plan to mitigate and
recover from security incidents. Commit to rapid and thorough incident investigation and
reporting.
7. Security Awareness Training: Educate employees and stakeholders about security best practices
and the importance of cybersecurity. Create a culture of security awareness within your
organization.
8. Collaboration: Collaborate with other professionals, both within and outside your organization.
Share threat intelligence, best practices, and contribute to the broader cybersecurity
community.
9. Risk Management: Understand the organization's risk tolerance and work to align security
strategies with business objectives. Balance security measures with the need for business
efficiency.
10. Secure Development: Promote secure coding and development practices to prevent
vulnerabilities in software and applications from the outset.
11. Resource Allocation: Ensure that appropriate resources, including budget and personnel, are
allocated to cybersecurity efforts to meet the organization's security needs.
12. Disaster Recovery and Business Continuity: Contribute to the development of disaster recovery
and business continuity plans to minimize downtime and data loss in the event of a breach or
disaster.
13. Education and Mentorship: Share your knowledge and experience with others in the field,
mentor junior professionals, and help build the next generation of cybersecurity experts.
14. Public Awareness: Participate in or support public awareness campaigns about cybersecurity to
help individuals and businesses protect themselves online.
15. Professional Development: Focus on advancing your own professional development by
pursuing certifications, attending conferences, and networking with peers.
Our commitment as a cybersecurity professional is vital to the protection of digital assets, privacy, and
the overall security of organizations and individuals. The evolving nature of cyber threats necessitates a
lifelong commitment to learning and adapting to new challenges in the field