Join us at the virtual roundtable carried out by GLACY+ Project in cooperation with APWG.EU
We are living in an era, where the volume and sophistication of cyberattacks have increased as a result of overflowing data and increased attack...
Enterprise Forensics Platform
1 min read
Amina Zilic
:
Oct 18, 2021 8:22:25 AM
The end goal of this step is to ensure that internal training & awareness programs take place within your organization since your employees may be involved in the process of handling security incidents.
Training will also ensure that your employees are ready to take on roles related to the handling and preservation of evidence. Learn how to create proactive training sessions for your staff so that all those involved understand their role in the digital evidence process and the legal sensitivities of evidence.
According to IJDE, the following groups will require more specialized awareness training:
The investigating team
Corporate HR department
Corporate PR department (to manage any public information about the incident)
Owners of business processes or data
Line management
Corporate security
System administrators
IT management
Legal advisers
Senior Management (potentially up to board level)
If an incident occurs, a multi-disciplinary team will be gathered from the above-listed groups. Therefore, it is more than beneficial to keep employees educated and aware on incident response management and digital evidence handling.
Due to the sensitivity of the event and tasks themselves, it is good to have an incident response plan with listed tasks and responsibilities for each employee. This will require extensive support and training to understand the decision points, to make the right decisions, and to avoid tainting evidence or prejudicing a case. Role-play training is ideally suited to this scenario.
Therefore, as a wide range of employees may be a part of the incident response handling it is essential to ensure appropriate training to prepare staff for the various roles they may play before, during, and after an incident. It is also necessary to ensure that staff is competent to perform any roles related to the handling and preservation of evidence.
In the next step, we will learn more about incident response documents and reporting.
Go to the blog to learn about the previous steps to forensic readiness.
We are living in an era, where the volume and sophistication of cyberattacks have increased as a result of overflowing data and increased attack...
Binalyze enables enterprises to respond to cyber breaches in real-time which dramatically speeds up investigations and remediation; this funding will...
Binalyze, the World’s leading provider of advanced Enterprise Forensics and Incident Response solutions, today announced it has partnered with...