Sunday, November 18, 2007

Forensic Analysis of a Suspect Employee's Computer Has Proven to Be a “Quick Kill” on Many Investigations


"IT vulnerability is the corporate jugular vein."

"Many organisations are hopelessly unprepared to tackle internal IT crimes such as fraud and information theft."

"Information theft is predominantly an insider risk, with vastly more confidential information removed from the workplace by employees than by hackers."

"No hacker, virus writer or other cyber deviant have ever come close to causing the collapse of any major institution. By contrast ther disasters which befell Bairings, Daiwa, BCCI, Worldcom, Enron, Tyco, Xerox, Orange County and Allied Irish Bank were all the result of internal fraud, corruption or unsupervised speculation, committed by trusted employees."

"Profound and irreversible mistakes have been made by organisations investigating IT-based fraud because initial actions taken at the scene were fundamentally wrong and ill-advised."

"Business is increasingly litigious. Electronic disclosure, where computer evidence is routinely introduced in litigation, is gaining a foothold in many national jurisdictions."

"Forensic analysis of a suspect’s computer has proven to be a “quick kill” on many investigations."

These are all extracts from Ed Wilding’s ground-breaking book: Information Risk and Security. Ed will be conducting a 2-day IT Security and Incident Response Course, 24-25 January 2008.

The course is intended for those whose role may in some way involve the detection and investigation of internal crimes committed against or using company IT resources. No prior IT knowledge is required and the course is ideally suited to Security Managers and investigators. Contact Janet for details.