Fall World 2016

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 29, Issue 3

Full Contents Now Available!

IT Strike Force: Establishing a Cyber Forensic Response Strategy

Written by  ALBERT J. MARCELLA Jr., Ph.D., CISA, CISM Tuesday, 04 December 2012 23:21

“Mathias Thurman,” a real security manager whose name and employer has been disguised for obvious reasons, wrote in the May 21 edition of Computerworld [www.computerworld.com/s/article/9227254/Red_Alert_for_Child_Pornography] that an administrator, during a training session with an employee on how to manage the organization’s antivirus infrastructure while reviewing the reports of machines with infected files, spotted what appeared to be a very suspicious file with a “.mov” extension. This particular employee had an MOV file on his G drive with a name that indicated the video potentially involved child pornography. The file was found to be on a device of an employee located in Europe. Thurman posed the question whether an MOV file with a highly suggestive name is enough to kick off an investigation into what is on an employee’s PC. He went on to discuss the various legalities and issues that would surround such an investigation. This all-too-real scenario is out there, lurking, waiting