For organisations, wether big or small, the priority when an Information Security incident happens is to resume operations as quickly as possible and minimise disruption. What is very often overlooked is the management of digital evidence generated by an incident, whatever its nature. The sessions endeavoured to explain how to… Continue reading
The CEN-CENELEC workshop on Functional Safety & Cybersecurity last March 16 brought together industry actors and European standardization development organizations. The engagement generated was successful and will be an integral part of the future standardization roadmap for cybersecurity. I was invited to give a keynote speech on the perspective of… Continue reading
I was invited among the speakers at the 11th International Conference on System Safety and Cyber Security (SSCS) that was held in London, at Savoy Place last 12-13 October. SSCS, organised by The Institution of Engineering and Technology, is the largest conference for system safety specialists held in the UK. It was… Continue reading
Digital Forensics What is digital forensics? I’d like to report here one of the most useful definitions of digital forensics formulated. It was developed during the first Digital Forensics Research Workshop in 2001 and it is still very much relevant today: Digital Forensics is the use of scientifically derived and… Continue reading
Last October in Rome ISO/IEC SC 27 held its 45th Meeting. SC 27 is the ISO subcommittee responsible for information security standards. We saw a significant evolution in the work regarding digital evidence and digital investigation, first and foremost the formal publication of ISO/IEC 27037:2012 (identification, collection, acquisition and conservation of… Continue reading
Digital Forensics is not usually considered an important part of Information Assurance process and the management of Information Security, but it should, when we consider the big picture regarding Information Security and Cybersecurity. Nowadays all organizations, be them private corporations, public bodies, NGOs etc need to approach Information Security knowing… Continue reading
A new ISO/IEC standard (27037) is in its final development stages which will aim to supply guidelines for identification, acquisition, collection and preservation of digital evidence. It is part of the 27k series, dealing with Information technology security techniques. Its publication is expected inthe second half of 2012; it is… Continue reading
By continuing to use the site, you agree to the use of cookies. more information
The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.
