Presentation is loading. Please wait.

Presentation is loading. Please wait.

Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2011 Legal, Regulations, Compliance and Investigations.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2011 Legal, Regulations, Compliance and Investigations."— Presentation transcript:

1 Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2011 Legal, Regulations, Compliance and Investigations

2 Domain Objectives International Legal Issues Incident Management Forensic Investigation Compliance

3 Jurisdiction Law, economics, beliefs and politics Sovereignty of nations

4 International Cooperation Initiatives related to international cooperation in dealing with computer crime The Council of Europe (CoE) Cybercrime Convention

5 Computer Crime vs. Traditional Crime Traditional Crime Violent Property Public Order Computer Crime Real Property Virtual Property

6 Intellectual Property Protection Organizations must protect intellectual property (IP) – Theft – Loss – Corporate espionage – Improper duplication Intellectual property must have value – Organization must demonstrate actions to protect IP

7 Intellectual Property: Patent Definition Advantages

8 Intellectual Property: Trademark Purpose of a trademark Characteristics of a trademark – Word – Name – Symbol – Color – Sound – Product shape

9 Intellectual Property: Copyright Covers the expression of ideas – Writings – Recordings – Computer programs Weaker than patent protection

10 Intellectual Property: Trade Secrets Must be confidential Protection of trade secret

11 Import and Export Law Strong encryption No terrorist states

12 Liability Legal responsibility Penalties Negligence and liability

13 Negligence Acting without care Due care

14 Transborder Data Flow Political boundaries – Privacy – Investigations – Jurisdiction

15 Personally Identifiable Information (PII) Identify or locate Not anonymous Global effort

16 Privacy Laws and Regulations Rights and obligations of: – Individuals – Organizations

17 International Privacy Organization for Economic Co-operation and Development (OECD) 8 core principles

18 Privacy Law Examples Health Insurance Portability and Accountability Act (HIPAA) Personal Information Protection and Electronics Document Act (PIPEDA) European Union Data Protection Directive

19 Employee Privacy Employee monitoring – Authorized usage policies – Internet usage – Email – Telephone Training

20 Domain Objectives International Legal Issues Incident Management Forensic Investigation Compliance

21 Incident Management Prepare, sustain, improve Protect infrastructure Prepare, detect respond

22 Collection of Digital Evidence Volatile and fragile Short life span Collect quickly By order of volatility Document, document, document!

23 Chain of Custody for Evidence Who What When Where How

24 Investigation Process Identify suspects Identify witnesses Identify system Identify team Search warrants

25 Investigation Techniques Ownership and possession analysis Means, opportunity and motives (MOM)

26 Behavior of Computer Criminals Computer criminals have specific MO’s – Hacking software / tools – Types of systems or networks attacked, etc. – Signature behaviors MO and signature behaviors Profiling

27 Interviewing vs. Interrogation General gathering Cooperation Seek truth Specific aim Hostile Dangerous

28 Evidence: Hearsay Hearsay – Second hand evidence – Normally not admissible Business records exception – Computer generated information – Process of creation description

29 Reporting and Documentation Law Court proceedings Policy Regulations

30 Communication About the Incident Public disclosure Authorized personnel only

31 Domain Objectives International Legal Issues Incident Management Forensic Investigation Compliance

32 Computer Forensics: Evidence Potential evidence Evidence and legal system

33 Computer Forensics Key components – Crime scenes – Digital evidence – Guidelines

34 Computer Forensics: Evidence Identification of evidence Collection of evidence – Use appropriate collection techniques – Reduce contamination – Protect scene – Maintain the chain of custody and authentication

35 Computer Forensics: Evidence Scientific methods for analysis – Characteristics of the evidence – Comparison of evidence Presentation of findings – Interpretation and analysis – Format appropriate for the intended audience

36 Forensic Evidence Procedure Receive media Disk write blocker Bit for bit image Cryptographic checksum Store the source drive

37 Forensic Evidence Analysis Procedure Recent activity Keyword search Slack space Documented

38 Media Analysis Recognizing operating system artifacts File system Timeline analysis Searching data

39 Software Analysis What it does What files it creates

40 Network Analysis Data on the wire Ports Traffic hiding

41 Domain Objectives International Legal Issues Incident Management Forensic Investigation Compliance

42 Knowing legislation Following legislation

43 Regulatory Environment Examples Sarbanes-Oxley (SOX)) Gramm-Leach-Bliley Act (GLBA) Basel II

44 Compliance Audit Audit = a formal written examination of controls Auditor role = 3 rd party evaluator Continuous auditing = automation

45 Audit Report Format Introduction – Background – Audit perspective – Scope and objectives Executive summary Internal audit opinion Detail report including auditee responses Appendix Exhibits

46 Key Performance Indicators (KPI) Illegal software Privacy Security related incidents

47 Domain Summary This domain reviewed the areas a CISSP candidate should know regarding : – International legal issues – Incident management – Forensic investigation – Compliance

Download ppt "Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2011 Legal, Regulations, Compliance and Investigations."

Similar presentations

Practical Application of Computer Forensics Lisa Outlaw, CISA, CISSP, ITIL Certified.

Practical Application of Computer Forensics Lisa Outlaw, CISA, CISSP, ITIL Certified.
Health Insurance Portability and Accountability Act (HIPAA)HIPAA.

Health Insurance Portability and Accountability Act (HIPAA)HIPAA.
HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.

HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.
Confidentiality and Privacy Controls

Confidentiality and Privacy Controls
Evidence Collection & Admissibility Computer Forensics BACS 371.

Evidence Collection & Admissibility Computer Forensics BACS 371.
Eneken Tikk // EST. Importance of Legal Framework  Law takes the principle of territoriality as point of departure;  Cyber security tools and targets.

Eneken Tikk // EST. Importance of Legal Framework  Law takes the principle of territoriality as point of departure;  Cyber security tools and targets.
We’ve got what it takes to take what you got! NETWORK FORENSICS.

We’ve got what it takes to take what you got! NETWORK FORENSICS.
Guide to Computer Forensics and Investigations, Second Edition

Guide to Computer Forensics and Investigations, Second Edition
EXAMINING CYBER/COMPUTER LAW BUSINESS LAW. EXPLAIN CYBER LAW AND THE VARIOUS TYPES OF CYBER CRIMES.

EXAMINING CYBER/COMPUTER LAW BUSINESS LAW. EXPLAIN CYBER LAW AND THE VARIOUS TYPES OF CYBER CRIMES.
Security Controls – What Works

Security Controls – What Works
Forensic and Investigative Accounting

Forensic and Investigative Accounting
Lecture 10 Security and Control.

Lecture 10 Security and Control.
Evidence Computer Forensics. Law Enforcement vs. Citizens  Search must have probable cause –4 th amendment search warrant  Private citizen not subject.

Evidence Computer Forensics. Law Enforcement vs. Citizens  Search must have probable cause –4 th amendment search warrant  Private citizen not subject.
Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.

Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.
Security+ All-In-One Edition Chapter 20 – Forensics Brian E. Brzezicki.

Security+ All-In-One Edition Chapter 20 – Forensics Brian E. Brzezicki.
Internal Auditing and Outsourcing

Internal Auditing and Outsourcing
Chapter Two Ethical & Legal Issues.

Chapter Two Ethical & Legal Issues.
October 2013. The Insider Financial Crime and Identity Theft Hacktivists Piracy Cyber Espionage and Sabotage.

October The Insider Financial Crime and Identity Theft Hacktivists Piracy Cyber Espionage and Sabotage.
Proving Your Case - Computer Security Terrence P. Maher Abrahams Kaslow & Cassman

Proving Your Case - Computer Security Terrence P. Maher Abrahams Kaslow & Cassman
Privacy Law for Network Administrators Steven Penney Faculty of Law University of New Brunswick.

Privacy Law for Network Administrators Steven Penney Faculty of Law University of New Brunswick.

Similar presentations

Ads by Google