The access to this course is restricted to eForensics Premium or IT Pack Premium Subscription
Forensic Readiness – An Important Management Practice
The rising number of cyber security incidents affecting businesses and even nation states calls for increased and improved measures to prepare for and tackle such issues. There are also incidents that come up that are legal in nature – like litigation. Other than having processes and procedures in place to protect against any such incidents, it is imperative to be adequately prepared in the event of an incident (whether security or legal) to enhance proper response, investigations, compliance and improving on existing security.
Incident response policies are implemented to ensure proper and adequate response to any incidents that may arise in the course of business operations and include business continuity and disaster recovery practices, how to prepare for and respond to litigation, and the like. One very helpful measure that helps to adequately respond to any incident is forensic readiness. Forensic readiness aids organizations to effectively and efficiently respond to incidents.
Course duration: 4 hours (4 CPE points)
Pre-recorded, Self-paced
What will you learn?
- Forensic readiness: meaning, goals, benefits, basic ingredients
- Knowledge of forensic readiness
- Forensic readiness policy
- Improved incident response capability
- Improved information systems management and security
What will you need?
Personal Computing device (PC, tablet, smartphone, etc) and Internet connectivity.
What should you know before you join?
At least a basic understanding of:
- Information systems management
- Cyber security
- Digital forensics
Note: since this class was published in 2018, some technologies has advanced and tools had new versions released. These materials have not been updated, however the concepts and techniques presented remain relevant given the fundamental nature of topics discussed.
Your instructor: Dauda Sule
Dauda Sule is a CISA with an M.Sc. in Computer security who has written several articles in various journals and blogs including ISACA journal and eForensics Magazine in cyber security related topics like digital forensics, eDiscovery and social engineering. He has also published by IGI Global a chapter on eDiscovery and Forensic Readiness in the Handbook of Research on Digital Crime, Cyberspace Security, and Information Assurance; with a video on the chapter also published by IGI. eForensics Magazine has a workshop “Introduction to eDiscovery” created by Dauda
Course syllabus
Module 1
Introduction – this module introduces the concept of forensic readiness and the wisdom behind it.
The module provides a background of information systems management which is built upon to provide an understanding of forensic readiness and what it is about. Forensic readiness is an important aspect of information governance and management.
Covered topics:
- Information governance and management – will provide background of information governance
- What is Forensic Readiness? – will provide description of what forensic readiness means.
- When does forensic readiness become required – some scenarios where forensic readiness may be required.
- Goals – illustrates what forensic readiness is meant to achieve.
- Illustration – examples that help are practical to assist improved understanding of topics covered in the module.
Module exercises:
- Quiz – the quizzes are in the form of multiple choice questions that help test the knowledge that has been acquired from the topics covered in the module. The pass mark is 80%.
- Module activity – this helps test skill acquired by carrying out practical activities that simulate real life experiences.
Module 2
Importance – this module highlights the importance and benefits of forensic readiness.
The module brings to light the importance of forensic readiness and the attendant benefits. How can forensic readiness help to improve business management processes in terms of information governance, reduce costs, improve security, and so on?
Covered topics:
- Evidence being readily available for any potential need for it – how forensic readiness helps ensure ESI is available in a timely manner in the event of any incident requiring evidence.
- Preventative, detective and deterrence measures – how forensic readiness provides improved security in terms of prevention, detection and deterrence.
- Cost efficiency – how costs can be minimized with forensic readiness.
- Good corporate governance and competence – how forensic readiness ensures compliance with organizational policies and regulatory requirements, and improved information management.
- Illustration – examples that help are practical to assist improved understanding of topics covered in the module.
Module exercises:
- Quiz - the quizzes are in the form of multiple choice questions that help test the knowledge that has been acquired from the topics covered in the module. The pass mark is 80%.
- Module activity – this helps test skill acquired by carrying out practical activities that simulate real life experiences.
Module 3
Implementation Checklist – the ingredients that are required for successful forensic readiness.
The module covers processes that need to be established for an effective forensic readiness implementation. These are things that are done to ensure the forensic readiness yield optimal results and benefits as incidents would dictate.
Covered topics:
- Define scenarios where forensic readiness would be required – establish which points in the business and information systems would require regular monitoring and where incidents could have severe impact.
- Identify potential evidence sources – specifying and locating where evidence could be extracted from in the event of an incident.
- Establish digital forensics process – how evidence is to be collected and analyzed.
- Establish proper chain of custody policy – how the digital forensic process is documented.
- Establish proper monitoring – methods of effective and efficient monitoring.
- Establish incident escalation process – when would full investigations be required?
- Training and awareness – capacity development to ensure proper implementation and compliance.
- Documentation of cases – recording what was revealed and discovered as a result of investigations.
- Legal review – letting the legal department review findings of investigations to ensure appropriate action is taken in response.
- Illustration – examples that help are practical to assist improved understanding of topics covered in the module.
Module exercises:
- Quiz - the quizzes are in the form of multiple choice questions that help test the knowledge that has been acquired from the topics covered in the module. The pass mark is 80%.
- Module activity – this helps test skill acquired by carrying out practical activities that simulate real life experiences.
Module 4
Challenges and trends – issues that pose a challenge to the implementation of forensic readiness policies and developments that may improve upon it.
A look at some of the challenges that could arise in or hinder the implementation of forensic readiness policies which can be a drawback, and how these challenges can be overcome. The module will also look at some trends like new technology and how they can help in improving the quality of forensic readiness strategies.
Covered topics:
- Challenges – problems that may arise in the implantation of forensic readiness and how they may be addressed.
- Trends – developments and new technology that could facilitate improved forensic readiness.
- Module summary and conclusion
Module exercises:
- Quiz - the quizzes are in the form of multiple choice questions that help test the knowledge that has been acquired from the topics covered in the module. The pass mark is 80%.
- Module activity – this helps test skill acquired by carrying out practical activities that simulate real life experiences.
Final exam:
Activity that inculcates the major points of all four modules.
Course format:
- The course is self-paced – you can visit the training whenever you want and your content will be there.
- Once you’re in, you keep access forever, even when you finish the course.
- There are no deadlines, except for the ones you set for yourself.
- We designed the course so that a diligent student will need about 4 hours of work to complete the training.
- The course contains video and text materials, accompanied by practical labs and exercises.
Contact:
If you have any questions, please contact us at [email protected].
Lorusso Forensics LLC (verified owner) –
It was a good general overview of forensic readiness, easy to follow and good customer service.