Forensics , Security Operations , Video

Hidden Dangers of Evidence Contamination Post-Cyberattack

CIOs and CISOs Must Integrate Digital Forensics With Incident Response Strategy
Gaurav Gupta, Scientist 'E' at the cyber law group of the Ministry of Electronics and Information Technology

In both cyberattack defense and post-attack investigation, humans are often considered the weakest link. Mishandling the scene of a digital crime by workers after detection is a leading cause of evidence contamination or invalidation in court. Mistakes can impede efforts to trace the cause and origins of the attack - key intelligence for determining an action plan, minimizing damage and strengthening future cyber defense.

See Also: Live Webinar | A Practical Approach to Threat Detection, Investigation, and Response

Gaurav Gupta, Scientist "E" at the cyber law group of the Ministry of Electronics and Information Technology for the government of India, asserted that CIOs and CISOs should make their organizations digital forensics-ready.

"Digital data is fragile, mutable and easily replicable," Gupta said. "Enterprises must have logging and data recovery tools in place to aid investigations and train their first responder employees on SOPs to avoid evidence contamination."

In this video interview with Information Security Media Group at ISMG's Dynamic CISO Excellence Awards and Conference, Gupta discusses:

  • Integrating digital forensics with the overall cyber incident response strategy;
  • Guidelines to avoid contamination of the digital crime scene;
  • Do's and don'ts for organizations to be digital forensics-ready.

With more than 20 years of experience, Gupta holds the distinction of being the first Indian to earn a doctorate in digital forensics. His research is focused on digital forensics to detect computer fraud and cybercrimes. He is also keen on developing scalable, efficient, portable and low-cost digital forensic solutions.


About the Author

Shipra Malhotra

Shipra Malhotra

Managing Editor, ISMG

Malhotra has more than two decades of experience in technology journalism and public relations. She writes about enterprise technology and security-related issues and has worked at Biztech2.com, Dataquest and The Indian Express.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.