National Webcast Initiative
~ Digital Forensics for Organizations ~
February 15, 2007
The National Webcast Initiative series was held on February 15th with a featured presentation on Digital Forensics for Organizations. Over 800 individuals representing 5 countries registered for this spectacular event. Opening remarks were provided by Mr. William Pelgrin, Chair of the MS-ISAC, followed by the webcast presenters, Mr. Salvatore Paladino , CISSP, Electronic Crime Specialist from Dolphin Technology, Inc. and Ms. Deborah Snyder , CISSP, GSLC, PMP
Information Security Officer New York State Office of Temporary and Disability Assistance.
This webcast presentation provided a broad look at some of the major issues and challenges we face in relation to cyber security incidents and how to handle and preserve the evidence on your computers or network. This webcast focused on the non-law enforcement aspects of digital forensics, and included information on the following:
- Recognizing methods of attack
- Understanding how vulnerabilities are exploited; covert channels
- How can one recognize if a cyber security incident has taken place?
- Implementing sound procedures for incident response
- In the event of a suspected cyber security incident, how best can the “evidence" be preserved?
- What information must be gathered - how to conduct an event reconstruction to determine what happened during the cyber security incident?
- What other steps must be taken to properly address the situation?
Webcast Related Material
[These resources are provided because they have information that may be useful and are provided as a general reference only. We do not warrant the accuracy of any information contained in the resources and neither endorse nor promote the advertising of any resources. The information provided is by no means an exhaustive list, however, it can be utilized as a foundation from which you can build your knowledge and further pursue these topics on your own.]
Webcast Presentation
- 2/15/07 - National Webcast Initiative PowerPoint Presentation - View
- Archived Recording
Publications & Initiatives
National Institute of Standards & Technology (NIST)
- NIST SP 800-86 - Guide to Integrating Forensics Techniques into Incident Respons http://csrc.ncsl.nist.gov/publications/nistpubs/
- NIST SP-800-61 - Computer Security Incident Handling Guide
http://csrc.ncsl.nist.gov/publications/nistpubs/ - NIST Computer Forensics Tool Testing (CFTT) - http://www.cftt.nist.gov
Practitioner / Research Journals
- Elsevier’s Digital Investigation Journal, The International Journal of Digital Forensics & Incident Response
- International Journal of Digital Evidence (IJDE)
- Advances in Digital Forensics
ISBN: 0-387-30012-0 - Information Hiding 2005
ISBN: 3-540-29039-7 - Hiding in Plain Sight
ISBN: 0-471-44449-9
CSI/FBI Computer Crime and Security Survey – hyperlink to: http://www.gocsi.com/forms/fbi/csi_fbi_survey.jhtml;jsessionid=51J4B3PE3R1RKQSNDLOSKH0CJUNN2JVN
CyberScience Laboratory Website – hyperlink to http://www.cybersciencelab.com
NIJ: Forensic Examination - http://www.ncjrs.gov/pdffiles1/nij/199408.pdf
Covert Channels Report - http://staff.science.uva.nl/~delaat/snb-2005-2006/p27/report.pdf
The Department of Homeland Security’s National Cyber Security Division and the Multi-State Information Sharing and Analysis Center have partnered to establish the National Webcast Initiative to develop a series of national webcasts which will examine critical and timely cyber security issues. Embracing the concept that security is everyone’s responsibility, these webcasts will be available to a broad audience to help raise awareness and knowledge levels. A number of vendors have offered their services at no cost to government, to help develop and deliver the webcasts.
The National Webcast Initiative is also coordinated by the New York State Office of Cyber Security and Critical Infrastructure Coordination and the New York State Forum .
If you have any questions, please contact 518/473-2227 or email to isac@cscic.state.ny.us .