'Digital evidence must be collected through standardized processes to reduce the risk of it being tampered with and to preserve its value,' said Ronald Pong, Security Manager at Nexusguard Consulting.
(PRWEB) December 24, 2013
Nexusguard was invited by the High Technology Crime Investigation Association to the 7th Annual HTCIA Asia Pacific Training Conference to hold training sessions. Attendees included law enforcement agencies, financial institution auditors, information security consultants and more. More than 30 organizations attended the event. In addition to discussing how digital forensics should comply with local regulations and international standards, Nexusguard experts also took the stage to analyse actual security breaches and explain how investigation was conducted.
“Digital forensics is based on two key principles: 1) law enforcement must adhere to local adaptations of the UNCITRAL Model Law on Electronic Commerce (MLEC); and 2) law enforcement should comply with ISO/IEC 27037:2012 guidelines,” said Ronald Pong, Security Manager at Nexusguard Consulting. “Digital evidence must be collected through standardized processes to reduce the risk of it being tampered with and to preserve its value. It is not only important that the evidence holds up in the courtroom, it must also be preserved in a way that allows all the evidence to be fully investigated under time and budget constraints,” Pong continued.
“Most organizations believe that they are adequately protected, especially when their security is vetted by internal IT teams or external consultants. The reality, however, is that today’s attacks are difficult to detect and organizations don’t find out about the attacks until afterwards--but the organizations themselves may not even know why they were attacked or how they were affected,” said Tony Miu, Researcher, Nexusguard. “This is how analysis of cyber crimes normally begin.”
Cyber crime investigators must collect data from all devices, evaluate all explicit and implicit evidence, uncover key evidence, and put all the pieces together to reconstruct the crime and determine how the victim was affected. Only then can an effective defense strategy be drawn.
The purpose of the training sessions was to enhance digital forensic prowess for law enforcement agencies in the Asia-Pacific region, who are increasingly faced with high-tech crimes. The sessions covered multiple areas, including: data collection, information gathering and evidence collection. Nexusguard security experts Mandy Tupaz, Nash Tseung and Joe Lee explained how to accurately accurately collect, define and analyse data and discover information.
In addition, Miu analyzed real-world cases to assess the limitations of different network security equipment and propose effective security solutions. He said that the essence of the training sessions was to apply digital forensic techniques to analyse logs and gradually uncover key evidence.
For more information, please visit http://www.nexusguard.com.
About Nexusguard Consulting
Nexusguard Consulting is an Asian based Information Security Specialist Company, delivering services that secure critical data, protect identities and help customers demonstrate ongoing compliance. Nexusguard Consulting is 100 percent product and vendor neutral. Our Team expertise ranging from 15 years experience with a deep industry intelligence to offer individual pragmatic solutions to our customer to align information security risk to organizational risk.
Our Services included:
· Information Security Assessment Services
· Regulatory and Compliance Consulting Services
· Computer Forensics Litigation Support Services
· The Payment Card Industry Data Security Standard Audits
Nexusguard Consulting is a sister company of Nexusguard Limited a separate in legal entity who focused on an Industry-leading Internet Security Service Providers providing DDOS Mitigation Services. Head Quarter in Hong Kong with several branches across Asia Pacific.
For more information, please visit http://www.nexusguard.com/security_consulting_services.htm.
Benjamin Yip - Marketing Manager
Ivy Wu - Marketing & PR Executive