@ISACA Volume 19: 12 September 2012 

@ISACA Relevant, Timely News

Nominations Are Open!

Nominations for the ISACA Board of Directors for the 2013-2014 term are now open. Information about serving on the board, the attributes for office (both international president and vice president) and the nomination form itself are available on the Board Nominations page of the ISACA web site.

Members may submit nominations for themselves or for others (or both). All nominations will be acknowledged and all candidates will be required to complete a candidate profile form that serves to confirm the candidate’s willingness to serve if selected and provides the Nominating Committee information from which to evaluate the candidate. Self-nominating candidates will be asked to submit a letter of recommendation from an ISACA member, outlining how the candidate demonstrates the attributes for office. Information on candidates will be gathered in other ways as well, including review of public web sites (e.g., Google, Facebook, LinkedIn) and interviews with the candidates.

Nominations for international president close on 18 October 2012; nominations for vice president close on 7 January 2013. These are the dates by which all materials must be received at ISACA International Headquarters (i.e., completed candidate profile form and letter of recommendation, if required), so do not wait until the deadline dates to submit the nomination form. Questions may be directed to nominate@isaca.org.


Four Areas of Handling Incident Response Evidence

Attacks on information systems and networks have become more numerous, sophisticated and severe over the past few years. While preventing such attacks would be the ideal course of action for any enterprise or entity, in reality not all information systems security incidents can be prevented. When an incident takes place, incident response (IR) team members are often held responsible for how, when and where all incident evidence is gathered, collected, analyzed and evaluated. The four primary areas for the proper handling of evidence in any IR procedure are:

  1. Collection, which has to do with recognizing, collecting and documenting the items of evidence. Always ensure the collection includes all of the available data and resources, such as the whole disk drive, not just the used portions. In addition, always document the place, time and circumstances of each data item collected for evidence.
  2. Hardware evidence examination, which has to do with origins, significance and visibility of evidence; it often can reveal hidden or obscured information and documentation about the evidence. Dimensions, styles, sizes, and manufacturer of hard drives, other devices, or network items are all important evidence items.
  3. Software and network evidence analysis, which is where the logs/records/software evidence is actually examined for the incident providing the significance criteria for inclusion and the probative value of the evidence. Always conduct this software and network analysis and interpretation separate from the hardware evidence examination.
  4. Evidence reporting, which must be the written documentation with the processes and procedures outlined and explained in detail in the reports. Pertinent facts and data recovered are essential in the reports. Furthermore, keep in mind that documentation and reports will always be reviewed, critiqued and perhaps cross-examined.

Leighton R. Johnson III, CAP, CISA, CISM, CSSLP, CISSP, CRISC, CTO—ISFMT, is a senior security consultant for the Information Security & Forensics Management Team of Bath, South Carolina, USA.


Make Member Connections in the Knowledge Center

Did you know that you can connect with ISACA members in the Knowledge Center? Make the most of networking opportunities available with your ISACA membership by connecting with other ISACA members in the Knowledge Center. Anyone can connect with you from other sites; coworkers, acquaintances, even people you do not yet know. In the Knowledge Center there are two overarching commonalities—ISACA membership and the interest in the professions that ISACA serves. You can start by connecting with ISACA members you do know from conferences or chapter events. Later you can accept new acquaintances to expand your professional network. The more you participate and join topics, the more you will familiarize yourself with others in the community. Once you are connected, you will be able to send private messages without having to share your contact information.

Connect through the Knowledge Center by viewing all topic members:

  • Click on the “Add Colleague” button.
  • Your colleague will receive an email notification to approve your connection.
  • Once a connection is approved, you will be able to send private messages to each other by using the “Contact” button.

To view your member connections:

  • The orange person icon indicates the number of connections you have.
  • Depending on privacy settings, you can click on the number (on the right side of the orange icon) to view members’ connections.

Figure 1

Take a look at how you can manage your connections. All connections can be found in the myConnections & Groups tab on the My ISACA tab of the ISACA website. Navigate to it today and stay connected.

Figure 2


Techniques to Protect Yourself on Social Networks

Privacy protection on the Internet in general and on social networks in particular has become a necessity. ISACA Journal author Guy-Hermann Ngambeket Ndiandukue, CISA, CISM, CGEIT, ITIL V3(F), PMP, provides a few techniques for security and privacy of information while using any of the online social networks.

Vigilance continues to spearhead the security and, thus, the privacy of the information. It can be broken down into a few techniques that are simple but could make all the difference:

  • Choice of “friends” and contacts—Users should be extremely careful in their choice of friends on these networks. It is common practice to accept contact from friends of friends who are frequently complete strangers. This can lead to one’s private life being exposed to potentially harmful individuals.
  • Restricting private content to close friends and family only—Social networking sites are increasingly allowing their users to configure restrictions on access to their information. It is, therefore, important to use these restrictions and to ensure that they are properly configured, given that our information is public by default.
  • Careful choice of information to be broadcast—The key to the protection of privacy is, in fact, what information one broadcasts. Name, surname, date of birth, place of birth, photos, videos, comments and opinions should be carefully screened prior to being posted. Keep in mind that information posted on a network may one day be used against its author.
  • Awareness—Every sector of the population should be made aware of the need to protect themselves against the risk that the use of social networks may entail. In the business world, this awareness must form part of the IT security program.

Finally, social networks are a great way to express oneself and share with others. They help users lift the barriers of space and time and communicate with the world. However, there is another side associated with the proven dangers of user privacy violation.

These dangers are even more of a threat now thanks to the increasingly widespread trend of registering on several sites using a single user account. In response to this situation, each Internet user must remain vigilant and governments must put more pressure on the operators of these sites to safeguard the security of Internet users.

Read Guy-Hermann Ngambeket Ndiandukue’s full article, “Social Networks and Privacy—Threats and Protection,” in the current issue of the ISACA Journal, in which you will also find additional coverage of timely and relevant issues affecting the ISACA professional communities.


New ISACA Publication Available

ISACA has issued the following new publication, which is available on the ISACA web site:

  • Security Considerations for Cloud Computing, part of the Cloud Computing Vision series, presents practical guidance to all current and potential cloud users who need to ensure protection of information assets when moving to the cloud. This publication helps enable effective analysis and measurement of risk through use of decision trees and checklists outlining the security factors to be considered when evaluating the cloud as a potential solution. It is available for members as a complimentary PDF with tool kit in the ISACA Bookstore.

Information on current research projects is posted on the Current Projects page of the ISACA web site.


Read More Articles in Our Archives