Rolling Meadows, IL, USA (24 March 2015)—In response to the growing number and impact of cyberattacks, global IT association ISACA has issued a new free guide that outlines a digital forensics process and key steps to consider.
In “Overview of Digital Forensics,” ISACA recommends seven considerations for inclusion in information systems life cycle to effectively handle incidents in the event they were to suffer a cyberattack:
- Perform regular system backups and maintain previous backups for a specific period of time.
- Enable auditing on workstations, servers and network devices.
- Forward audit records to secure centralized log servers.
- Configure mission-critical applications to perform auditing and include the recording of all authentication attempts.
- Maintain a database of file hashes for the files of common operating system and application deployments, and use file integrity checking software on particularly important assets.
- Maintain records (e.g., baselines) of network and systems configurations.
- Establish data retention policies that support historical reviews of system and network activity, comply with requests or requirements to preserve data that are related to ongoing litigation and investigations, and destroy data that are no longer needed.
“The number and severity of cyberattacks are escalating rapidly,” said Robert E Stroud, CGEIT, CRISC, international president of ISACA and vice president of strategy and innovation at CA Technologies. “Organizations need to take quick and thorough action when cyberattacks occur—and they can do that by addressing these digital forensics considerations.”
The guide is a part of ISACA’s Cybersecurity Nexus (CSX), a central resource where security professionals and their enterprises can find cybersecurity research, guidance, training and education.
“Overview of Digital Forensics” is available as a free download atwww.isaca.org/digitalforensics. For more information on CSX, visit www.isaca.org/cyber.
A global association of 140,000 professionals in 180 countries, ISACA (www.isaca.org) helps business and IT leaders build trust in, and value from, information and information systems. Established in 1969, ISACA is the trusted source of knowledge, standards, networking, and career development for information systems audit, assurance, security, risk, privacy and governance professionals. ISACA offers Cybersecurity Nexus (CSX), a comprehensive set of resources for cybersecurity professionals, and COBIT, a business framework that helps enterprises govern and manage their information and technology. ISACA also advances and validates business-critical skills and knowledge through the globally respected Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in the Governance of Enterprise IT (CGEIT) and Certified in Risk and Information Systems Control (CRISC) credentials. The association has more than 200 chapters worldwide.
Follow ISACA on Twitter: https://twitter.com/ISACANews
Join ISACA on LinkedIn: ISACA (Official), http://linkd.in/ISACAOfficial
Like ISACA on Facebook: www.facebook.com/ISACAHQ
Kristen Kessinger, +1.847.660.5512, [email protected]
Joanne Duffer, +1.847.660.5564, [email protected]
Rachel Acevedo, +1.847.660.5617, [email protected]