Forensic plan key to hacker prosecution: detective
Detective acting sergeant Roger Clay told conference delegates that forensics should not be ignored -- improperly collected evidence won't hold up in court.
"If an intrusion occurs, at some point a company has to decide whether to report it to police ... they can ignore it or deal with it internally, proceed civilly, or criminally," he told ZDNet Australia after his presentation. "The evidence they gathered must be ... credible."
"Without planning what to do, companies are leaving themselves open," he said.
While it's important to focus on security and preventative measures, Clay says its not always possible to keep attackers out. "A lot of companies spend a lot of money on keeping attackers out ... the reality is not all attackers stay out."
[ Read more ]
- Review: Computer Forensics: Incident Response Essentials (18 August 2002)
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.