Aon is proud to contribute the chapter, “Cyber Forensics: Effective Use of Incident Response Experts” to the the third edition of the GDR Insight Handbook.
Author(s): Alex Campbell, Spencer Lynch and Brandy Wityak, Stroz Friedberg, an Aon company
The role of cyber forensics and the need for incident response experts is often misunderstood and underutilised in the wake of a data breach incident, with serious consequences for the long-tail goal of resolution and recovery. Sometimes considered the ‘black box’ of incident response, cyber forensics ultimately is the application of investigation and analysis techniques to gather and preserve evidence from a particular computing device in a way that is suitable for presentation in a court of law.1
Best practice in incident response warrants a better understanding of cyber forensics and the critical need to leverage experts throughout the life-cycle of an incident, in particular during post-incident activity. Organisations are called on to re-hash, defend, and re-defend how they handled a particular incident, yet technical experts often exit the scene and are entirely absent after the incident has been contained, when much work remains to be done.
This chapter illustrates the role of technical experts in cyber incident response through presenting:
- A ransomware attack scenario in which the attacker applies multiple techniques to infiltrate not only an organisation, but also a third-party data controller, thereby achieving access to multiple other businesses.
- A response simulation following the National Institute of Standards and Technology (NIST) Incident Response Life Cycle for Incident Handling to examine the organisation’s response.
- Key questions an organisation needs to answer if, and when, it is called to defend its cyber security measures, its approach to response or its handling of an incident in conjunction with connected third parties.
About the GDR Insight Handbook 2022
Global Data Review is delighted to publish this third edition of the GDR Insight Handbook. The handbook delivers specialist intelligence and research to our readers – general counsel, government agencies and private practitioners – who must navigate the world’s increasingly complex framework of legislation that affects how businesses handle their data.