Forensically investigating a security breach while balancing the need Research Paper - 1

Forensically investigating a security breach while balancing the need for business continuity and rapid return to normalcy within the organization - Research Paper Example Stuxnet attack exposes non-availability of mechanisms and procedures for evaluating security incidents in industrial settings (Dacer, Kargl, KÃ ¶nig & Valdes, 2014, p.62). Computer technologists are now focussing on structuring security mechanisms that assist to investigate hackers’ profiles while they are in headway, and forensic tools that assist to evaluate computer intrusion after they have transpired. By employing botnet detection tool, one can know about the information about the hacker. For instance, botsniffer and BotMiner tools are used to know about intrusion when they are in active stage (Filippoupolitis, Loukas & Kapetanakis 2014). The science which is used to recognise, evaluate, uphold, document and elucidating information and evidence from electronic and digital tools and it is intended to safeguard the privacy of the computer users from being attacked or exploited is known as computer forensics. Forensic experts have an onus to their client to show attention about the information and data to be identified that can become probable corroboration , particularly , it can acts as digital proof in investigation and can help to initiate legal action against attackers. Speed of the attack is directly associated with high level IT skill of the attacker. Further, a highly skilled attacker may leave no tracks or commit misstates as contrasted to not experienced attacker. Further, the tracks or traces left by the attacker will offer clue about the attacker. A well-experienced attacker will remove log files whereas a less experienced attacker may not delete log files (Filippoupolitis, Loukas & Kapetanakis 2014). By engaging a well-experienced external forensic investigator, a company can know the nature of the data exposure. External consultants like Ernst & Young (E&Y) can use their expertise to recover the deleted logs and files, is well-versed in the novel procedures employed by hackers, and is well-experienced in