Incident Preparedness and Response: Developing a Security Policy
Warren Wylupski (University of New Mexico, USA), David R. Champion (Slippery Rock University, USA) and Zachary Grant (New Mexico Mounted Patrol, USA)
Copyright: © 2008
One of the emerging issues in the field of digital crime and digital forensics is corporate preparedness in dealing with attacks on computer network security. Security attacks and breaches of an organization’s computer network can result in the compromise of confidential data, loss of customer confidence, poor public relations, disruption of business, and severe financial loss. Furthermore, loss of organizational data can present a number of criminal threats, including extortion, blackmail, identity theft, technology theft, and even hazards to national security. This chapter first examines the preparedness and response of three southwestern companies to their own specific threats to corporate cyber-security. Secondly, this chapter suggests that by developing an effective security policy focusing on incident detection and response, a company can minimize the damage caused by these attacks, while simultaneously strengthening the existing system and forensic processes against future attacks. Advances in digital forensics and its supporting technology, including intrusion detection, intrusion prevention, and application control, will be imperative to maintain network security in the future.