Upon discovery of a security incident, the C-Suite, executive management and senior managers want the want the details in plain English. They want the “smoking gun.” They do not want to get lost in the technical verbiage or the jargon of the tech.
So, they will turn to someone who is an expert and who can compile all these together into a presentable manner. For that purpose, they usually turn to a digital forensics expert.
In jiu jitsu, there are many ways you can take your opponent down. It’s the same with information security and digital forensics. It takes the combined effort of the SOC, web team and even desktop support to bring all these small items together and create this masterpiece of art called the “investigation report.”
In the process of finding out the details of what happened, there are many devices, departments and staff members that need to find out the facts. Compiling all these together and pulling them from various sources can be tough and overwhelming.
Having a centralized focal point of where the information can go is a great practice that needs to happen more often. The reason it is important is that it allows for executive management all the way to law enforcement to have a point of contact.
This keeps the line of communication clear and leaves no room for misinterpretation.
So, the question comes out: who can do it? Who has what it takes to make this happen and speak on the C-level, attorney-level and business-level?
Designating the digital forensics expert to be available to these levels of business is great and allow areas of expertise to follow in the correct manner. Indeed, having someone with the depth knowledge of that environment, and how it behaves with the services it provides along with the knowledge of systems security, network security and compliance creates a vital asset for the company.
The recommendation to the C-Suite, senior management and executive management would be to have that ace of spades (a digital forensics expert) in your back pocket. If you do not have one on staff, then allow one to be outsourced.
Digital forensics experts can provide you some great insight of what happened and what needs to happen. Knowing that, you as the C-level expert can rely upon the digital forensics expert to guide you through the murky waters and give you peace of mind.
Combined with experienced legal counsel, a digital forensics expert serves as the foundation of a powerhouse team.
About the Author: Ricoh Danielson is a U.S. Army Combat Veteran of Iraq and Afghanistan. As a digital forensic expert in cell phone forensics for high profile criminal and civil cases, Ricoh has a heavy passion for information security and digital forensic that led him to start up his firm (Fortitude Tech LLC) in the middle of law school to become Phoenix’s heavy hitting digital forensic power house.
He is also a graduate of Thomas Jefferson School of Law, Colorado Tech University, and UCLA Anderson School of Management.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.