CYBER SECURITY
“ DELOITTE ADVISES THAT COMPANIES WOULD NEED TO ADD MORE SKILLS , ESPECIALLY RELATED TO FORENSICS , TO HELP THEM NAVIGATE CLOUD-BASED APPLICATIONS AND DATA STORAGE ”
BOBBY BALACHANDRAN CEO OF EXTERRO
differences between conventional and cloud forensics . Without the proper knowledge of such differences , these organisations are prone to attackers , yet potentially missing the chance to actually collect the appropriate evidence .
For proper cloud forensics , one must have a blend of skills in digital forensics and cloud computing . In traditional computer forensics , the process is mainly done at the physical crime scene , and the evidence will be brought to be stored or examined under the safekeeping and control of law enforcement , similar to any other criminal case .
However , the location of the data can be vague , and it can also be outside the jurisdiction of your nearest law enforcement . Extracting and getting the evidence to be under the custody of relevant law enforcement can be extra challenging .
Investigators would also need to deal with more computing assets , including both virtual and physical servers , networks , storage devices , or applications — all while the cloud environment continues evolving as with regular days of operations , which may compromise data integrity if analysis and investigation are not performed quickly enough . Poorly collected evidence could just end up inadmissible in the court .
This is why more tech companies are offering cloud forensic services , with several leading players like CISCO , Digital Detective , Oxygen Forensics , Micro Systemation , OpenText , LogRhythm , Paraben , AccessData , Magnet Forensics , Coalfire , Cellebrite , and FireEye dominating the market . Big companies , like IBM , have also started to venture into the market .
IBM ' s Qradar promises analysis for both on-premise and cloud-based systems , such as SaaS and IaaS environments like Office365 , SalesForce . com , Amazon Web Services , Microsoft Azure and Google Cloud .
Another example is Exterro , the industry ' s first provider of Legal Governance Risk and Compliance ( GRC ) software . Exterro offers a comprehensive platform so organisations can mitigate risk , manage cost control , and have endto-end visibility of their GRC processes .
" By focusing on the synergies that exist between privacy , digital forensics , incident response and e-discovery , we were able to generate efficiencies and pave the way for the better utilisation of that data ," says CEO & President Bobby Balachandran . " We now unify and automate those workflows across the entire business via one holistic solution , and we ' re the only company doing that ."
Given the current trend , there will doubtless be more cloud forensics service providers entering the market , providing consumers and businesses with an abundance of options . This is progress - even in spite of the multitude of unaddressed problems within cloud forensics itself , with limited answers when it comes to cross border jurisdiction , the chain of custody regarding data acquisition , and the differences in legislation in many parts of the world . cybermagazine . com 43