The Top Incident-Response Missteps and How to Avoid Them for Digital Forensics Success
General Business
January 20, 2011
by
Marc Courey, CPA, JD, LLM, CFE, CICA, CFF, CCEP, John Walther
Marc Courey, CPA, JD, LLM, CFE, CICA, CFF, CCEP
Director of Litigation Support, Fraud and Forensic Services
View Profile
Imagine the following events have come to your organization’s attention:
- A mid-level employee is suspected of using his company-provided laptop, PDA, and smartphone to conduct illegal drug activities.
- A skilled intruder has extracted sensitive customer information from your database.
- A disgruntled consumer has unleashed a malicious code that’s destroying your organization’s data.
The actions your organization takes—and doesn’t take—in the face of such adverse events or threats largely determine whether critical evidence will be successfully collected. Take the wrong actions, and your company can face liability issues, risk a damaged reputation, and have difficulty defending and prosecuting its claims.
Moreover, laws regarding breach notifications are clear, but in the aftermath of an incident, compliance can become very complicated. A delayed or disorganized response only spells additional legal troubles and business headaches.
Organizations must be prepared at every level with an incident-response plan.
Average Rating:
Length: 2 pages (PDF 92 kB)