EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

The Importance of the Three P's in the Investigation

John William Walker
Additional contact information
John William Walker: Nottingham Trent University, United Kingdom

International Journal of Cyber Forensics and Advanced Threat Investigations, 2020, vol. 1, issue 1-3, 42-46

Abstract: This article introduces the importance of process during the investigation and the acquisition phases of logical/physical artifacts which may be required during the course of such professional engagement. The article then focuses on the necessity to have a robust supportive framework in a state of preparedness to facilitate the First Responders and CSIRT (Computer Security Incident Response Team) with the necessary underpin to support such investigative engagements – considering effective and pragmatic Policies, Case Management, operational Security Protocols (Run-Books) and all other necessary attributes to underpin a professional, prepared posture from which a team may effectively, and robustly engage an investigation/incident. To elaborate on the importance of such an approach, we outline a number of real-world cases where ineffective processes and controls were applied. Finally, we review the essential elements of securely managing case-related data, and the absolute need to apply security mechanisms such as Certified Standards of FIPS-140-2 encryption to secure sensitive case related assets to assure they are robustly protected at all stages of their life cycle when they are in physical transit, or when they are at rest, associated with a desk-bound PC. The end objective to the entire article is to stress an absolute need to apply process to, as far as is practicable, to achieve positive conclusions from any investigation or incident which has been engaged.

Keywords: DFIR; Digital Forensics; Incident Response; Cybersecurity (search for similar items in EconPapers)
Date: 2020
References: Add references at CitEc
Citations:

Downloads: (external link)
https://conceptechint.net/index.php/CFATI/article/download/15/3 (application/pdf)
https://conceptechint.net/index.php/CFATI/article/view/15 (text/html)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:aox:rcfati:v:1:y:2020:i:1-3:p:42-46

DOI: 10.46386/ijcfati.v1i1-3.15

Access Statistics for this article

International Journal of Cyber Forensics and Advanced Threat Investigations is currently edited by Professor John William Walker

More articles in International Journal of Cyber Forensics and Advanced Threat Investigations from Concept Tech Publishing
Bibliographic data for series maintained by Mira Leonko ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-19
Handle: RePEc:aox:rcfati:v:1:y:2020:i:1-3:p:42-46