SlideShare a Scribd company logo

Digital Forensics, eDiscovery & Technology Risks for HR Executives

Download as PPTX, PDF
The Lorenzi Group
The Lorenzi Group

HR Executives are faced with greater risks than ever before when it comes to data security and employee behaviors. This is an overview of processes and emerging risks. Presentation Highlights: KEEP passwords and data private Greatest risk is from the inside Spoliation risks in legal matters Security Analytics and Employee Monitoring

TechnologyBusiness
1 of 18
Digital Forensics, eDiscovery, & other Technology Risks for the HR Executive The Lorenzi Group
p@SSw0rDz Facebook LinkedIn Match.com • Less is More, hire a professional This line of questioning could open discrimination issues
Concepts of Security are Changing • The only thing you should be secure about is that nothing is secure • Organized Crime • Random • Employees • Hacktivists
Greatest Risk to Business? • Employees, Contractors, Vendors & Partners • Inside vs. Outside • Don’t stop protecting outside…..
Virtual Machines & Child Porn • The virtual world is going virtual • CP (or CSAI – See-S-eye) is an addiction • Pirated media a (profitable) hobby • High bandwidth, “ghost” (vmware) The only thing you need to know: Liability is HUGE.
Digital Forensics & eDiscovery • 2 Step Process • Capturing and preserving everything • Preparing the “Useful” information
SMILE! Digital Forensics Digital Forensics Using a 35mm Camera Create a Forensic Image (Preserve Data) Take a Picture Restore the Forensic Image Develop the Film Analyze the Information Choose the Pictures you want Report (and Testify) as necessary Build a Scrapbook
E-Z eDiscovery 1. Convert paper to electronic images 2. Combine images with Digital Forensics results 3. Filter out Unnecessary Info 4. Review Results 5. Submit
SPOLIATION • The alteration and/or destruction of data • Examples: • Resending an email • Opening a Word document • Deleting a picture • Turning on a computer
Litigation Hold Legal Notice Starts the moment litigation becomes reasonably possible Requires parties to preserve all potential evidence Failure to abide could bring sanctions, fines, dismissal of case, & criminal charges
The IT Department – Your BEST Friend… and WORST Enemy • Digital Forensics is all about 3 things: • Process • Experience • Defensibility • CAN IT do some/all of it? Maybe. • SHOULD IT do some/all of it? NO.
Any time… You think internal is better/cheaper/faster… • Remember: • Legal, Financial, & Criminal Liability • IT fear of public speaking • Interpersonal relationships…… (ask about this)
Employee Monitoring • It’s not Big Brother, it’s SMART Business • Improves Data Security Exponentially • Mistakes • Desperate • Criminal • Makes Compliance Easier • Can provide Productivity metrics • Termination Justification • Training Needs • Resource Allocation • Cost Saving Opportunities Examples: Lockheed, Fidelity, USPS, Kaiser Permanente
BYOD • Stored Communications Act • Employee Owned/Company Paid • Company Owned
EADV Electronic Devices and Social Media Misuse Major initiative for 2012
ADA • EU says websurfing is an addiction • What does the US say? • REALLY????
Thoughts Social Media is good Acceptable Use Policies are required Detailed Background Checks are better than FB pages Ongoing Training & Reminders are critical
Thank You Rob Fitzgerald The Lorenzi Group 866-632-9880 x123 www.thelorenzigroup.com

Recommended

Sec and ethics presentation
Sec and ethics presentationSec and ethics presentation
Sec and ethics presentationDarren McManus
 
Introduction to World Wide Web
Introduction to World Wide WebIntroduction to World Wide Web
Introduction to World Wide Web
Marlon Jamera
 
Airport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthyAirport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthyRussell Publishing
 
How to be a Tech-Smart Parent
How to be a Tech-Smart ParentHow to be a Tech-Smart Parent
How to be a Tech-Smart Parent
Barry Caplin
 
Responsible Use
Responsible UseResponsible Use
Responsible UseAndrea Tejedor
 
Tech smart preschool parent 2 13
Tech smart preschool parent 2 13Tech smart preschool parent 2 13
Tech smart preschool parent 2 13
Barry Caplin
 
How to Get a Job in Cyber Security 2018
How to Get a Job in Cyber Security 2018How to Get a Job in Cyber Security 2018
How to Get a Job in Cyber Security 2018
ClearedJobs.Net
 
Social Engineering
Social EngineeringSocial Engineering
Social Engineering
Cyber Agency
 

Recommended

Sec and ethics presentation
Sec and ethics presentationSec and ethics presentation
Sec and ethics presentationDarren McManus
 
Introduction to World Wide Web
Introduction to World Wide WebIntroduction to World Wide Web
Introduction to World Wide Web
Marlon Jamera
 
Airport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthyAirport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthyRussell Publishing
 
How to be a Tech-Smart Parent
How to be a Tech-Smart ParentHow to be a Tech-Smart Parent
How to be a Tech-Smart Parent
Barry Caplin
 
Responsible Use
Responsible UseResponsible Use
Responsible UseAndrea Tejedor
 
Tech smart preschool parent 2 13
Tech smart preschool parent 2 13Tech smart preschool parent 2 13
Tech smart preschool parent 2 13
Barry Caplin
 
How to Get a Job in Cyber Security 2018
How to Get a Job in Cyber Security 2018How to Get a Job in Cyber Security 2018
How to Get a Job in Cyber Security 2018
ClearedJobs.Net
 
Social Engineering
Social EngineeringSocial Engineering
Social Engineering
Cyber Agency
 
Digital Forensics: Yesterday, Today, and the Next Frontier
Digital Forensics: Yesterday, Today, and the Next FrontierDigital Forensics: Yesterday, Today, and the Next Frontier
Digital Forensics: Yesterday, Today, and the Next Frontier
The Lorenzi Group
 
Ethics for IT Workers and IT Users
Ethics for IT Workers and IT UsersEthics for IT Workers and IT Users
Ethics for IT Workers and IT Users
Mark Jhon Oxillo
 
Effective Cyber Security: Successful Approaches and Experiences
Effective Cyber Security: Successful Approaches and ExperiencesEffective Cyber Security: Successful Approaches and Experiences
Effective Cyber Security: Successful Approaches and Experiences
InnoTech
 
Chapter 3
Chapter 3Chapter 3
Chapter 3
Jennifer Polack
 
11 27 07 Ezor Attorney E Mail Ethics Presentation
11 27 07 Ezor Attorney E Mail Ethics Presentation11 27 07 Ezor Attorney E Mail Ethics Presentation
11 27 07 Ezor Attorney E Mail Ethics Presentation
Jonathan Ezor
 
4.1.1 areas of computer ethics
4.1.1 areas of computer ethics4.1.1 areas of computer ethics
4.1.1 areas of computer ethics
badak sumbu
 
What is Social Engineering? An illustrated presentation.
What is Social Engineering? An illustrated presentation.What is Social Engineering? An illustrated presentation.
What is Social Engineering? An illustrated presentation.
Pratum
 
Social Engineering - Strategy, Tactics, & Case Studies
Social Engineering - Strategy, Tactics, & Case StudiesSocial Engineering - Strategy, Tactics, & Case Studies
Social Engineering - Strategy, Tactics, & Case Studies
Praetorian
 
Cyber security awareness
Cyber security awarenessCyber security awareness
Cyber security awarenessRobin Rafique
 
LinkedIn to Your Network - The Social Engineering Threat
LinkedIn to Your Network - The Social Engineering ThreatLinkedIn to Your Network - The Social Engineering Threat
LinkedIn to Your Network - The Social Engineering Threat
Lancope, Inc.
 
The Art of Human Hacking : Social Engineering
The Art of Human Hacking : Social Engineering The Art of Human Hacking : Social Engineering
The Art of Human Hacking : Social Engineering
OWASP Foundation
 
Social engineering The Good and Bad
Social engineering The Good and BadSocial engineering The Good and Bad
Social engineering The Good and Bad
Tzar Umang
 
Computer ethics and crime
Computer ethics and crimeComputer ethics and crime
Computer ethics and crime
Middle East International School
 
BYOD: Beating IT's Kobayashi Maru
BYOD: Beating IT's Kobayashi MaruBYOD: Beating IT's Kobayashi Maru
BYOD: Beating IT's Kobayashi Maru
Michele Chubirka
 
Sharon Conheady - Social engineering & social networks (4 novmber Jaarbeurs U...
Sharon Conheady - Social engineering & social networks (4 novmber Jaarbeurs U...Sharon Conheady - Social engineering & social networks (4 novmber Jaarbeurs U...
Sharon Conheady - Social engineering & social networks (4 novmber Jaarbeurs U...Infosecurity2010
 
Social engineering
Social engineering Social engineering
Social engineering
Vîñàý Pãtêl
 
Crowdsourcing & ethics: a few thoughts and refences.
Crowdsourcing & ethics: a few thoughts and refences. Crowdsourcing & ethics: a few thoughts and refences.
Crowdsourcing & ethics: a few thoughts and refences.
Matthew Lease
 
Social Engineering 2.0
Social Engineering 2.0Social Engineering 2.0
Social Engineering 2.0
Murray Security Services
 
Chapter 4 2016
Chapter 4 2016Chapter 4 2016
Chapter 4 2016
Fizaril Amzari Omar
 
Current enterprise information security measures continue to fail us. Why is ...
Current enterprise information security measures continue to fail us. Why is ...Current enterprise information security measures continue to fail us. Why is ...
Current enterprise information security measures continue to fail us. Why is ...
Livingstone Advisory
 
Embracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveEmbracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveBarry Caplin
 
Embracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveEmbracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveBarry Caplin
 

More Related Content

What's hot

Digital Forensics: Yesterday, Today, and the Next Frontier
Digital Forensics: Yesterday, Today, and the Next FrontierDigital Forensics: Yesterday, Today, and the Next Frontier
Digital Forensics: Yesterday, Today, and the Next Frontier
The Lorenzi Group
 
Ethics for IT Workers and IT Users
Ethics for IT Workers and IT UsersEthics for IT Workers and IT Users
Ethics for IT Workers and IT Users
Mark Jhon Oxillo
 
Effective Cyber Security: Successful Approaches and Experiences
Effective Cyber Security: Successful Approaches and ExperiencesEffective Cyber Security: Successful Approaches and Experiences
Effective Cyber Security: Successful Approaches and Experiences
InnoTech
 
Chapter 3
Chapter 3Chapter 3
Chapter 3
Jennifer Polack
 
11 27 07 Ezor Attorney E Mail Ethics Presentation
11 27 07 Ezor Attorney E Mail Ethics Presentation11 27 07 Ezor Attorney E Mail Ethics Presentation
11 27 07 Ezor Attorney E Mail Ethics Presentation
Jonathan Ezor
 
4.1.1 areas of computer ethics
4.1.1 areas of computer ethics4.1.1 areas of computer ethics
4.1.1 areas of computer ethics
badak sumbu
 
What is Social Engineering? An illustrated presentation.
What is Social Engineering? An illustrated presentation.What is Social Engineering? An illustrated presentation.
What is Social Engineering? An illustrated presentation.
Pratum
 
Social Engineering - Strategy, Tactics, & Case Studies
Social Engineering - Strategy, Tactics, & Case StudiesSocial Engineering - Strategy, Tactics, & Case Studies
Social Engineering - Strategy, Tactics, & Case Studies
Praetorian
 
Cyber security awareness
Cyber security awarenessCyber security awareness
Cyber security awarenessRobin Rafique
 
LinkedIn to Your Network - The Social Engineering Threat
LinkedIn to Your Network - The Social Engineering ThreatLinkedIn to Your Network - The Social Engineering Threat
LinkedIn to Your Network - The Social Engineering Threat
Lancope, Inc.
 
The Art of Human Hacking : Social Engineering
The Art of Human Hacking : Social Engineering The Art of Human Hacking : Social Engineering
The Art of Human Hacking : Social Engineering
OWASP Foundation
 
Social engineering The Good and Bad
Social engineering The Good and BadSocial engineering The Good and Bad
Social engineering The Good and Bad
Tzar Umang
 
Computer ethics and crime
Computer ethics and crimeComputer ethics and crime
Computer ethics and crime
Middle East International School
 
BYOD: Beating IT's Kobayashi Maru
BYOD: Beating IT's Kobayashi MaruBYOD: Beating IT's Kobayashi Maru
BYOD: Beating IT's Kobayashi Maru
Michele Chubirka
 
Sharon Conheady - Social engineering & social networks (4 novmber Jaarbeurs U...
Sharon Conheady - Social engineering & social networks (4 novmber Jaarbeurs U...Sharon Conheady - Social engineering & social networks (4 novmber Jaarbeurs U...
Sharon Conheady - Social engineering & social networks (4 novmber Jaarbeurs U...Infosecurity2010
 
Social engineering
Social engineering Social engineering
Social engineering
Vîñàý Pãtêl
 
Crowdsourcing & ethics: a few thoughts and refences.
Crowdsourcing & ethics: a few thoughts and refences. Crowdsourcing & ethics: a few thoughts and refences.
Crowdsourcing & ethics: a few thoughts and refences.
Matthew Lease
 
Social Engineering 2.0
Social Engineering 2.0Social Engineering 2.0
Social Engineering 2.0
Murray Security Services
 
Chapter 4 2016
Chapter 4 2016Chapter 4 2016
Chapter 4 2016
Fizaril Amzari Omar
 
Current enterprise information security measures continue to fail us. Why is ...
Current enterprise information security measures continue to fail us. Why is ...Current enterprise information security measures continue to fail us. Why is ...
Current enterprise information security measures continue to fail us. Why is ...
Livingstone Advisory
 

What's hot (20)

Digital Forensics: Yesterday, Today, and the Next Frontier
Digital Forensics: Yesterday, Today, and the Next FrontierDigital Forensics: Yesterday, Today, and the Next Frontier
Digital Forensics: Yesterday, Today, and the Next Frontier
 
Ethics for IT Workers and IT Users
Ethics for IT Workers and IT UsersEthics for IT Workers and IT Users
Ethics for IT Workers and IT Users
 
Effective Cyber Security: Successful Approaches and Experiences
Effective Cyber Security: Successful Approaches and ExperiencesEffective Cyber Security: Successful Approaches and Experiences
Effective Cyber Security: Successful Approaches and Experiences
 
Chapter 3
Chapter 3Chapter 3
Chapter 3
 
11 27 07 Ezor Attorney E Mail Ethics Presentation
11 27 07 Ezor Attorney E Mail Ethics Presentation11 27 07 Ezor Attorney E Mail Ethics Presentation
11 27 07 Ezor Attorney E Mail Ethics Presentation
 
4.1.1 areas of computer ethics
4.1.1 areas of computer ethics4.1.1 areas of computer ethics
4.1.1 areas of computer ethics
 
What is Social Engineering? An illustrated presentation.
What is Social Engineering? An illustrated presentation.What is Social Engineering? An illustrated presentation.
What is Social Engineering? An illustrated presentation.
 
Social Engineering - Strategy, Tactics, & Case Studies
Social Engineering - Strategy, Tactics, & Case StudiesSocial Engineering - Strategy, Tactics, & Case Studies
Social Engineering - Strategy, Tactics, & Case Studies
 
Cyber security awareness
Cyber security awarenessCyber security awareness
Cyber security awareness
 
LinkedIn to Your Network - The Social Engineering Threat
LinkedIn to Your Network - The Social Engineering ThreatLinkedIn to Your Network - The Social Engineering Threat
LinkedIn to Your Network - The Social Engineering Threat
 
The Art of Human Hacking : Social Engineering
The Art of Human Hacking : Social Engineering The Art of Human Hacking : Social Engineering
The Art of Human Hacking : Social Engineering
 
Social engineering The Good and Bad
Social engineering The Good and BadSocial engineering The Good and Bad
Social engineering The Good and Bad
 
Computer ethics and crime
Computer ethics and crimeComputer ethics and crime
Computer ethics and crime
 
BYOD: Beating IT's Kobayashi Maru
BYOD: Beating IT's Kobayashi MaruBYOD: Beating IT's Kobayashi Maru
BYOD: Beating IT's Kobayashi Maru
 
Sharon Conheady - Social engineering & social networks (4 novmber Jaarbeurs U...
Sharon Conheady - Social engineering & social networks (4 novmber Jaarbeurs U...Sharon Conheady - Social engineering & social networks (4 novmber Jaarbeurs U...
Sharon Conheady - Social engineering & social networks (4 novmber Jaarbeurs U...
 
Social engineering
Social engineering Social engineering
Social engineering
 
Crowdsourcing & ethics: a few thoughts and refences.
Crowdsourcing & ethics: a few thoughts and refences. Crowdsourcing & ethics: a few thoughts and refences.
Crowdsourcing & ethics: a few thoughts and refences.
 
Social Engineering 2.0
Social Engineering 2.0Social Engineering 2.0
Social Engineering 2.0
 
Chapter 4 2016
Chapter 4 2016Chapter 4 2016
Chapter 4 2016
 
Current enterprise information security measures continue to fail us. Why is ...
Current enterprise information security measures continue to fail us. Why is ...Current enterprise information security measures continue to fail us. Why is ...
Current enterprise information security measures continue to fail us. Why is ...
 

Similar to Digital Forensics, eDiscovery & Technology Risks for HR Executives

Embracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveEmbracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveBarry Caplin
 
Embracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveEmbracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveBarry Caplin
 
Cas cyber prez
Cas cyber prezCas cyber prez
Cas cyber prez
Dan Michaluk
 
People are the biggest risk
People are the biggest riskPeople are the biggest risk
People are the biggest riskEvan Francen
 
Impact of data science in financial reporting
Impact of data science in financial reporting Impact of data science in financial reporting
Impact of data science in financial reporting
James Deiotte
 
2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-security2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-security
Stephen Cobb
 
Embracing the IT Consumerization Imperative NG Security
Embracing the IT Consumerization Imperative NG SecurityEmbracing the IT Consumerization Imperative NG Security
Embracing the IT Consumerization Imperative NG Security
Barry Caplin
 
Cyber and Data Risks
Cyber and Data RisksCyber and Data Risks
Cyber and Data Risks
risksmith
 
Anatomy Of A Breach: The Good, The Bad & The Ugly
Anatomy Of A Breach: The Good, The Bad & The UglyAnatomy Of A Breach: The Good, The Bad & The Ugly
Anatomy Of A Breach: The Good, The Bad & The Ugly
Resilient Systems
 
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)Paul C. Van Slyke
 
Data Protection – How Not to Panic and Make it a Positive
Data Protection – How Not to Panic and Make it a PositiveData Protection – How Not to Panic and Make it a Positive
Data Protection – How Not to Panic and Make it a Positive
TargetX
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Stephen Cobb
 
Iron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data ResponsiblyIron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data Responsibly
Gabor Szathmari
 
Internal social networks
Internal social networksInternal social networks
Internal social networks
Prof. Jacques Folon (Ph.D)
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
Quick Heal Technologies Ltd.
 
The Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise SecurityThe Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise Security
Stephen Cobb
 
BSides London 2018 - Solving Threat Detection
BSides London 2018 - Solving Threat DetectionBSides London 2018 - Solving Threat Detection
BSides London 2018 - Solving Threat Detection
Alex Davies
 
Where security and privacy meet partnering tips for CSOs and privacy/complian...
Where security and privacy meet partnering tips for CSOs and privacy/complian...Where security and privacy meet partnering tips for CSOs and privacy/complian...
Where security and privacy meet partnering tips for CSOs and privacy/complian...
Compliancy Group
 
Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?
PECB
 

Similar to Digital Forensics, eDiscovery & Technology Risks for HR Executives (20)

Embracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveEmbracing the IT Consumerization Imperitive
Embracing the IT Consumerization Imperitive
 
Embracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveEmbracing the IT Consumerization Imperitive
Embracing the IT Consumerization Imperitive
 
Cas cyber prez
Cas cyber prezCas cyber prez
Cas cyber prez
 
People are the biggest risk
People are the biggest riskPeople are the biggest risk
People are the biggest risk
 
Impact of data science in financial reporting
Impact of data science in financial reporting Impact of data science in financial reporting
Impact of data science in financial reporting
 
2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-security2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-security
 
Embracing the IT Consumerization Imperative NG Security
Embracing the IT Consumerization Imperative NG SecurityEmbracing the IT Consumerization Imperative NG Security
Embracing the IT Consumerization Imperative NG Security
 
Cyber and Data Risks
Cyber and Data RisksCyber and Data Risks
Cyber and Data Risks
 
Anatomy Of A Breach: The Good, The Bad & The Ugly
Anatomy Of A Breach: The Good, The Bad & The UglyAnatomy Of A Breach: The Good, The Bad & The Ugly
Anatomy Of A Breach: The Good, The Bad & The Ugly
 
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)
 
Data Protection – How Not to Panic and Make it a Positive
Data Protection – How Not to Panic and Make it a PositiveData Protection – How Not to Panic and Make it a Positive
Data Protection – How Not to Panic and Make it a Positive
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...
 
Iron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data ResponsiblyIron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data Responsibly
 
Data Privacy
Data PrivacyData Privacy
Data Privacy
 
Internal social networks
Internal social networksInternal social networks
Internal social networks
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
 
The Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise SecurityThe Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise Security
 
BSides London 2018 - Solving Threat Detection
BSides London 2018 - Solving Threat DetectionBSides London 2018 - Solving Threat Detection
BSides London 2018 - Solving Threat Detection
 
Where security and privacy meet partnering tips for CSOs and privacy/complian...
Where security and privacy meet partnering tips for CSOs and privacy/complian...Where security and privacy meet partnering tips for CSOs and privacy/complian...
Where security and privacy meet partnering tips for CSOs and privacy/complian...
 
Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?
 

More from The Lorenzi Group

Data Breach from the Inside Out
Data Breach from the Inside Out Data Breach from the Inside Out
Data Breach from the Inside Out
The Lorenzi Group
 
ROAR in Real Like: Heartbeat Helper
ROAR in Real Like: Heartbeat HelperROAR in Real Like: Heartbeat Helper
ROAR in Real Like: Heartbeat HelperThe Lorenzi Group
 
Why ROAR makes CENTS: An Insiders Guide to Saving Clients Money (While Protec...
Why ROAR makes CENTS: An Insiders Guide to Saving Clients Money (While Protec...Why ROAR makes CENTS: An Insiders Guide to Saving Clients Money (While Protec...
Why ROAR makes CENTS: An Insiders Guide to Saving Clients Money (While Protec...The Lorenzi Group
 
ROAR Provides Peace of Mind in Digital Enviroments
ROAR Provides Peace of Mind in Digital EnviromentsROAR Provides Peace of Mind in Digital Enviroments
ROAR Provides Peace of Mind in Digital EnviromentsThe Lorenzi Group
 
ROARing Compliance
ROARing ComplianceROARing Compliance
ROARing Compliance
The Lorenzi Group
 
ROAR in Real Life: Picture Perfect
ROAR in Real Life: Picture PerfectROAR in Real Life: Picture Perfect
ROAR in Real Life: Picture PerfectThe Lorenzi Group
 
ROAR in Pictures: Biking
ROAR in Pictures: BikingROAR in Pictures: Biking
ROAR in Pictures: Biking
The Lorenzi Group
 
DDoS Explained
DDoS ExplainedDDoS Explained
DDoS Explained
The Lorenzi Group
 
Digital Forensics: The Employees' Dilemma
Digital Forensics: The Employees' DilemmaDigital Forensics: The Employees' Dilemma
Digital Forensics: The Employees' Dilemma
The Lorenzi Group
 
Rising Cost of Child Porn Defense
Rising Cost of Child Porn DefenseRising Cost of Child Porn Defense
Rising Cost of Child Porn Defense
The Lorenzi Group
 
Security Analytics for Certified Fraud Examiners
Security Analytics for Certified Fraud ExaminersSecurity Analytics for Certified Fraud Examiners
Security Analytics for Certified Fraud Examiners
The Lorenzi Group
 
So, You Want To Work In Digital Forensics....
So, You Want To Work In Digital Forensics....So, You Want To Work In Digital Forensics....
So, You Want To Work In Digital Forensics....
The Lorenzi Group
 
Digital Forensics & eDiscovery for the Financial Executive
Digital Forensics & eDiscovery for the Financial ExecutiveDigital Forensics & eDiscovery for the Financial Executive
Digital Forensics & eDiscovery for the Financial Executive
The Lorenzi Group
 
eDiscovery IS Data Security
eDiscovery IS Data SecurityeDiscovery IS Data Security
eDiscovery IS Data Security
The Lorenzi Group
 
Active Network Monitoring brings Peace of Mind
Active Network Monitoring brings Peace of MindActive Network Monitoring brings Peace of Mind
Active Network Monitoring brings Peace of Mind
The Lorenzi Group
 
Introduction to the Epsilon Data Breach
Introduction to the Epsilon Data BreachIntroduction to the Epsilon Data Breach
Introduction to the Epsilon Data Breach
The Lorenzi Group
 
Sex, Crime, & Online Slime
Sex, Crime, & Online SlimeSex, Crime, & Online Slime
Sex, Crime, & Online Slime
The Lorenzi Group
 
Productivity 3.0
Productivity 3.0Productivity 3.0
Productivity 3.0
The Lorenzi Group
 

More from The Lorenzi Group (20)

Data Breach from the Inside Out
Data Breach from the Inside Out Data Breach from the Inside Out
Data Breach from the Inside Out
 
ROAR in Real Like: Heartbeat Helper
ROAR in Real Like: Heartbeat HelperROAR in Real Like: Heartbeat Helper
ROAR in Real Like: Heartbeat Helper
 
ROAR for IT Managers
ROAR for IT ManagersROAR for IT Managers
ROAR for IT Managers
 
Why ROAR makes CENTS: An Insiders Guide to Saving Clients Money (While Protec...
Why ROAR makes CENTS: An Insiders Guide to Saving Clients Money (While Protec...Why ROAR makes CENTS: An Insiders Guide to Saving Clients Money (While Protec...
Why ROAR makes CENTS: An Insiders Guide to Saving Clients Money (While Protec...
 
The Many Faces of SHIELD
The Many Faces of SHIELDThe Many Faces of SHIELD
The Many Faces of SHIELD
 
ROAR Provides Peace of Mind in Digital Enviroments
ROAR Provides Peace of Mind in Digital EnviromentsROAR Provides Peace of Mind in Digital Enviroments
ROAR Provides Peace of Mind in Digital Enviroments
 
ROARing Compliance
ROARing ComplianceROARing Compliance
ROARing Compliance
 
ROAR in Real Life: Picture Perfect
ROAR in Real Life: Picture PerfectROAR in Real Life: Picture Perfect
ROAR in Real Life: Picture Perfect
 
ROAR in Pictures: Biking
ROAR in Pictures: BikingROAR in Pictures: Biking
ROAR in Pictures: Biking
 
DDoS Explained
DDoS ExplainedDDoS Explained
DDoS Explained
 
Digital Forensics: The Employees' Dilemma
Digital Forensics: The Employees' DilemmaDigital Forensics: The Employees' Dilemma
Digital Forensics: The Employees' Dilemma
 
Rising Cost of Child Porn Defense
Rising Cost of Child Porn DefenseRising Cost of Child Porn Defense
Rising Cost of Child Porn Defense
 
Security Analytics for Certified Fraud Examiners
Security Analytics for Certified Fraud ExaminersSecurity Analytics for Certified Fraud Examiners
Security Analytics for Certified Fraud Examiners
 
So, You Want To Work In Digital Forensics....
So, You Want To Work In Digital Forensics....So, You Want To Work In Digital Forensics....
So, You Want To Work In Digital Forensics....
 
Digital Forensics & eDiscovery for the Financial Executive
Digital Forensics & eDiscovery for the Financial ExecutiveDigital Forensics & eDiscovery for the Financial Executive
Digital Forensics & eDiscovery for the Financial Executive
 
eDiscovery IS Data Security
eDiscovery IS Data SecurityeDiscovery IS Data Security
eDiscovery IS Data Security
 
Active Network Monitoring brings Peace of Mind
Active Network Monitoring brings Peace of MindActive Network Monitoring brings Peace of Mind
Active Network Monitoring brings Peace of Mind
 
Introduction to the Epsilon Data Breach
Introduction to the Epsilon Data BreachIntroduction to the Epsilon Data Breach
Introduction to the Epsilon Data Breach
 
Sex, Crime, & Online Slime
Sex, Crime, & Online SlimeSex, Crime, & Online Slime
Sex, Crime, & Online Slime
 
Productivity 3.0
Productivity 3.0Productivity 3.0
Productivity 3.0
 

Recently uploaded

Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Tobias Schneck
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Inflectra
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Cheryl Hung
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
Abida Shariff
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
CatarinaPereira64715
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 

Recently uploaded (20)

Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 

Digital Forensics, eDiscovery & Technology Risks for HR Executives

  • 1. Digital Forensics, eDiscovery, & other Technology Risks for the HR Executive The Lorenzi Group
  • 2. p@SSw0rDz Facebook LinkedIn Match.com • Less is More, hire a professional This line of questioning could open discrimination issues
  • 3. Concepts of Security are Changing • The only thing you should be secure about is that nothing is secure • Organized Crime • Random • Employees • Hacktivists
  • 4. Greatest Risk to Business? • Employees, Contractors, Vendors & Partners • Inside vs. Outside • Don’t stop protecting outside…..
  • 5. Virtual Machines & Child Porn • The virtual world is going virtual • CP (or CSAI – See-S-eye) is an addiction • Pirated media a (profitable) hobby • High bandwidth, “ghost” (vmware) The only thing you need to know: Liability is HUGE.
  • 6. Digital Forensics & eDiscovery • 2 Step Process • Capturing and preserving everything • Preparing the “Useful” information
  • 7. SMILE! Digital Forensics Digital Forensics Using a 35mm Camera Create a Forensic Image (Preserve Data) Take a Picture Restore the Forensic Image Develop the Film Analyze the Information Choose the Pictures you want Report (and Testify) as necessary Build a Scrapbook
  • 8. E-Z eDiscovery 1. Convert paper to electronic images 2. Combine images with Digital Forensics results 3. Filter out Unnecessary Info 4. Review Results 5. Submit
  • 9. SPOLIATION • The alteration and/or destruction of data • Examples: • Resending an email • Opening a Word document • Deleting a picture • Turning on a computer
  • 10. Litigation Hold Legal Notice Starts the moment litigation becomes reasonably possible Requires parties to preserve all potential evidence Failure to abide could bring sanctions, fines, dismissal of case, & criminal charges
  • 11. The IT Department – Your BEST Friend… and WORST Enemy • Digital Forensics is all about 3 things: • Process • Experience • Defensibility • CAN IT do some/all of it? Maybe. • SHOULD IT do some/all of it? NO.
  • 12. Any time… You think internal is better/cheaper/faster… • Remember: • Legal, Financial, & Criminal Liability • IT fear of public speaking • Interpersonal relationships…… (ask about this)
  • 13. Employee Monitoring • It’s not Big Brother, it’s SMART Business • Improves Data Security Exponentially • Mistakes • Desperate • Criminal • Makes Compliance Easier • Can provide Productivity metrics • Termination Justification • Training Needs • Resource Allocation • Cost Saving Opportunities Examples: Lockheed, Fidelity, USPS, Kaiser Permanente
  • 14. BYOD • Stored Communications Act • Employee Owned/Company Paid • Company Owned
  • 15. EADV Electronic Devices and Social Media Misuse Major initiative for 2012
  • 16. ADA • EU says websurfing is an addiction • What does the US say? • REALLY????
  • 17. Thoughts Social Media is good Acceptable Use Policies are required Detailed Background Checks are better than FB pages Ongoing Training & Reminders are critical
  • 18. Thank You Rob Fitzgerald The Lorenzi Group 866-632-9880 x123 www.thelorenzigroup.com