The document discusses the evolving landscape of data security, emphasizing that organizations must shift focus from traditional security measures to protecting data proactively. It highlights the importance of digital forensics and eDiscovery in legal contexts while warning about the risks posed by employees and vendors. Additionally, it addresses the implications of government regulations and the necessity of compliance audits in safeguarding information.

1. (C)2012 The Lorenzi Group - All Rights
Reserved

2. 95,000

3. ISACA
160 Countries
C-Level Executives
Auditors & Educators
IT Professionals & Students
Leading GLOBAL provider of education and
certificates for IT Assurance, Security, Risk &
Compliance

4. Set it and Forget it Security
Is DEAD

5. YOUR
Time is NOW

6. Concepts of Security are Changing
The only thing you should be secure about is
that nothing is secure
Organized Crime
Random
Hacktivists
Employees

7. Greatest Risk to Business?
• Employees, Contractors, Vendors &
Partners
• Inside vs. Outside
• Don’t stop protecting outside…..

8. Here lies another
big Co.
Didn’t care about
security and always
said “NO”.
While fighting off
buying more A/V…
Employees and
Vendors stole its
Money!

9. (C)2012 The Lorenzi Group - All Rights
Reserved

10. (C)2012 The Lorenzi Group - All Rights
Reserved

11. (C)2012 The Lorenzi Group - All Rights
Reserved

12. Are DEAD
R.I.P.
(C)2012 The Lorenzi Group - All Rights
Reserved

13. (C)2012 The Lorenzi Group - All Rights
Reserved

14. COULD
be
NEXT…..
(C)2012 The Lorenzi Group - All Rights
Reserved

15. The Future of Data is…..

16. Disperse Accessibility
NOTE:
This is NOT the “cloud”, mobile devices, or partner networks….

17. (C)2012 The Lorenzi Group - All Rights
Reserved

18. Mark Pincus
(C)2012 The Lorenzi Group - All Rights
Reserved

19. ISACA – The Maine Event
Digital Forensics: Yesterday, Today, &
the Next Frontier
The Lorenzi Group

20. Digital Forensics & eDiscovery
• 2 Step Process
– Capturing and preserving everything
– Preparing the “Useful” information

21. SMILE!
Digital Forensics
Digital Forensics Using a 35mm Camera
Create a Forensic Image (Preserve Data) Take a Picture
Restore the Forensic Image Develop the Film
Analyze the Information Choose the Pictures you want
Report (and Testify) as necessary Build a Scrapbook

22. E-Z eDiscovery
1. Convert paper to electronic images
2. Combine images with Digital Forensics
results
3. Filter out Unnecessary Info
4. Review Results
5. Submit

23. Litigation Hold
Legal Notice
Starts the moment litigation becomes reasonably
possible
Requires parties to preserve all potential evidence
Failure to abide could bring sanctions, fines,
dismissal of case, & criminal charges

24. SPOLIATION
• The alteration and/or destruction of data
• Examples:
– Resending an email
– Opening a Word document
– Deleting a picture
– Turning on a computer

25. In the Beginning…….
• Digital Forensics was about DATA
• Mainly, RECOVERING data
Limited Use
Limited Exposure
Limited Risk
(C)2012 The Lorenzi Group - All Rights
Reserved

26. 4 Step Process
Preserve
Restore
Analyze
Testimony
NOTE: This IS all or NOTHING.
(C)2012 The Lorenzi Group - All Rights
Reserved

27. Today it’s……..
• eDiscovery is about CYA
• Mainly, making sure only SOME documents go
Expanded Use
Exponential Exposure
Exponential Risk
(C)2012 The Lorenzi Group - All Rights
Reserved

28. eDiscovery Steps
Input
Review
Cull
Review
Approve
Deliver
(C)2012 The Lorenzi Group - All Rights
Reserved

29. The Future…..
• Data Security is about protecting data FIRST
• Digital Forensics is critical
• eDiscovery is limited (b/c you KNOW)
Unlimited Use (Work/Life is gone)
Limited Exposure
Limited Risk
(C)2012 The Lorenzi Group - All Rights
Reserved

30. Security Analytics
The analysis of device and user generated data
to understand patterns, usage, and anomalies.
Provides hard and soft results on:
Security
Compliance
Productivity
(C)2012 The Lorenzi Group - All Rights
Reserved

31. User/Device Monitoring
• Improves Data Security Exponentially
– Mistakes
– Desperate
– Criminal
• Makes Compliance Easier
• Can provide Productivity metrics
– Termination Justification
– Training Needs
– Resource Allocation
– Cost Saving Opportunities
Examples:
Lockheed, Fidelity, USPS, Kaiser Permanente (many others)

32. FCPA & UKBA2010
Your BEST Friend
Your CLIENTS WORST Nightmare
The tentacles of Govt regulation are spreading
Are YOUR clients ready?
Are YOU ready?

33. Stored Communications Act
Who Owns the DATA?
Accessing personal emails and texts – Illegal
Unless…
Company owns the device (looking locally)
Company pays for device service
BYOD?

34. BYOD
• Stored Communications Act
• Employee Owned/Company Paid
• Company Owned

35. ADA
EU says web surfing is an addiction
What does the US say?
REALLY????

36. If the data is protected FIRST…
eDiscovery is EASY
Digital Forensics (your analysis) is INSTANT
The money shifts from THERE to HERE
Data, Clients, & Organizations are PROTECTED
NEED to promote the value of Compliance Audits
(C)2012 The Lorenzi Group - All Rights
Reserved

37. OUR Future?
Tech
Writer Speaker
Psych
HERE Legal
Project
Logic
Manager
Stats
(C)2012 The Lorenzi Group - All Rights
Reserved

38. Final Thoughts
Social Media is good for business
Acceptable Use Policies are required
BYOD isn’t necessary
Ongoing Training & Reminders are critical
The future of Digital Forensics is protecting is before it’s lost!
Who will ensure data is protected? YOU

39. Robert Fitzgerald
The Lorenzi Group
866-632-9880 x123
www.thelorenzigroup.com
(C)2012 The Lorenzi Group - All Rights
Reserved