Page 42 - Understandinging Forensic Technology Landscape
P. 42

Although mitigation of a cyberattack is of primary   Common uses for cybersecurity,
           importance, appropriate measures can and should be   email, and network intrusion
           taken to preserve evidence during breach response.
           Altered data or lost evidence can diminish the       Cybersecurity expertise can be of significant value in
           investigator’s ability to successfully reach appropriate   the forensic context. Cybersecurity experts skilled at
           conclusions.                                         data identification, collection, handling, and preservation
                                                                can use their expertise to gather relevant information
           Companies should not wait until an incident to       from various locations within enterprise systems and
           reevaluate their program or network defense systems.   across diverse data sets. Cybersecurity experts can
           Companies may find the following resources helpful:
                                                                perform forensic analysis to determine actor behaviors,
           •  CIS Critical Security Controls (SANS)             methodology, and sourcing. This facilitates the unraveling

           •   Framework for Improving Critical Infrastructure   of intricate relationships that are often identified during
             Cybersecurity (NIST)                               the investigation of complex cyber incidents. This
                                                                analysis can be performed using a combination of
           •   Control Objectives for Information and Related   experience and state-of-the-art tools to recover, search,
             Technologies
                                                                and analyze massive amounts of data effectively and
                                                                efficiently. When performing such analysis, cybersecurity
                                                                experts must adhere to court-approved methodologies
                                                                for evidence preservation.




                        Learn more



               AICPA resources
               •   Cybersecurity Risk Management Reporting Framework

               •  PCPS Exploring Cybersecurity Toolkit
               •  CGMA Cybersecurity Risk Management Tool
               •   AICPA Technology Resource HUB — Cybersecurity/Information Security

               •  AICPA Cybersecurity Resource Center
               •  Go Beyond Disruption — Cybersecurity
               •   Cybersecurity Fundamentals for Finance & Accounting Professionals Certificate

               •  Cybersecurity Advisory Services Certificate
               •  Cybersecurity Practical Applications Certificate

               Free learning resources
               •  SANS Cyber Aces
               •  Cybrary

               •  Department of Homeland Security
               •  InfraGard





                                                                  Understanding the forensic technology landscape | 38
   37   38   39   40   41   42   43   44   45   46   47