This is an outdated version published on 2024-11-24. Read the most recent version.

From Uncertainty to Prosecution: Enhancing Cyber Resilience through Forensic Readiness

Authors

Keywords:

Criminal investigation, Cybercrime, Cybersecurity framework, Cyber resilience, Forensic readiness, Law enforcement, Investigation

Abstract

Organizations relying on digital services must acknowledge that their systems will fail at some point, and if they have not been victims of cybercrime yet, they will be. Cyber resilience is an approach that prepares to withstand and recover from system failures and incidents. To recover from a system failure, the incident's root cause must be understood to mitigate it properly. Thus, there is a need to investigate the incident. An investigation is also essential to hold individuals accountable for malicious incidents in a court of law. The cost of an investigation and the evidential value of digital evidence can depend on how forensically ready an organization is. This apparent connection between cyber resilience and forensic readiness made us question these concepts' interconnection. We conducted a focused literature review and examined relevant legislation, standards, and frameworks to identify the connection between cyber resilience and forensic readiness. Our research shows that the need to determine the root cause of an incident to mitigate it properly is central and that frameworks do not sufficiently address holding individuals responsible for malicious incidents accountable in a court of law. Our main contribution is to show how forensic readiness is a crucial component of cyber resilience and how a systematic investigation is central to incident response. We also propose introducing redress as a core function in the NIST Cybersecurity Framework as a first step to ensure criminals are held accountable for their actions.

Downloads

Download data is not yet available.

Downloads

Published

2024-11-24

Versions

How to Cite

[1]
O. . Heitmann, “From Uncertainty to Prosecution: Enhancing Cyber Resilience through Forensic Readiness”, NIKT, no. 3, Nov. 2024.