TY - GEN
T1 - Are you ready? Towards the engineering of forensic-ready systems
AU - Grispos, George
AU - Garcia-Galan, Jesus
AU - Pasquale, Liliana
AU - Nuseibeh, Bashar
N1 - Publisher Copyright:
© 2017 IEEE.
PY - 2017/6/23
Y1 - 2017/6/23
N2 - As security incidents continue to impact organisations, there is a growing demand for systems to be 'forensic-ready'-to maximise the potential use of evidence whilst minimising the costs of an investigation. Researchers have supported organisational forensic readiness efforts by proposing the use of policies and processes, aligning systems with forensics objectives and training employees. However, recent work has also proposed an alternative strategy for implementing forensic readiness called forensic-by-design. This is an approach that involves integrating requirements for forensics into relevant phases of the systems development lifecycle with the aim of engineering forensic-ready systems. While this alternative forensic readiness strategy has been discussed in the literature, no previous research has examined the extent to which organisations actually use this approach for implementing forensic readiness. Hence, we investigate the extent to which organisations consider requirements for forensics during systems development. We first assessed existing research to identify the various perspectives of implementing forensic readiness, and then undertook an online survey to investigate the consideration of requirements for forensics during systems development lifecycles. Our findings provide an initial assessment of the extent to which requirements for forensics are considered within organisations. We then use our findings, coupled with the literature, to identify a number of research challenges regarding the engineering of forensic-ready systems.
AB - As security incidents continue to impact organisations, there is a growing demand for systems to be 'forensic-ready'-to maximise the potential use of evidence whilst minimising the costs of an investigation. Researchers have supported organisational forensic readiness efforts by proposing the use of policies and processes, aligning systems with forensics objectives and training employees. However, recent work has also proposed an alternative strategy for implementing forensic readiness called forensic-by-design. This is an approach that involves integrating requirements for forensics into relevant phases of the systems development lifecycle with the aim of engineering forensic-ready systems. While this alternative forensic readiness strategy has been discussed in the literature, no previous research has examined the extent to which organisations actually use this approach for implementing forensic readiness. Hence, we investigate the extent to which organisations consider requirements for forensics during systems development. We first assessed existing research to identify the various perspectives of implementing forensic readiness, and then undertook an online survey to investigate the consideration of requirements for forensics during systems development lifecycles. Our findings provide an initial assessment of the extent to which requirements for forensics are considered within organisations. We then use our findings, coupled with the literature, to identify a number of research challenges regarding the engineering of forensic-ready systems.
KW - Forensic Readiness
KW - Forensic-By-Design
KW - Survey
UR - http://www.scopus.com/inward/record.url?scp=85024478261&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85024478261&partnerID=8YFLogxK
U2 - 10.1109/RCIS.2017.7956555
DO - 10.1109/RCIS.2017.7956555
M3 - Conference contribution
AN - SCOPUS:85024478261
T3 - Proceedings - International Conference on Research Challenges in Information Science
SP - 328
EP - 333
BT - RCIS 2017 - 11th IEEE International Conference on Research Challenges in Information Science - Conference Proceedings
A2 - Pastor, Oscal
A2 - Mouratidis, Haralambos
A2 - Assar, Said
PB - IEEE Computer Society
T2 - 11th IEEE International Conference on Research Challenges in Information Science - RCIS 2017
Y2 - 10 May 2017 through 12 May 2017
ER -