ISMS role in the improvement of digital forensics related process in SOC's
Abstract
Organizations concerned about digital or computer forensics capability which establishes procedures and records to support a prosecution for computer crimes could benefit from implementing an ISO 27001: 2013-compliant (ISMS Information Security Management System). A certified ISMS adds credibility to information gathered in a digital forensics investigation; certification shows that the organization has an outsider which verifies that the correct procedures are in place and being followed. A certified ISMS is a valuable tool either when prosecuting an intruder or when a customer or other stakeholder seeks damages against the organization. SOC (Security Operation Center) as an organization or a security unit which handles a large volume of information requires a management complement, where ISMS would be a good choice. This idea will help finding solutions for problems related to digital forensics for non-cloud and cloud digital forensics, including Problems associated with the absence of standardization amongst different CSPs (Cloud service providers).
- Publication:
-
arXiv e-prints
- Pub Date:
- June 2020
- DOI:
- 10.48550/arXiv.2006.08255
- arXiv:
- arXiv:2006.08255
- Bibcode:
- 2020arXiv200608255H
- Keywords:
-
- Computer Science - Cryptography and Security;
- Computer Science - Networking and Internet Architecture;
- Electrical Engineering and Systems Science - Systems and Control
- E-Print:
- 8 pages, 4 figures, 1 table