Bryan Sartin Ubizen
The use of forensics analysis in information security is growing, much in response to a sharp uptake in more criminally motivated attacks on organizations' networks and IT infrastructure. Much like their law enforcement brethren glamorized on popular TV shows, cyber forensics experts use forensics investigative techniques to examine attacks on comprised networks, tracing a hacker's "footsteps and fingerprints" to determine a motive, a target and, in best case scenarios, the hacker's identity. In this presentation, security expert Bryan Sartin will explore the ever-intriguing and complex field of forensics analysis.
Beginning with hacking attempts that breach a network's security defenses, the presentation will walk attendees through the processes by which cyber forensics teams identify the source of compromises, determine if data has been damaged or stolen and investigate how compromises are executed. Sartin will also discuss how forensics experts methodically comb through network systems to pinpoint affected systems and to gather electronic evidence, which must be carefully preserved for future research or legal prosecution. Attendees will receive both technical and business perspectives on the benefits of forensics analysis when breaches occur and leveraging investigation findings in overall network security strategies. Additionally, attendees will learn methods, such as gap analysis, to be employed after an attack to mitigate vulnerabilities and to compare a company's security infrastructure to current security standards.