Risk Management on Computer Forensics
. Introduction
The report is based on the assessment of the security risks within a healthcare organization. The study is based on an internal risk that has affected the healthcare organization. One of the employees of the organization was accessing the confidential health information of patients with the help of password cracking software. Hence, a forensic investigator has been appointed for conducting a detailed plan for avoiding the risk scenario.
2. Discussion
The study focuses on the impact of the theft of confidential information of patients within a health organization. An employee was stealing the information of patients for their own purposes, which is a major violation of the norms within the organization (Van Deursen, Buchanan & Duff, 2013). Based on the internal conduction of review based on the security risks, there would be some initial steps that should be followed for avoiding the risks that are incurred and thus prevent the organization from facing such forms of risks in the future.
2.1 Initial Steps of Investigation
Mobilise the Team of Incident Response – An incident response team should be deployed, which would collect the relevant evidence based on the technical breaches. The IT team should be able to deal with the cases related to breach of data, hacking and other kinds of issues.
Ensuring the Security of Systems – The team should perform security audits and thus isolate a certain section, which was affected. Hence, a thorough investigation should be performed based on the remedial action that would be taken.
Addressing of Legal Requirements – The rules and regulations should be properly followed as per the security policy of the organization during the conduction of investigation.
With the help of these kinds of techniques, it would be very much helpful for collecting information and evidence based on a deep level of research on the crime.
2.2 Issues of System Forensics
System forensics faces various issues based on technical, resource and legal based challenges within the study of the cases (Pichan, Lazarescu & Soh, 2015).
2.3 Impact of System Forensics
System forensics would play a major role in the investigation based on the case study. Forensics would help in the system of criminal justice by providing a thorough analysis based on physical evidence.
2.4 Impact of Sequestration
Sequestration plays a major role in forensics based on the participation of witnesses within the actual proceedings of courts and thus help in the legal proceedings of the case.
2.5 Use of Technology and Resources to Conduct Research
The usage of IT-based crime-solving techniques and IT professionals would be quite helpful in conducting a high level of research for various resources based on the conduction of crimes and gathering evidence for addressing the issues (Aminnezhad & Dehghantanha, 2014).
3. Conclusion
Based on the discussion, it could be concluded that the proper conduction of investigation by the forensic team would play a major role in dealing with the criminal case and thus secure the confidential data that was hacked.
4. Recommendation
Based on the drawn conclusions, it could be recommended that the team of forensic should make use of appropriate steps for detecting the prime source. They should implement the high level of security patches within the software in order to protect the data of the organization and thus ensure a healthy environment (Maras, 2015).
5. References
Aminnezhad, A., & Dehghantanha, A. (2014). A survey on privacy issues in digital forensics. International Journal of Cyber-Security and Digital Forensics (IJCSDF), 3(4), 183-199.
Maras, M. H. (2015). Computer Forensics. Jones and Bartlett Learning.
Pichan, A., Lazarescu, M., & Soh, S. T. (2015). Cloud forensics: Technical challenges, solutions and comparative analysis. Digital Investigation, 13, 38-57.
Van Deursen, N., Buchanan, W. J., & Duff, A. (2013). Monitoring information security risks within health care. computers & security, 37, 31-45.