Incident response is the method by which organisations take steps to identify and recover from an information security incident, with as little impact as possible on business as usual. Digital forensics is what follows - a scientific investigation into the causes of an incident with the aim of bringing the perpetrators to justice. These two disciplines have a close but complex relationship and require a balancing act to get right, but both are essential when an incident occurs.
In this practical guide, the relationship between incident response and digital forensics is explored and you will learn how to undertake each and balance them to meet the needs of an organisation in the event of an information security incident. Best practice tips and real-life examples are included throughout. ---
‘A great book which I could see on the shelf of any investigator or included in the book lists of digital forensic and cyber security students at university’. Dale McGleenon, UK Ministry of Defence, Cyber Forensics & Network Incident Response ---
'A fantastic summary of cyber incident response and digital forensics for existing practitioners and managers which covers the all-important impact on people! This a great book to whet the appetite of those aspiring to get into the field.' Martin Heyde , Senior Manager - Cyber Incident Response, Deloitte LLP