Computer Crime Investigations - Managing a Process Without Any Golden Rules

Security is often viewed as an "after the fact" service which sets policy to protect physical and logical assets of the Company. In the event that a policy is violated, the Security organization is charged with making a record of the violation and correcting the circumstances that permitted the violation to occur. Unfortunately, the Computer Security Department (CSD) is usually viewed in the same light and both are considered cost-based services. To change that school of thought, security must become a value added business partner, providing guidance before and after incidents occur. This is achieved by utilizing a structured approach that begins with the initial report and ends with awareness feedback to Company upper management and employees. When this methodology is followed, the process becomes a continuum.