Intelligent CISO Issue 16 - Page 38

FEATURE and build cases to fight fraud and other crimes endemic to government and the public sector. What’s needed are tools to locate and analyse data often unavailable through conventional processes, allowing examiners and investigators to collect key evidence quickly and with confidence. Law firms want to better serve their clients by simplifying their e-discovery processes and reducing costs. This can be a tough challenge with today’s caseloads where millions of documents and terabytes of data are commonplace. To make e-discovery more efficient, you need access to integrated tools for processing, review and case organisation. And you need a real- time review platform that allows secure collaboration, regardless of where any member of the litigation team is located. dispersed investigatory teams and real- time collaboration. And as with large enterprises, service providers need to balance evidence collection and privacy rights. Surely what’s needed are new solutions – more powerful, flexible forensic technologies that can handle big, diverse data loads faster than existing platforms. But it’s not just about more processing power. Investigators in any industry or sector need better indexing, higher scalability and nimbler collection capabilities. Just as important, today’s solutions must accommodate the changing nature of investigations and empower diversifying teams. More than anything, today’s solutions need to be smarter. The changing nature of investigations – breaches, regulations and IoT Multinational service providers, consultants and accounting organisations have unique business challenges that cut across the corporate and legal world. Like law firms, service providers need to be able to carry out complex e-discovery projects. Executives are becoming more focused on data security in light of high-profile data breaches that have tarnished brands such as Facebook, Google, Marriott, British Airways and dozens of other tech and consumer brands in recent years. They’re also expected to provide expert support for international compliance efforts. As such, there’s an urgent need for tools that can support globally Additionally, data privacy legislation such as the EU’s GDPR and state- level regulations in the US are driving greater awareness of security issues and leading to more investigation activity. Increasingly, C-level executives want reassurance from their cybersecurity teams that their data is secure and the company is compliant. Forensics professionals are confronting much larger data loads, with new, complex information types tapped from a growing diversity of sources. 38 The way forward – cross- team collaboration There’s growing consensus that effective collaboration is a key to success when managing investigations. No longer can teams work in metaphorical silos as the data that must be collected expands to different teams and devices. This holds true for forensic investigations whether at the corporate level or in the public sector. At the same time, with HR, compliance and legal playing a more active role in data preservation, as well as collection and analysis as part of investigations, organisations need to facilitate better collaboration between teams. The need is especially acute when outside counsel, law firms or service providers are brought into an investigation. Given these realities, decision-makers are increasingly demanding integrated tools that enable and foster that collaboration without requiring unnecessary data movement, longer timeframes or higher costs. Technologies optimised to meet emerging challenges To conduct successful investigations in today’s challenging environment, you need an end-to-end solution that will enable investigators to find relevant evidence as quickly as possible. What to look for in a core platform: • Speed and stability: Distributed processing and the ability to leverage multi-thread/multi-core computers to realise full potential of hardware resources. • Up-front indexing for more efficient filtering and searching: The difference is that whether you’re investigating or performing document review, you have a shared index file, eliminating the need to recreate or duplicate files. • Built on a single unified database: Single data store ensures that your data doesn’t have to move between separate, disparate platforms and products, thereby introducing risk and potentially disrupting the chain of custody. What to look for in digital forensics: Forensic investigations today frequently need to cut across distributed digital teams, with an overwhelming amount of data to process. From multiple office locations, to massive employee pools and remote workers, investigators need enterprise tool sets that provide deep visibility into live data directly at the Issue 16 | www.intelligentciso.com