Computer Forensics/ Incident Response
Cyber Security Programs can be complex and should be treated as any other business activity with a plan, respond, and modify cycle where the plans are revised based on feedback from the assessment of the cyber situation. Computer Forensics searches for the root cause of the problem.
Incident response plans should be prepared prior to the occurrence of an incidence and carried out as soon as possible after the breach is discovered.
Work flows diagrams aid in the understanding and management of the activities taking place when data breach occurs. This work flow is related to IP theft.
Many risks and exposures can be mitigated if a multi-disciplinary team is brought in to advise and consult before an adverse event takes place. Policies to protect the corporation should be in place prior to a breach. These policies will provide legal arguments related to reasonable protection of the confidentiality of intellectual property.