25 January 2012 – 6.00pm-8.00pm followed by drinks
Buchanan House, 24-30 Holborn, London EC1N 2LX

As a specialist in information security, are you/your organisation prepared in case of a cyber-criminal, fraud or other security incidents? Have you tried and tested your response? Do you have processes to record and manage incidents? Do you have a suitable system which would allow you to learn from it and manage remediation? Are you confident that your case management system could also show trends, provide learning from other aspects such as impact, aggregate effect and cost? Do you use the data from the planning phase to post incident to inform your understanding of operational risk? How do you deal with particularly sensitive incidents?

All those questions will be discussed at a QCC briefing (under Chatham House rule) on 25 January 2012 at our London offices, from 6pm to 8.00pm, followed by drinks and canapés.

If you would like to receive further details, please contact Marité on 020 7632 7134 or email briefings@qccis.com

On 16 August, Neil Hare-Brown, CEO of QCC Information Security spoke on the role of the digital investigator to a group of IISP graduates.

“It was an honour to be invited to speak at this event and to support the IISP Graduate Development Programme. I hope that many IISP members will want to enter the field of digital investigations and commend this important field to them. As a leader in the field, QCC have an on-going initiative to support information security professionals, especially in the areas in which we excel such as digital investigations and GRC advisory”.

The Institute of Information Security Professionals

Briefing on the evidential usefulness of computer data
Keynote speaker: Paul Keleher QC
20 July – 6pm-8.30pm
QCC offices, Holborn, London EC1

Following our successful series of digital forensic briefings, we are pleased to invite you to the next briefing on the evidential usefulness of computer data where we will be discussing the reliability and potential vulnerabilities of this type of forensic evidence, along with the legal implications of it. Computers store enormous amounts of digital data, only some of which will be relevant and helpful. Knowing where artefacts will be and interpreting them correctly is crucial when assessing the validity of the evidence relied upon by the prosecution and the material they have ignored. Best-practice high-tech investigations ensure that digital data is gathered and analysed correctly to prevent case-critical evidence being compromised.

During the briefing, you will hear from 2 specialists in this field:

Keith Bishop, QCC computer forensic specialist, will introduce the subject – defining terms and looking broadly at the reliability and potential vulnerabilities of computer data analysis. He will also give a technical overview and present various scenarios and case studies.

Paul Keleher QC – 25 Bedford Row, will speak on the legal challenges that computers present. Paul appears in Chambers & Partners and Legal 500 in the ‘Leaders at the Bar’ section. He is experienced in all areas of serious crime, including terrorism, homicide, drug trafficking and fraud. He is recognised as not only an outstanding trial advocate but also for his interest in the practice and development of the law, from being awarded a First in Company Law, specialising in insider dealing whilst still an undergraduate, to writing and lecturing on various aspects of criminal law. He is acknowledged as an expert in cases involving information technology, computer use and misuse and mobile phones.

As we are an accredited SRA external CPD provider, you will be able to claim 2 hours of CPD credit – please use reference DYM/QCCI. To book a free place, please send an email to briefings@qccis.com or phone Marité Stragier, on 020 7632 7134.

Cloud computing is the new hot topic. Although many see using and sharing software hosted on the Internet as a natural next step in our exploitation of the World Wide Web, it can however pose a challenge to those involved in digital forensics investigations. Reliance by organisations on third-party providers of ‘Software as a Service’ (SaaS), ‘Platform as a Service’ (PaaS) and ‘Infrastructure as a Service’ (IaaS) solutions can significantly hinder the ability of internal or external forensics specialists to conduct digital investigations. None of the associated problems are insurmountable – but effective solutions may require considerable work and time. This paper examines the practical steps needed to ensure investigations can progress unhindered. Also identified are potential issues, practical solutions and the tools required to investigate security breaches in the Cloud effectively.

Download our white paper on digital investigations in the cloud from our publications page.

The way that the Ministry of Defence (MOD) responds to information loss incidents is more critical than ever. Whether it is a laptop left on a train or restricted emails appearing on an unrestricted network, the military have to act very quickly.

To help manage such security breaches, minimise their impact and cut down on similar incidents in future, the MOD’s Joint Security Coordination Centre (JSyCC) has implemented Blackthorn, an out-of-the-box solution for managing activities related to sensitive operations and issues. Blackthorn increases the effectiveness of follow-up activity, and helps the MOD to protect sensitive information.

Read more about how Blackthorn is helping safeguard data integrity for the MOD.