Digital Forensic Readiness
Date : 04 January 2017
Time : 11:00 AM to 07:07 PM IST
Topic : Digital Forensic Readiness
Collaborators : Mr. Krishna Sastry Pendyala, Executive Director, PWC Advisory
Banking and financial institutions today face several information security related threats. There is a visible surge in cyber-attacks, leading to an increase in issues related to legal, regulatory, and privacy compliance. Distributed Denial of Service (DDoS) attacks, spear phishing, ransomware, and insider threats such as Data theft, datadidling etc., continue to endanger banking and financial institutions. Given the circumstances, an ideal approach is to focus on detecting, recovering from and mitigating cyber security risks across multiple channels. A poorly managed security incident can adversely impact an organization by increasing downtime, escalating the cost of investigation, and attracting legal liability and sanctions besides negative publicity. The lack of proper forensic readiness results in the increase of the cost of investigation, sanctions from courts/regulatory authorities for not being able to collect the digital evidence in a forensically sound manner. The ability to identify, investigate, and mitigate such security incidents, while ensuring legal and regulatory compliance, has thus become an organizational imperative. The session covered the following topics:
What is Digital Forensic Readiness?
Why it is necessary -legal and regulatory issues
Benefits of Digital Forensic Readiness?
ISO 27037: Guidelines for identification, collection, acquisition and preservation of digital evidence
ISO 27041: Guidelines on assuring suitability and adequacy of incident investigation method
ISO 27042: Guidelines for analysis and interpretation of digital evidence
ISO 27043: Guidelines for incident investigation principles and processes
RBI's - Cyber Security Framework in Bank: June 6th 2016
Krishna Sastry Pendyala
Executive Director PwC| Advisory
Mr. Sastry is an industry expert and thought leader in the field of Cybersecurity. Till 2013, Mr Sastry served Bureau of Police Research & Development (BPR&D) & Directorate of Forensic Science Services (DFSS), Ministry of Home Affairs, Govt. of India for 22 years as Forensic Investigator/Scientist and handled a large number of Digital Crime Investigations & Cyber Security incidents of national and international importance.
Mr Sastry also worked as Principal Consultant & Head, Fraud Management & Digital Forensics, Enterprise Security & Risk Management group of Tata Consultancy Services for 3.5 years and was responsible for Strategy, Business development of Fraud Management & Digital Forensic services.He has examined more than 1400 cases involving electronic evidence and deposed evidence in various Courts of Law in his illustrious career so far.
He has authored/co-authored/ Reviewed a large number of books, Research papers and articles. He is also guest faculty at various national training academies such as National Police Academy (SVPNPA), National Judicial Academy (NJA), Reserve Bank of India, Insurance academy, Universities, professional bodies such as ISACA, DSCI etc., and invited speaker in various national/international conferences.
Through INTERPOL General Secretariat, Lyons & national central bureau (INTERPOL) India, as a subject matter expert, he trained Law Enforcement Authorities from more than 95 countries in Asia, Africa and Pacific regions in Electronic Fraud & Cyber Crime investigations, digital forensics etc. Mr Sastry is also an advisory member of IT security committees of Banking, Insurance and regulatory authorities.