http://www.deticaforensics.com/news/press-releases.html 2010-09-06T14:51:55+01:00 Zend_Feed http://www.deticaforensics.com/news/press-releases.html 2010-02-18T00:00:00+00:00

Winner of the prize Emili Evripidou used Javascript to implement a number of the homomorphic encryption schemes via a web browser. With Javascript the voter can verify the code and does not need to download an application.

Nick Spenceley, Head of Detica Forensics, said: “Yet again, the Detica Security prize is highlighting a top class cryptography project at the University of Bristol and the significance of encryption in society today. Emili Evripidou’s project is both intellectually outstanding and of great practical significance as we move towards electronic voting.”

Professor Nigel Smart of the Department of Computer Science at Bristol said: “To be recognised by a global leader in information intelligence, is a great incentive for our postgraduate students. Competition is keen and Emili Evripidou’s dissertation was particularly impressive. I especially liked the way her application turned out to be a good practical test of the runtimes of different browsers in handling the necessarily large amounts of data.” ]]> http://www.deticaforensics.com/news/press-releases.html 2009-05-14T00:00:00+01:00

Newer mobile phones such as Google’s G1, Apple iPhone and Symbian OS phones include capabilities for developers to introduce their own code and applications, significantly transforming the mobile phone security landscape. Whilst some manufactures heavily regulate these processes, avenues are emerging for rogue developers to place malicious code onto these devices.

Whereas earlier handsets like the Blackberry use software supplied by large, well-known third-party organisations, the trend towards mass application development places a much greater onus on users to trust the applications they choose to download and install. Inevitably there will be attempts to introduce malicious code into the application ecosphere.

Andy Clark, Head of Forensics at Detica, said: “Users will find it highly beneficial to be able to store large quantities of personal and sensitive information on their computer-phones and will look to take advantage of the third party software written for these new phones. But this fact will not be lost on fraudsters and criminals, and the technology will inevitably attract data thieves and virus writers. How will users know what third party software they can trust?

“Suddenly mobile phone forensics has gone mainstream – their computing facilities and third party applications mean that we must apply many of the usual practices and procedures for general IT forensics.

“The introduction of USB drives stimulated a widespread review of organisations’ security policies as it became clear that large quantities of corporate data and intellectual property could be copied and removed with ease. The ease of downloading potentially unverified third party applications presents even greater risks and requires a review of security policies.”

In its tests on this new generation of phones, Detica Forensics has discovered that access to the full data set on a phone is often difficult as it requires root access. Prompt updates to the operating systems from suppliers have removed identified vulnerabilities, but this will be an ongoing arms race.

“Enhanced computing functionality is often accompanied by increased threats. That’s simply a fact of life which organisations need to address,” concluded Clark.]]> http://www.deticaforensics.com/news/press-releases.html 2009-05-06T00:00:00+01:00

In its recently published Security Policy Framework ( www.cabinetoffice.gov.uk/spf.aspx ), the UK Government has overhauled its security guidance and now insists upon “a forensic readiness policy that will maximise the ability to preserve and analyse data generated by an ICT system”.

“In this rapidly changing environment, it’s our belief that some Government departments and agencies may not be fully prepared for a digital incident,” said a Detica Forensics spokesperson. “We therefore welcome this governmental review which gives a lead that should be heeded by every organisation in the country – and not just government departments and agencies.

“Currently most organisations will scramble to cope with a digital incident and in doing so they will risk contaminating evidence by acting too hastily without fully comprehending the consequences. We are regularly called in after some well-intentioned staff member has tried to begin an investigation but effectively stopped it in its tracks because they have compromised the evidence by not following precise and rigorous procedures.

“So Detica Forensics has developed Digital Incident Readiness Reviews that have the triple functions of helping organisations preserve evidence, ensuring that they comply with legal and regulatory requirements, and minimising disruption to operations.”

Based on more than 20 years experience of digital security, Detica Forensic’s Digital Readiness Review comprises five main elements:

• A Network and Systems Audit to identify strengths and weaknesses.
• A Policy and Procedures Audit to gauge ability to respond to an incident.
• Risk Identification and assessment to identify and mitigate risks in responding to incidents.
• A Digital Incident Response Plan developed with in-house staff to prioritise protection.
• First Responder Training to minimise evidence contamination and maximise chances of success.

For more details of Detica Forensic’s Digital Readiness Review, contact +44 (0) 845 0507640.]]> http://www.deticaforensics.com/news/press-releases.html 2008-12-02T00:00:00+00:00

In a simulated court session, Expert Witnesses from Detica Forensics presented evidence from realistic fictionalised forensics reports and were cross-examined by 23 Essex Street barristers before a Circuit Judge, a former Head of the Chambers, who commented on the performances.

Andy Clark, Head of Forensics at Detica, explained: “As technology pervades every aspect of our lives, digital footprints are everywhere. Often the evidence is so incriminating that it doesn’t even reach the courts, but when it does barristers must be fully prepared to cope with its language, complexities and intricacies. For their part, Expert Witnesses must be able to articulate the key evidence so that it can be understood by judges and juries with varying levels of IT knowledge. This simulation exercise gave both parties the chance to test and evaluate their skills.”

“As a Chambers we are eager to keep pace with the changing skill sets required of barristers in a rapidly changing world,” explained John Stanford , Professional Development Co-ordinator at 23 Essex Street. “The digital forensics seminar series is part of our Continuing Professional Development programme that has proved useful and popular amongst our barristers. This latest workshop provided a very real test for all sides and as a simulation exercise, rather than a lecture, provided us with a good opportunity to develop our skills.”

About 23 Essex Street

23 Essex Street is primarily a criminal set whose members practise in all areas of criminal law, both defending and prosecuting, across London and the South Eastern Circuit. Silks practise throughout the country. 23 Essex Street has a particular reputation in the core area of criminal work, in cases concerning serious crime, such as murder and sexual offences and other cases involving vulnerable witnesses; white-collar crime, such as criminal fraud and money-laundering offences; and customs and revenue offences. Chambers has acquired a considerable reputation in both defending and prosecuting in criminal proceedings and its members have been involved in many of the celebrated and high-profile cases over the last 50 years.

The conduct of disciplinary and regulatory proceedings is undertaken by a highly regarded team of skilled advocates, both prosecuting and defending, in the fields of Medical Health Care Regulatory and Disciplinary Proceedings, Police disciplinary proceedings and city regulatory work.

Members have particular expertise in the specialist areas of courts martial work, civil actions arising from criminal investigations, and major public inquiries

In all these practice areas, 23 Essex Street can field barristers highly ranked in the leading legal directories, from leading silks to senior juniors in addition to juniors at all call levels, and can assemble teams to undertake the conduct of complex cases. ]]> http://www.deticaforensics.com/news/press-releases.html 2008-08-19T00:00:00+01:00

Calling for a review of working practices and additional training for forensic investigators, Gallo will explain how live data capture is playing an increasing role in investigations and the particular skills and experience required for the job.

“The traditional guidelines for seizure of suspect computers focuses on the preservation of evidence by switching off the computer – but this risks losing vital transient evidence especially when encrypted data is involved,” explained Vince Gallo. “Crucial evidence is therefore destroyed by following the very practices that are supposed to preserve it!”

Gallo advocates modifying the guidelines to more explicitly encourage investigators with the requisite skills to examine live machines.

“While the ACPO guidelines recognise the potential value of capturing volatile data, many investigations require the input of new skills, experience and, without such skills, many investigators are unwilling to risk live data capture,” added Gallo. “They may therefore be missing vital data.”

Gallo continued: “Some of the usual forensic tools simply aren’t suited to live investigations and alternative strategies and methods need to be deployed. The Detica Forensics Live Data Capture Team has been involved in several live investigations recently and has had to overcome a new set of challenges.”]]> http://www.deticaforensics.com/news/press-releases.html 2008-07-09T00:00:00+01:00

The participants, hosted by The Centre for Interdisciplinary Studies in Information Security and comprising leading experts from many disciplines, including mathematics, cryptotology and risk management, will meet for a week-long workshop at Monte Verita from 7-11 July 2008.

As part of his contribution, Andy Clark will give a perspective on the history of information forensics from the phone phreaking explorations of telecoms networks of the 1970s and early hacking exploits to today’s proliferation of e-crime.

“Some of the poachers have since turned gamekeepers and digital forensics gamekeeping methodologies have come a very long way in just a few decades,” said Clark. “Today two rising issues are dealing with encryption and live data capture to ensure that transient evidence isn’t lost in investigations. Both of these require highly specialised knowledge, and the investigation frontier is moving ever-forward.

“Forensics tools whilst vital come second place to the intellect of experienced teams of dedicated forensic investigators. This international workshop in Switzerland is an amazing opportunity to exchange ideas and information with top experts from many disciplines. I have no doubt that it will give us all new perspectives and inspiration to tackle the new Information Security challenges that are ahead.”

The Workshop is organised by Patrick Amon, Arjen K Lenstra and Bruce Schneier.]]> http://www.deticaforensics.com/news/press-releases.html 2008-07-07T00:00:00+01:00

“The changing face of crime, the rapid impact of its effects and the transient nature of some crucial evidence mean that we must always innovate in our approach to investigations,” explained Nick Spenceley, Head of Detica Forensics. “Our latest initiative has been to establish a team of specially trained investigators ready to be called out anywhere in the UK for live data capture and digital forensics analysis designed to capture transient evidence of illegal activity.”

Armed with a suite of commercial and proprietary portable forensic tools, the LDC team, which has a thorough understanding of the legal requirements of digital forensics investigations, can be called out to capture and image data from virtually any digital device or network. The team is specially skilled in live capture of ephemeral data for on-the-spot analysis.

“Our procedures are routine, but investigations are nearly always challenging,” continued Nick Spenceley. “The unexpected is the norm and our LDC team has therefore been carefully selected based on depth and breadth of experience. These are one-chance operations to gather evidence on suspected criminals and fraudsters and there is no room for error or inexperience.”

The Detica Forensics LDC team can be called into action for investigations in which fraudsters and criminals can be caught in the act as they are transferring or trying to destroy evidence. The team has already been deployed on cases involving IP theft and fraud.]]> http://www.deticaforensics.com/news/press-releases.html 2008-07-03T00:00:00+01:00

Winner of prize Stephen Williams, the most outstanding student of the year, will be continuing his studies by starting a PhD in Cryptography at Bristol under the supervision of Professor Nigel Smart.

Nick Spenceley, Head of Detica Forensics, said “Each year, the quality of the prize-winning work at Bristol has been extremely high and we are delighted that Detica’s association with the University of Bristol is helping to raise the profile of cryptography amongst students whose skills are in increasing demand by industry and commerce.”

Professor Nigel Smart commented, “We greatly appreciate our link with Detica: it inspires students in their dissertations and enables their efforts to be recognised by a global information intelligence specialist. Stephen’s work was outstanding and I am expect that he will become a leading figure in cryptography in the years to come.”

Stephen Williams’ work investigated security models and proofs for key agreement protocols especially as it related to protocols like TLS (Transport layer Security). He extended recent work of Morrissey, Smart and Warinschi on TLS using Signcryption as the pre-master secret key agreement protocol and extended the model to deal with other forms of key agreement, such as those based on symmetric cryptographic schemes.]]> http://www.deticaforensics.com/news/press-releases.html 2008-04-22T00:00:00+01:00

The presentation forms part of a series of seminars for technology companies and key professionals acting for large organisations and drivers of the economy and is the second to DMH Stallard and BDO Stoy Hayward this month.

“Even a decade ago 90% of all new information generated was in digital format – and today virtually all significant IP information is stored in soft format,” explained Clark. “That leaves organisations of all sizes vulnerable to an insidious form of theft that takes the simple form of copying – it’s less risky than physical theft, but every bit as valuable to the thief.”

As an everyday business operation, copying has become a trivial task among networks, PCs, laptops and handheld devices – aided by synchronisation software. However, the consequences of unauthorised copying – or theft – can have devastating consequences that can remain unobserved for long periods.

Clark will discuss how progressive organisations defend against such vulnerability with controls and countermeasures: “Audit and anticipation are essential for optimum protection. Controls are necessary, but it’s naïve not to expect staff to circumvent them – a balanced business-driven approach combined with continual auditing are essential. And a Digital Incident Response must be ready. It is usually too late to be looking in Yellow Pages after an incident has been discovered.”]]> http://www.deticaforensics.com/news/press-releases.html 2008-03-14T00:00:00+00:00

Seminar presenters including Andy Clark, Head of Forensics, Detica and an expert witness with more than ten year’s experience, discussed the surge in demand for digital forensics expertise in legal cases. They countered long-held stereotypes about expert witnesses and showed how the best in the field were now highly skilled, professional and first-rate communicators.

"The days of overly complex, technical explanations of computer evidence should be in the past," explained Clark. "The best Expert Witnesses know what clients, judge and jury need in terms of explanations to reach reasoned decisions. Of course the area is fraught with technical complexity, but there is no reason that a good Expert Witness can’t present an analysis of the evidence in clear and concise terms.

"The number of devices that hold potential evidence about the sequencing and nature of events is huge – and still growing. The skill is to obtain that information legitimately and reliably and to reveal its implications. It is all to easy to compromise valuable evidence by ignoring data collection guidelines and to misinterpret key events by not fully understanding the context and the mechanisms whereby data arrives and disappears from digital storage.

"Digital evidence is frequently providing new opportunities for resolving legal cases. At Detica Forensics we aim to guide legal professionals so that resources can be sensibly allocated to reach sound judgements."

The demand for Detica Forensics’ seminars on digital forensics continues to grow apace with the proliferation of static and mobile computer devices that can unlock key evidence. The next Seminar at 23 Essex Street Chambers is scheduled for late summer 2008.]]> http://www.deticaforensics.com/news/press-releases.html 2007-12-10T00:00:00+00:00

Professor Nigel Smart, head of the Cryptography and Information Security Group at the University of Bristol, said: “These were two very fine pieces of work and we really could not separate them. They were both very innovative and have significant practical implications. Our association with the Detica Security Prize is a clear demonstration of how commerce can inform and enrich academic studies. We are very appreciative of Detica’s commitment.”

Pamela Lubinda’s thesis developed formal security access control models such as the Biba and the Bell-LaPadula models for use in a secure web site.

Essam Ghadafi’s thesis extended the ID-based key agreement work of Smart, Chen and Cheng to a situation where there is more than one trusted authority.

Andy Clark, Head of Forensics at Detica, said: “We are delighted with the response to the Detica Security Prize. Each year students have been able to combine academic excellence with real world applications and produce remarkable pieces of work. I believe that our association with Bristol University is an excellent model in helping to forge links between academia and commerce.”

Now in its fifth year, the Detica Security Prize was formerly known as the Inforenz prize before Inforenz was acquired by Detica in 2006.]]> http://www.deticaforensics.com/news/press-releases.html 2007-09-28T00:00:00+01:00

“In the UK awareness of e-discovery is much less mature than in the USA where new regulations have been making it easier for courts and litigants to request and investigate electronic records,” explained Andy Clark. “In the UK we have yet to see the surge of high-profile cases involving electronic evidence – but it is inevitable that it will occur.”

“In our consultancy work at Detica we find that most responses to e-disclosure requests are dealt with in an unplanned, ad-hoc fashion. The very serious risk of being unprepared can, however, be addressed through simple practical steps which can be integrated with wider record-management initiatives.”

Andy Clark went on to outline what organisations need to do – from retaining records and proving their accuracy and authenticity to planning for rapid retrieval and transfer of evidence to litigants.

Even if the in-house skills to undertake e-disclosure readiness reviews do not exist, partners with the relevant expertise and experience are available to help reduce an organisation’s risk profile in a way that might even enhance the management of corporate information assets.

Sponsored by Detica, the Electronic Evidence and E-Discovery Forum was held in London on 19-20 September 2007. It aimed to help organisations ensure that they were prepared for any forensic investigations.]]> http://www.deticaforensics.com/news/press-releases.html 2007-09-19T00:00:00+01:00

Held over the course of two days in central London, the e-Discovery Forum focuses on challenges faced by large organisations and the legal sector in ensuring compliance with e-disclosure requests and in handling investigations of electronic documents. Failure to prepare can be costly or even disastrous – not only from a legal point of view, but also in terms of lost productivity through unexpected disruption to business.

The Conference is organised as a series of keynote speeches accompanied by a number of seminar modules packed with real-life case studies and examples of good practice and leading-edge techniques to manage and respond to challenges. The overall aim is to help delegates find their way through the labyrinth of issues surrounding the storage, retention, retrieval, and destruction of data.

Amongst the Detica representatives at the Forum will be Andy Clark, Head of Detica Forensics, who will be delivering a keynote speech on Detection and Crisis Response, and Neil Meikle, Project Manager at Detica Forensics, who will be demonstrating Detica’s e-discovery technologies including NetReveal and Email Analyser.]]> http://www.deticaforensics.com/news/press-releases.html 2007-09-18T00:00:00+01:00

The case has been described by the MHRA as the largest of its kind ever heard by a British criminal court.

The multi-million pound scam involved selling counterfeit tablets of Viagra, Cialis (both for erectile dysfunction) and Propecia (for treating baldness), containing only 90% of the normal active ingredient, to unsuspecting customers – many buying on-line – for up to £20 each, having often been acquired by the vendors for as little as 50 US cents. Tens of thousands of the fake tablets, manufactured in illicit factories in China, Pakistan and Asia, were bought in the UK, America, the Bahamas and Mexico, involving scores of businesses, both real and fake.

Andy Clark, head of Detica Forensics, said: "Our digital forensics linked the man at the centre of the investigations with companies and individuals implicated in the conspiracy. By piecing together fragments of emails and other documents, our experts mapped a web of contacts and uncovered evidence including a distribution agreement, a financial transaction and company incorporation details of the company at the centre of the scam.

"By reconstructing documents and analysing hidden metadata in files, we identified evidence such as document authors and key dates of editing and modification. This evidence substantiated other intelligence gathered in the case and helped secure the convictions that were announced this week."

David Porter, head of security and risk at Detica, added: "This is an excellent example of the power of digital forensics investigations. It’s not often that we can talk publicly about the activities of Detica Forensics because the issues we deal with are so sensitive. Cases are often resolved even before they reach court because the digital evidence is so incriminating."

Andy Clark continued: "This case demonstrates how digital forensics is becoming an integral part of many criminal investigations. As digital footprints become bigger, multi-dimensional and ubiquitous, and criminal activities become increasingly intertwined and networked, it is not a trivial matter for digital forensics investigators to keep pace with fraudsters and illegal transactions."]]> http://www.deticaforensics.com/news/press-releases.html 2007-03-20T00:00:00+00:00

The scenario which has been validated by the police, business community and external agencies has been designed to help business managers plan for an incident. Through an innovative terrorist-focused table-top exercise, the movements of a radicalised employee carrying out a fraud will be examined and delegates will be helped to explore the vulnerabilities of their organisation to such an incident.

Early indications show high demand for the event from IT Security managers, Business Continuity managers, Heads of Security, and Human Resources specialists. Delegates will be carefully selected to ensure that there is a broad experience and mix of professionals who will add value to the programme. Companies may nominate two delegates who will be expected to share their expertise and to discuss and comment on elements of the exercise during the syndicate-working phase.

The full day event to be held on 28 March in Central London includes amongst its other guest speakers Deputy Assistant Commissioner Peter Clark, National Co-ordinator for Terrorist Investigations.

For more details, contact Andrew Drage of the City of London Police on 07711 056 313 or andrew.drage@cityoflondon.pnn.police.uk]]> http://www.deticaforensics.com/news/press-releases.html 2007-03-01T00:00:00+00:00

Because the vast majority of data in the workplace is now generated and stored electronically, many companies now consider their data as critical to the ongoing success of their business. However, it is Detica’s belief that many companies are still not ready for a serious ‘digital incident’ such as the loss, theft or corruption of data, often by insiders working in collusion with criminal gangs. In scrambling to cope with this new breed of high-tech disruption, companies may inadvertently do more harm than good. This ranges from contaminating the evidence and wasting valuable resources to making hasty decisions that disrupt company operations and degrade customer service.

To respond to the continuing evolution of the high-tech threat, Detica Group plc has launched a new digital forensics division, Detica Forensics, to enhance its Information Intelligence services for commercial and government organisations. Detica Forensics builds on the recent acquisition of Inforenz Limited, a company that has developed an enviable reputation through its work for commerce, law enforcement agencies and regulatory bodies.

"Data reaches into every aspect of an organisation, from brand and reputation, to regulation and compliance. Organisations need to be proactive in protecting their critical data resources and dealing efficiently with a digital incident should one occur," explains Andy Clark, Head of Detica Forensics. "In the modern economy, digital forensics is a critical tool in protecting organisations from the considerable array of digital risks they face. The investigative capabilities of Detica Forensics significantly enhance Detica’s Information Intelligence services and, in particular, complements Detica’s NetReveal fraud detection solution. Clients will be able to enhance their existing preventative and detective countermeasures with a forensic investigation capability that follows the complete evidential chain from keyboard to courtroom."

Detica Forensics investigates unusual, unauthorised and illegal computer activity to help to combat fraud and reveal hidden information for commercial, regulatory and law enforcement agencies. Services include preliminary and full investigations, Digital Incident Readiness Reviews, cryptography consultancy, specialist data recovery, forensics training and access to accredited expert witnesses.

Clark concludes: "Detica Forensics will appeal to any organisation that understands the value of its data and information assets. Security can never be totally guaranteed and it is therefore essential to have ways to investigate information leakage, to monitor data traffic and to uncover concealed data. Financial, legal and telecommunications companies will be especially interested in our services, but we also expect considerable interest from the rapidly growing number of organisations needing to secure high value intellectual property."]]> http://www.deticaforensics.com/news/press-releases.html 2006-09-08T00:00:00+01:00

COSAC, now in its thirteenth year, has become renowned as a pre-eminent international event attracting global digital security experts. It provides an environment for security professionals and business managers to work in a spirit of co-operation and confidentiality to develop ideas and strategies to combat the latest challenges in the field of security and risk.

Vince Gallo, Head of Forensic Technology at Inforenz, will give a timely presentation on the new security features found in Microsoft's recently launched Vista operating system. PCs with the new Vista operating system and a Trusted Platform Module (TPM) promise to deliver a highly secure personal computing environment. Vince will explore what will actually be delivered with Vista, and how the security of a PC can be greatly enhanced. He will also consider some of the less attractive aspects of these systems and the problems that will be encountered by law enforcement agencies, first responders, technical support, auditors and many others who need to access stored information — information that will be very well protected by Vista.

In a second paper Vince Gallo will discuss the art of the possible in steganalysis, and in particular how some new advanced image processing techniques could mean that routine steganalysis will become a viable countermeasure against some risks of information leakage.

Andy Clark, Head of Forensics at Inforenz, will be speaking on the threats that Voice over IP (VoIP) brings into an enterprise. He will discuss how VoIP works and how hacking techniques have evolved to enable attacks on inappropriately configured networks. He will demonstrate some VoIP testing tools and conclude with a discussion of the baseline controls that should be implemented on any VoIP network.]]> http://www.deticaforensics.com/news/press-releases.html 2006-09-08T00:00:00+01:00

During the course of its history COSAC has established itself as the most intimate of security symposia offering an international platform for information security professionals and business managers to share their successes and challenges in the most confidential of settings.

With the focus on issues, COSAC has delivered some notable ‘eureka’ moments in the development of the security and risk industry. It was at Cosac in 2002 that Tsutomu Matsumoto extended his “Gummy Finger” research into defeating biometric systems. In 1999, Vince Gallo presented a devastating premiere of the “Bunratty Attack”. And Paul Kocher’s demonstrated his ingenious use of “Differential Power Analysis” to defeat cryptographic protection of smart cards.

Andy Clark of Inforenz commented: " I am delighted that Detica has agreed to continue Inforenz sponsorship of COSAC. What makes COSAC so special is the spirit of co-operation amongst competitors that pervades the event. Delegates feel free to discuss issues in a confidential environment and this helps greatly in the development of ideas and strategies to help combat the ever-growing phenomenon of digital crime."]]> http://www.deticaforensics.com/news/press-releases.html 2006-07-31T00:00:00+01:00

Commenting on the acquisition of Inforenz, Tom Black, Chief Executive of Detica said:

"We are extremely pleased with this transaction, which strengthens significantly our portfolio of investigatory services and products for commercial and law enforcement clients. Inforenz has been a very successful business in recent years and we believe that combining our resources will enable us to build further on that success."]]> http://www.deticaforensics.com/news/press-releases.html 2006-05-16T00:00:00+01:00

“While Vista offers greatly enhanced desktop security by enabling convenient and strong encryption of data using its Trusted Platform Module, there is a significant danger of data loss because the TPM is ultimately protected by a single key,” explained Vince Gallo. “Therefore, if the TPM malfunctions or the desktop disappears, the data, even if backed-up elsewhere, cannot be decrypted and is irretrievably lost.”

Gallo continued: “The solution is the comprehensive reassessment of business continuity plans to ensure that adequate cryptographic key backups are created. With increasing compliance requirements, such as Sarbanes-Oxley, businesses must be fit to pass compliance audits. We believe that a thorough forensics-readiness review will be essential for virtually every business that wants to migrate to Vista.”

Reaction from conference delegates suggested that the implications of Vista’s security features is taking many businesses by surprise. Gallo continued: “I’ve heard a few senior corporate security specialists say that they may not even deploy Vista’s encryption features because of the business continuity ramifications.”

Vista, now in its third beta version, is scheduled to be launched in January 2007.

Vince Gallo will be speaking in greater depth on the topic at Cosac, the premier international security seminars, in Ireland in September 2006.]]> http://www.deticaforensics.com/news/press-releases.html 2005-11-10T00:00:00+00:00

Welcomed by system architects who for years have struggled to achieve integrated security for individual businesses, the book marks a very significant advance in security architecture.

“This birth-to-death treatment is unique and should be on every CIO, ICT infrastructure and application development directors’ desk,” said Professor Brian S Collins of Cranfield University and the British Computing Society.

Andy Clark, co-author and a director of digital forensics specialists Inforenz, explained: “Our book is intended for technical security personnel and business managers who have very real security issues to confront in their day-to-day business. It is designed as a tutorial and a reference tool and has examples of real business security solutions. To ensure that it is grounded in the real world, we have incorporated the varying perspectives of the main players in any business upon whom security architecture impinges.”

Using key theoretical models and decades of combined practical experience, the authors have designed SABSA (Sherwood Applied Business Security Architecture), a generic model which can be used to develop unique solutions for any enterprise. Central to the framework is Business Attribute Profiling, a key step in capturing business requirements, defining measurement approaches and setting performance targets for information system risk management.

Enterprise Security Architecture: A Business Driven Approach by John Sherwood, Andy Clark and David Lynas is published by CMP Books and is available through Amazon]]> http://www.deticaforensics.com/news/press-releases.html 2005-11-01T00:00:00+00:00

Juli Salvi, product manager at Inforenz, said: "Our long-standing research and development programme into steganography and steganalysis means that we have become acknowledged experts in this field. We have been considering a number of ways to package our expertise for the benefit of the professional forensic community. As well as giving presentations on the subject to specialist groups, the most obvious way was to enhance the capability of our search and metadata tool, Inforenz Forager®."

During the F3 conference Vince Gallo, a director of Inforenz, presented an overview of steganographic techniques and the way in which they might be detected using steganalysis. Inforenz staff then demonstrated the new Forager® plug-in to the many interested delegates.

A beta-test version of Forager’s new steganalysis plug-in, which is being enhanced as a result of feedback at the conference, will be available in mid-November 2005.

Forager's earlier plug-ins enable the investigation of metadata in Microsoft Word, Microsoft Excel, MP3 and EXIF/JPEG/JFIF files.]]> http://www.deticaforensics.com/news/press-releases.html 2005-10-18T00:00:00+01:00

In the first of a series of presentations to 23 Essex Street, information forensics specialists Andy Clark and Nick Spenceley, directors of Inforenz, spoke about The Hidden Life of Documents. They demonstrated how rigorous forensic investigation can reveal unexpected information about computer files such as how, when and by whom they are created. They were also able to show how such data has provided key evidence for both prosecution and defence in a wide variety of criminal cases. The Inforenz talk was followed by a presentation by barristers from 23 Essex Street about the legal issues surrounding the use of digital evidence.

Lynn Griffin, the barrister who initiated this training at 23 Essex Street, said: “I have experience in trials of successfully using the significant amount of evidence that can be derived from computer files. As a result of our experience within Chambers we recognise the importance not only of understanding this form of evidence but also of ensuring that those who provide it adhere to the highest professional standards. Computer forensics is now a key part of our CPD (Continuing Professional Development) programme –its importance can only grow and we are pleased to be amongst the first chambers to address this in our training.”

Nick Spenceley of Inforenz commented: “Digital evidence is becoming an increasingly important area of law and there is a need for excellent communication channels between information forensic specialists and the legal community. We were very impressed with the barristers’ and solicitors’ rapid grasp of the potential of computer forensic evidence. We in turn learned more about the legal constraints especially regarding the disclosure of metadata, and our clients’ needs from the complementary presentation by barristers about the legal implications of digital evidence.”

Inforenz next presentation in this CPD programme will be about Tracking Email, an issue currently high up the political agenda.]]> http://www.deticaforensics.com/news/press-releases.html 2005-10-12T00:00:00+01:00

Vince Gallo and Richard Whitehead of Inforenz will discuss the techniques of steganography and steganalysis (concealing and revealing hidden data in digital images) and illustrate the algorithms that Inforenz uses to finding steganography in bitmap and jpeg images.

Vince Gallo, a director of Inforenz explained: "Inforenz has taken a strategic decision to invest in steganalysis tools. Steganographic tools are now easily available on the web and broadband enables the transmission of very large files – so, based on over two decades of experience in security, I have little doubt that criminals and others have incorporated steganography into their methods. We also think we need to share our knowledge of steganography with our peers, and White Hats provides an intimate and confidential forum to exchange knowledge and ideas."

Founded in 2002, White Hats (www.white-hats.co.uk) is a vendor-neutral trusted user group aiming to provide a knowledge base for IT security management and staff. All prospective members undergo a full vetting process, and sign a confidentiality agreement before being admitted to the group. Subject to vetting, White Hats is open to IT security professionals working for UK business and government. White Hats is run by First Base Technologies.]]> http://www.deticaforensics.com/news/press-releases.html 2005-10-10T00:00:00+01:00

Earlier this year, concerns were raised in the media about the security of Skype’s cryptography. In the absence of any details from Skype, Andy Clark, a Director of Inforenz, also expressed his concern (see The Guardian).

In welcoming Skype’s publication of the report Andy Clark of Inforenz commented: “This report on Skype security by Tom Berson should allay many people’s fears. As a Past President and Fellow of the International Association of Cryptography Research, Berson is a very highly respected security expert, and a man of the utmost integrity. His report identified only very minor observations relating to Skype’s security implementation and confirmed the high quality of the system design. I think Skype’s initiative was a smart move and will be welcomed by its users and those working in the security field.”]]> http://www.deticaforensics.com/news/press-releases.html 2005-09-26T00:00:00+01:00

"As forensics cyber criminals become more sophisticated, knowledge of steganography and steganalysis – the concealment and analysis of information in apparently straightforward computer pictures and graphics – is becoming more important for digital forensics investigators," explained Vince Gallo, a director of information forensics specialists Inforenz.

Gallo continued: "At Inforenz, we are receiving an increasing number of enquiries that involve steganography, and forensics practitioners are asking us to help in their investigations. My talk will outline some of the techniques used and show how steganalysis can form a part of investigations and audits."

The three-day F3 conference, 25-27 October 2005, will be held in Gloucestershire, UK . It attracts an audience of 300 delegates, mostly forensic practitioners from across the UK. F3 exists to provide an open forum for all forensic computing practitioners, to enable them to share their collective knowledge through discussion and training.]]> http://www.deticaforensics.com/news/press-releases.html 2005-07-18T00:00:00+01:00

“The convergence of computing technologies has encouraged businesses to allow staff to connect personal computing devices such as PDAs and mobile phones to their corporate networks to synchronise diaries, create back-ups and share files,” explains Andy Clark, Director of Inforenz. “While this may lead to improved business efficiency it may be exposing the network to ingress of malware and egress of sensitive data.”

Clark will discuss the reality and extent of the threat and consider whether trying to prohibit such activities is really practical and desirable. He will indicate some of the forensic tell-tale signs that these devices leave behind and consider the real business need for moderating their use.

COSAC now in its 12th year runs from 18-22 September 2005 and will feature other award-winning international speakers.]]>