CA heads to Australia, fires up on forensics
Computer Associates (CA) bigwigs are currently in Australia spruiking the advantages of their comapny's eTrust Network Forensics toolkits.
Already the vendor has sealed one deal with a large Australian government agency, according to Malcolm Lister, CA director of financial services and security. Lister says previous forensic discussions were generally only held with police and "security-type” agencies.
Jason Micals, director of CA's worldwide forensics team, is in Australia teaching staff about the functionality of network forensics.
"The skill set for network forensics is not there in the industry today," Micals says.
"More of the focus has been put on host-based forensics and not actually network-based forensics, which allows an organisation to see what is across its infrastructure to spot anomalous activity.
”Forensic capability has grown from the requirement to see something on a hard drive to seeing where information was found. Network forensics in real-time shows who can access servers and it also ensures access management tools are doing the job they were purchased to do."
Micals says the forensic capability of many tools can create an airtight case in relation to prosecution over unwanted data access and inappropriate use of corporate data, intellectual property and hacking incidents. However, many organisations still stubbornly refuse to prosecute.
"You are still going to require forensic or investigative skills to prosecute someone; most firms just find the problems and remediate, but network forensic tools make the evidence gathering easier," he says.