The Basics of Digital Forensics

 The advent of the digital age in the 1980s revolutionized how people and industries used and accessed data. The digital automation of previously traditional systems, such as paperwork and analogue autonomous systems being replaced by smart devices and the Internet, however, exposed users to data breaches, identity theft, and data loss. The digital revolution required solutions to counter and address the risks. This led to the birth of digital forensics.

The objective of digital forensics is to address digital risks, which are classified into four categories. A cybersecurity risk refers to unauthorized persons gaining access to sensitive information with malicious intent such as fraud or extortion. The second, compliance risk, refers to organizations being targeted through technology to expose shortcomings like standard security controls and data privacy requirements. Closely related to compliance risk, third-party risk is associated with outsourcing tasks to third-party vendors and disclosing customer information, intellectual property, or financial information. The absence of or weak security controls in a third-party company’s system may affect the outsourcing organization. Last, identity risk covers the risk to credentials and accounts, especially prominent people, corporate user accounts, or affiliates. Mitigating or addressing the risk requires a robust digital forensic system and team.

As a branch of cybersecurity, digital forensics focuses on identifying, preserving, analyzing, recovering, investigating, and presenting digital material found in devices, cyber activity, and electronic evidence. Initially referred to as computer forensics, the term’s meaning broadened to encompass all digital devices, especially with the increase in the smartphone and Internet use.

Identification entails observation of the material evidence present, the storage area, and the storage format. Second, preservation involves isolating and securing the data to prevent tampering or theft. After this, the investigators reconstruct the collected data to seek patterns and draw conclusions. Easily the most intensive part of the process, some investigations require extensive research to generate a feasible theory. The last stages involve the documentation and presentation of the evidence to the relevant party.

The functionality of the highlighted digital forensics process requires equally robust tools. Before the availability of the tools, investigators used the system’s default admin to troubleshoot and attempt to track the breaches alongside live analysis. During the process, regardless of the team’s adeptness, common secondary risks merged, including evidence tampering and modified disk data. Such consequences, especially for sensitive information, saw the introduction of best practices and national legislation.

The Federal Law Enforcement Training Center created SafeBack and IMDUMP in 1989. These two programs provided backup options for federal data before, during, and after the forensics exercise. Next, a program named DIBS, available to the public, created copies of the digital media for testing, investigation, and verification purposes. In the following years, the increased data breach occurrences accelerated the availability of paid and opensource digital forensic tools like FTK, EnCase, WindowsSCOPE, Wireshark, and HashKeeper. To determine the most feasible tool, one should consider integration with system-embedded forensic capabilities, support for different file formats, ease of use, features, and possible configurations.

The evidence from digital forensics is applicable in various areas, especially in system testing, investigations, and legal proceedings. In cases of data theft and network breaches, the evidence aids in understanding how the breach occurred and the attackers went about it. This is common in industries with personal data-intense systems such as financial institutions and phone companies. The evidence also forms the primary mode to gauge the impact of online fraud and identity theft on an organization and the customers, and thus dictates the subsequent decisions and actions.

Also, digital forensics assists with serious crimes by examining data in smartphones and vehicles associated with the crime. In addition, one can use the evidence to prosecute white-collar crimes like embezzlement, extortion, and corporate fraud. Evidence traditionally lost through burning or shredding paperwork can now be retrieved through digital footprints stored on various databases.

A Brief Look at Risk-Based Vulnerability Management

 A cybersecurity and IT industry professional, Wayne Nordstrom has held professional roles in cybersecurity over the last decade. As an IT security and vulnerability program manager with Blue Cross Blue Shield, Wayne Nordstrom develops the vision and plans to improve the vulnerability management program consistently.

One efficient way to remedy system and network vulnerabilities in companies is through risk-based vulnerability management. In risk-based vulnerability management, security weaknesses are addressed according to priority. For instance, a security weakness that poses the highest level of danger if exploited can be prioritized and addressed before the next high-priority weakness is identified. Priority can also be based on the probability of an attack.

Some benefits of risk-based vulnerability management are fast-tracked remediation of immediate and critical risks, broader visibility of the health of digital assets, and real-time protection against threats. Large companies with multiple systems and networks can manage vulnerabilities efficiently through this approach.

An Overview of the Medical Device Discovery Appraisal Program

 Wayne Nordstrom is an IT security expert with a broad range of experience in information security technologies, methodologies, and tools. His expertise includes threat/vulnerability management, remediation planning, and infrastructure penetration testing. In addition to working in various IT security roles, Wayne Nordstrom is a member of ISACA (formerly the Information Systems Audit and Control Association; the organization now goes by its acronym).

ISACA ensures that technology professionals receive the skills, education, and community support they need to advance their careers and organizations. ISACA, the FDA (Food and Drug Administration), and the MDIC (Medical Device Innovation Consortium) unveiled the Medical Device Discovery Appraisal Program (MDDAP) to improve patient safety and device quality. The program helps manufacturers of medical devices understand, measure, and boost their operations to reach best practices.

The MDDAP framework is a customized Capacity Maturity Model Integration (CMMI) - a model for guiding process improvement - tailored for the medical device industry. Because of MDDAP, medical device manufacturers are evaluated on the CMMI appraisal framework to help them identify opportunities for process improvement.

Brief History of The Boston Red Sox

 Based in Boston, Massachusetts, Wayne Nordstrom is a licensed cyber security analyst who works at Blue cross Blue shield as the IT security and Vulnerability program manager. Outside of work, Wayne Nordstrom enjoys playing basketball.

The Boston Red Sox is one of the first teams in major league baseball. Upon their founding in1901, they were initially named the Boston Americans, and in 1907 they adopted their current name. In their founding years, the team played at the Huntington Avenue grounds until 1912, when they moved to Fenway Park.

Cy Young brought his team a lot of success as the premier pitcher. In 1903, the team won their first world series, thus setting them on the path of success. After selling a key player, Babe Ruth, in 1920 to the New York Yankees, the team experienced a series of setbacks. Also, a rivalry was set against the Yankees, who seemed to flourish after the player's purchase.

After many years of apparent drought, the Boston red sox had a breakthrough in 2004 when they won the World Series and defeated their decades-long rivals, the Yankees, in the American Championship Series. Although the team in consequent years suffered a good number of setbacks, like losing 95 games in 2012, it has also recorded a good number of successes.

The team continues to dominate the world of baseball through the years, forging on through the continuous support of fans across the globe, although most are Bostonians.