Damir Paladin is an Information Security Consultant. He has been professionally engaged in information technology for over 25 years. In 1998 he founded his own company, Borea, which he manages to this day. His area of expertise includes computer forensics, as well as auditing and testing the security of information systems. He is the holder of CISSP, CISA and CISM professional security certifications. In addition to being a permanent court expert witness in IT, he regularly collaborates with some of the most important Croatian companies and institutions providing expert services in the area of information security.
ISO/IEC 27037: Standardization of Digital Evidence Procedures
The collection and storage of digital evidence is a critical phase of the forensic procedure which precedes analysis and taking of evidence. The improper and inadequate handling of data, that are the basis for further procedures, reduces the credibility of the whole procedure, thereby calling into question the accuracy of final conclusion in legal proceedings. The International Standard ISO/IEC 27037 is the first document of importance that describes the process of identification, collection, acquisition and preservation of digital evidence in computer-oriented criminal offences. It provides guidance to various individuals participating in this process – from law enforcement agents and court experts to response specialists that must promptly react to an incident. The presentation will introduce the process of collecting and storing digital evidence as prescribed by ISO/ IEC 27037, with a special emphasis on the description of proposed measures. In addition, we will discuss the best applications of ISO/IEC 27037 in practice.