Cyber Security Technologies Corporation (CST) is the innovation leader in affordable software products for computer investigations. CST was formed by industry veterans who see the need for new investigative tools designed for the changing investigative environment. We are dedicated to delivering technically advanced but easy-to-use software products for corporations, government agencies, service providers and law enforcement, as well as related training and certification. CST is an affiliate of Architecture Technology Corporation, a technology company specializing in software-intensive solutions for complex problems in IT security and high-security network computing applications. Learn more...
Enterprises are confronted with the need to investigate their own computers for a multitude of reasons. IT security is the leading reason - but not the only reason - that enterprises must conduct such investigations. Increasingly, enterprises realize that computer investigations are essential to complying with external regulatory requirements, and from time to time they must respond to lawsuits by producing relevant electronic evidence.
OnLineDFS Application Landscape
IT Security and Incident Response
Corporate security professionals are called upon to investigate a myriad of computer security issues ranging from malicious insider behavior to security breaches involving outside parties. According to the Gartner Group, US enterprises today spend over $20 billion annually on IT security, mainly on products to ward off external threats by defending the perimeter of an enterprise with firewalls, intrusion detection and prevention systems, anti-virus software, filters and the like.
Despite these expenditures, external security breaches continue to happen on a regular basis. Examples abound, but one set of statistics is telling. According to the CERT Coordination Center, in 1997 there were 2,134 reported attacks against Internet-connected computer systems. By 2003, the number had risen to 137,529. In 2004, CERT stopped counting.
It is a widely accepted perception among IT security professionals that incidents are under-reported due to fear of embarrassment and customer confidence concerns. It is also widely believed that an increasing number of computer security breaches are being perpetrated by organized criminal elements with financial motivations.
In a recent speech to a conference on infrastructure security, FBI Director Robert Mueller made an unusual public plea for companies to come forward when their security is cracked or compromised. He said that an FBI/Computer Security Institute survey revealed that only 20% of companies that experienced computer intrusions in 2004 reported the incidents to law enforcement.
Why OnLineDFS?
Our OnLineDFS has unique functionality that makes it a leader in next-generation software for computer investigations in enterprises. It is designed specifically for information security professionals in corporations, government agencies and law enforcement.
OnLineDFS is simple to deploy and operate. It requires no pre-installed agent software and is a "plug-and-play" solution. It adheres to digital forensics best practices and provides an extensive array of tools for data acquisition, search and analysis of live running systems, with no disruption of the normal operation of the system under investigation.
Rapid Response. Whether you are responding to a suspected break-in or an internal breach of organization policy, OnLineDFS enables you to conduct an investigation in real time.
Unobtrusive Examination. OnLineDFS enables the examination of computer systems quickly and inconspicuously. Relevant data , including running state, is captured while the system being investigated continues to run.
On-Site or Remote Investigation. With OnLineDFS, the investigator can work on-site or from a remote location, saving travel time and expense.
Compliance and Internal Investigations
US enterprises currently spend over $15 billion annually on compliance with regulatory requirements including Sarbanes-Oxley, HIPAA and Graham-Leech-Bliley. There is an increasing perception that the ability to monitor compliance with internal policies that respond to these initiatives, as well as to conduct timely investigations of suspected non-compliance, is an important new frontier for computer investigations.
Every major company is exposed to a significant risk of improper insider activity, and Gartner reports that approximately 70% of security incidents that result in monetary loss to institutions involve insiders. These types of activities include financial fraud, identity theft, industrial espionage, sabotage and theft of intellectual property.
Congress enacted the Sarbanes-Oxley Act of 2002 to provide a framework to help public companies thwart financial crimes and fraud committed by corporate insiders, often corporate officers. Sarbanes-Oxley is not effective unless companies have effective self-policing capabilities in place to respond to suspicions of fraudulent activity in a timely manner, including the ability to acquire, analyze and preserve information that exists in digital format. The demonstrated ability to quickly and thoroughly investigate suspicious behavior is integral to deterring misbehavior and to ensuring competent and thorough cooperation with law enforcement and Securities and Exchange Commission investigators.
Why OnLineDFS?
OnLineDFS is an ideal tool for computer investigations that involve compliance and insider issues.
Analyze Running Computer Systems On-Line From Anywhere. With OnLineDFS, the examination of selected systems may be performed on an automated basis to monitor their behavior and compare them to the company baseline profile. These investigations may be performed discreetly with no disruption to operations, vitally benefiting enterprises with mission-critical systems for which no down time is possible.
Investigate and Monitor Human Resource Policy Violations. The violation of company policies and procedures by employees and outside contractors, whether done willfully or not, is a serious risk to public companies that is addressed by Sarbanes-Oxley. The awareness of the existence of a comprehensive internal investigative structure dramatically reduces the threat of willful violations by employees and encourages the self-monitoring of insider behavior.
Detect and Prevent Fraud. OnLineDFS allows for the proactive investigation of insider behavior that is judged to be high risk, such as employees who have resigned or been terminated yet continue to have access to company computer facilities. Proactive investigations will often stop fraudulent behavior long before it can result in significant loss or damage to a company's assets.
Electronic Discovery
The electronic discovery market has experienced huge growth in recent years, and electronic discovery is now an accepted part of the civil litigation process. Enterprise IT managers are called upon to find specific information on computers for use in civil litigation. These investigations frequently are extensive, expensive, disruptive and time-consuming. Evidence may need to be gathered from one or thousands of computers.
The E-Discovery landscape currently involves manual collection of huge amounts of data from computers installed throughout the enterprise and loading of the data into a central system that allows for searching, analysis and processing. Much of the cost associated with E-Discovery pertains to the collection process, which is inherently inefficient. The lack of a sophisticated capability for selective data collection results in enormous amounts of irrelevant and duplicate data being collected. This, in turn, complicates and extends the process of searching and processing the data.
In addition, current E-Discovery practices are disruptive to users of the computers where the data resides. Commonly, physical access to the computer where the desired data resides is required and the system is removed from the network while the technician performs the analysis and data copy activities. The costs associated with these processes are often immense, particularly when they involve servers that are running mission-critical applications.
Why OnLineDFS?
The benefits of the use of OnLineDFS in the E-Discovery area are significant.
Focus the collection process across the network to remotely identify and collect only the specific data that is relevant.
Gather data discreetly, unobtrusively and with no disruption of normal business operations, including critical application servers.
Simplify and reduce the cost of the E-Discovery data collection process.
