Authors: Sungmi Park (KITRI BoB), Nikolay Akatyev (Horangi Cyber Security), Donghyun Kim (KITRI BoB), Jisoo Hwang (KITRI BoB), Woonseon Yoo (KITRI BoB), Hyunwoo Shin (KITRI BoB), Changhee Han (KITRI BoB), Kim Jong Hyun (Douzone Forensic Center), Yunsik Jake Jang (Hallym University)
DFRWS EU 2018
Abstract
Many data breaches happened due to poor implementation or complete absence of security controls in private companies as well as in government organizations. Many countries work on improvement of security requirements and implementing them in their legislation. However, most of the security frameworks are reactive and do not address relevant threats. The existing research suggests Digital Forensic Readiness as proactive measures, but there is only one example of its implementation as a policy. Our work surveys the current state of data protection legislation in the selected countries and their initiatives for the implementation of Digital Forensic Readiness. Then we discuss if Digital Forensic Readiness as a mandatory requirement can improve data protection state in both public and private sectors, evaluating possible challenges. We contribute suggestions for the adoption of Digital Forensic Readiness as a mandatory requirement for private companies and government organizations.