Most of my clients are small companies, from 1 to 20 employees. They, like almost everybody have issues with malware, at least 40% of my work involves cleaning infected computers. What do I normally do when I find infected computers? I clean them up, I check the rest of the computers, and … and that’s it.
Would I like to do more? Yes. Do they want to? May be, how much? Oh, no thanks. I’ve been working for 10 years in the IT field and I see this happening all the time. Small companies just don’t have the money do do Digital Forensics after their systems have been compromised.
In reality, I don’t expect that, but what surprises me is that even big companies tend to react in the same way. Just a quarter of them conduct forensics after a data breach, and only half of them do anything at all to correct the problem.
Companies have to balance security an budget, and sometimes they just can’t afford to do more, in this economy this must be happening a lot.
Sources
Moscaritolo, Angela. "Forensic Intel." SC Magazine Aug. 2011: 28+. Print.
Tags: Infosec
I think this is one of the most important information for me. And i am glad reading your article. But should remark on few general things, The website style is perfect, the articles is really nice