INTRODUCTION:

Since the mid-1980's when the predecessor to the modern Internet became popular, computer crimes have been committed. In today's modern world, computers are not just an instrument of the crime, but can be the fruit of the crime as well. Once thought to be the realm of the socially outcast, brilliant but misguided youth the "Hacker", computer crime has spread both in quantity and in scope. Use of the computer in everyday life has become so widespread that more traditional crimes such as murder and extortion now involve computers. Even more frightening is the prospect of computer criminals attacking your online e-commerce systems and the possibility of downstream liability that you could face from such an attack.

Businesses and organizations have a duty to protect their assets and to take appropriate actions when faced with a loss, including seeking recovery of the assets, recovery of damages, and prosecution where appropriate. Yet the combination of technical and legal complexity involved in recovery from and investigation of computer crime perplexes most organizations, whose legal teams typically do not have the technical understanding, and whose technical teams do not have the requisite legal understanding. In addition, the modern management team must understand both the legal and technical aspects of a computer crime, what constitutes an incident versus a crime, and how the legal rights and implications of the two impact your organization as well as your options. Gone is the day when executives had the luxury of considering a multi-million dollar decision for a few hours. In the case of a modern cyber-attack, decisions must be made in seconds or at most minutes, and those decisions almost always have surprising legal implications.

Prior to September 11, 2001, the threshold of computer-crime damage necessary to obtain serious law-enforcement assistance was approximately $5,000. In today's post-9/11 world, demands upon our law enforcement agencies to fill other roles (counter-terrorism, critical infrastructure protection, counter-intelligence, etc.) have caused that threshold to raise tenfold (~$50,000). This places a larger burden upon corporate, government, private security and investigative professionals to manage more of the case early-on in an incident. The consequences are indeed serious - not only in terms of asset recovery and legal recourse, but also in terms of traps and pitfalls - which can subject an organization and / or an investigator to fines of up to $10 million and potential jail sentences of as much as 15 years if precise procedures are not followed.

As technology advances, it becomes increasingly important to be able to assess in real time the impact of external actions on your computer systems and networks, and to determine whether you have been subjected to a computer or network system failure, a computer-related crime, or potentially hostile information warfare. It is critically important for the modern Internet-connected organization to thoroughly understand the issues of computer crime, the serious impact of decisions you MUST make, and how to manage and investigate while maximally preserving the options available and avoiding the traps and pitfalls that lead to potentially greater loss and exposure.

UNIQUE PROGRAM:

This unique five day program has been developed for the World Institute for Security Enhancement by some of the world's most respected, talented and knowledgeable security experts. You will be taught by seasoned computer forensic examiners who will explain the legal, practical, technical, and forensic technologies. In this five day course, you will investigate and solve a typical computer crime, using modern tools, methodologies and forensic best practices.

You will learn how to manage a computer crime scene, including recognition of the proper investigative approach, conducting a field search to establish probable cause for seizure, proper collection methods for computer and electronic equipment seizure, evidence preservation, transportation, analysis, and case management.

You will study both case and statute law, the evidentiary process, and understand the elements of both in the context of a real computer crime investigative exercise. You will understand the implications of recent legislation, including the Patriot Act, on computer crime investigation. You will also learn crime scene etiquette - the protocol for entering and conducting a computer crime investigation when the scene may include other physical evidence. It is our goal that you be able to recognize the presence of other evidence and be competent at preserving it (i.e., not tainting the evidence until a qualified examiner arrives).

In this program, you will gain hands on experience with the latest investigative tools, techniques and technologies. You will learn computer technology to understand how data is stored, how data storage media is formatted, how evidence is hidden, and how to find it.

This forty hour program is more than just a study of theory and methods. It is a hands-on practical course, taught by seasoned forensic examiners who have solved some of the country's major cyber crimes. You will understand this fascinating technology, as well as the implications of critical investigative turning-points and decisions.

PURPOSE

The purpose of the "Computer Forensic Analysis"  program is to train attendees to ensure that they can apply a standard level of adequate and timely Security Policies and Procedures within the Computer Forensics environment.

WHO SHOULD ATTEND:

This unique program is highly recommended for those who are serious about learning more about how to handle computer and computer-related crimes, how to investigate and recover from them without tainting the evidence and while maximally preserving your ability to later recover damages as well as prosecute. This includes everyone from the Managing Director, CIO, CTO and Information Security Officer through to the Managers of Application Development Divisions, Computer and Network Support Divisions, Facility Security personnel, Corporate Directors and Corporate Executives. Attorneys and Prosecutors as well as other members of Law Enforcement would also benefit from this course.

By the end of this program participants will be better prepared and equipped to manage a computer-crime incident and maximize the potential for a positive outcome. Contact lists and reference material will be provided which will assist attendees in keeping pace with the problems.

CONTINUING EDUCATION UNITS (CEU):

Continuing Education Units (CEU's) are nationally recognized units in qualified programs which allow the participant to document all non credited work completed. CEUs may be used as evidence of increased performance capabilities and for job advancement, and are recognized by many professional organizations and companies.

CERTIFIED PROTECTION PROFESSIONAL (CPP) RECERTIFICATION:

Documentation of attendance at these programs may be submitted to the ASIS Professional Certification Board for consideration of recertification credit by qualified Certified Protection Professionals.

PRINCIPAL INSTRUCTORS:

G. F. Bryant Jr.;  is a member of the Electronic Crime Task Force with the Miami Division of the U. S. Secret Service.  He is an internationally recognized Physical, Operational and Technical Security Analyst, Contingency Planner and Educator with more than twenty five years of combined experience in physical & operational security, and investigation technologies. He founded Bryant & Associates to provide threat assessment, risk analysis and systems integration after serving several years as the primary technician for a governmental law enforcement agency. He teaches and consults internationally on state-of-the-art equipment, techniques, and operational procedures to managers, technicians and other security & loss prevention professionals in both government and private industry that include numerous Fortune 500 companies. The originator and developer of extensive technical, operational and managerial security & life safety programs at the university level, Mr. Bryant is active in the design, application, installation and field maintenance of Integrated Facilities Protection Systems utilizing the Total Facilities Management approach. He is a frequent speaker at international conferences and exhibitions and his articles regularly appear in various security industry publications. Mr. Bryant is an active contributor to new product development projects for many international manufactures.

Mr. Bryant served as Chairman of a Chapter of the American Society for Industrial Security (ASIS). He is a member of the South East Florida Chapter of the Association of Contingency Planners (ACP) and the National Defense Industrial Association (NDIA). He has also been a member of the Armed Forces Communications & Electronics Association (AFCEA), The Academy of Security Educators & Trainers (ASET), the Fire Educators & Technology Section of the National Fire Protection Association (NFPA) and served on Committee F-12 on Security Systems & Equipment of the American Society for Test & Material (ASTM). Mr. Bryant contributed to a monthly column on Systems Integration in Access Control & Security Systems Integration magazine and was the Technical Editor of International Corporate Security, a magazine published in the United Kingdom. He has been appointed to the advisory boards of Defense & Security Electronics, CCTV Applications & Technology, Access Control & Security Systems Integration, Security Technology & Design and Southeast Asia Fire & Security magazines.