INTERNATIONAL ETHIC’S AND

NORM’S TO INVESTIGATE CYBER

FORENSIC’S ISSUE’S V 5.0

This document provides an exhaustive compassion of best practices followed

around the globe in the domain of Cyber Forensics Investigation & can be
referred as well guideline to in-depth knowledge of domain from investigation
stand-point and root cause analysis performed using Cyber Forensics.

AUTHOR: SUMIT KUMAR GUPTA (SUMISABH@GMAIL.COM)

UNDER THE SUPERVISION OF:

Er. B. M. SHUKLA
(PRINCIPAL COMPUTER ENGINEER) M.Sc & M.Tech
https://www.iitk.ac.in/dofa/academic-staff
INDIAN INSTITUTE OF TECHNOLOGY,KALYANPUR, 208006, KANPUR
UTER PRADESH Phone: 0512-259-7646 (O) / 0512-259-8474
(Res)Fax: 0512-59-0725 (O), E-mail: bms@iitk.ac.in
(IIT- KANPUR, INDIA)
 GUIDANCE
NO-ONE CAN WALK UNLESS SOMEBODY GUIDES THEM A
RIGHT PATH TO LEARN TO WALK. A GUIDE IS A
PERSONALITY, ENGLIGHTENS THE PATH OF HIS STUDENT
DURING THE RESEARCH AND SACRIFIES IN AN IMMENSE
MANNER TO GET HIM THE RIGHT PATH.

MY RESPECTED, HONORABLE GUIDE Mr. BRIJ MOHAN SHUKLA

SIR IS PROVIDING HIS SERVICES FOR MORE THAN 20 YEARS
AT INDIAN INSTITUTE OF TECHNOLOGY. HE HOLDS M.Tech. CSE , INDIAN
INSTITUTE OF TECHNOLOGY, KANPUR, 1997, SOFTWARE ENGG. TRAINING ,
INDIAN INSTITUTE OF TECHNOLOGY, KANPUR, 1988 & M.SC (PHYSICS SP.
IN ELECTRONICS), KANPUR UNIVERSITY, KANPUR, 1985. A VERY STRONG
HOLD ON ELECTRONICS AND COMPUTING BUT I WOULD RATHER PREFER
TO SAY SIR IS DOMIAN LESS AND PROVED BY HIS PROJECTS HE DID IN PAST
AND FOLLOW Ex. DIRECTOR HONORABLE PADAM SHREE DR. SANJAY
GOVIND DHANDE AS HIS IDOL.
PROJECTS DID BY SIR:

Few Projects
IRRIS: Railways elated Design & Developments (Information &
Asset Management)
SIMRAN: Real-time Train Tracking Systems
YannGyaan: Real-time Road Vehicle Tracking Systems
GPS Loggers
GIS: Multi Purpose Indian GIS System
IRGIS: Multi Purpose Indian Railways GIS System
(LC/RUB/ROB/Bridges/Mast/Tunnel etc.)
SAFE Run: RF-Id & SIMRAN based Train Safety System (Collision
Avoidance System)
Wireless Braking System for Railways
Wireless Coach Display System for Railways
Driver Smart Card-Id
GPS,GSM, XBee Based Hardware Design & Development
Solar Power Design for Remote Area
Wireless Network for Railway Related Requirements,
Various Plant Databases (Developed for NBRI Lucknow)
Databases IRIS (Indian Railways Database)
Ethics and Cyber incidents are considered in a very lenient fashion now a day’s. As the
sophistication and rapid developments making the technology faster and devices more
compact, intricacies are increasing as well from management view of technological
devices.
Albeit few countries set-up heavy penalties and even imprisonment for violating Cyber
Law that directly impact the Privacy of an individual or organization.
In early days of Cyber Space there were few companies who deployed the Firewalls or
any other kind of security appliances. Security of data was not the primary issue. But it
got changed in a decade as the terms Intrusion, Malware, Ransom-ware like malicious
programs took birth to damage the reputation of genuinely used software’s.
The second major factor is complexity and easy availability of medium connecting
computing devices to share information (Data), invited the people with ill will to do
their job with obsession.
The third immense cause is errors made by us “THE HUMAN FACTOR”, even I, errors,
mistakes, no documentation any sort of actions that lead to debacle the only solution is
to learn from them and not to make them happen in same manner.

A hierarchical approach was in demand and Information Security came in-to existence
that entails Cyber Forensics as well, integrated with-in an ISMS. The basics of Cyber
Forensics are confluence of Cyber Laws and well defined procedures to perform the
task. Cyber Forensics is all about extracting the electronic evidence by following a beng
marked procedures and guide lines in an admissible manner.
Varying cyber laws and standards adopted via various countries and continents has a
big role to play here to reduce their amount and preserve the confidentiality, integrity
and availability of data moving across cyber space.

This research paper aims to compare the affective cyber laws in various countries and
continents during cyber forensics Investigations. Another goal of this paper is to extract
the best practices available around the globe as a bench mark are associated in a
particular country or negligible for any reasons. Along with this paper will also satisfy
and stipulate the training requirements for cyber forensics professionals according to
well established guidelines considered as a first rule of thumb at initial level of an
incident while following the authentic cyber forensics process in an ISMS (Information
Security Management System) regardless of the stage and personals involved to carry
out the task either in-house or outsourced to assure the responsibility, accountability
and liability towards Government, Stakeholders, Management and last but not the least
to law enforcement.

This research paper will try to resolve all the issues to make the Cyber Forensics less
challengeable to support the word-wide community by presenting a structural
approach.
A s many of us think that Cyber Security is all about Information Technology only,
absolutely wrong, yes it’s about Information Technology but not considering the
business dependence on Information Technology decides the amount of resources
dedicate to Cyber Security.
I have no tussle to state that most of our businesses depend on Information Technology
because we are in Digital age and dealing with Digital data processed and saved in an
Electronics form, but not all “EXCEPTIONS ARE ALWAYS THERE”.
According to management strategies anything setup in a structural and hierarchical
approach is always easy to nail down the issue and same goes with planning and
implementation of Cyber Security.

CASE STUDY:

A SYSTEM IS A GROUP IF VARIOUS DIS-SIMILAR ELEMENTS (CALLED SYSTEM), SHOULD

CO-ORDINATE AND SYNC WITH EACH OTHER FOR TO ATTAIN A PARTICULAR MISSION
AND VISION.

As you can think of various units for the sake of our virtual company are going to have at
least the following and it does matter it’s a private or public company as well, we should
prefer to say BASIC STRUCTURE OF A CORPORATE

THE GOVERNING BOARD

CEOs, CFOs, presidents and vice presidents – what's the difference? With the changing corporate
horizon, it has become increasingly difficult to keep track of what people do and where they
stand on the corporate ladder. Should we be paying more attention to news relating to the CFO
or the vice president? What exactly do they do?

Corporate governance is one of the main reasons that these terms exist. The evolution of public
ownership has created a separation between ownership and management. Before the 20th
century, many companies were small, family owned and family run. Today, many are large
international conglomerates that trade publicly on one or many global exchanges. (See
also: Why Has the Emphasis on Corporate Governance Grown in the 21st Century?)

In an attempt to create a corporation in which stockholders' interests are looked after, many
firms have implemented a two-tier corporate hierarchy. On the first tier is the board of
governors or directors: these individuals are elected by the shareholders of the corporation. On
the second tier is the upper management: these individuals are hired by the board of directors.
Let's begin by taking a closer look at the board of directors and what its members do. Please
note that this article focuses on corporate structure in the U.S.; in other countries, corporate
structure might be slightly different. (To learn more, take a look at What Are Some Examples of
Different Corporate Governance Systems Across the World?)

Board of Directors
Elected by the shareholders, the board of directors is made up of two types of representatives.
The first type involves inside directors chosen from within the company. This can be a CEO, CFO,
manager or any other person who works for the company daily. The other type of
representative encompasses outside directors, which are chosen externally and are considered
to be independent from the company. The role of the board is to monitor a corporation's
management team, acting as an advocate for stockholders. In essence, the board of directors
tries to make sure that shareholders' interests are well served. (Watch the video, The Board of
Directors, to find out more.)

Board members can be divided into three categories:

 Chairman – Technically the leader of the corporation, the board chairman is responsible
for running the board smoothly and effectively. His or her duties typically include
maintaining strong communication with the chief executive officer and high-level
executives, formulating the company's business strategy, representing management and
the board to the general public and shareholders, and maintaining corporate integrity.
The chairman is elected from the board of directors.

 Inside Directors – These directors are responsible for approving high-level budgets
prepared by upper management, implementing and monitoring business strategy, and
approving core corporate initiatives and projects. Inside directors are either
shareholders or high-level managers from within the company. Inside directors help
provide internal perspectives for other board members. These individuals are also
referred to as executive directors if they are part of company's management team.

 Outside Directors – While having the same responsibilities as the inside directors in
determining strategic direction and corporate policy, outside directors are different in
that they are not directly part of the management team. The purpose of having outside
directors is to provide unbiased and impartial perspectives on issues brought to the
board.

Management Team
As the other tier of the company, the management team is directly responsible for the
company's day-to-day operations and profitability.

Chief Executive Officer (CEO) – As the top manager, the CEO is typically responsible for the
corporation's entire operations and reports directly to the chairman and the board of directors.
It is the CEO's responsibility to implement board decisions and initiatives, as well as to maintain
the smooth operation of the firm with senior management's assistance. Often, the CEO will also
be designated as the company's president and therefore be one of the inside directors on the
board (if not the chairman). However, it is highly suggested that a company's CEO should not
also be the company's chairman to ensure the chairman's independence and clear lines of
authority. (See also: 3 Reasons to Separate CEO and Chairman Positions.)

Chief Operations Officer (COO) – Responsible for the corporation's operations, the COO looks
after issues related to marketing, sales, production and personnel. Often more hands-on than
the CEO, the COO looks after day-to-day activities while providing feedback to the CEO. The COO
is often referred to as a senior vice president.

Chief Financial Officer (CFO) – Also reporting directly to the CEO, the CFO is responsible for
analyzing and reviewing financial data, reporting financial performance, preparing budgets, and
monitoring expenditures and costs. The CFO is required to present this information to the board
of directors at regular intervals and provide it to shareholders and regulatory bodies such as
the Securities and Exchange Commission (SEC). Also usually referred to as a senior vice
president, the CFO routinely checks the corporation's financial health and integrity. (For
additional reading, see What Does a Chief Financial Officer (CFO) Do?)

The Bottom Line

Together, management and the board of directors have the ultimate goal of
maximizing shareholder value. In theory, management looks after the day-to-day operations,
and the board ensures that shareholders are adequately represented. But the reality is that
many boards include members of the management team. (See also: Evaluating a Company's
Management.)

When you are researching a company, it's always a good idea to see if there is a good balance
between internal and external board members. Other good signs are the separation of CEO and
chairman roles and a variety of professional expertise on the board from accountants, lawyers
and executives. It's not uncommon to see boards that consist of the current CEO (who is
chairman), the CFO and the COO, along with the retired CEO, family members, etc. This does not
necessarily signal that a company is a bad investment, but as a shareholder, you should question
whether such a corporate structure is in your best interests.

: The Basics Of Corporate

Structure https://www.investopedia.com/articles/basics/03/022803.asp#ixzz5F43tSd
: Investopedia on Facebook