Forensic Science and Information Security: LifeTime Lovers, Part-Time Friends

Transcript

1. FORENSIC SCIENCE AND INFORMATION SECURITY PRESENTS: “LIFETIME LOVERS, PART-TIME FRIENDS”

   AUTHORED BY: NAJLA LINDSAY

2. #WHOAMI? • I am Najla. Jersey Girl. Penn State Grad.

   Criminal Show Junkie. Traveler. Wine Explorer. Bowling Lover. Forensic Scientist by Trade. Cybersecurity Enthusiast. Pentester Neophyte.

3. #WHATISONTHEAGENDA? ▪ Quick Survey of the room ▪ General Background

   of Forensic Science

4. #AUDIENCECHECK • SCIENTISTS in the room? • INFORMATION SECURITY professionals

   in the room? • MEDICAL professionals in the room? • CAREER TRANSITIONERS in the room? • CRIME SHOW watchers?

5. FORENSIC SCIENCE, YOU SAY?!? • Latin word forensis: public, to

   the forum or public discussion; argumentative, rhetorical, belonging to debate or discussion. • A relevant, modern definition of FORENSIC is: relating to, used in, or suitable to a court of law (Merriam Webster Dictionary, www.merriam-webster.com). • ANY science used for the purposes of the law is a forensic science. • Source: https://www.aafs.org/home-page/students/choosing-a-career/what-is-forensic-science • Forensics is concerned with the recognition, identification, individualizations and evaluation of physical evidence using the methods of natural sciences. • Source: www.coehsem.com/forensic-science-pathway

6. WHAT DO FORENSIC SCIENTISTS DO? SCIENTISTS first and foremost. It

   becomes classified as “FORENSIC” when our knowledge is used to help in ANY legal proceeding, CRIMINAL OR CIVIL. Accurate, methodical, detailed and above all, unbiased. Report writing Testify Government, Public AND Private sector, in labs and/or as consultants.

7. DISCIPLINES OF FORENSIC SCIENTISTS • Anthropology • Criminalistics • Digital

   & Multimedia Sciences • Engineering & Applied Sciences • General • Jurisprudence • Odontology • Pathology/Biology • Psychiatry & Behavioral Science • Questioned Documents • Toxicology

8. WHAT IS INFORMATION SECURITY? • The protection of information and

   information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity and availability. • Source: https://nvlpubs.nist.gov/nistpubs/ir/2013/NIST.IR.7298r2.pdf (retiring July 2019) • Information can be physical or electrical. At the core of Information Security is Information Assurance, which means the act of maintaining CIA of information, ensuring that information is not compromised in any way when critical issues arise. • Source: https://www.geeksforgeeks.org/what-is-information-security/

9. WHAT DO INFORMATION SECURITY PROFESSIONALS DO? • PROTECT • IMPROVE

   & INCREASE • REVIEW & VALIDATE • CONDUCT • IMPLEMENT and SUPPORT • DEVELOP Source: https://www.cia.gov/careers/opportunities/support-professional/information-assurance.html

10. DISCIPLINES OF INFORMATION SECURITY • Artificial Intelligence • Web and

    Mobile Application Security • Aviation • Blockchain • Blue Team / Defensive Security • Cloud Security • Cryptography • Privacy • Internet of Things • Social Engineering • Red Team / Offensive Security • Penetration Testing • Industrial Control Systems

11. NITTY GRITTY: WHY DO THESE 2 FIELDS NOT WORK MORE

    CLOSELY?

12. CLINICAL & FORENSIC TOXICOLOGY PERSPECTIVE PHI & PII Protected Health

    Information (PHI) Personable Identifiable Information (PII) “ENDPOINTS” We are given the endpoint of it all: crime scene, deceased bodies and bodily fluids, drug testing “Social Engineering” Results

13. LIFE. TIME. LOVERS. • DOCUMENTATION • VARIOUS DISCIPLINES • BREACHES

    • https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf • https://www.nacdl.org/criminaldefense.aspx?id=20373 • https://www.theguardian.com/uk-news/2019/jun/21/police-suspend-work-with-major-forensics-firm-after- cyber-attack • https://newyork.cbslocal.com/2019/06/03/nearly-12-million-quest-diagnostics-patients-may-have-had-info- exposed-in-data-breach/

14. LIFE. TIME. LOVERS. • GOVERNANCE, COMPLIANCE & ETHICS • Governance-

    corporation dependent • NIST, HIPAA, DOJ, CAP**, DEA**,SOFT**, ASCLD**, ASCLD-LAB**, CLIA**, SOX, FDCC, ISO, GDPR*, SAMHSA**, OSAC**, • CODE OF ETHICS

15. PART. TIME. FRIENDS. • 3rd party vendor software (LIMS, Orchard

    Harvest) reporting out results • Controls are within the software AND not through IT/Security group USER ACCEPTANCE TESTING • Identify, Assess, Treat RISKS • 6 Types for Forensic Science •Source: https://www.ncbi.nlm.nih.gov/pmc/articles/PMC5514178/ • Hacking & Computer Crime, Privacy •Source: https://www.researchgate.net/publication/307863852_Role_of_Ethics_in_Information_Security ETHICS

16. PART. TIME. FRIENDS. • MEDICAL DEVICES DEFINED: A device is:

    "an instrument, apparatus, implement, machine, contrivance, implant, in vitro reagent, or other similar or related article, including a component part, or accessory which is: ….. • recognized in the official National Formulary, or the United States Pharmacopoeia, or any supplement to them, • intended for use in the diagnosis of disease or other conditions, or in the cure, mitigation, treatment, or prevention of disease, in man or other animals, or • intended to affect the structure or any function of the body of man or other animals, and which does not achieve its primary intended purposes through chemical action within or on the body of man or other animals and which does not achieve its primary intended purposes through chemical action within or on the body of man or other animals and which is not dependent upon being metabolized for the achievement of its primary intended purposes. The term "device" does not include software functions excluded pursuant to section 520(o). • Source: https://www.fda.gov/medical-devices/classify-your-medical-device/product-medical-device

17. PART. TIME. FRIENDS. • DIGITAL FORENSICS & INCIDENT RESPONSE #DFIR

    Source: https://www.sciencedirect.com/science/article/pii/S1742287618304304?via%3Dihub
18. None

19. LET’S MEET IN THE MIDDLE • DOCUMENTATION IS KEY!!! •

    Check your Access Controls- all of the lab does not need access to every test run on a patient • Segment your networks!! • FAILURE TO COMPLY RESULTS IN LOSS REVENUE, RESTRICTIONS, AUDITING & FINES!!! • Scientists talk to IT/Security & Vice Versa • Check the 3rd party vendor equipment as well and then have your IT/Security group RECHECK IT. • DF & IR- get training from Forensic Scientists (webinars, local government entities)

20. THANK YOU!! BIOHACKING VILLAGE TWITTER INFOSEC COMMUNITY IZZY, STEPH, MAGEN,

    JAI, ZAY, MO CYBRARY COMMUNITY ANY & EVERY ONE Twitter: @FORSCI_Q https://www.forensicsandinfosec.tech/