ENISA publishes a paper on "Exploring cloud incidents" introducing an analysis of the current approaches to conduct a post mortem analysis of an incident, occurring in a cloud environment.
ENISA identifies the multidimensional challenges of cloud forensic investigations by signifying the most common problems experts are facing when needed to investigate a cyber incident in cloud. The analysis and the recommendations are divided into three different axes: technical, legal and organisational.
The main objective of this paper is:
- To identify the main challenges of post analysis of cloud incidents,mainly in referce to technical, organisational and legal aspects.
- To produce an overview of the techniques, approaches and good practices for the analysis of incidents in the cloud, based on a desk research.
- To provide recommendations and suggestions - in particular related to SLAs, security measures, and policies - in order to make the post analysis activity more effective.
Furthermore, key recommendations are proposed to cloud providers, law enforcement agencies and forensic experts as a result of this analysis.
Read the full paper here
Contact
For press questions and interviews, please contact: press@enisa.europa.eu.