Forwarded from: Simon Taplin <simon.taplin (at) gmail.com> http://blogs.techrepublic.com.com/security/?p=4069 By Deb Shinder IT Security July 19th, 2010 INTRO: This is the first of what I hope will be many monthly columns on the subject of cybercrime. As a former police officer and criminal justice instructor and a current IT professional, I love writing about this subject because it allows me to combine the knowledge from both fields and attempt to help law enforcement officers and IT pros work together to curb this growing problem. This column is aimed primarily at the IT side, and so I'll be focusing less on technical issues that you already know about and more on law enforcement procedures and how the justice system works (and sometimes doesn't) when it comes to this particular type of crime, as well as what you can do to help. Those "in the know" in law enforcement will tell you that criminal profiling is both an art and a science. It's all about generalizations, but knowing what types of people generally commit specific types of criminal offenses can be very helpful in catching and prosecuting the perpetrator of a specific crime. That information can also be useful in protecting your digital assets from cybercriminals. As I noted in my book, Scene of the Cybercrime [1], a criminal profile is a psychological assessment made without knowing the identity of the criminal. It includes personality characteristics and can even include physical characteristics. "Fitting the profile" doesn't mean a person committed the crime, but profiling helps narrow the field of suspects and may help exclude some persons from suspicion. Profilers use both statistical data (inductive profiling) and "common sense" testing of hypotheses (deductive profiling) to formulate profiles. Profiling is only one of many tools that can be used in an investigation. [1] http://astore.amazon.com/infosecnews-20/detail/1597492760 [...] _________________________________________________________________ Attend Black Hat USA 2010, hosted at Caesars Palace in Las Vegas, Nevada July 24-29th, offering over 60 training sessions and 11 tracks of Briefings from security industry elite. To sign up visit http://www.blackhat.comReceived on Wed Jul 21 2010 - 23:41:49 PDT
This archive was generated by hypermail 2.2.0 : Wed Jul 21 2010 - 23:59:41 PDT