It has been awhile since I wrote an update about the lessons and what I learned in EVIDENCE but, these past two weeks have been an educational journey to me. Since I’m not familiar in the subject of analysis, this was a new technique to analyze a certain subject carefully. It was about the Political, Economic, Socio-Cultural, Technological, Environmental, Legal  (PESTEL) analysis accompanied by Opportunity & Threat (OT) analysis. This PESTEL – OT made me realize how important to know how to analyze a certain subject. We were asked to analyze the upcoming proposal of a National Cybersecurity plan of 2022. This was exciting to read since it was about the improvement of security here in the Philippines. The plan doesn’t only cover security, it also promotes other improvements in terms of the government and businesses.

After we read the plan, I was a little skeptic if the plan would really be implemented here in the Philippines. I know for a fact that there is a possibility of corruption in the plan since it involves countless expensive pieces of equipment. Abuse of the funds is also a possibility but I decided to put these thoughts to rest and I’ll just wait and see what would happen next. I am glad that something like this would happen here since we are in need of advancing to the standards of other countries.

Learning Log #2

This is our second week in our EVIDENCE class. What we have discussed this week is about Procedures in Computer Forensics and some review about what we have discussed in COMSEC and in INVESTI, like the Incident Response Process and also includes the Search Warrant thingy. If there is no search warrant, what will happen? And when do we not need it? This is where the six exceptions would help to give access to the authorities. A quick review 😛 These are the Consent, Exigent Circumstances, Inventory Searches, International Issues, Search Incident, Lawful Arrest and the Border searches!

We also reviewed about the Chain of Custody processes, if evidence is gathered there is a proper procedure that should be followed because it is standard procedure. If it is not followed the evidence could be damaged and there is no record of who possessed it last.

In the half portion of our discussion, we were task to do an analysis in the case “TJX Data Loss”. We are asked to answer some questions if TJX is liable in the Data Loss or not. Unfortunately, YES. They are at fault. Belat. Hahahaha.

We also asked to do a PESTEL and the OT analysis of the National Cybersercurity Plan that is to be included the RAMPAGE lol. It is a part of the summit which Ms. Rhea will attend.