| 摘要: | 當資安事件發生後,能提出具法律證據力的資料與紀錄,對於事件調查會有巨大的幫助。數位鑑識就緒概念的出現,即是希望透過平時的準備,提升相關數據之完備性及證據之證據力,倘若有需要時,可以立即提出有效力的佐證。
本文以文獻蒐集整理的方式,探討數位鑑識就緒在推行上,所遭遇的困境與窒礙難行的原因。透過技術系統的觀點,分析眾多文獻,分為技術面向、管理面向及財務面向,發現以技術面向之研究領域較為完備且仍蓬勃發展,管理面向之研究已逐漸受重視,但財務面向之研究仍較為稀缺,若要讓數位鑑識就緒能順利在組織內推行,財務面向的著墨需要更加深入且完善。
When a security incident occurs, being able to present legally admissible data and records can greatly aid the investigation. The concept of digital forensics readiness aims to enhance the completeness of relevant data and the evidentiary value of the evidence through regular preparation so that effective supporting evidence can be promptly provided when needed.
This article explores the challenges and obstacles encountered in the implementation of digital forensics readiness through a review of the literature. By analyzing numerous documents from the perspective of technological systems, the study categorizes findings into three aspects: technological, managerial, and financial. It finds that research in the technological aspect is relatively complete and continues to flourish. The managerial aspect is gradually gaining attention, but research on the financial aspect remains scarce. For digital forensics readiness to be successfully implemented within an organization, more in-depth and comprehensive focus on the financial aspect is necessary. |
