Cybersecurity Investigation Types
- Operational or administrative investigations
- seek to resolve technological issues
- restore normal operations quickly
- use very low standards of evidence
- involve root cause analysis
- Criminal investigations
- look into possible crimes
- involve possibility of fines and jail time
- use the beyond a reasonable doubt standard of evidence
- Civil investigations
- resolve disputes between parties
- do not involve possibilities of fines and jail time
- use the preponderance of the evidence standard
- Regulatory investigations
- are conducted by the government or industry regulators