- Information breaches on ITC systems may result in lawsuits. Information security countermeasures such as firewalls, data encryption, and so on, are essential; protecting systems against security threats including viruses and hackers reduces the likelihood of incidents such as information leakage due to illegal access and service suspension due to denial-of-service attacks. However, there are no perfect countermeasures. Therefore, companies and organizations must be prepared for litigation. That is, digital forensic countermeasures (management of a variety of system event logs) should be considered an important part of an information security strategy. An approach is described for formulating an optimization problem to select both security and forensics countermeasures that maximize costeffectiveness.