Trust is ‘key factor’ in reducing threat of cyber crime

Concerns prevail that police do not have the tools to tackle the problem.

More trust is needed between police and businesses if the growing threat of cybercrime is to be tackled, experts are warning.

Although cybercrime is estimated to cost UK businesses around £27 billion per year, many companies are reluctant to report such breaches to the police because they fear reputational damage.

Many also believe reporting such crimes would be futile because police do not have the resources to tackle the issue, especially with continuing budget cuts.

Earlier this month, reports suggested police are failing to follow up fewer than one in 100 frauds due to insufficient staff.

An investigation by the Times found that although 230,000 criminal reports were passed to Action Fraud last year, only a quarter were passed to the police for investigation.

Additionally, a survey by PA Consulting last year found that law enforcement professionals believe that the time they spend tackling cybercrime will treble over the next three years, but just 30 per cent felt they had the skills and tools to do the job effectively.

Carl Roberts, who produced a report based on the survey, told at the time forces would inevitably need to think of new ways to bring in talent as graduates with the necessary skills could get much better paid jobs at private companies.

Government and commerce have been slow to encourage the growth of university courses and apprenticeships to address the current skills shortage of trained UK cyber security professionals. The skills gap – estimated at 20 years – has led to greater competition for certified candidates. As a result, law enforcement agencies and industry are relying more than ever on the recruitment services of Police Oracle’s parent company,  Acumin/Red Snapper group, to grow their cyber security and information risk management capability.

Acumin/Red Snapper group is a leading provider of permanent, contract, and retained search services within the cyber security space. It has an extensive client base, including end users, consultancies, systems integrators, and vendor organisations. The recent merger of Acumin and Red Snapper Group leverages both companies expertise in forensics, investigations and information security. This allows the company to source candidates through its expanded network of law enforcement personnel as well as its Risk and Network Threats forum – a unique community of Senior Information Security professionals who work within End User organisations.

“Police need to reassure commerce that cybercrime can be dealt with in an intelligence led way through simple things like setting up informal channels of communication and being able to privately reassure them,” said a consultant at Acumin.

“In particular, SMEs should do more to protect themselves as at the moment they are most at threat due to having less knowledge and less training around the issue – they have more to lose.”

The world of the dark web is also exacerbating the issue, with the anonymous method of communication taking more money, time and resources to intercept.

“Police don’t have enough people to pose as a paedophile or terrorist or whatever to catch people out,” he said.

The College of Policing have recently announced a “revised training course” to help investigators across England and Wales access up to date information around the dark web.

The revised ‘Mainstreaming Cyber Crime Training course’ equips officers and staff to fight cybercrime and as well as material on the dark web also covers subjects including managing victims of cybercrime, securing electronic evidence for an investigation and using internet protocol addresses for investigative purposes.