David Harley comments on the ACPO National Cyber Crime Conference
In his second report on the Association of Chief Police Officers National Cyber Crime Conference held on 8/9 February, David Harley (who was there as a speaker) summarizes ACPO’s current cybercrime initiatives in two main points:
The UK intends to tackle cybercrime and make this one of the safest places to do business, safe for business and for the general public, as well as countering cyberthreats against the Critical National Infrastructure. The cyber-realm is not seen as a battle space, but as an enabler: whereas some states see it as an issue of national sovereignty and focus primarily on control, the UK view is focusing on protection online for individual privacy and expression. This is too important to be left to governments.
UK law enforcement is increasing its capacity and capability with the intention of gathering and understanding better threat intelligence, and providing an appropriate response. To this end, it is working towards a different way of working with industry. I interpret this to include recognition that a one-way flow of intelligence towards law enforcement agencies isn’t sufficient: the police need to work with industry and academia, and build trust.
David warns that he might have introduced some of his own preconceptions; I, who wasn’t even there, am more likely to introduce more of my own prejudices. David welcomes the apparently growing desire of law enforcement to work with the security industry. “The constantly recurring conference theme of working with other sectors rather than using them purely as an information feed into a black box, seems a more positive approach,” he comments.
He also comments on Alan Seldon’s Cyber Specials (“industry specialists working with the police, either with the support of their employers or as volunteers in their own time”) without rancour. My own opinion is that the security industry will work with the police for no return because that’s the kinda-guys they are; but they really shouldn’t be asked to, and LEAs really shouldn’t expect it.
However, I have always been more cynical than David; and I question whether this apparent desire to work with ‘outsiders’ is genuine. I fear that the security industry and individual security researchers and experts will continue to be used as an unpaid ‘information feed into a black box’. LEAs and especially intelligence agencies simply do not have any concept of or understanding that genuine knowledge comes from two-way intelligence; and what we see now is more likely a charm offensive than a genuine change of attitude.
You should, of course, read David’s two blogs here and here before you listen to me; but if the authorities really are concerned with being more open and co-operative, then ACTA would not have been negotiated in secret, and the police would have been given more of the £650 million government cyber security budget. As it is, the police are getting £30 million to set up three regional e-crime hubs to tackle cybercrime. Much of the remaining £600+ million is likely to go to the super-secret agencies such as GCHQ and MI5. And if you expect them to co-operate with industry, please don’t hold your breath waiting.
Incidentally, I have asked for reports from the conference, but been told that “There will not be an output report from this event but a brief summary will be available in the next week or so.” Well that’s a good start for a two-way information exchange.