Cybersecurity is not the responsibility of government, business
or individuals, but can be achieved only through a partnership of
these, attendees of Infosec Europe heard in London today.
There is little agreement in the UK about who should do and pay
for what to improve online security but there is agreement that the
answer lies in some kind of partnership, said PhilipVirgo, Eurim
secretary general.
This partnership will require understanding, commitment, and
resources, he said, which was echoed by detective superintendent
Charlie McMurdie, who heads the investigative arm of the Police
Central E-Crime Unit (PCeU).
The PceU's mission statement is to increase the capacity of law
enforcement to deal with e-crime, and the most important objective
now is to co-ordinate all those efforts across the UK, she said in
a debate on who should police the internet.
Our aim is to establish standard processes, structures and
training across all 43 police forces so we can harness all the work
they are doing and avoid duplication of effort, she said.
The PceU is a key part of the UK effort to combat e-crime and
has already take part in a succesful cybercrime
operation in its first six months of existence.
This success, said McMurdie, was possible through a new approach
to cybercrime, which involves tapping into the intelligence and
resources of an industry sector under attack.
Working with the financial sector, the police were able to get
real-time intelligence on attacks across several organisations and
act quickly to make arrests in six weeks, that otherwise would have
taken a year to investigate and gather the necessary intelligence,
she said.
Building on this success, said McMurdie, the police plan to form
a similar partnership with the retail sector, where many different
organisations will be able to contribute real time intelligence on
similar sort of attacks to help track those responsible.
UK law enforcement also plans to develop other partnerships into
the future, particularly those with Interpol, Europol, and security
and fraud monitoring organisations.
According to McMurdie, it is only through this connected,
real-time intelligence approach that law enforcement authorities
can begin to make significant and demonstrable progress against
cybercrime.