UK businesses could play an important role in gathering digital evidence to help combat cybercrime, a security roundtable heard in London yesterday.
Police and crime researchers said businesses could help investigations enormously if they gathered and preserved digital evidence, which would give police a headstart.
Gathering digital evidence can take several months in some cases before investigations can even begin, the roundtable at security supplier Unisys was told.
But few organisations outside the financial and public sectors have any kind of forensic readiness programme in place, said Peter Sommer, a professor at the London School of Economics.
That is despite the fact that an increasing number of organisations are being hit by cybercrime, he said, and that such programmes can be set up with little effort and cost.
Forensic readiness is also not difficult, according to Sommer.
"It is similar to disaster recover programmes where organisations would identify what incidents are likely to happen, what evidence they will need and what procedures should be followed to ensure that evidence is preserved," he said.
John Vine, chief inspector at the UK Border Agency, said record keeping and data management is central to the role of business in helping to fight crime.
"The collection and preservation of digital evidence needs to be prioritised by business organisations and should be considered a legal obligation," he said.
Vine said the collection of passenger information by airlines is an example of how some private organisations are helping authorities with data for border control programmes.
Sharing information between banks and police works well in countering crime such as fraud, said David Wall, professor of criminal justice and information technology at Leeds University.
But he said experience has shown that information gathering and sharing processes soon collapse if sustainability has not been considered from the outset.
John Mooney, detective superintendent at the National Police Improvement Agency, said forensic readiness should be part of standard business processes.
This is the best way to ensure such programmes continues long after the individuals that have initiated them have left an organisation, he said.