Hieronymus Ukkel - Fotolia

UK businesses and police growing cyber capabilities, summit told

UK businesses and police are getting better at building cyber capabilities, but there is still work to be done, according to the deputy head of the Met Police's Falcon unit

Businesses are getting better at cyber incident response, according to the deputy head of the Metropolitan Police’s Fraud And Linked Crime Online (Falcon) unit.

However, many are still not giving incident response enough thought, detective chief inspector Andrew Gould told the European Information Security Summit 2016 in London.

“Either having no incident response plan or having a plan that is not tried and tested is a key vulnerability in many businesses, although that is changing,” he said.

Gould admitted that the police cyber crime fighting capability has also struggled to keep pace with the rate at which traditional crime such as fraud is moving online.

“But that is why Falcon was set up 18 months ago,” he said, with the unit marking its first big successful operation after just six months.

“We made 25 arrests and have already recovered £40m of the estimated £90m stolen by organised crime families working together to trick people into revealing their online banking credentials,” he said.

Gould admitted there is still much to be done to improve police capabilities to deal with cyber crime, but described the operation as “a good first effort”.

Since it was established in August 2014, Gould said Falcon has recorded more than 1,000 arrests with a 25% charge and conviction rate, which he said is a “positive outcome”.

The next important milestone is to set up a 24-hour response centre for businesses targeted by cyber crime, which he said should be announced “within weeks”.

“The aim is to address the lack of a clear picture of cyber crime in the UK, with most of the intelligence residing within the banking sector,” said Gould.

Although Falcon’s initial focus was on small and medium-sized enterprises (SMEs) in London, he said there has been growing demand for assistance from larger companies.

Gould believes this is driven by companies’ growing concerns about their ability to prove that they are compliant with the coming EU General Data Protection Regulation.

Read more about the NCA and the NCCU

On a national basis, rapidly ramping up law enforcement engagement with business on cyber crime is a top priority for the National Crime Agency’s cyber crime unit.

The NCA’s National Cyber Crime Unit (NCCU) is allocating more resources, which means training more people to engage with businesses to share information, best practice and expertise in combating cyber crime, the NCCU’s deputy director Sarah Goodall told Computer Weekly.

On an international basis, she said law enforcement collaboration around cyber crime is making progress.

Building capacity is an important part of the international collaboration effort and, to that end, the NCCU hosted a cyber attack simulation exercise in December 2015.

Goodall said this was done to test how investigators and prosecutors across seven European countries and the US would work together in the event of a complex international cyber criminal incident.

Read more on Hackers and cybercrime prevention