The Power of Collaboration Against Cybercrime

By Greg Day, EMEA Security CTO for Symantec | December 12, 2011 | Leave a Comment 

Greg Day, EMEA Security CTO for Symantec

Recently, I once again joined delegates from across the globe in Strasbourg to speak at the Council of Europe’s Cooperation against Cybercrime Conference. Bringing together industry, law enforcement, legal and policy experts, the conference marked the 10th year of the Budapest Convention – the first treaty for online crime that has aimed to define a common framework for cybercrime legislation.

In the decade since the treaty opened for signatures, 47 countries have signed, and 32 of those have converted it into local legislation. During the conference, seeing these countries stand up and proudly announce their efforts to implement cyber laws and, in some cases, even highlight early successful prosecutions, was a very powerful experience.

However, while the convention continues to represent a great step forward, with nearly 200 countries in the world it is important to recognise that there is still plenty of work to be done. Although I realise that not all of these countries are part of Europe, a precedent has already been set with non-European countries such as the USA, Canada and Japan signed up.

It was clear that The Council of Europe’s cybercrime initiative isn’t resting on its laurels with the conference highlighting the next phases we can expect. These include plans to implement training for judges and law enforcement, regional workshops and intelligence gathering and sharing, as well as, looking at the broader picture of international cyber strategy and the role that cybercrime plays in this.

The key topic that comes up year after year at the conference is ‘cooperation’ with the need and want for public private partnership seen as a key for success. As an example of collaboration, 2Centre (www.2centre.eu) aims to bring together academia, industry and law enforcement to drive training and create centers of excellence. Thus far centers of excellence are in the process of being created in France, Ireland, Belgium and Estonia, with requests for many others.

The other key topic is capacity planning. As countries develop legislation, a burden moves along the process. It puts new pressures on law enforcement to have the scalable resource to investigate, handle ever-increasing volumes of forensic data and independently take on the challenge of an internationally standardised evidence gathering processes and techniques.

When you consider these two themes together, a clear risk is apparent. As more collaboration takes place, there simply is not, at this point in time, the resource to scale to the evolving scope of cybercrime.

While security vendors, such as ourselves, could provide insight on the scale and scope of what we are seeing, with twenty plus new threats per second and given the increased interdependency of networks and systems, greater coordination between the public and private sector is vital. This can enable a common understanding, identification and recognition of possible cyber threats and ensure efforts and resources to address specific risks are effectively deployed. Information sharing partnerships have a key role to play in effective cooperation against cyber threats and can help to distill information into tangible actionable data that can then be used to address a specific risk and where possible provide alerts.

My overwhelming thought at the close of the conference was, however, that it’s always amazing to see such international cooperation. We all have a role to play and it’s only with all of our participation that we can succeed.