The text was originally published as part of the “Entrepreneur Educator. Cybersecurity“.
Discussions on the importance of improving the resilience of businesses and organisations against cyber threats have become a norm. Yet, we often overlook the importance of reporting cyber incidents to law enforcement, regardless of whether they were successful or not.
In my conversations with business leaders and managers, I’ve learned they often question the benefit of engaging with law enforcement regarding cyber incidents. They worry about potential disruptions, fearing that police intervention might impede their operations if computers are seized. Additionally, there’s a concern about triggering further inspections from regulatory bodies like the tax authority or other agencies, adding another layer of apprehension to reporting cyberattacks.
In practice, the battle against cybercrime necessitates a collaborative effort between the private and public sectors. This raises the question: why should incidents be reported to law enforcement agencies?
Collaborative Effort
For years, the police and prosecutor’s office have been diligently enhancing their capabilities to detect and tackle cybercrime. A notable mention is the Central Bureau for Combating Cybercrime, housing numerous experts. Innovations now enable securing the cyberattack evidence by creating mirror copies of data on police drives, thereby removing the need to confiscate business hardware. These agencies specifically concentrate on cyber incidents, without delving into unrelated data.
Understanding the landscape of cybercrime is crucial for protection, and accurate crime data is vital for agencies to allocate the necessary manpower and resources effectively. If only a fraction of cyber incidents are reported, the scale of resources allocated to combat these threats will inevitably fall short of what is truly needed.
European Experiences
Learning from the British Police CyberAlarm initiative can be very beneficial; it enables police monitoring of cyberattacks and assesses companies’ vulnerability to such threats. Participating institutions receive detailed reports on attacks, enhancing their preparedness. This system relies on the police gathering only metadata, ensuring company specifics remain confidential. Crucially, the success of this initiative hinges on mutual trust between businesses and law enforcement.
The Norwegian experience highlights the importance of trust in cybersecurity efforts. The National Cybercrime Center (NC3) has initiated roles for officers dedicated to engaging with the business sector. These officers liaise with both creators and users of cybersecurity technologies, facilitating workshops and lectures, and participating in industry events. This approach helps build trust between the business community and law enforcement, a key element in effectively combating cyber threats and crimes.
It’s crucial to recognise that in today’s environment, the need for cybersecurity extends beyond just protecting against theft for financial gain. Cyberattacks are increasingly becoming elements of hybrid warfare, the goals of which may be very complex and the methods unconventional. Unfortunately, Polish companies and public institutions are increasingly exposed to this type of threats.