In this part I want to focus on the gathering of cyber crime data. Are there best practices in the world on how cyber crime data is reported and aggregated to show the impact of said crime?
Previously the discussion focussed on the fact that cyber crime = crime and on a basic cyber (crime) training for every police officer. From the reactions this received, it is clear that some people see this as a possible solution. Also it was mentioned that training has been developed to that purpose, even available, but not always deployed. At this moment there seems no urgency at local level to do so. It looks like a hen and the egg problem.
Are cyber crimes reported in vast numbers by the public as well as Industry? From what I hear, the answer is no. And if they do report, are the victims understood? Is the impact of an individual report clear, because it is instantly positioned against other reports across the country or even wider? Is the public urged to report, even on the (individually) smallest deceptions? Is there an easy (Internet based) way for the public to report?
I don’t have the answer to these questions, but my instinct tells me that the answers are all no. Despite this at every single conference I attend it is said that the impact of cyber crime is huge and the damages incurred extremely high. So where do these statements come from? Assumptions? Clear cut figures? Extrapolations from data that is available?
In this contribution I invite you to share best practices with me. What is the situation in your country? Is there a central database to report cyber crimes and frauds in? Are clear cut figures available (because of this)? Are individual local reports aggregated nationally?
I’m looking forward to your reactions.
Wout de Natris
Leiderdorp, 5 December 2010.