2019 March 28

SecDef Forum on Cyber Threat Intelligence and Investigation Operations for Law Enforcement

On Friday March 22nd, CEIS hosted a SecDef Forum on recent trends in cybercriminality and their impact on law enforcement investigation operations, as part of the ENFORCE project coordinated by CEIS, which aims to create and implement trainings in countering cybercrime.

General (ret.) Jean-Paul Paloméros, former NATO Supreme Allied Commander Transformation and now senior advisor at CEIS moderated the exchange, which gathered a group of some 30 police and security experts from EU institutions and member states.

The event featured Theo Van Den Plas, Commissioner for Digitisation and Cybercrime at the Dutch National Police, Yves Vandermeer, Chairman of the European Cybercrime Training and Education Group (ECTEG), Alexandre Dulaunoy – Lead Security Researcher, Computer Incident Response Centre Luxembourg (CIRCL) and Vincent Riou, Head of Cyberdefence at CEIS. Discussions began by taking stock of the rapid evolutions of cybercrime and the consequences for law enforcement professionals.

Cybercrime practices have evolved at a fast pace in recent years, echoing the acceleration of digitalisation. Cybercriminals, just like regular citizens, are increasingly tech-savvy and, as such, are using new tools and modes of actions made possible by widely available new technologies such as blockchain encryption, cryptocurrencies, and the Internet of Things (IoT).

Law enforcement practitioners must adapt. Cybercrime evolves on an almost daily basis, affects all sectors of human activity, remains hard to trace, evidence and prosecute, and may outside the scope of national law enforcement – increasing risks of impunity. In addition, the importance of the human factor remains an ongoing challenge: the weakest link often remains the user.

Upgrading the technical and operational skills of law enforcement authorities fighting cybercrime is thus fundamental to keep the pace with technological and criminal developments. Panellists discussed how to improve recruitment and training of staff, including through public-private partnerships. They underlined the importance of life-long learning as well as informal education and knowledge-sharing, encouraging a fundamental change of approach for the law enforcement sector.

Tackling cybercrime does not only require improving technological capacities and upgrading staff skills, it is also about understanding and anticipating cybercriminals’ strategies. Just as important is the creation of a new cybersecurity culture across societies and economies as an essential step towards building prevention capacities and a more sustainable cyber environment. In this context, new legal tools are not to be perceived as constraints, but rather as enablers in creating transdisciplinary, societal awareness.

In this new, fast-evolving environment, States must prepare for a “new age of police”: fast-paced, innovative, skills-oriented, human-centric, trans-sectorial and sustained by a new societal cybersecurity culture.