UK Police Cybercrime Training

UK think tank Parliament Street has lifted the lid on spending by police forces on training staff to deal with cyber-crime and recommended greater collaboration in this regard

UK police forces have spent a total of £1,320,341 on cyber crime training courses in the past three years, according to a report from the Parliament Street think tank.

The Policing and Cybercrime policy paper, which is based on freedom of information (FoI) requests sent to all police forces in the UK, also reveals that a total of 39,483 police staff and officers underwent training across the UK in that period.

North Wales Police topped the list with £375,488 on cyber-crime training for officers and staff between 2015 and 2017. This included a dedicated five-day mainstream cyber training course for 147 key staff, costing £160,000.

There was also a one-day cyber-crime input course for all new Initial Police Learning and Development Programme (IPLDP) recruits for 183 officers which cost £29,900. An additional £52,300 was spent on a similar course for 68 criminal investigation department (CID) officers.

West Mercia and Warwickshire Police spent £125,633 on cyber-crime training, followed by Lincolnshire which stated it had spent £119,834. This was followed by West Midlands Police on £91,200 and Police Scotland on £83,121.

On the lower end of the scale, Norfolk and Suffolk police forces reported a combined spend of £71,100. This included sending 3,882 staff on a cyber-crime and digital policing first responder course, while 147 staff members were sent on a digital media investigator course costing £6,500. Some £15,000 was also spent on an open source level 2 course for 87 members of staff.

The report said while the majority of UK police forces responded to the FoI request, several were unable to provide specific data around training costs, and could only identify how many officers and staff had experienced the training programmes available.

South Yorkshire Police, for example, said it had sent 71 officers on a mainstream cyber-crime training programme, and provided a course on hacking and how cyber criminals operate.

The lowest level of spending was reported by the Port of Dover Police, a small organisation, which said none of its staff had been trained and no budget had been used on cyber-crime training.

Cyber skills essential for modern policing

Sheila Flavell, COO at professional services firm FDM Group, said with cyber crime on the rise, it is clear that all organisations are urgently seeking to recruit, train and equip staff with the latest security expertise and cyber skills.

“Whether it’s online courses or specialist programmes, it’s encouraging to see police forces taking steps to improve IT skills of serving officers and staff,” she said.

Flavell said these skills are not only vital for modern policing, they are also essential to support and protect businesses across the country.

“That’s why so much more needs to be done to address the UK’s chronic skills crisis, to ensure we have the highly skilled workers to protect companies and the public from malicious online attacks,” she said.  

Underlining the need for cyber-crime training for police forces, the report said the UK Office for National Statistics (ONS) reported that there were 4.7 million incidents of fraud and computer misuse in the 12 months to September 2017.

Other reports have estimated that 17 million Britons were targeted by phishing, ransomware, online fraud and hacking in 2017, while security firm Norton estimated that £130bn was stolen from consumers online.

Cyber crime is on the rise, the report said, and will continue to pose a serious threat to UK businesses, consumers and critical national infrastructure.

“This in turn, places huge pressure on our police forces to ensure that officers, staff, new recruits and trainees are fully prepared to handle increasingly complex investigations,” the report said.

Collaborating against cyber crime

The report quotes National Cyber Security (NCSC) chief Ciaran Martin as saying the agency cannot protect UK cyber space alone. “We can do it only by working with others, with the rest of government, law enforcement, the Armed Forces, our international allies and, crucially, with business and wider society,” he said.

The report notes that while some police forces are working together occasionally to develop cyber-crime training programmes, the majority are still working alone in this process.

“While we appreciate that individual forces have varying challenges in terms of crime, headcount and volume of citizens to protect, it would make sense to develop a more standardised approach to cyber-crime strategy,” the think tank said.

Parliament Street recommends:

  • The establishment of a national police cyber strategy to enable security specialist companies to provide an agreed standard of training for all officers and staff across the country.
  • An increase in the recruitment of officers with existing cyber skills.
  • That police forces work closely with schools, colleges, universities and private companies to ensure a pipeline of highly skilled workers are encouraged to join the police.
  • Sharing of key security training services with other police forces.

Computer Weekly

You Might Also Read: 

Police Arrest Bank Hacker Who Stole $1B:

 

« US Imposes Cyber Sanctions On Iran
How to Improve Cyber Security Awareness In Your Organisation »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Securosis

Securosis

Securosis is an information security research and advisory firm dedicated to improving the practice of information security.

CERT Syria

CERT Syria

CERT Syria is the national Computer Emergency Response Team for Syria.

Iceberg

Iceberg

Since 2016, Iceberg has redefined how businesses approach hiring in the Cybersecurity and eDiscovery space.

Hexnode MDM

Hexnode MDM

Hexnode MDM is an award winning Enterprise Mobility Management vendor which helps businesses to secure and manage BYOD, COPE, apps and content.

Nuspire

Nuspire

Nuspire provide services to protect your network with best-in-class managed detection and response, allowing you to stay focused on managing your business.

Hysolate

Hysolate

Hysolate has transformed the endpoint, making it the secure and productive environment it was meant to be.

SecureThings

SecureThings

SecureThings focus is to provide guidance and technology to secure connected vehicles in order to build end-to-end security for the automotive industry.

BitNinja

BitNinja

BitNinja provides full-stack server security in one easy-to-use protection suite. Enjoy real-time protection, automatic false positive handling and threat analysis for more in-depth insights.

AirEye

AirEye

AirEye is a leader in Network Airspace Protection (NAP). Block attacks against your corporate network launched from wireless devices in your corporate network airspace.

Bedrock Systems

Bedrock Systems

BedRock Systems is on a mission to deliver a trusted computing base from edge to cloud, where safety and security isn’t just a perception, it’s a formally proven reality.

Vectra AI

Vectra AI

Vectra threat detection & response - see and stop threats across hybrid and multi-cloud enterprises.

Metabase Q

Metabase Q

Metabase Q protects you from financial and reputational losses with more efficient and intelligent cybersecurity, using the best worldwide in technologies, processes and specialists.

SecurEnvoy

SecurEnvoy

SecurEnvoy are a leader in designing zero access trust solutions using the latest cutting-edge technologies, to protect your users, devices and data, whatever the location.

S2W

S2W

S2W is a data intelligence company specialized in cyber threat intelligence, brand/digital abuse, and blockchain.

TrustMe

TrustMe

TrustMe’s integrated platform for business trust and resilience keeps organizations safe, secure, and trustworthy.

Hexagate

Hexagate

Hexagate is at the forefront of blockchain threat prevention and automated risk management, proactively detecting and mitigating threats to smart contracts and onchain assets.