UK Police Cybercrime Training

UK think tank Parliament Street has lifted the lid on spending by police forces on training staff to deal with cyber-crime and recommended greater collaboration in this regard

UK police forces have spent a total of £1,320,341 on cyber crime training courses in the past three years, according to a report from the Parliament Street think tank.

The Policing and Cybercrime policy paper, which is based on freedom of information (FoI) requests sent to all police forces in the UK, also reveals that a total of 39,483 police staff and officers underwent training across the UK in that period.

North Wales Police topped the list with £375,488 on cyber-crime training for officers and staff between 2015 and 2017. This included a dedicated five-day mainstream cyber training course for 147 key staff, costing £160,000.

There was also a one-day cyber-crime input course for all new Initial Police Learning and Development Programme (IPLDP) recruits for 183 officers which cost £29,900. An additional £52,300 was spent on a similar course for 68 criminal investigation department (CID) officers.

West Mercia and Warwickshire Police spent £125,633 on cyber-crime training, followed by Lincolnshire which stated it had spent £119,834. This was followed by West Midlands Police on £91,200 and Police Scotland on £83,121.

On the lower end of the scale, Norfolk and Suffolk police forces reported a combined spend of £71,100. This included sending 3,882 staff on a cyber-crime and digital policing first responder course, while 147 staff members were sent on a digital media investigator course costing £6,500. Some £15,000 was also spent on an open source level 2 course for 87 members of staff.

The report said while the majority of UK police forces responded to the FoI request, several were unable to provide specific data around training costs, and could only identify how many officers and staff had experienced the training programmes available.

South Yorkshire Police, for example, said it had sent 71 officers on a mainstream cyber-crime training programme, and provided a course on hacking and how cyber criminals operate.

The lowest level of spending was reported by the Port of Dover Police, a small organisation, which said none of its staff had been trained and no budget had been used on cyber-crime training.

Cyber skills essential for modern policing

Sheila Flavell, COO at professional services firm FDM Group, said with cyber crime on the rise, it is clear that all organisations are urgently seeking to recruit, train and equip staff with the latest security expertise and cyber skills.

“Whether it’s online courses or specialist programmes, it’s encouraging to see police forces taking steps to improve IT skills of serving officers and staff,” she said.

Flavell said these skills are not only vital for modern policing, they are also essential to support and protect businesses across the country.

“That’s why so much more needs to be done to address the UK’s chronic skills crisis, to ensure we have the highly skilled workers to protect companies and the public from malicious online attacks,” she said.  

Underlining the need for cyber-crime training for police forces, the report said the UK Office for National Statistics (ONS) reported that there were 4.7 million incidents of fraud and computer misuse in the 12 months to September 2017.

Other reports have estimated that 17 million Britons were targeted by phishing, ransomware, online fraud and hacking in 2017, while security firm Norton estimated that £130bn was stolen from consumers online.

Cyber crime is on the rise, the report said, and will continue to pose a serious threat to UK businesses, consumers and critical national infrastructure.

“This in turn, places huge pressure on our police forces to ensure that officers, staff, new recruits and trainees are fully prepared to handle increasingly complex investigations,” the report said.

Collaborating against cyber crime

The report quotes National Cyber Security (NCSC) chief Ciaran Martin as saying the agency cannot protect UK cyber space alone. “We can do it only by working with others, with the rest of government, law enforcement, the Armed Forces, our international allies and, crucially, with business and wider society,” he said.

The report notes that while some police forces are working together occasionally to develop cyber-crime training programmes, the majority are still working alone in this process.

“While we appreciate that individual forces have varying challenges in terms of crime, headcount and volume of citizens to protect, it would make sense to develop a more standardised approach to cyber-crime strategy,” the think tank said.

Parliament Street recommends:

  • The establishment of a national police cyber strategy to enable security specialist companies to provide an agreed standard of training for all officers and staff across the country.
  • An increase in the recruitment of officers with existing cyber skills.
  • That police forces work closely with schools, colleges, universities and private companies to ensure a pipeline of highly skilled workers are encouraged to join the police.
  • Sharing of key security training services with other police forces.

Computer Weekly

You Might Also Read: 

Police Arrest Bank Hacker Who Stole $1B:

 

« US Imposes Cyber Sanctions On Iran
How to Improve Cyber Security Awareness In Your Organisation »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Veridify Security

Veridify Security

Veridify Security (formerly SecureRF), develops and licenses quantum-resistant, public-key security tools for the low-resource processors powering the Internet of Things.

National Defence Radio Establishment (FRA) - Sweden

National Defence Radio Establishment (FRA) - Sweden

The National Defence Radio Establishment (Försvarets Radioanstalt), is the Swedish national authority for Signals Intelligence, also providing Information assurance services to government authorities.

Crest International

Crest International

Crest is focused on professionalizing the technical cyber security market whilst driving quality and standards of organizations that operate within it.

Norwegian Center for Information Security (NorSIS)

Norwegian Center for Information Security (NorSIS)

NorSIS) is an independent organization that works to increase knowledge and understanding of information security for businesses and individuals.

National Intelligence Service (NIS) - South Korea

National Intelligence Service (NIS) - South Korea

The NIS oversees policy on cyber security in South Korea by formulating and coordinating the execution of such policy and devising necessary schemes and guidelines.

London Office for Rapid Cybersecurity Advancement (LORCA)

London Office for Rapid Cybersecurity Advancement (LORCA)

LORCA's mission is to support the most promising cyber security innovators in growing solutions to meet the most pressing industry challenges and build the UK’s international cyber security profile.

Cortado Mobile Solutions

Cortado Mobile Solutions

Cortado Mobile Solutions creates enterprise mobility and file sharing solutions for companies, teams and freelancers.

X4 Technology

X4 Technology

X4 Technology is a leader in finding the very best technology talent for some of the world’s most innovative start-ups and globally recognised brands.

Level Effect

Level Effect

Level Effect is developing new capabilities to bring a unique perspective on proactive network defense and advanced security analytics.

Crypto Quantique

Crypto Quantique

Crypto Quantique's ground-breaking technology radically simplifies the process of generating a hardware root of trust in an IoT device.

M12

M12

M12 (formerly Microsoft Ventures) is the corporate venture capital subsidiary of Microsoft.

Flix11

Flix11

Flix11 is a Cyber Security & ICT Solutions focused company. We provide a range of products and services in Cyber Security, Internet of Things (IoT) and infrastructure solutions.

Conversant Group

Conversant Group

Conversant Group is an IT infrastructure and security consulting company, providing technical, organizational, procedural, and process consulting internationally.

VISO Cyber Security

VISO Cyber Security

VISO provide Cyber Security Consulting and CISO as a Service to companies who need to augment their leadership teams with information security expertise.

Ethnos Cyber

Ethnos Cyber

Ethnos Cyber is Africa’s leading cybersecurity and compliance management company. We provide Information Security, Risk Management, Cybersecurity and Compliance Management solutions to clients.

CyberMindr

CyberMindr

CyberMindr is a SaaS platform for Automated & Continuous Attack Path and Threat Exposure Discovery helps you to proactively identify & assess your attack surface to mitigate associated threats.