Tuesday, 25 June 2013

To Protect and Serve Coffee

So much is currently in the news about government surveillance, I'd like to look at a different intersection of law enforcement and data retention - how the police can help you when you are the victim of a cyber-attack.

Unfortunately the decision to involve the police is not trivial, and really depends on what outcome you are hoping for.  If you just want the problem to go away, involving law enforcement can get in the way of your recovery, as they will want to collect forensically sound evidence, and the process of going to court can and does take years.  Even if you go down this path, the likelihood of restitution is very low and it will cost a fortune.  So most businesses don't bother.

If it were a physical crime, we automatically report it as this is a necessary precondition to claiming on our insurance.  There is also no stigma about being broken into physically.  But things are different in the cyber world - there is no cyber-insurance to claim on, and there definitely is a stigma about being hacked.  This is even more reason for businesses to fix it and move on without police involvement.

But if we look at this in a slightly different way, the view changes.  Instead of looking to law enforcement to locate and prosecute the offenders, we can ask for their assistance in collecting and storing any evidence we might need in the future, and provide them with anonymised information that helps to build a profile of the cyber-crime landscape.

Less protect and serve, and more coffee and collaboration.

Unless you are the bad guys, the police are not your adversary, and they really can be good friends.

Phil Kernick Chief Technology Officer
@philkernick www.cqr.com