The CC-DRIVER LEA Working Group (WG) debated in its 7th Edition the issue of managing European security projects as a LEA. Fifteen participants from Germany, Greece, the Netherlands, Spain, Sweden and United Kingdom participated in the discussion on Monday, 7th November 2022, sharing experiences, challenges and recommendations on two key topics. The meeting started with a general introduction on innovation – a crucial and integral element of any modernization process–, then moved on to specific concerns about cybercrime, addressing the issue of underreporting among the different participating LEAs.
Innovation may refer to different facets: it could be a new technology, an organisational reform, or an instrument that changes the methodology when dealing with certain issues. In the same way that automobiles and radio communications disrupted the usual police service, new technological breakthroughs like drones, AI, and communications in the digital age are likely to have a similar impact. Considering this background, LEAs, together with industry and academia, cooperate to produce innovative solutions and research.
In general, the most usual contributions LEAs make in this environment are:
Description of requirements: crucial role in letting industry and academia know our main gaps and needs to improve our performance.
Defining use cases, as well as creating complete operational scenarios in realistic environments to test the developed technologies.
Evaluation tasks.
Capacitation and training.
Data analysis/gathering.
Dissemination of the project's results, especially among LEAs.
As a general resource for managing EU funded projects, PM² methodology was recommended, which is a project management methodology developed and supported by the European Commission. Besides, LEA participants shared their experiences when managing EU security projects and some challenges were also pointed out. It was discussed that, sometimes, the developed tools may not meet the LEAs’ expectations, and we have to be clear about the requirements’ elicitation, as well as about the deficiencies found when performing our evaluation tasks, so that technical partners and/or academia can address them adequately. An added challenge to this is that in order to evaluate a specific tool it usually takes a high degree of technical knowledge, and not all the LEA members may meet this requirement. As a result, the need of delivering adequate capacities and training activities for this purpose was highlighted.
Concerning LEA resources, it was discussed that due to the typically functional structure of LEAs, members and other resources usually have to be ‘borrowed’ from multiple sections. Thus, LEAs may have limited possibilities to free their workforce to interact with academia or with industry in R&D activities as well as to monitor R&D outputs that may be useful for their daily operations.
In regards to communication and dissemination activities, as LEAs sometimes suffer a lack of communication between themselves, some LEA networks which have been effectively used by the participants to enhance communication and dissemination efforts of EU funded projects were shared, namely CERIS (Community for European Research and Innovation for Security) and Ileanet. On the other hand, there is space for enhancing the exploitation of results because of several challenges that were discussed: although a specific result can produce a tangible benefit for the organisation, decision makers may ultimately decide that it is not worth implementing it. Besides, further financing in order to achieve a certain Technology Readiness Level (TRL), or adequate support once the project finalises, could be needed, which is not always the case.
Last but not least, the focus shifted to discussing the problem of underreporting cyber-attacks, which is a core theme that LEAs usually address when managing EU Cybersecurity projects. As an introduction, several pieces of data were shared, such as the ones produced by Statistics Netherlands (CBS), which shows that in approximately 13 percent of all cases of identity fraud, fraud when buying or selling online, hacking and cyber bullying combined in 2019, the police was notified. The reporting of cybercrime has not changed substantially in recent years. This indicator shows that there is room for improvement when reporting cybercrime, and the LEA WG participants discussed the possible causes of underreporting, which can be summarised as follows:
Lack or deficiency of reporting mechanisms. It was discussed that not all cybercrimes can be reported online in certain countries, such as the Netherlands and Spain. For certain cybercrimes (such as cyberbullying), close communication with schools was shared as a best practice.
Lack of public confidence in the LEA's ability to prosecute cybercrime. In Spain, as stated in the 2021 Spanish Cybercrime Report, merely 16% of the cybercrime cases were solved (46.141 out of 305.477 cases).
Difficulties in prosecuting the offender, which may be minors, from a third country, etc.
Lack of victimization awareness.
The victim's own embarrassment.
Perceived reputational risk to brands and companies.
The next LEA WG edition will be a joint event with CYBERSPACE project.
CC-DRIVER will come to an end in March 2023. We will stay to be stronger together against cybercrime - the LEA Working Group will continue under the patronage of CYBERSPACE.
If you are a LEA and would like to participate in the 8th edition, please contact Valencia Local Police.
If you are a LEA and would like to join the LEA Working Group, please contact the Center for Security Studies (KEMEA).
Contact us for more information on the project and further updates, sign up for our newsletter and follow us on Twitter, LinkedIn, and Youtube.