Workplan
OBJECTIVES
CC-DRIVER has one overarching issue to be solved, that is, understanding the human and technical drivers of cybercrime and how to use that knowledge to reduce cybercrime and to deter young people from a life of crime.
To that end, CC-DRIVER has five key interrelated objectives:
OBJECTIVE 1
OBJECTIVE 2
OBJECTIVE 3
OBJECTIVE 4
OBJECTIVE 5
Investigate the modalities of how "cybercrime-as-a-service" is offered and connections with different criminal activities and develop tools for LEAs that take into account these modalities.
This will help prevent and/or mitigate the impact of criminal acts and assist the understanding of trends, thereby enabling prevention and law enforcement.
Investigate, identify and explain drivers of new forms of cybercriminality.
We will specifically focus on understanding human factors that determine criminal behaviours, such as cyber juvenile delinquency, adolescent hacking and online disinhibition as well as youth decision-making processes using a multidisciplinary approach.
Create an online questionnaire that young people and organisations can use to assess their vulnerability to cybercrime.
We will create an online assessment / awareness / educational tool to enable youths to develop insights regarding their vulnerability to becoming involved in cybercriminal activity. Our "Cyber Expert or Cybercriminal" metric will be led by UEL academics who have expertise in survey design, will be informed by previous research (Aiken, Davidson, & Amann, 2016) along with the findings of this project, and will build on Europol's public awareness and prevention campaigns. We will create a parent, caregiver, educator and other stakeholders "Pathways into Cybercrime" checklist (PCC) resource which will 'red flag' youth behaviours or attitudes that may facilitate cyber delinquency or criminality. We will also develop and demonstrate a self-assessment questionnaire on the CC-DRIVER website that SMEs, civil society organisations and other can use to check their vulnerability to cybercrime attacks. Stakeholders will be able to download the self-assessment questionnaire or complete it anonymously via the EU survey website.
Support the EU Security Union by developing policy responses for Member States to assist harmonisation in tackling cybercrime and by
-
reviewing existing national cybercriminality policies in eight Member States, particularly regarding juvenile cybercriminality;
-
conducting a gap analysis by identifying touch points where the policies are the same or similar and where there are differences;
-
developing appropriate policy responses ("the toolkit"), notably policy templates or benchmarks that Member States can use to more closely harmonise their policies addressing adult and juvenile cybercriminality;
-
discussing those in workshops with stakeholders;
-
sending the draft policy toolkit to at least 80 policy makers and other stakeholders for their feedback;
-
producing a second iteration that will be sent to all relevant stakeholders for implementation;
-
contacting stakeholders after three months to check how fit for purpose the policy toolkit is;
-
as necessary, revising the toolkit and disseminating again to policy makers and other stakeholders.
Maintain European societal values, fundamental rights and applicable legislation, within the proposed work. Given the nature of this research, we will include a focus on privacy, protection of personal data and the free movement of persons. We will co-develop a strategy for dealing with societal aspects of cybercriminality (e.g., perception of security, possible side effects of technological solutions, societal resilience, gender-related behaviours) with LEAs, policy makers and industry.
WORK PACKAGES
The CC-DRIVER project comprises eight work packages with a high degree of interaction:
WORK PACKAGE 1
WORK PACKAGE 2
WORK PACKAGE 3
WORK PACKAGE 4
WORK PACKAGE 5
WORK PACKAGE 6
WORK PACKAGE 7
WORK PACKAGE 8
Project management
-
Complete the project on schedule, including timely delivery of the deliverables and fulfilment of the terms of the Grant Agreement.
-
Ensure good relations between the consortium partners and effective communications with the European Commission.
-
Provide timely administration of the project's budget.
Ethics requirements
The objective is to ensure compliance with the 'ethics requirements' set out in this work package.
Scoping cybercriminality and technical capabilities
​In WP2, the partners will study the cybercrime phenomenon from a multidisciplinary perspective and will review the technical capabilities of criminals and those fighting them to define priorities for the work in WP4 and WP5 and provide initial points
-
Analyse existing and forecast future manifestations of cybercrime, starting with a literature review of disciplines.
-
Analyse drivers of new forms of cybercriminality.
-
Review strategies of cybercriminals and technical and business aspects of cybercrime-as-a-service.
-
Review tools used in counter-cybercrime activities and identify gaps.
Analyse human factors driving cybercriminality
-
Conduct a literature and expert review of cyber juvenile delinquency and criminality and perform quantitative and thematic analysis into motivations and drivers of cybercriminal behaviour.
-
Conduct an online survey of 1,000 respondents in each of eight EU countries and analyse data using SPSS exploring applicability to range of theoretical frameworks across disciplines.
-
Develop an adapted model of the Theory of Planned Behaviour (TPB) analysing youth intention to engage in cybercrime, a Theory of Planned Behaviour Cybercrime (TPBCC).
-
Develop a Youth Self-assessment Metric (YSM) and "Pathways into Cybercrime" checklist for parents, caregivers and educators.
-
Design a deterrence prototype in collaboration with LEAs to stage active interventions targeting juvenile criminality.
-
Develop a range of evidence based educational, awareness and intervention programmes for EU networks.
Tools and training materials for LEAs, cybercrime vulnerability self-assessment
The main goal of this WP is to integrate the findings of WP2 and WP3 in the development and validation of specific tools for LEAs and questionnaires for SMEs, CSOs and young people. At the same time, the tools will support the research work in WP3. WP4 has the following specific objectives:
-
Produce a cybercrime vulnerability self-assessment questionnaire for SMEs and CSOs.
-
Design, develop, validate and pilot a set of tools assisting LEAs in fighting cybercrime.
-
Develop and test training materials for LEAs.
A cybercrime policy toolkit
The goal of WP5 is to develop a cybercrime policy toolkit to provide LEAs, ENISA and the wider community of stakeholders with a pragmatic set of guidelines and tools to help combat cybercriminality within their spheres of influence or control / jurisdiction. Specifically, this WP will drive to the following tangible, pragmatic outputs:
-
Complete a benchmark review of existing national cybercriminality policies in eight Member States, regarding both juvenile and adult / professional cybercriminality. This will establish a factual basis for CC-DRIVER to develop its policy toolkit for Member States.
-
Conduct a gap analysis of the benchmark findings. This will enable CC-DRIVER to articulate a “common core” set of policies for implementation in the policy toolkit.
-
Produce a set of good policy practices addressing cybersecurity so that policymakers can learn from each other.
-
Produce a policy framework that identifies a comprehensive list of cybercriminal issues and the key elements of an appropriate policy response.
-
Socialise the draft template with members of the stakeholder group and incorporate suggestions into a final policy toolkit for publication.
Ethics, data protection, socio-economic impact assessment
-
Respond to EC ethics requirements.
-
Develop an ethics and data protection protocol for partners.
-
Conduct an ethical, data protection and socio-economic impact assessment.
-
Develop training materials for LEAs.
-
Analyse citizen views on cybercriminality in the EU.
-
Co-develop a strategy for addressing the socio-economic aspects of cybercriminality.
-
Manage and interact regularly with the project’s Ethics Board.
Dissemination, exploitation and communications
Efficient dissemination activities will support the project’s plan for the exploitation of its results during and after the project. The communications activities will focus on the project and its results during the project. The objectives of this WP are the following:
-
Identify and characterise the stakeholders whom the consortium wishes to reach and compile a contact list comprising contacts on their organisations’ website and with whom we can share the project’s results using the GDPR legitimate interest criterion and/or informed consent. Engage with stakeholders, integrating feedback at key points in the design, development and deployment of project results.
-
Elaborate and implement the project’s dissemination and exploitation plan aimed at stakeholders’ use of the project’s results during and after EU funding comes to an end. Promote project results through journals, magazines, newspapers and professional outlets and through presentations at scientific meetings and industry expositions (e.g., IFSEC in London) at national and international levels.
-
Elaborate and implement the project’s plan of communications activities aimed at informing the public, media and all stakeholders about the EU-funded project, its activities and results.
-
Create and operate the project’s website and promote the project identity via social media accounts (e.g., LinkedIn, Twitter, Youtube) for current, up-to-date sharing of information and engaging with stakeholders.
-
Elaborate and initiate a plan for exploitation of the project results.