The CIO’s guide to understanding cybercrime investigations
BUSINESS leaders agree that cybercrime is increasing rapidly. As a result, corporate cybersecurity strategists are often puzzled by the pace and find themselves struggling to keep up.
The missing link to a stronger cybersecurity policy is the support of a cybercrime investigator. These new-age professionals are finding employment in government agencies and corporate organizations as a result of their fresh and unique approach to the problem.
To better understand what cybercrime investigators do, where they train, and how they contribute to organizations, Tech Wire Asia caught up with Boston University Cybercrime Investigation & Cybersecurity Program Director Kyung-Shick Choi ahead of his presentation at Interpol-World in Singapore next week.
“Cybercrime requires a fresh response from law enforcement officers trained in both cybercriminal behavior and information technologies (IT).”
Kyung-Shick admits that cybercrime training is not yet commonplace in the US — despite the growing demand, not just from students but also from organizations looking to hire new graduates.
“Although many universities are focusing on cybersecurity issues, very few programs offer an interdisciplinary approach combining criminal justice, digital forensics, and cybercrime investigation, which is crucial to prevent, investigate, and respond economic, cyber and high-tech crimes.”
Cybercrime investigators study cyber criminology, an interdisciplinary study of the causes of cybercrime which combines knowledge from criminology, psychology, sociology, political science, computer science, and cybersecurity to deliver an in-depth understanding of the nature of cybercrime in the criminal justice field.
According to Kyung-Shick, the demand for cybercrime investigation and cybersecurity professionals in both the private and public sectors is increasing significantly because enterprises are constantly operating with very sensitive data and are responsible for the security of information.
“According to the U.S. State of Cybercrime Report (2018), nearly half (43 percent) of survey respondents reported that cybercrimes committed by insiders were costlier than those committed by outsiders.
“Having an effective cybercrime investigation unit can definitely strengthen a company’s internal security and potentially prevent cybercrime incidents.”
Cybercrime investigators: Not disrupted by AI
With the growth of digital and information technology, issues of cybercrime have become more prevalent as seen in numerous recent cases of severe security breaches, identity theft, digital fraud, online drug-trafficking, cyber-bullying, and online interpersonal crimes.
“Unfortunately, the current capabilities of many law enforcement agencies are very limited despite such a heightened level of awareness and concern for the role recent technology has in facilitating cybercrime and instances of online victimization.”
The biggest challenge in the area of cybercrime investigation, Kyung-Shick believes, is equipping adequate human resource.
Since most law enforcement officers professionals lack knowledge concerning the processing of computer data and related evidence, more specialized computer forensics and digital evidence training programs are needed to meet the needs of local and state law enforcement agencies.
Such professionals, of course, can find plenty of opportunities in businesses as well, to augment regular cybersecurity protocols with new parameters involving criminal behavior and incident intelligence.
Kyung-Shick points out that although technologies such as artificial intelligence (AI) are helping cybercrime investigators do their job more efficiently, AI and similar technologies will never replace human professionals in this field.
“AI is already assisting cybercrime investigation tasks using machine learning to narrow massive amounts of digital evidence such as pictures, message contents, media, etc. AI can assist a crime investigator a place to start for connecting all the potential dots from finding evidence to conducting interviews and arrest proceedings.”
“However, AI will never replace with cybercrime investigators because cybercrime investigation requires not only understanding and interpreting digital evidence associated with criminal profiles and motivations but also entails constant making decision process through complex human-interactions,” concluded Kyung-Shick.
While cybercrime investigators are hard to find, it seems as though professionals in the niche are finding that demand for their skills is constantly growing — in the world of business, academia, as well as regulations.
Organizations and agencies that want to protect themselves effectively might consider bringing in such investigators given their specialized training and expertise in the fields of cybercriminal behavior and IT.