Recently Prof. Bert-Jaap Koops of Tilburg Institute of Law, Technology, and Society – Tilburg University delivered an intensive one-week course on ‘Cybercrime and cybersecurity governance’. I was one of the participants attending the intensive course.
On the very last day, all participants were engaged in group discussions. My group was discussing how to tackle cybercrime in the amazing ICT age? We wanted to propose something new to the present cybercrime prevention debate. At this moment at policy level experts are talking about developing different laws, policies etc. At the regional and international level we have the Convention on Cybercrime. ‘The Convention on Cybercrime of the Council of Europe is the only binding international instrument on this issue’. This convention ‘serves as a guideline for any country developing comprehensive national legislation against Cybercrime and as a framework for international cooperation between State Parties to this treaty’ . Apart from this, there are several countries across the world either developed policies or enacted laws against cybercrime.
Also there are some ‘social service’-type suggestions available mainly on the domains of different newspapers. Those services educate about some ‘universal steps you can take that will greatly reduce your likelihood of attack’.
Sometimes, Police Departments also give advise on how to prevent cybercrime. For example Royal Canadian Mounted Police have given some Cyber Crime Prevention Tips. Like this Royal Canadian Mounted Police, other Police departments of other countries also provide such type cybercrime prevention tips.
However, we all know that it is ‘better to try to keep a bad thing from happening than it is to fix the bad thing once it has happened’. So ‘Prevention is better than cure‘.
Now the question is – the cybercrime prevention measurement that we have is sufficient to tackle cybercrime? The simple answer is NO.
Just two days ago, The Economist in it’s ‘Special Report on Cyber-Security: Defending the Digital Frontier‘ reports, ‘last year over 800m records were lost, mainly through cyber attacks. It also reports quoting another report by Gartner, a research firm, ‘reckons that last year organisations around the globe spent $67 billion on information security and a recent estimate by the Centre for Strategic and International Studies (CSIS), a think-tank, puts the annual global cost of digital crime and intellectual property theft at $445 billion – a sum roughly equivalent to the GDP of a smallish rich European Country such as Austria’. (the Q&A)
Then what could be done? The first thing is- we should think about ‘SET’. What is SET? SET is ‘Security Enhancing Technologies‘. I believe researchers can develop a set of computer tools, applications and mechanisms which – when integrated in cyberspace – allow users to protect the cybersecurity. SET would help to protect the cybersecurity.
Secondly, only developing or inventing SET will not be helpful. The world need to come together with a common ‘Political Will’ to fight Cybercrime.
The world needs to agree on an international policy that would force all country to integrate SET in cyberspace / cyber network / individual computer system etc.