investment in public awareness

InfraGard: Protecting Infrastructure—an information sharing and
analysis effort serving the interests and combining the knowledge base
of a wide range of members. At its most basic level, InfraGard is a partnership between the FBI and the private sector.
■ National Cyber- Forensics & Training Alliance—an early- warning system based on the exchange of strategic and threat among members.
■ Strategic Alliance Cyber Crime Working Group—a global alliance of
law enforcement community sharing and steadily building operational
partnerships for joint investigations of cybercrimes.
■ Cyber Action Teams—small but highly trained teams of FBI agents,
analysts, and computer forensics and malicious code experts who travel
around the world on a moment’s notice to respond to cyber intrusions.
• Setting up publicly funded agencies to go after cyber criminals. Representative examples include:
0 The Secret Service maintains Electronic Crimes Task Forces (ECTFs),
which focus on identifying and locating international cyber criminals
connected to cyber intrusions, bank fraud, data breaches, and other
computer- related crimes. The Secret Service’s Cyber Intelligence Section
has directly contributed to the arrest of transnational cyber criminals
responsible for the theft of hundreds of millions of credit card numbers
and the loss of approximately $600 million to financial and retail institutions. The Secret Service also runs the National Computer Forensic
Institute, which provides law enforcement officers, prosecutors, and
judges with cyber training and information to combat cybercrime.
0 ICE’s Cyber Crimes Center (C3) works to prevent cybercrime and solve
cyber incidents. From the C3 Cyber Crime Section, ICE identifies
sources for fraudulent identity and immigration documents on the Internet. C3’s Child Exploitation Section investigates large- scale producers
and distributors of child pornography, as well as individuals who travel
abroad for the purpose of engaging in sex with minors.
• Security Information Sharing Partnership (CSISP) with long- term plans
to establish a National Computer Emergency Response Team (CERT).
These CERT teams are now in several countries including the United States,
Australia, the United Kingdom and others.
• In addition to sustained awareness programs, legislation is also beginning
to pay off. In the CSI Computer Crime and Security Survey 2009, in which
1—The Changing Landscape of Cybercrime 9
responses were from 443 information security and information technology
professionals in United States corporations, government agencies, financial
institutions, educational institutions, medical institutions and other organizations, respondents generally said that regulatory compliance efforts have
had a positive effect on their organization’s security programs.
• You and I. Cybersecurity is a shared responsibility, and each of us has a role
to play in making it safer, more secure and resilient.
Although investment in public awareness, especially through moral and
ethical education, is long- term, these are encouraging signs that there might
be light at the end of the tunnel if we intensify our training programs. So, we
need to concurrently educate the user as well as develop security tools and
best practices as we look for the essential solutions to the ills of cyberspace.
We focus on them in the rest of the book and we begin by looking at morality
and ethics.