Cybercrime centers are too focused on protecting government systems, and within it, public-private collaboration pose challenges when it comes to the fear of information leakage during the sharing of data and the private sector's worries that the government may penalize them.
According to Ngair Teow-Hin, CEO of SecureAge, many cybercrime centers are structured to focus on protecting government systems and critical infrastructure. As such, they tend to leave out the private sector, and subsequently, they cannot benefit from such government efforts and their computer systems remain vulnerable to cyberattacks, he explained.
His comments follow reports last month that 95 percent of Australia's Cyber Security Center's staff will be from the country's Defense Department. The move has drawn criticism the center will duplicate functions of the country's Department of Defense's own Cybersecurity Center and did not give the private sector a say.
Paul Black, managing principal for Verizon's Risk Team agreed, adding another key challenge is the information sharing between public and private organization. The public sector is hindered by regulatory factors and bureaucracy, while the private sector holds back sharing because of competition and intellectual property (IP), Black explained.
Both sides are also worried that information shared outside their respective organizations may be disclosed to unauthorized parties, he added.
Similarly, Japan's National Police Agency (NPA) too, admitted last month it faced difficulties working with private sector employees to leverage their skills for cybercrime investigations, over concerns that classified information may be leaked.
Additionally, private sectors are also hesitant to collaborate with public sector organizations as there is a fear that opening up to the government may open an opportunity for them to find ways to penalize the private sector's activities or policies, Black added.
Cybersecurity is not a responsibility limited to either the public or private sector but a shared responsibility that has a significant impact on national IT systems and private organizations, the Verizon executive noted.
"Both sides must recognize safeguarding national systems, critical infrastructure, IP can be significantly improved only when both parties combine their resources and intelligence together," he said.
Need for diverse skills, policies and laws to protect information
Cybercrime centers need to include people who truly understand cybercrime activities and technologies used in such a center, Ngair advised.
Many security professionals may be good in traditional methods of protections but cannot keep up with the latest threats and do not understand how cybercriminals' evolving tactics, he pointed out. Such professionals may be able to prevent a "garden variety of threats" but not advanced ones, Ngair warned.
This is why a cybercrime center needs capable cybersecurity professionals, especially people who understand the intrinsic weaknesses in computer systems, the SecureAge CEO said.
Black added staff of a cybercrime center should have a diverse range of skills, ranging from technical intelligence, research, attorneys, developers, software engineers, data analytics professionals, legal compliance officers and criminal investigators.
A transparent and collaborative approach toward information sharing, with right policies should be established to enhance collaboration within a cybercrime center, he added. Proper legal frameworks and work flows need to be established to protect both parties, he explained.
Governments can set up a separate group of experts who do not deal with classified systems so that the group can share the information and knowledge freely with the private industry, Ngair suggested. "This way, the private industry can benefit from the shared information and wisdoms to protect themselves against cybercriminals," he said.