Police to give cybercrime-fighting courses

The Metropolitan Police Force is launching a series of e-crime prevention and response seminars for businesses.

The seminars are aimed at improving companies' incident response plans for managing internal and joint police investigations. Three seminars will be held during 2005 -- one aimed at corporate managers, one at security professionals and one at corporate investigators.

Scotland Yard's Computer Crime Unit (CCU) said the seminars are meant to help spread knowledge and reduce cybercrime in IT communities.

"This is to draw together law enforcement, security and legal specialists to deliver a crime prevention package that will raise awareness and assist businesses to implement effective security policies," said detective inspector Chris Simpson. "The lessons arising from several recent investigations are that many forms of system compromise are preventable through the effective management of computer system security."

The CCU currently has nine officers, some of whom have paid for their own IT training. Information Security Solutions is sponsoring the event, which costs £495 to attend.

"Information Security Solutions is one of a number of sponsors to these events" said Simpson. "Any profit made from the seminars will be used to further improve the service we provide to computer users in London through recruitment of additional staff, acquisition of additional equipment and making best use of training opportunities."

Brian White MP, chairman of security lobbying group EURIM, has applauded the creation of the seminars, and said it was acceptable for the police to charge for conferences.

"The more interaction there is between the police force and businesses the better," said White. "But it needs to be a two-way thing. If you look at businesses, they [charge for conferences] all the time. That's the way they work. I don’t think there's any problem with that. The important thing is what the content is and if it'll make a difference. If it's not getting the right level, for example only focussing on big businesses and not small ones, there's a real issue there."

But Paul Simmonds, co-founder of the Jericho Forum -- a security user group -- and global information security director, said it was questionable whether delegates should pay.

"From my point of view I'm very pleased to see them taking the initiative," said Simmonds. "Funding is always a problem so I can understand why they are charging, but it's a grey area. My feeling is that if they didn't charge, they'd get a better response. This way they might lose half the people they're looking to get, but the initiative is something I applaud."

Richard Starnes, UK president of the Information Systems Security Association, was critical of the Metropolitan Police for not funding the seminars. "It's an interesting concept but I'm absolutely appalled that the Metropolitan Computer Crime Unit is so underfunded that they have to enter the commercial realm conducting seminars to raise funds. What's next? The Metropolitan Police commissioner standing outside of Scotland Yard with the Big Issue?"

Detective inspector Simpson wasn't available to respond on Starnes's comments at the time of writing.

The first session is to be held in London on 1 March. Anyone interested can contact DI Simpson by email.