Cybercrime & Cybersecurity Training Programs
Cybercrime and cybersecurity training is an area of interest to law enforcement agencies, think-tanks, policymakers, and academics alike. Said programs are intended to provide law enforcement with the skills to address and/or prevent various cybercrime-related issues. Despite a general consensus around the importance and need for an effective cybercrime and cybersecurity law enforcement training module, no study to-date has empirically tested the effectiveness of a particular cybercrime or cybersecurity training program. Similarly, no particular module has been consistently utilized across law enforcement agencies. The only outcome and suggestion has been the need for law enforcement officers to be better equipped to respond to cybercrime calls for service.
Is the program based on research?
While no study to date has empirically tested the effectiveness of a particular cybercrime or cybersecurity training program, research has identified a lack of knowledge surrounding cybercrime and cybersecurity as one of the biggest impediments to effective cybercrime enforcement. In particular, knowledge regarding cybercrime and cybersecurity are lacking at the organizational level, hindering the enforcement and positioning of such knowledge in police roles. Frontline officers are particularly challenged by cybercrime calls for service, as, while they are expected to be first responders, they are limited in both knowledge and training to deal with such instances.
Has the program been independently evaluated?
Numerous studies have surveyed law enforcement officers on their perceptions and experiences with cybercrime and/or cybersecurity training, finding that officers tend to favour face-to-face training rather than online eLearning modules. In fact, officers favour face-to-face approaches because it gives them the opportunity to seek clarity over particular issues. Other studies suggest that mainstream training modules may not be appropriate to address the variety of roles within law enforcement agencies, hinting at the need for more tailored cybercrime training programs.
Was the program rigorously tested?
No specific cybercrime module has been rigorously tested or evaluated, as law enforcement agencies offer different training modules depending on their organizational level, role, need for training, and available resources.
Has the program evaluation been replicated?
Given that no particular law enforcement cybercrime program and/or module has been empirically tested, there is an absence of scholarly literature on program evaluation replication.
Was the program tested in Canada?
There is no published, peer-reviewed Canadian literature available at this time.
*Our reviewer adds that cybertraining programs have been implemented in other countries, such as New Zealand, Switzerland and the UK, but, to date, there are no evaluations of their effectiveness.
While numerous studies have explored officers’ perceptions of cybercrime training, no empirical evaluation or replication of a particular module has been conducted. Results from these studies should be interpreted with caution as dissimilar findings may stem from different training programs and modules.
Assessor: Jin Lee, Michigan State University
Jin R. Lee is a Ph.D. student at the School of Criminal Justice at Michigan State University. His research interests are in cybercrime, online interpersonal violence, cybersecurity, cyberpsychology, computer-mediated communications, and big data. Jin is a knowledge contributor and member of both Boston University's Center for Cybercrime Investigation & Cybersecurity (CIC) and Michigan State University's International Interdisciplinary Research Consortium on Cybercrime (IIRCC). Additionally, Jin serves as the Editorial Assistant for the International Journal of Cybersecurity Intelligence & Cybercrime. His recent work has appeared in Crime & Delinquency, Policing: An International Journal, Journal of Interpersonal Violence, International Journal of Offender Therapy and Comparative Criminology, International Criminal Justice Review, Computers in Human Behavior, International Journal of Cyber Criminology, International Journal of Cybersecurity Intelligence & Cybercrime, and Information, Communication & Society.
Reviewer: Dr. Benoît Dupont, Universite de Montreal
Benoit Dupont is the Scientific Director of the Smart Cybersecurity Network (SERENE_RISC.ca), as well as being Professor of Criminology at the Université de Montréal, where he holds a Canada Research Chair in Security and Technology. He is also a member of the International Centre for Comparative Criminology and studies Internet Governance, Cyber Warfare, Cybersecurity and Policing.
Burruss, G., Howell, C. J., Bossler, A., & Holt, T. J. (2019). Self-perceptions of English and Welsh constables and sergeants preparedness for online crime. Policing: An International Journal, 1-15.
Cockcroft, T., Shan-A-Khuda, M., Schreuders, Z.C., & Trevorrow, P. (2018). Police cybercrime training: Perceptions, pedagogy, and policy. Policing: A Journal of Policy and Practice, 1-19, HMIC. 2018. Real Lives, Real Crimes.
Holt, T.J., & Bossler, A.M. (2012). Predictors of patrol officer interest in cybercrime training and investigation in selected United States police departments. Cyberpsychology, Behavior, and Social Networking, 15(9), 464-472.
Koziarski, J. & Lee, J.R. (2020). Connecting Evidence-Based Policing and Cybercrime. Policing: An International Journal, 43(1), 198-211.
Lee, J. R., Holt, T. J., Burruss, G. W., & Bossler, A. M. (2019). Examining English and Welsh detectives’ views of online crime. International Criminal Justice Review, 1-20.
Schreuders, Z.C., Cockcroft, T., Butterfield, E.M., Elliott, J.R., & Soobhany, A.R. (2017). Needs assessment of cybercrime and digital evidence in a UK police force—CARI Project. Leeds: Leeds Beckett University Cybercrime and Security Innovation Centre.
Stephens, P., & Induruwa, A. (2007, August). Cybercrime investigation training and specialist education for the European Union. In Second International Workshop on Digital Forensics and Incident Analysis (WDFIA 2007) (pp. 28-37). IEEE.