Don’t Leave out Law Enforcement in Cybersecurity Planning

Data manipulation is all over the news these days, in more ways than one. It is in the headlines, whether the focus is on election meddling, social media manipulation, ransomware attacks or new risks posed by innovations such as big data analytics, machine learning and artificial intelligence.

It is also in our “news” quite literally, in that some of the information we read or view may have been manipulated to influence our thinking or behavior. This news or information is targeted specifically at us based on our expressed—or even unexpressed—preferences and prejudices.

Criminals are increasingly manipulating or encrypting data for ransom, fraud or extortion. The illegal acquisition of intellectual property can reflect the loss of years of research and substantial investment for organizations across the globe.

What can we do about it?

One of the key steps for business leaders and board members is to understand the vital role that law enforcement can play in dealing with the malicious manipulation of data used for criminal activities. We tend to think of law enforcement as acting in response to crime. However, in the evolving world of cybercrime and data manipulation, law enforcement can—and should—play a critical role in preventing criminal activity.

“In dealing with malicious data manipulation and cybercrime, the expectation is that law enforcement will take on a more expansive and complementary role in defending against, disrupting and deterring illegal activities before they can do harm and cause losses,” says Dr. Philipp Amann, Head of Strategy for Europol’s European Cybercrime Centre (EC3).

Law enforcement is in a unique position, Dr. Amann notes: “Not only do we understand specific modus operandi and techniques when it comes to cybercrime; we are also constantly monitoring trends and threats while analyzing the evolving motivations impelling those who would do us harm.”

Working with Law Enforcement

Once business leaders, board members and CISOs recognize the expansive role that law enforcement can play, the question then becomes what to do about it. How can organizations best utilize law enforcement to reduce risk caused by malicious data manipulation?

The first step is to actually involve law enforcement. Dr. Amann says some organizations fail to contact the authorities even after they’ve identified a problem. This is a mistake. In fact, your organization should have a relationship with the relevant authorities well before an issue arises.

“I would ask executives to preemptively think about how they work with law enforcement—before they have an issue.” Dr. Amann writes in the upcoming book, Navigating the Digital Age, Second Edition, to be published by Palo Alto Networks. “By building a proactive partnership with law enforcement, you will be better equipped to prevent an attack and enable a stronger and more impactful response should an attack occur.”

In addition to working closely with law enforcement, organizations can benefit by cooperating with one another and by participating actively in helping to build the necessary regulatory and legal frameworks in their industries, communities and governments.

“We can gather strength in numbers and in pooling our knowledge, experience and resources,” Dr. Amann says. “It is a truism of the digital age that we are all connected. Our adversaries try to take advantage of our uber-connectedness—we should do the same in fighting them.”

Dr. Amann points to initiatives such as No More Ransom as an example of the type of joint program that brings together law enforcement and industry. The project is designed to help organizations prevent ransomware attacks and deal with attacks without having to pay criminals. It is available in more than 30 languages and is supported by more than 120 partners, offering more than 50 free decryption tools to victims.

Another critical initiative is the Cyber Threat Alliance, a not-for-profit organization that enables near real-time, high quality threat information sharing among companies and organizations in the cybersecurity field. Another initiative, the Cyber Defence Alliance, includes law enforcement as a key partner with private industry.

These partnerships with law enforcement are vital to the prevention and detection of malicious data manipulation. “Everyone benefits from a holistic, adaptive and complementary approach that involves all relevant partners, where organizations can leverage the capabilities provided by law enforcement agencies,” Dr. Amann says.

Suggestions for Business Leaders and Board Members

Business leaders and board members have an important role to play.  According to Dr. Amann, it is their responsibility to set the cybersecurity agendas for their organizations and decide on the appropriate investments in people, processes and technologies. He identifies three key areas where business executives can focus:

1. Set the cybersecurity agenda: Executives can sponsor initiatives to build a proactive trusted partnership with law enforcement agencies. In doing so, you can gain insights into the motivations, technologies, techniques, and business models of cybercriminals, Also look to collaborate with organizations that enable secure threat intelligence to be shared.

2. Require organization-wide training and education: Everyone must be educated about the risks of data manipulation and the need for improved cybersecurity. This often starts in the executive suite, where C-level executives must understand risks so they can make the proper investments and strategic decisions. It also extends to security personnel, who are in relatively short supply in comparison to the need. Inspire, incentivize, and reward your IT security personnel to keep vigilant and informed.

3. Insist on a holistic approach: Cybersecurity should be part of a holistic approach that should be part of all processes. Business leaders and board members need to establish a cybersecurity culture whereby everybody is aware of his or her responsibility, and security and privacy “by design” are guiding principles. Since humans are often the weakest link, ongoing training, education, and creating awareness are indispensable tools in protecting against cybercrime and data manipulation.


Law enforcement agencies have particular insight into how data is being manipulated by cybercriminals. They are a willing and able partner in responding to and preventing attacks. In an era when our adversaries are becoming more adept at using all resources at their disposal, organizations should ensure that they are working with law enforcement in a proactive, collaborative and cooperative manner. The time to start is now.