Cybersecurity: Could we consider collaboration between the police and private companies?
It's been almost a year now, Desjardins financial institution has been affected by a massive leak of customer data.
So far, the investigation into the computer incident has not yet yielded concrete results.
This article will also interest you: Desjardins: a year later than remembering the data leak
In what context, there has not been a consolidation of several specialized investigations to address the real issue of cybercrime today. There was a very active participation of private companies and citizens. An initiative launched by the Quebec government in collaboration with the Quebec City Association of Police Directors. The idea is to put in place a plan that will effectively combat the rise of cybercrime.
The work provided by the Association of Quebec Police Directors collected in a 75-page submission is based on another study by a banking security expert, Pierre-Luc Pomerleau, which is based on a doctoral thesis on public-private partnerships between financial structures and law enforcement organizations in Quebec is in Canada in general.
Briefly, it can only be remembered that Quebec's police chiefs, have recommended an association of experts, time on the side of the police as on the side of the private sector, responsible for combating financial fraud organized and supported by cybercrime. The aim is to be able to best imitate the models that seem to be working, implemented in the United Kingdom, the United States and Australia.
The unit we are talking about here will consist mainly of officers from the Royal Canadian Mounted Police and the Quebec police, in association with computer and technology specialists and specialized civilians who will have to play a role when the time comes. The private players involved in the formation of this unit will be professionals from financial institutions and major companies in this field.
The unit will be funded primarily from a private sector budget.
The establishment of such a body is more than necessary, because as we know, standard police services do not have sufficient expertise in this context to respond effectively to the computer threats and the direct consequences that could result.
"Fraud and cybercrime have an impact on our society and there is a need for better organizing to combat these forms of crime," noted the authors of the ADPQ brief. "The police have become the catch-all of the answer to all societal problems. Defunding is not the answer, because when this reflex surfaces, prevention and training are often the victims of these cuts. The reflex to believe that the problems of our southern neighbours are present with the same proportion in Canada is an important and harmful bias," the ADPQ said.
In addition, to improve the detection of computer attacks and strengthen data security to avoid misuse, Quebec's association of police directors agrees with financial security expert Mr. Pomerleau. The aim is to establish an "information sharing centre" where employees will process (reception, classification, analysis and exchange) information for all law enforcement agencies. The extent of such an institution is recalled at the bank level.
"[La]the situat[actuelle]ion generates institutional short-sightedness where the government and law enforcement agencies have only a blurred view of the current state of crime," the authors of the brief lament.
"Cybercrime of all kinds is on the rise, requiring teams of trained and competent police and civilians. As such, the private sector is adapting in near real time to the rapid changes that characterize cyber threats in order to protect their infrastructure," adds the latter. "Public safety can no longer be solely a matter for the police. The sharing of public safety responsibilities can be divided with private security actors (…) It is necessary to review tasks that are exclusively the responsibility of the police and those that can be carried out by other external actors, qualified and available." The brief read.
Now access an unlimited number of passwords: