Banking Review

$4 million for cybercrime research

eBay’s head of trust & safety Alastair MacGibbon says he’s “Seen some pretty dodgy crime stats peddled by some people in the last few years.”

Of course in the absence of any substantial studies on the size of the problem, the media is left to report the results of what are often statistically insignificant polls and surveys.

This year saw AusCERT drop its annual computer crime and security survey which reportedly cost $44,000 a year to produce. Instead the funds are going to an Australian Institute of Criminology survey of cybercrime that will extend to 20,000 businesses and is due to be released in November.

Yesterday Westpac announced it is teaming up with IBM Australia, the University of Ballarat and the Victorian Government to develop a security lab it says will research solutions designed to strengthen the security of online transactions. The Victorian Government is providing a start-up grant of $A1 million, with an additional $A3 million to come from the other partners over the first five years.

It makes sense for industry to outspend Government when tackling the problem of cybercrime.

This is a point sent home by the UK’s House of Lords Science & Technology Committee which in its report on personal Internet security argues more support for research is needed from industry. It also argues that the investment in IT security research is not commensurate with the importance of the Internet to the economy, or the seriousness of the problems affecting it.

eBay’s MacGibbon says a big part of the problem is the lack of a consistent definitions for cybercrime: “We can’t even define what it is we’re counting.” The UK’s House of Lords agrees, and says while the private sector should support research initiatives, it’s up to the Government to pull together all available data and help to interpret it for the public. To date it has not even agreed definitions of key concepts such as ‘e-crime.’

It’s great to see industry, government and academia teaming up in Australia to tackle cybercrime. I just hope the newly formed Internet Commerce Security Laboratory will take the time to define cybercrime and work closely with other research groups to deliver transparent information to the public.

After all, as the House of Lords Committee says. a lack of available data means the costs and dangers of the Internet are poorly appreciated by the general public.

It’s a classic “teach a man to fish” argument. Providing consistent definitions and data empowers consumers to recognise risk, and once they are able to do that they will be in a much better position to protect themselves against online fraud.