That's the key finding from an authoritative new survey by PA Consulting which finds that only 30 percent of UK police analysts believe they have the skills and tools to effectively combat cyber-crime.
“The UK has reached a ‘tipping point' on cyber-crime and tackling the challenges is now urgent,” the report reads.
PA Consulting finds that one-third of the 185 analysts questioned from 48 law enforcement organisations have been unable to share information about the cyber-threat, and just five percent believe they have ‘considerable knowledge' of cyber-crime.
The respondents predict that the time they will spend analysing cyber-crime will treble over the next three years – yet they already have limited scope to deal with the problem, spending only 10 percent of their time on cyber-related activities.
The ‘Cybercrime Tipping Point' report, which was published on Monday, says these figures “present a stark warning” and “highlight the immediate challenge of transforming training, tools and ways of working in the new digital landscape”.
As a result, the report says: “We believe a portion of the National Cyber Security Programme's future funding should be allocated to the 'digital transformation' of police intelligence and analytical functions, and for training the next generation of digital investigators.”
PA warns: “Criminal activity is being transformed by the internet, social media and mobile communications. A high proportion of offenders use this technology to plan traditional crimes. In addition, a range of new crimes are being committed purely in cyberspace. Yet there is a real gap in (police) knowledge and awareness of these changes.”
Its findings have struck a chord within the UK cyber-security community.
Leading consultant Adrian Culley, a former Scotland Yard cyber-crime detective, said the problem lies back in basic police training.
He told SCMagazineUK.com: “At some point in the last ten years we went from crime to e-crime to cyber-crime and we need to get back to realising it's just crime - because all crime now has a digital aspect.
“What's needed for digital society is digital skills - and junior police officers aren't being given those. It's as important that today's police officers have got digital policing skills as it was 180 years ago that they could read and write.”
Culley feels the police approach to cyber-crime has stagnated: “It's frightening in some ways. We're heading towards 25 years since we got the Computer Misuse Act. We were the first country in the world to get that, we were ahead of things, but here we are 25 years later, we don't seem to have learnt anything.”
He said: “It's a stretch for the police but because there isn't a co-ordinated UK police response to cyber-crime it's very much a curate's egg.”
Serena Gonsalves-Fersch, head of KPMG's Cyber Security Academy, agreed the police need more specialist cyber-training and to work in partnership with private sector firms.
In a statement to journalists she said: “For Britain's law enforcement agencies, building up a knowledge-sharing networks with the private sector - to be better plugged into the activities of cyber-criminals - will ensure they are a step ahead.”
And citing how UK companies struggle to find and keep cyber-staff, she said: “It comes as no surprise that the law enforcement agencies – who are less able to provide premium salaries, benefits and ‘golden handshakes' – are facing an uphill struggle to get the best people on board.
“However, having a handful of highly paid specialists will only go so far. Both private and public sector organisations need to focus on developing the skills of their existing workforce and on integrating cyber-training into their overall training and development policies.”
PA's report echoes last week's warning by Her Majesty's Chief Inspector of Constabulary, Tom Winsor, who said that the police are failing to keep pace with cyber-crime.
As SCMagazineUK.com reported last week, Winsor said in his 2013/14 ‘State of Policing' report into the 43 police forces in England and Wales that the police are “behind the curve” in tackling cyber-crime and every police officer – not just specialist units – need to understand technology.
“Cyber-crime is not an emerging threat: it is here now,” he said. “The police need to improve the prevention and detection of such crimes.”