DoJ Creating Cybercrime Team

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.databreachtoday.com/doj-creating-cybercrime-team-a-7640

At a time of growing anxiety over cybercrime, especially among businesses
victimized by cyber-attacks, the U.S. Justice Department is creating a
cybersecurity unit within its Computer Crime and Intellectual Property
Section aimed, in part, to better engage the private sector in battling
online crime.

The creation of the cybersecurity unit was revealed in a Dec. 4 speech
delivered by Assistant Attorney General Leslie Caldwell at the Georgetown
Law Center.

"The private sector has proved to be an increasingly important partner in
our fight against all types of online crime, but particularly
cybersecurity-related matters," said Caldwell, who heads DoJ's criminal
division. "Prosecutors from the cybersecurity unit will be engaging in
extensive outreach to facilitate cooperative relationships with our
private-sector partners. This is a fight that the government cannot and
will not wage alone."

Caldwell said the unit's prosecutors would work with the private sector to
expedite cooperation to battle cybercrime. Citing the type of outreach the
cybersecurity unit would conduct, she referenced a DoJ white paper
published in May that addressed concerns by communications service
providers about the uncertainty over whether the Electronic Communications
Privacy Act prohibits sharing specific types of cyberthreat information.

Changing Times

Peter Swire, a Georgia Tech professor of law and ethics who tracks
government IT security and privacy, says the environment is right to create
such an organization within Justice's Computer Crime and Intellectual
Property Section. "CCIPS was formed in the 1990s, when the area of computer
crime was new and the Justice Department needed a group of lawyers to
address the new problem," he says. "Today, with the Internet central to so
much of human behavior, computer crime is a very broad subject. Now it
makes sense to specialize more. Cybersecurity-related crimes are extremely
important in their own right; it makes sense to create a unit dedicated to
cybersecurity issues."

Zal Azmi, former CIO at the FBI and Executive Office for the U.S.
Attorneys, both DoJ units, sees the creation of the cybersecurity unit as a
fitting tactic to respond to growing cybercrimes. "We have been talking
about cybercrime for a very long time, and this move ... shows DOJ's
commitment to investigating and prosecuting cybercriminals," says Azmi, CEO
of IT services provider Nexus Solutions.

Neither Caldwell nor DoJ provided details about the cybersecurity unit,
such as how many lawyers and other staffers would be assigned to it or who
would head the new organization. It was unclear in Caldwell's remarks how
the new unit would have an impact on DoJ's cybercrime prosecutions. Her
comments suggest the new unit would serve as a resource center for law
enforcement agencies and businesses as well as a public relations
organization to promote a positive image of DoJ's cybercrime initiatives.

Mounting Suspicion

Caldwell said she's aware of mounting public suspicion of law enforcement's
use of electronic surveillance and high-tech investigative techniques,
noting that DoJ would employ the cybersecurity unit to help dispel those
misgivings.

"This kind of mistrust can hamper investigations and cybersecurity
efforts," she said. "Most of this mistrust, however, comes from
misconceptions about the technical abilities of the law enforcement tools
and the manners in which they are used. I hope to engage the public
directly on these issues and to allay concerns."

Azmi says businesses have also shown a lack of trust in law enforcement.
"There has always been a distrust of law enforcement not only in the high
tech investigative techniques but information protection as well," he says.
"The private sector is reluctant to share cybersecurity incident
information with the government fearing that it might become public
knowledge."

He says new initiatives, such as DoJ's cybersecurity unit, as well as
existing programs, including the FBI InfraGard public-private sector
information sharing and analysis venture, should help reduce business'
wariness of government and law enforcement.

The cybersecurity unit also will serve as a liaison between the DoJ and
Congress on drafting cybersecurity legislation. "This new unit will strive
to ensure that the advancing cybersecurity legislation is shaped to most
effectively protect our nation's computer networks and individual victims
from cyber-attacks," Caldwell said.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!