Abstract
Police forces are responsible to investigate cybercrimes and to protect their own assets from cybersecurity attacks. The majority of police forces find it difficult to fulfil their responsibilities in this regard in the face of constrained funding, a lack of awareness and training amongst law enforcement staff, the growing number of cybercrime incidences, and outdated or insufficient technology and infrastructure. Even if police forces are able to install technical controls to counter cyber threats, their staff members’ cyber behaviour may be a weak link in the cybersecurity chain and will probably not have sufficient training. The cultivation of a cybersecurity culture has been shown to be the best approach to address human behaviour in the cyber domain. There are several frameworks and other resources available for an organisation to cultivate a cybersecurity culture but the organisational culture in law enforcement agencies is different than that in other organisations. The cyber behaviour, cybercrime investigation skills, training and education of police force members require customised strategies and research. African police forces find it particularly difficult to deal with these challenges due to a lack of funding and a shortage of cybersecurity capability and capacity. This paper presents guidelines for African police forces to formulate strategies and plans to train and educate their members and to foster an organisational cybersecurity and cybercrime combatting culture.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Newhouse, W., Keith, S., Scribner, B., Witte, G.: National initiative for cybersecurity education (NICE): cybersecurity framework. NIST Special Publication (2017). https://doi.org/10.6028/NIST.SP.800-181
Herskovits, M.J.: The contribution of Afro-American studies to africanist research. Am. Anthropologist 50(1), 1–10 (1948). https://doi.org/10.1525/aa.1948.50.1.02a00020
Schein, E.H.: Organizational Culture and Leadership. A Dynamic View. Jossey-Bass, San Francisco (1985). https://doi.org/10.1002/hrm.3930240312
European Agency for Network and Information Security (ENISA): Cyber security culture in organisations (2017). https://doi.org/10.2824/10543
Gcaza, N., Von Solms, R., van Vuuren, J.J.: An ontology for a national cybersecurity culture environment. In: The Nineth International Symposium on Human Aspects of Information Security and Assurance (HAISA), pp. 1–10 (2015)
Reid, R., van Niekerk, J.: Towards an education campaign for fostering a societal cyber secure culture. In: The Eighth International Symposium in Human Aspects of Information Security and Assurance (HAISA), pp 174–184 (2014)
Ponemon Institute: The human factor in data protection (2017). https://www.ponemon.org/blog/the-human-factor-in-data-protection
Gcaza, N., von Solms, R.: Cybersecurity culture: an ill-defined problem. In: Bishop, M., Futcher, L., Miloslavskaya, N., Theocharidou, M. (eds.) WISE 2017. IAICT, vol. 503, pp. 98–109. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-58553-6_9
Schlienger, T., Teufel, S.: Information security culture - from analysis to change. S. Afr. Comput. J. 31, 46–52 (2003)
International Telecommunications Union: ITU corporate annual report (2008). https://www.itu.int/osg/csd/stratplan/AR2008_web.pdf
Kortjan, N., Von Solms, R.: Fostering a cyber security culture: a case of South Africa. In: ZA-WWW 2012 Conference (2012)
Mlamedal, B., Roislien, H.E.: The norwegian cyber security culture. Norwegian Centre for Information Security (NorSIS) (2016). https://norsis.no/wp-content/uploads/2016/09/The-Norwegian-Cybersecurity-culture-web.pdf
OECD recommendation of the council on digital security risk management for economic and social prosperity (2015). https://legalinstruments.oecd.org/en/instruments/116.OECD/LEGAL/0415
Veltsos, C.: Building a cybersecurity culture around layer 8. Security Intelligence (2017). https://securityintelligence.com/building-a-cybersecurity-culture-around-layer-8/
HMICFRS Cyber: Keep the light on. An inspection of the police response to cyber-dependent crime (2019). https://www.justiceinspectorates.gov.uk/hmicfrs/publications/keep-the-light-on-police-response-to-cyber-dependent-crime/
Florentine, S.: Closing the cybersecurity talent gap, one woman at a time (2015). https://www.cio.com/article/3005637/cyber-attacks-espionage/closing-the-cybersecurity-talent-gap-one-woman-at-a-time.html
Workforce Intelligence Network for Southeast Michigan: Cybersecurity skills gap analysis (2017). https://winintelligence.org/wp-content/uploads/2017/07/FINAL-Cybersecurity-Skills-Gap-2017-Web-1.pdf
CSIS Intel Security: Hacking the skills shortage (2016). https://www.csis.org/programs/technology-policy-program/cybersecurity-and-warfare/other-projects-cybersecurity-0
NICE Cybersecurity Workforce Framework Work Roles: National initiative for cybersecurity careers and studies (2017). https://niccs.us-cert.gov/nice-cybersecurity-workforce-framework-work-roles
e-Governance Academy (EGA): National cyber security index 2017 South Africa (2018). https://ncsi.ega.ee/country/za/
Usmani, K.A., Appayya, J.A.: Capacity building is the key to fight against cybercrime: the mauritian perspective. Glob. Cyber Expertise Mag 4, 4–6 (2017)
Global Project on Cybercrime: Capacity building on cybercrime (2013). http://www.combattingcybercrime.org/files/virtual-library/capacity-building/capacity-building-on-cybercrime.pdf
Seger, A.: Cybercrime strategies. Global Project on Cybercrime (2012). https://rm.coe.int/16802fa3e1
Federal Buro of Investigation (FBI): Offer online cyber training for law enforcement first responders (2016). https://www.fbi.gov/news/stories/online-cyber-training-for-law-enforcement-first-responders
Christopoulos, G.: First responders and cyber forensics (2017). https://www.cepol.europa.eu/media/blog/first-responders-cyber-forensics
Shook, S.: Cybercrime investigation body of knowledge (2019). https://www.cibok.org/en/
Leenen, L., van Vuuren, J.C.J.: Framework for the cultivation of a military cybersecurity culture. In: 14th International Conference on Cyber Warfare and Security (ICCWS) (2019)
PCI Security Standards Council: Best practices for implementing a security awareness program (2014). https://www.pcisecuritystandards.org/documents/PCI_DSS_V1.0_Best_Practices_for_Implementing_Security_Awareness_Program.pdf
Snyder, D., Powers, J.D., Bodine-Baron, W., Fox, B., Kendrick, L., Powell, M.H.: Improving the cybersecurity of U.S. Air force military systems throughout their life cycles. RAND Corporation (2015)
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 IFIP International Federation for Information Processing
About this paper
Cite this paper
Leenen, L., Jansen van Vuuren, J., Jansen van Vuuren, AM. (2020). Cybersecurity and Cybercrime Combatting Culture for African Police Services. In: Kreps, D., Komukai, T., Gopal, T.V., Ishii, K. (eds) Human-Centric Computing in a Data-Driven Society. HCC 2020. IFIP Advances in Information and Communication Technology, vol 590. Springer, Cham. https://doi.org/10.1007/978-3-030-62803-1_20
Download citation
DOI: https://doi.org/10.1007/978-3-030-62803-1_20
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-62802-4
Online ISBN: 978-3-030-62803-1
eBook Packages: Computer ScienceComputer Science (R0)