When a company is exposed to a cybercrime, it is often a private security company that handles the incident itself by stopping the attack and helping to restore normal operations. If the case is reported to the police, they need information from the company that is affected as well as the private security company who handles the incident.
“Cooperation agreements with large security companies mean that we can exchange information within an agreed framework. The agreement with mnemonic means that we will meet regularly. This way we become more familiar with each other’s organisation, increases the understanding of each other's roles and needs, builds mutual trust and in the long run contributes to a collaboration both parties will benefit from”, says Head of NC3, Olav Skard. NCIS already has a cooperation agreement with Nordic Financial CERT.
Smarter and more efficient
Private security companies and organisations collect information on a large scale. Aamong other things through threat intelligence and data collection generated by customer relationships in both the business community and the public sector.
“Parts of this information may be made available to NCIS if required. This is a good example of how the police, through cooperation with private actors, can obtain information we would not otherwise have had access to. We use information that others have obtained instead of spending significant resources on obtaining it ourselves”, says Skard.
Tønnes Ingebrigtsen, CEO in mnemonic, says the cooperation agreement has a lot of potential.
"We are pleased to be able to facilitate for NCIS receiving more information about the cybercrime landscape, so that they can continue carrying out their important mission in the best possible way. The basis for us wanting such an agreement is the gap we observe between the cases that are reported to the police and the actual situation”, he says.
"After having actively worked with Mørketallsundersøkelsen over several years, we know that these cases are underreported in Norway. By having an established collaboration and a common understanding, it will be easier for our customers to proceed correctly when they themselves need to report an incident to the police, as well as for us to assist any investigation with context and facilitation", says Ingebrigtsen.
Considering more agreements
NCIS believes these types of agreements are a valuable contributions to the fight against crime nationally and internationally.
"It will be relevant for us to enter into such agreements with several others in Norway and abroad. Such agreements must concretely facilitate a better task solution on a daily basis, and at the same time contribute to preventing, detecting and combating cybercrime in the broadest sense", says Skard. This is in line with the police's strategic goal of better prevention and combating computer crime, where cooperation with others is central component.
Here you can find NCIS's press release.
Photo: Ilja Hendel