How UK Law Enforcement and the Cyber Security Industry Can Collaborate to Combat Cybercrime 

Cyber-dependent and cyber-enabled crimes present significant challenges for UK law enforcement, requiring expertise and resources often beyond traditional policing capabilities. Collaboration with the cyber security industry is vital to addressing skill shortages, improving intelligence sharing, and safeguarding individuals, businesses, and critical infrastructure.  

Law enforcement faces numerous challenges, including the need for specialised skills like OSINT research and malware analysis, which are not consistently available across police forces. Cybercrime units are often overstretched, and retaining cyber-literate investigators is difficult due to competition from the private sector. Additionally, organisations frequently hesitate to share details of cyber attacks out of fear of reputational damage, which hampers investigations. Fragmented systems and inconsistent processes further hinder intelligence sharing across forces, reducing the effectiveness of national efforts.

Public and private sector cyber security collaboration 

Project Melissa in the Netherlands exemplifies successful public-private collaboration. Launched in 2022, it united stakeholders to combat ransomware through information sharing, offender tracking, and resilience building. Multiple partners, including NCC Group shared information from incident response engagements for their clients and found that the Cactus ransomware group has been exploiting the popular data visualisation and business intelligence tool Qlik Sense to gain initial access. 

Following that discovery, NCC Group's Fox-IT developed a fingerprinting technique to identify which servers worldwide are vulnerable to this attack route or, even more critically, which systems are already compromised. 

The UK can adopt similar approaches to strengthen its fight against cybercrime. Some UK organisations, like NCC Group, already share intelligence with regional crime units and Project Melissa, but more formalised collaboration could amplify these efforts.  

Private-sector expertise could also enhance law enforcement’s capabilities in cyber-enabled crime investigations, such as monitoring online activity linked to vehicle crime, weapons, or drugs. Cyber security companies can provide specialist training, equipping officers with advanced skills to keep pace with the latest cyber threats which evolve rapidly. Anonymised intelligence from incident response work can also aid law enforcement while protecting client confidentiality. Standardised intelligence-sharing systems would improve coordination between agencies and private partners.  

However, collaboration must balance differing priorities. The cyber security industry operates in a competitive commercial environment, while law enforcement manages tight public sector budgets. Innovative solutions could address these disparities, such as government-backed funding programs, public-private partnerships, and subsidised training. For instance, seconding industry experts as ‘Cyber Special Constables’ could enhance skills transfer while keeping costs manageable.  

A centrally funded national procurement program could streamline efforts by reducing costs and inefficiencies associated with individual police forces acquiring capabilities. This approach would also ensure more uniform access to advanced technologies and resources. 

Cybercrime and other cyber-enabled crime types are persistent and ever-evolving threats that law enforcement cannot combat alone. Initiatives like Project Melissa highlight the power of collaboration in addressing these challenges.

By fostering trust, aligning interests, and leveraging cyber security expertise, the UK can build a resilient defense against cyber threats and make the world more challenging for criminals.