Cyber-Security Risk to Law Enforcement aka Providing the “Keys to the Kingdom”

Law Enforcement agencies not only serve as the first responders; they are entrusted to protect the public data they retain.  Law Enforcement personnel must keep up with constantly changing cyber security crimes and vulnerabilities. New scams pop up every day and the Law Enforcement agencies are always in defense mode in their response.

Currently, many city, county, state, tribal and federal law enforcement agencies provide little or no ongoing relevant security awareness training to their employees.

Security awareness training for all Law Enforcement personnel should now be a requirement to ensure that the public is protected. With proper training, Law Enforcement personnel will be better equipped to properly respond to the crimes that fall within their jurisdiction.

The following threat groups pose risk to Law Enforcement agencies:

• Hacktivists
• Nation States
• Terrorist Organizations
• Organized Crime Groups
• Insider (Accidental & Purposeful)
• Individuals

Law Enforcement employees should receive ongoing training on cyber security best practices to insure they have a better understanding of the risk to the public and their organization. Everyone in the Law Enforcement agency needs to have a baseline of security awareness training to help with best practices.

Human error due to lack of training and non-existent basic cyber security best practices account for over 70% of data breaches. Without basic cyber security awareness knowledge for all employees, the Law Enforcement agency greatly increases the risk that the agency will fall victim to a cyber-attack.

Risk to the Critical Infrastructure

These basic security practices should be required for insuring that all Law Enforcement agency personnel safeguard the public’s data and protect the critical infrastructure.

If a Law Enforcement employee falls for a social engineering scam and does not follow policy this creates the possibility that the “keys to the kingdom” could be handed to the very criminals that the agency is investigating.

Criminals now know that if they can break into the Law Enforcement agencies computer network they no longer need to bribe Law Enforcement employees to obtain information. The same information can be hacked or obtained though social engineering or a phishing scam.

Ongoing security awareness training would help to reduce Law Enforcement organizational risk. With the development of proper policies and procedures along with the appropriate training, the public will be better protected.

The value of security awareness training and the Center for Information Security Awareness – CFISA

CFISA  was founded to help educate employees on ways to protect themselves against cybercrime. In our training, we always stress that as citizens we need to protect ourselves, our community and the Nation from growing cyber security threats.

We all have a role in protecting our personal data, business data and the critical infrastructure and security awareness training can help to reduce risk. Being aware of new crimes and scams in the news is a fundamental part of our training.

Sharing new scams and crimes you hear about in the news with others, is important to ensure that the people you care about do not fall victim to these types of crimes.

Do you need help with security awareness training for your employees?

Contact CFISA and we will help you with a training option to fit your budget! 

Copyright © 2018 – CFISA