Online Training Prepares Police to Respond to Cyber Crime

Residents and businesses often call 911 to report cyber crimes, yet officers in smaller jurisdictions aren’t always prepared to identify cyber incidents, collect digital evidence or identify the relevant laws involved.

This is true for Texas’ smaller, rural communities, where officers first arriving on the scene often don’t know what to do.

“We were hearing from the West Texas law enforcement folks that their deputies or the officers would go out there and just would kind of be like, ‘I’m sorry, we can’t really investigate that; we really don’t know what to do/how to handle that,’” said Chris Jett, a training manager at Texas A&M Engineering Extension Service (TEEX) Cyber Readiness Center.

“I think a lot of cyber crime, probably, in Texas is being underreported just because the first responders — the first ones on the scene — just don’t know how to handle it, how to identify it and which laws apply,” he said.

This problem came to the state’s attention last year, when one of the councils of government (COG) raised the issue, said Tony Sauerhoff, Department of Information Resources (DIR) deputy CISO and cybersecurity coordinator.

DIR reached out to TEEX, and the two teamed up to tackle officers’ cyber knowledge gap.

They jointly created an Introduction to Cyber Incident Investigation for Law Enforcement course and launched it as a free, four-hour online training. The course is asynchronous so that officers “can take it whenever, on a slow night or something like that,” Jett said.

The new course isn’t obligatory, but officers get continuing education credits for completing it.

The training guides officers on topics such as handling digital evidence, preventing and recovering from cyber incidents, responding to cyber incidents and understanding which state criminal offenses apply to cyber attacks. The course is particularly designed for smaller law enforcement agencies, which are the ones least likely to have their own cyber crime investigators, Jett said.

Depending on the severity of the incident, those agencies may wish to then get in touch with others, like state or federal cyber units or larger localities that have their own cyber crime units and can help analyze the digital evidence.

This story is excerpted from a longer item that originally ran in Government Technology magazine, a sister publication to Industry Insider — Texas.