The Metropolitan Police have revealed how their Central e-Crime Unit (PCeU) has saved the UK economy over £1.01 billion over the last two and a half years.
The Met’s fourth, and last, Financial Harm Reduction and Performance Report paints a picture of real success as it shows how the unit massively over-delivered against their targets.
The recorded reduction in cybercrime is almost double the £504 million the unit was tasked with saving and represents £58 per pound of funding which is a fantastic return in my opinion. Can your corporate IT security function quantify savings, actual or projected? These savings were also delivered way ahead of schedule with initial timescales allowing the unit until April 2015 to reach its target. Do you deliver your security promises on time?
Commander Steve Rodhouse, head of Gangs and Organised Crime in the MPS, said:
“The PCeU has exceeded all expectations in respect of making the UK’s cyber space more secure. This is due to its innovative partnership work with industry and law enforcement across the globe and its dynamic system for developing intelligence, enforcing the law and quickly putting protection measures in place.”
The report also revealed that the PCeU had charged some 126 suspects, leading to the conviction of 89 cyber criminals, 61 of whom received custodial sentences totally 184 years in the slammer. An additional 30 suspects are still awaiting trial.
The unit has also managed to disrupt a total of 26 national and international organised cybercrime gangs during this time period.
The report specifically highlights Operation Allandale in which potential losses of £74m were averted when the unit arrest three men behind a sophisticated phishing scam which was intended to defraud worldwide banks.
In Operation Caldelana officers arrested a group who had defrauded one woman’s bank account. The gang also had details of a further 11,000 potential victims, leading the unit to estimate a £39 million pound saving in that case.
The PCeU has also had involvement in other high profile cases recently such as the £1.3m theft from Barclays Bank and the attempted hacking of Santander Bank.
Terry Wilson, a Detective Superintendent from the PCeU, said that,
“The creation of three regional hubs across the UK has strengthened the national response to cyber crime. We have worked closely with partners from across the globe to reduce the financial harm to thousands of UK citizens and businesses, as well as securing the convictions [of] many cyber criminals who have targeted the UK.”
He also highlighted how cybercrime does not always merely carry a financial cost with it, saying that,
“Harm is not always financial – immeasurable levels of emotional and reputational harm is also suffered by those who have their personal details hacked and published. In some cases, the release of personal information has potentially put lives at risk, so our achievements have also been significant in ensuring public safety.”
With such impressive figures I imagine that the PCeU would have no problems asking for additional funding for further operations and initiatives as they take the lead in tackling general cybercrime, computer intrusion, DDoS attacks, malware distribution and internet fraud.
And that, perhaps, could serve a lesson to many an information security professional who looks to acquire a bigger slice of their company’s budget in order to implement their plans – forecasting or demonstrating a tangible return on that funding will be music to the board’s ears and would likely encourage them to look at your proposals far more favourably.