An Assessment Model for Cybercrime Investigation Capacity

TL;DR

This paper introduces a comprehensive training development and capacity assessment model for cybercrime investigators, aiming to enhance their skills and measure effectiveness in a rapidly evolving digital threat landscape.

Contribution

It presents a novel holistic model combining investigator training development with a capacity assessment framework tailored for cybercrime investigation.

Findings

The model improves investigator capability and capacity measurement.

Application to developing countries highlights specific challenges.

Framework supports ongoing evaluation of training effectiveness.

Abstract

Digital technologies are constantly changing, and with it criminals are finding new ways to abuse these technologies. Cybercrime investigators, then, must also keep their skills and knowledge up to date. This work proposes a holistic training development model - specifically focused on cybercrime investigation - that is based on improving investigator capability while also considering the capacity of the investigator or unit. Along with a training development model, a cybercrime investigation capacity assessment framework is given for attempting to measure capacity throughout the education process. First, a training development model is proposed that focuses on the expansion of investigation capability as well as capacity of investigators and units. Next, a capacity assessment model is given to evaluate the effectiveness of the training program. A description of how the proposed model is being applied to the development of training programs for cybercrime investigators in developing countries will then be given, as well as already observed challenges. Finally, concluding remarks as well as proposed future work is discussed.