Enhancing the effectiveness of cybercrime prevention through policy monitoring

Abstract

This article examines the feasibility of designing and implementing a cybercrime prevention monitoring approach to enhance the quality of knowledge about policies that aim to reduce the prevalence and impact of online harms. Despite very significant investments made by governments over the past decade to improve the cybersecurity of publicly and privately-operated computer systems, there is very limited systematic knowledge about what cybercrime prevention policies have been adopted in various parts of the world and even less knowledge about their effectiveness in reducing the exposure of individuals and organizations to cybercrime. Borrowing from the policy monitoring (or policy surveillance) methodology that was developed in a broad range of fields such as public health and education, this article argues that such an approach would be critical in advancing our understanding of what is being done to control cybercrime, what works, what doesn’t, and what is promising. This article provides an overview of the principles and benefits of the policy monitoring approach, reviews the main features of a sample of 18 policy monitoring platforms, assesses a dozen cybersecurity policy rating initiatives—concluding that very few of them include cybercrime in their framework, then provides a template for the creation of a dedicated cybercrime prevention monitoring tool that would benefit academics, policy-makers and practitioners.