An increasing number of Australian executives are relying on their IT shops to gain computer forensics skills to keep investigations into employee misdeeds and security breaches in-house.
The X File-like secrecy surrounding these investigations and a reluctance to go to the police has led to a sharp increase in the uptake of computer forensics training within the business community.
Paul Carter, dispute analysis and investigations partner at PricewaterhouseCoopers, said interest has jumped in the past two years from local companies that want to know how to preserve data once suspicious behaviour has been identified.
Information is easily destroyed, Carter said, and IT staff are doing basic training on how to protect data, comply with privacy laws and retain evidence of improper conduct.
"In coming years we will see one person in each IT shop with these skills simply because executives like to keep investigations in-house and police lack the resources necessary to investigate," he said.
Earlier this year the Australian Institute of Criminology released a report bemoaning the lack of cybercrime reporting by the private sector, but Carter said police priorities are "life and limb" problems such as murder and rape, so it is up to the private sector to sharpen forensic techniques.
"It is business that has to be concerned about white collar crime, which is why espionage and employee fraud have a greater presence on the radar screen today," he said.
Security consultancy 90East chief scientist Dr Brian Denehy is aware of local companies even sending staff overseas to gain forensics skills as it is no longer an arena restricted to law enforcement.
Driving this trend, he said, is the critical nature of information systems to business, larger transactions over the Internet and the realisation that information can be easily changed.
Global forensics training outfit Guidance Software is seeking to establish a presence in the Asia-Pacific region because of strong demand from company executives.
The company's European training manager, Frank Butler, said traditionally 80 per cent of students had been from law enforcement agencies, whereas today at least 50 per cent come from the corporate sector.
"There is a lot of demand from business; the ultimate goal of a police investigation is prosecution whereas a company wants to prove an individual has misbehaved to sack them," he said.
Lack of reporting in the area of cybercrime in the corporate sector has led to former FBI behavioural scientist Dr William Tafoya calling on governments to introduce mandatory reporting, which the Australian Government has rejected in favour of industry self-regulation.
Pressure from shareholders keeps publicity surrounding security breaches out of the public eye, which is why most companies choose not to prosecute. As Denehey pointed out, there is a real shortage of computer forensics skills in Australia so it may be left to IT staff to take up the challenge if they can hone their technical skills with legal knowledge.