With the way cybercrime has increased over the last few years, the United States is in desperate need of a more effective system to measure it.
Having accurate information on cyber-related incidents is one of the first crucial steps to improving the nation's cybersecurity posture as a whole, which is why President Joe Biden has signed the Better Cybercrime Metrics Act into law.
The bill received bipartisan Congressional support and aims to improve the government's understanding, measurement, and tracking of cybercrime.
Representative Abigail Spanberger (D-VA), who sponsored the legislation, says that by building a more effective system, law enforcement agencies will be better able to identity cyber threats and prevent future attacks.
Spanberger, a former CIA case officer and federal agent, said in a statement:
"One year ago this week, we saw the damaging effects of the ransomware attack on the Colonial Pipeline. In an instant, the American people saw how cybercrime—now the most common crime in America—could jeopardize the integrity of critical infrastructure, the American economy, and our national security. And as cybercriminals increasingly adapt their methods of attack against vulnerable people and networks, the United States must improve our cybercrime classification system. Otherwise, we are risking the safety and privacy of American families, homes, businesses, and government agencies.
Today, I am proud to have the President sign my bipartisan Better Cybercrime Metrics Act into law. By strengthening our data collection, anticipating future trends, and giving law enforcement the tools they need, we are taking commonsense steps to keep the American people safe online. I want to thank my colleagues in the U.S. House and U.S. Senate—from both parties—for their partnership on this critical and timely legislation."
Multiple national law enforcement organizations have endorsed the bill, including the National Fraternal Order of Police (FOP), Major Cities Chiefs Association (MCCA), National Association of Police Organizations (NAPO), National White Collar Crime Center (NW3C), and Cybercrime Support Network (CSN).
Bill Johnson, Executive Director of NAPO, is excited to see the bill enacted and has high hopes for what it can accomplish. Johnson said:
"Robust data on cybercrime is necessary to supporting and enhancing the capacity of state and local law enforcement to prevent, investigate and respond to such crimes. Until the enactment of the Better Cybercrime Metrics Act, there have been no standardized metrics for tracking cybercrime, which has hindered law enforcement’s ability to fully understand its impact across the country. With these standardized metrics in place, it will be easier for state and local law enforcement to collect and report data on cybercrime incidents, leading to better investigations and prosecution of these crimes."
So, how exactly will it improve federal cybercrime metrics? The Better Cybercrime Metrics Act lists four specifics:
- "Requiring the Government Accountability Office to report on the effectiveness of current cybercrime mechanisms and highlight disparities in reporting data between cybercrime data and other types of crime data;
- "Requiring that the National Crime Victimization Survey incorporate questions related to cybercrime in its survey instrument;
- "Requiring the U.S. Department of Justice to contract with the National Academy of Sciences to develop a taxonomy for cybercrime that can be used by law enforcement; and
- "Ensuring that the National Incident Based Reporting System—or any successor system—include cybercrime reports from federal, state, and local officials."
For more information on the new law, see the full statement from Rep. Spanberger.