E-CRIME unfolded in three phases.
A first mapping preparatory phase (year 1) in which the research questions were refined and existing knowledge in the different disciplines and stakeholders’ views were synthesised and compared.
The second new insight phase (year 2) was devoted to the collection of new insights and the development of the model on the economic impact of cyber crime on the selected non- ICT sectors.
The third solution phase (year 3) focused on sustainable impact by the cross-analysis and integration of the research results from the various strands of investigation, and the development of concrete and diverse measures, which can systematically and comprehensively support the fight against cyber crime in non-ICT sectors.
The work was broken up into 10 work packages:
WP1, Setting the scene, sets up the necessary stakeholder and expert engagement mechanisms necessary to support the project’s participatory and multi-actor research strategy. This work package conducts the stakeholder and expert analysis identifying key stakeholder groups and sets up the E-CRIME Stakeholder Forum. It also incorporates the definition of the project’s methodological framework as a guide to all partners and participants, and conducts initial research to confirm the representative non-ICT sectors and Member States for the analysis.
WP2, Mapping cyber crime, maps cyber crime activities, in the form of cyber crime taxonomy, inventory, structures, economies and journeys, and validate its findings with stakeholders and experts. Initially, it develops a taxonomy of cyber crime. It then investigates the key factors and drivers behind cyber crime networks, their modus operandi and economies, while producing selected criminal journeys from a perpetrator and victim perspective.
WP3, Assessing existing policies and counter-measures, produces a detailed assessment of existing cyber crime counter-measures, including policies, regulatory and enforcement frameworks, business best practices and technologies. This work package also includes the on-going monitoring of these counter-measures through the lifespan of the project.
WP4, Framework for economic impact and analysis, develops a theoretical framework and hypotheses about the impact of cyber crime on non-ICT sectors, conducts new data collection with industries and integrates these new data with various viewpoints to generate new insights.
WP5, Survey implementation, focuses on collecting data from citizens. The work package contains a large scale citizen survey to understand citizens’ experiences of victimisation, awareness of cyber crime, economic impacts at different level of European society and value network participants, and issues of trust, confidence and societal values and individual rights (e.g., privacy, cohesiveness).
WP6, Measuring the direct and indirect economic impact of cyber crime, produces a multi-leyer and integrated model of the economic impact of cyber crime on the selected non-ICT sectors, assessing the impact for the different levels of the European society (i.e., individual, industry players, sectors, states, society) and for different participants in the value network (i.e., software vendors, network operators, ISPs, industry players, cyber security providers, end users).
WP7, Identifying gaps and solutions re cyber crime, uses the findings and results from preceding work packages to identify inter-sector, common solutions. These solutions identify concrete and measurable opportunities for deterring possible criminals and managing cyber crime.
WP8, Enhancement of sector specific risk management counter-measures, builds on the opportunities map in WP7, while developing sector specific methods, tools and measures for managing and deterring cyber crime in the selected non-ICT sectors, while creating portfolios of solutions. These comprehensive intra-sector portfolios of responses include risk management tools, sector specific requirements for the development of crime-proofed applications, enhancing regulatory innovation and development, sector specific best practices, and awareness, trust and confidence initiatives.
WP9, Dissemination and impact, contains the project dissemination and impact activities, and involves setting out and managing the project’s dissemination strategy.
WP10, Project management, is the project management work package and contains all the administration, management, reporting and co-ordination activity necessary to support the E-CRIME.