Cybercrime investigator

How to become a cybercrime investigator

September 9, 2020 by Susan Morrow

Cybercrime has hit record levels, with an expected $7 trillion USD to be made from cybercriminal activity by 2021. Investigating these sorts of crimes can be complicated and lengthy. The job of looking into the damage of cybercrime activity goes to the cybercrime investigator, who is the super sleuth of computing.

If you enjoy drilling down into the details of a problem, you should look at a career as a cybercrime investigator.

Interested in another course? Check out our course page. We offer a wide range of high-quality courses spread across 15 vendors and 80+ certifications.

What does a cybercrime investigator do?

The title “cybercrime investigator” essentially sums up what the job is about. It’s a job that sits at the intersection of computing and law enforcement. A cybercrime investigator performs the digital equivalent of crime investigation and typically come into a situation after a security incident has already happened.

Cybercrime covers a myriad of areas, and the cybercrime investigator may specialize in one or more of these areas. A cybercrime investigator will often work as part of a consultancy, offering services to both enterprises and law enforcement. Alternatively, they can work directly for a law enforcement organization like the Federal Bureau of Investigations (FBI) or Europol.

The areas that cybercrime covers are wide and highly varied. They include everything from data theft to cyberstalking and darknet activity such as drug smuggling. The role can also include being involved in areas such as human trafficking and child abuse, which can be emotionally difficult to deal with.

A large part of the job of cybercrime investigator involves data gathering and analysis. This may include collecting data that is otherwise extremely difficult to collect, as the source has been damaged or even deliberately destroyed. This is a key requisite of the role and requires specialist computing skills to carry out.

Cybercrime investigators use their skills to look for evidence in order to find the source of a cybercrime incident. For example, when investigating a data breach, the investigator would look for the originating point of the breach, the type of attack that occurred, the vector used to perpetuate the attack and any other evidence to determine the anatomy of the incident. This can then also be used to locate the weak points in a system, in order to help close off security gaps.

As well as computer forensics, a cybercrime investigator will often be called upon to use more traditional investigation skills. Interviews and surveillance can be used to augment computer investigations, looking into the behavior of staff and others who may have access to sensitive data. As cybercrime usually has a human element to it, these skills are a vital part of the role.

Because cybercrime investigators are experts in their field, they may be called to act as expert witnesses in court during a trial. In which case, the role will also require that the investigator prepare expert reports, which will likely be highly technical. These reports will form the basis of the evidence used during the trial.

Because of all of the human-touchpoint aspects of the role, a cybercrime investigator needs to be a great communicator and team player.

How to become a cybercrime investigator

You can begin the journey to cybercrime investigator by delving deeply into the various aspects of the job.

Read as much as you can about the discipline of cybercrime Investigation. There are plenty of dedicated journals and papers that can help you to gain in-depth knowledge of the field. Journals include the “International Journal of Cyber Criminology.” Other journals, such as “Future Generation Computer Systems,” often have special issues dedicated to the investigation of cybercrime. Cybercrime and computer forensics are a continuously changing field with new techniques coming into play. You should be prepared to continuously update your knowledge base of the field.

A computer forensics degree is also a useful place to begin your journey into cybercrime investigation. Universities all over the world offer courses that are either dedicated to computer forensics or have modules on the subject.

There are also certification courses that can help to show prospective employers that you have the skill set to work in cybercrime investigation. This includes dedicated training courses that take you through a number of relevant certification such as the Infosec Institute Certified Computer Forensics Examiner (CCFE).

It is also a good idea to get involved with professional bodies in the field. These include the BCS Cybercrime Forensics Specialist Group and the Association of Certified Fraud Examiners (ACFE).

Getting your foot on the ladder of cybercrime investigation

Once you have your qualification and/or certification, you’re then ready to get a job as a cybercrime investigator. Jobs in this field can bring in a salary of around $98,350 per year for experienced investigators. Jobs that involve computer forensics and cybercrime investigation are advertised in the usual places.

However, you can also find internships to help you get on the ladder. The FBI has a “Cyber” division which investigates cyberthreats and attacks. The division looks at all types of cybercrime, from counterterrorism to domestic crimes. Check out the FBI’s website for internships and jobs.

Cybercrime investigators are on the frontline of cybercrime. Without their specialist skills helping us to fight cybercrime, the world would be a much less safe place.


Posted: September 9, 2020
Susan Morrow
View Profile

Susan Morrow is a cybersecurity and digital identity expert with over 20 years of experience. Before moving into the tech sector, she was an analytical chemist working in environmental and pharmaceutical analysis. Currently, Susan is Head of R&D at UK-based Avoco Secure. Susan’s expertise includes usability, accessibility and data privacy within a consumer digital transaction context. She was named a 2020 Most Influential Women in UK Tech by Computer Weekly and shortlisted by WeAreTechWomen as a Top 100 Women in Tech. Susan is on the advisory board of Surfshark and Think Digital Partners, and regularly writes on identity and security for CSO Online and Infosec Resources. Her mantra is to ensure human beings control technology, not the other way around.