This is a complex topic as there are pros and cons that come with involving law enforcement with cybersecurity incidents. There are many reasons that companies do not decide to involve law enforcement in cybercrimes such as follows:

• Investigations will cause disruptions 
• Some attacks come from abroad, which makes tracking the hacker is increasingly difficult
• They might feel like they should be the ones to handle the breach
• Reporting these crimes will cost them time and expenses
• They don’t want to get bad press from a data breach

On the other hand, not reporting cybercrimes to law enforcement leads to a massive gap estimated to be in the millions between the number of actual incidents and reported cybercrimes (Swinhoe, 2019). Involving law enforcement with cybercrimes can help in many cases and in many different forms. While reporting an incident does not always help an individual company’s breach, it does help in preventing future attacks and assists in other cases such as the international takedown of the GozNym criminal network. This criminal network was taken down by the collaborative efforts of law enforcement groups including the FBI, Europol, Ukraine, Moldova, Germany, and Bulgaria (Europol, 2019) .

Europol. (2019, June 01). GOZNYM MALWARE: CYBERCRIMINAL NETWORK DISMANTLED IN INTERNATIONAL OPERATION. Retrieved September 23, 2020, from https://www.europol.europa.eu/newsroom/news/goznym-malware-cybercriminal-network-dismantled-in-international-operation

Swinhoe, D. (2019, May 30). Why businesses don’t report cybercrimes to law enforcement. Retrieved September 23, 2020, from https://www.csoonline.com/article/3398700/why-businesses-don-t-report-cybercrimes-to-law-enforcement.html