McAfee and the Center for Strategic and International Studies (CSIS), have released a report on cybercrime and cyber espionage, that posits a $100 billion annual loss to the U.S. economy and as many as 508,000 U.S. jobs lost as a result of malicious cyber activity.
The researchers used real-world analogies like figures for car crashes, piracy, pilferage, and crime and drugs to build out the model. They researchers estimate the range for cybercrime loss to the global economy is between $100 billion and $500 billion.
CSIS noted the difficulty of relying on methods such as surveys because companies that reveal their cyber losses often cannot estimate what has been taken, intellectual property losses are difficult to quantify and the self-selection process of surveys can distort the results.
For purposes of the research, CSIS classified malicious cyber activity into six areas:
- The loss of intellectual property
- Cybercrime
- The loss of sensitive business information, including possible stock market manipulation
- Opportunity costs, including service disruptions and reduced trust for online activities
- The additional cost of securing networks, insurance and recovery from cyber attacks
- Reputational damage to the hacked company
The cost of malicious cyber activity involves more than the loss of financial assets or intellectual property. There are opportunity costs, damage to brand and reputation, consumer losses from fraud, the opportunity costs of service disruptions, “cleaning up” after cyber incidents and the cost of increased spending on cybersecurity.
You can find a copy of the report here.
[Graphics courtesy: McAfee]