McAfee: Cybercrime Costs Companies $100B -- Or 500,000 Jobs -- A Year

Printer-friendly version Email this CRN article

In its report, McAfee addressed the differing range of estimates regarding cybercrime released over the years in various studies and called it a "startling variation" that ranged "from a few billion dollars to hundreds of billions."

Part of the difficulty in collecting data surrounding cybercrime comes from trying to quantify the "abstract" worth of intellectual property, according to the report.

"Companies conceal their losses and some are not aware of what has been taken," the report said. "Estimates are often based on anecdotes or surveys. These problems combine to leave some previous estimates open to question."

Falkor Group's Allen said that on the compliance side of security it's not as difficult to quantify the financial loss of a data breach because of regulations that penalize certain industries for losing compromising data.

"It's a little easier to quantify because we know what the penalties are," Allen said. "If you had a data breach or created unauthorized access to patient data, we know what those fines are and they're pretty stiff."

McAfee's current estimate of $100 billion is much lower than its own 2009 worldwide estimate of $1 trillion, cited in a White House review of U.S. cyberspace policy.

"In retrospect, it was a pretty good study," McAfee's Gann said of the extrapolated survey method used by professors at Purdue University, "[but] the CSIS study used a more sophisticated [macroeconomics] model. We're heartened by the results of the CSIS study, because we're hearing from peer groups that they did the best job possible."

A reflection of McAfee's latest report is that security is becoming more of a mainstream concern, according to Allen.

"It's just really echoing what we know out there," Allen said," that [cybercrime] is a problem and the industry is not reacting fast enough to it."

While data security isn't a new issue for companies, it's a changing field, according to Dayton Technology Group's Teeters.

"When the notebook first came out, they thought they could take it anywhere," Teeters said. "I think we're going through a second phase of that with mobile devices. I think there are huge opportunities in that realm for security audits."

Allen also said that security is a growing sector of the tech market that the channel is well-positioned to serve.

"We're definitely focused there and there's just a growing need at all levels for compliance security," Allen said. "If you're a vendor to a hospital or financial institution, there's a certain amount of compliance needed."

The latest McAfee report is the first in a series of tech security research studies set to come from the Santa Clara, Calif.-based company, according to Gann.

"The follow-on study will do a much deeper dive into the [issue] on a global basis and focus on the strategic implication of cybercrime and theft," Gann said. "Let's say something in the range of $100 billion is lost in IP, that's important, but what does that mean in five or 10 years? I think the follow-on study will be very interesting and will hopefully make a contribution to the public policy debate on cybersecurity."


Printer-friendly version Email this CRN article