McAfee: Cybercrime Costs Companies $100B -- Or 500,000 Jobs -- A Year

Printer-friendly version Email this CRN article

Data breaches by cybercriminals are costing U.S. companies approximately $100 billion annually, which is roughly equivalent to 500,000 jobs, McAfee said in a report issued Monday.

The cybercrime report, sponsored by the security company and conducted by the Center for Strategic and International Studies (CSIS), a Washington, D.C.-based public policy research institution, outlined the estimated economic impact of cybercrime and cyberespionage on businesses in the U.S. -- estimated to range between $20 billion and $140 billion a year.

Tom Gann, vice president of government relations at McAfee, said the findings were very interesting and that the CSIS' involvement added weight to the report.

"It's a very credible organization who's been focused on cybersecurity for a while," Gann said. "They looked at the cost borne by the economy. It was really a 'bottoms-up' study: they looked at the different categories of cybercrime ... then added up those costs to derive the final number."


[Related: Kaspersky: We're All Targets As Cybercriminals Get Smarter Every Day]

In 2011, the Commerce Department estimated that $1 billion in exports equaled about 5,080 jobs -- putting $100 billion in lost revenue on-par with about 508,000 lost jobs, according to the report.

However, that number isn't a "net" loss of jobs as workers find new employment, but the concern is when the loss hits high-paying sectors, the report said.

This is a particularly important part of the study, according to Gann, who used a biotech company's loss of intellectual property as an example.

"If firms are being competed against as a result of those IP losses, good high-paying jobs could be put at risk," Gann said. "Scientists [and other highly paid professionals] may find that the next job they find is not as good. That's where the impact of the loss of IP can become so important."

Brent Allen, CEO of Falkor Group, a Chicago-based MSP, said he's seen this happen with job outsourcing.

"When people lose their jobs that are outsourced overseas, we see that they aren't necessarily finding the same high-paying jobs," Allen said. "Not as much anymore, but there was a couple years back where we were seeing it a lot."

Micah Teeters, head of Trust Development at Dayton Technology Group, a Vandalia, Ohio-based networking MSP, said that when it comes to cybercrime, companies are leaving some pretty big holes in security with mobility and the BYOD movement.

"You're allowing [employees] to receive all their emails and they're walking out the door with them," Teeters said. "That's a big concern when it comes to security. They're basically walking out with a computer in their purse and there's not a whole lot of talk about that."

Though the money lost after a cyberattack might be substantial, it's time that companies really end up losing, according to Teeters.

"Even for an IT company, it takes weeks to figure that stuff out: who hacked in, how they got in, what's missing," Teeters said. "It really takes some forensic digging."

NEXT: Difficulty In Measuring The Cost Of Cybercrime

Printer-friendly version Email this CRN article