The Center for Strategic and International Studies has estimated that cybercrime and economic espionage likely cost the world economy an incredible $445 billion, which is one percent of the global income. Though it’s not quite as staggering as the $1 trillion figure that President Barack Obama cited, this figure does put cybercrime in the same ranks as drug trafficking in terms of global economic damage. What’s most troubling about the study, though, is that it suggests other problems in addition to these direct economic losses.
“This is a global problem and we aren’t doing enough to manage risk,” said James A. Lewis, a senior fellow with the Center for Strategic and International Studies and a co-author of the report.
According to the report, cybercrime most significantly affected the world’s best developed economies. Together, Germany, China, and the United States accounted for about $200 billion in losses.
Much of this loss was the result of foreign governments’ intellectual property theft. While the report did not get into details as to which countries perpetrated such thefts, the United States government has publicly named China as being the major perpetrator of cyber economic espionage against the United States.
“The growing impact of cybercrime is spawning an opportunity for companies that offer cyber security related to Risk and Compliance issues. Security of data and privacy issues, especially around the areas of intellectual property and healthcare, are becoming increasingly important.” states Brad Jenkins, President & CEO of CloudNine Discovery
However, there are some problems with the study. The $445 billion finding is only an estimate. According to the CSIS,cybercrime’s economic damage may be as low as $375 billion or as high as $575 billion annually. Although the low end is still extremely high, the wide variation is indicative of an ancillary problem of cybercrime — a lack of transparency and data breach reporting.
The report itself actually devotes some of its time into detailing just how incomplete its data set is, and how the lack of accurate records impacted its findings, making sure to note that the vast majority of cybercrime goes unreported.
There are two reasons why so much cybercrime goes unreported. Firstly, there’s business culture. Companies who report data breaches suffer stock devaluations of between one to five percent. Secondly, data breach disclosure is regulated at a state level, culminating into an uneven patchwork of varying standards. Basically, not every company legally has to disclose their data breaches.
The report shows that cybercrime is a serious issue, but it also shows that there’s an even more serious issue with transparency. Companies are getting in their own way, and exacerbating the problem.
“Cybercrime costs are big, and they’re growing,” said former Department of Homeland Security policy official Stewart A. Baker, co-author of the report. “The more that governments understand what those costs are, the more likely they are to bring their laws and policies into line with preventing those sorts of losses.”
To stop cybercrime, companies need to be more honest and transparent. Law enforcement agencies won’t be able to stop cybercrime properly until they can clearly see how large the problem is.