Statistics and Cybercrime
Nitpicky will be the label applied by some to my suggestion, but hear me out. Statistics abound to paint an incredibly dismal picture related to the current and potential impact of cybercrime. Since there are so many stats to choose from when trying to gain the attention of an audience, we should refrain from emphasizing those that might encourage — or even glorify — the miscreants.
Bigger than Drug Trafficking?
An article in Financial Review last year stated that cybercrime was bigger than the drug trafficking for cocaine, heroin and marijuana combined. The article quoted the President of Interpol, Khoo Boon Hui, who carpet-bombed readers with gloomy factoids including that US banks reportedly lost $890 million to conventional robbers in 2011 but $12 billion to cybercriminals. During a recent IT security training presentation, my employer provided a list of the top 14 Fortune 500 companies, of which Walmart was number one in revenue with $16.389 billion in profits. It was then stated that if cybercrime was measured collectively, the profits would be 74 times Walmart’s.
I’m sure that came from a highly regarded source and required a lot of effort, but I’d like a closer look at any profit score card for criminals along with the sources. Do you think that numbers like that might encourage budding criminals to go after their slice of that pie?
A bigger and better measure of the problem is the harm (financial and productivity losses) to all businesses, organizations and individual users, not to mention the potential impact from terrorist threats to our critical infrastructure like power, water and transportation.
Let’s use these statistics to describe the harm factors and then prioritize our defensive efforts in order to raise the cost of doing business for the bad guys, instead of glorifying the cash to be had from cyber crime. As a society, we should give more air time to the celebration of the cybercriminals’ prosecution, conviction and being hauled off to jail.