BY: RAHUL ROKKAM, CONTRIBUTORIt’smore than just avoiding the classic “123456,” “qwerty,” and “football” passwords. Defined as “criminal activities carried out by means of computers or the Internet,” cybercrimes incur deleterious consequences for virtually all companies and countries.
According to the Center for Strategic and International Studies in its July 2013 report, The Economic Impact of Cybercrime and Cyber Espionage, cybercrime costs the global economy an estimated $300 billion to $1 trillion dollars. But this staggering figure is a conservative estimate—it leaves out unquantifiable factors which include the stunting of new innovation, the perversion of established trade relationships, and the social costs derived from job loss, which are all extensively left out of most analyses.
But what are the monetary detriments we can estimate and thus establish credibility to? These include but are not limited to: the loss of intellectual property, identity theft, opportunity costs from DDOS attacks (attacks which render network resources unavailable to the inflicted entity), the additional cost to secure networks to prevent and recover against cybercrime, name-brand damage to the targeted company, and most obviously, direct financial loss.
Let’s analyze these some of these quantifiable impacts. First, intellectual property losses. They represent the largest cost to a company from cybercrime, yet they are also one of the most difficult losses to calculate. This is in part because intellectual property losses are not zero-sum games—the targeted company will still have the customer lists, product plans, or research results the next day and may not realize that they no longer have control of them. Regardless, there are many ways to determine the value of intellectual property. A company could use estimated present and future income streams to determine the value of its intellectual property. Furthermore, they can use estimated revenue streams for property that could potentially be put on the licensing market. But the loss of intellectual property is not a direct loss. Instead, these losses create competition as the instigator, usually a foreign competitor, can make goods and services it had not needed to develop through R&D. This is augmented by government subsidies, environments with trade barriers suitable to their growth, and a lack of R&D spending. Therefore, the impact stemming from the loss of the intellectual property should be analyzed from a macroeconomic and trade policy perspective rather than a domestic one.
The second impact is identity theft. Arguably the most impactful to the stereotypical consumer, identity theft is the deliberate use of someone else’s identity, usually as a method to gain a financial advantage or obtain credit and other benefits in the other person’s name. A survey taken by Cambridge University, utilizing economic figures from the Gartner Group, found the net identity theft cost for an individual victim to be $572, with a total cost of $350 million for all consumers. While less than one percent of phishing victims lose money, the victims who do lose money suffer substantially.
One has to also take into account the increased cost of security—important to include as an expenditure against cybercrime because it is obviously a direct result of attacks against the company in the first place. Information technology is a burgeoning sector, contributing to the concurrent growth in cybersecurity industry. One estimate finds that “governments and companies spend perhaps 7% of their information technology budgets on security.” Another estimate placed global spending on cybersecurity software at $60 billion, with growth pacing at 8% a year. US federal agencies devote, on average, 15-20% of their IT budgets to fight cybercrime.
The costs of cybercrime in an increasingly globalized and digital economy are becoming increasingly serious. Even if most impacts aren’t completely quantifiable, it doesn’t mean they are not influential to the growth of companies and nations. Called “the greatest transfer of wealth in human history,” cybercrime shouldn’t be ignored if the global economy wants to profitably and continually develop in the 21st century.
What’s your take on cybercrime? What should we be doing to stop it? Leave a comment below and Rahul will get back to you.