Cyber Crime: Job Losses; Billions Lost

Tuesday, July 23, 2013 @ 03:07 PM gHale


The U.S. economy loses $100 billion annually and as many as 508,000 U.S. jobs as a result of malicious cyber activity, a new report said.

The study comes after years of guesswork and innumerable attempts to quantify the costly effects of cybercrime on the U.S. and world economies. Security company McAfee worked with the Center for Strategic and International Studies (CSIS) to build an economic model and methodology to accurately estimate losses.

RELATED STORIES
Cyber Security Assessment Service
Cyber Security Diagnostic Tool
Cloud Security Draft Document
Cyber Security Framework Workshop

To help measure the real loss from cyber attacks, CSIS enlisted economists, intellectual property experts and security researchers to develop the report. The general accepted range for cybercrime launch was between $100 billion and $500 billion to the global economy.

The results from this study contrasts what Darius Adamczyk, president and chief executive at Honeywell Process Solutions, said during the Honeywell User Group (HUG) in June.

He said the industry is losing around $400 billion a year in cyber attacks.

“Cyber attacks are an area where users are under invested,” Adamczyk said during his keynote address. “This is something I worry about every day. There needs to be more awareness. There is $400 billion lost a year due to cyber attacks.”

The idea security is top of mind for Adamczyk truly underscores the dire need for the industry to come to grips with the idea that manufacturing automation users are, for the most part, not prepared when it comes to the potential of facing and fending off a cyber attack.

In the McAfee/CSIS study, researchers used real-world analogies like figures for car crashes, piracy, pilferage, and crime and drugs to build out the model. They noted the difficulty of relying on methods such as surveys because companies that reveal their cyber losses often cannot really estimate what they lost; intellectual property losses are difficult to quantify and the self-selection process of surveys can distort the results.

For purposes of the research, CSIS classified malicious cyber activity into six areas:
• The loss of intellectual property
• Cybercrime
• The loss of sensitive business information, including possible stock market manipulation
• Opportunity costs, including service disruptions and reduced trust for online activities
• The additional cost of securing networks, insurance and recovery from cyber attacks
• Reputational damage to the hacked company

“We believe the CSIS report is the first to use actual economic modeling to build out the figures for the losses attributable to malicious cyber activity,” said Mike Fey, executive vice president and chief technology officer at McAfee. “Other estimates have been bandied about for years, but no one has put any rigor behind the effort. As policymakers, business leaders and others struggle to get their arms around why cyber security matters, they need solid information on which to base their actions.”

The cost of malicious cyber activity involves more than the loss of financial assets or intellectual property. There are opportunity costs, damage to brand and reputation, consumer losses from fraud, the opportunity costs of service disruptions “cleaning up” after cyber incidents and the cost of increased spending on cyber security.

“This report is also the first to connect malicious cyber activity with job loss,” said James Lewis, director and senior fellow, Technology and Public Policy Program at CSIS and a co-author of the report. “Using figures from the Commerce Department on the ratio of exports to U.S. jobs, we arrived at a high-end estimate of 508,000 U.S. jobs potentially lost from cyber espionage. As with other estimates in the report, however, the raw numbers might tell just part of the story. If a good portion of these jobs were high-end manufacturing jobs that moved overseas because of intellectual property losses, the effects could be more wide ranging.”

Lewis and co-author Stewart Baker of Steptoe & Johnson LLP point out that as thoroughly as they plan to develop their estimates, the dollar amount might not fully reflect all the damaging effects that cyber espionage and cybercrime have on the global economy.

Both activities slow the pace of innovation, distort trade and bring the spate of social costs associated with crime and job loss, according to the report.



Leave a Reply

You must be logged in to post a comment.