Cybercrime costs businesses approximately US$400 billion worldwide, with an impact on approximately 200,000 jobs in the U.S., and 150,000 jobs in the EU, according to a new report from the Center for Strategic and International Studies (CSIS) and sponsored by McAfee.
The report, “Net Losses – Estimating the Global Cost of Cybercrime,” notes that the most important cost of cybercrime comes from its damage to company performance and to national economies.
Cybercrime damages trade, competitiveness, innovation, and global economic growth. Studies estimate that the Internet economy annually generates between $2 trillion and $3 trillion, a share of the global economy that is expected to grow rapidly.
Based on CSIS estimates, cybercrime extracts between 15% and 20% of the value created by the Internet. Cybercrime’s effect on intellectual property (IP) is particularly damaging, and countries where IP creation and IP-intensive industries are important for wealth creation lose more in trade, jobs and income from cybercrime than countries depending more on agriculture or industries of low-level manufacturing, the report found.
Accordingly, high-income countries lost more as a percent of GDP than low-income countries – perhaps as much as 0.9 percent on average.
“Cybercrime is a tax on innovation and slows the pace of global innovation by reducing the rate of return to innovators and investors,” said Jim Lewis of CSIS. “For developed countries, cybercrime has serious implications for employment. The effect of cybercrime is to shift employment away from jobs that create the most value. Even small changes in GDP can affect employment.”
Economic Impacts on both Businesses and Consumers
The report found that global losses connected to “personal information” breaches could reach $160 billion. The study tracked high-profile breaches around the world: 54 million in Turkey; 20 million in Korea; 16 million in Germany and more than 20 million in China.
Part of the losses from cybercrime are directly connected to what experts call “recovery costs,” or the digital and electronic clean-up that must occur after an attack has taken place.
The McAfee-CSIS report discovered that while criminals will not be able to monetize all the information they steal, their victims must spend significant resources as if they could.
Turning from Losses to Potential Economic Gains
Governments are beginning serious, systematic efforts to collect and publish data on cybercrime to help countries and companies make better choices about risk and policy.
Improved international collaboration, as well as public/private partnerships are also beginning to show tangible results in terms of reducing cybercrime. Last week, 11 nations announced the takedown of a crime ring associated with the GameOver Zeus botnet.
“It’s clear that there’s a real tangible economic impact associated with stopping cybercrime,” said Scott Montgomery, chief technology officer, public sector at McAfee. “Over the years, cybercrime has become a growth industry, but that can be changed, with greater collaboration between nations, and improved public private partnerships.”