Attacks on businesses and consumers are a blight on
the economy, with criminals foreign and domestic using the Internet to steal
identities, intellectual property, trade secrets and just about anything else
they can get their hands on.
A new economic model (above) developed at a prominent D.C.
think tank puts the cost to the U.S. economy as high as $100 billion annually,
with a corresponding loss of as many as half a million jobs.
The report,
released by the Center for Strategic and International Studies (CSIS) and
written by James Lewis and Stewart Baker, two old hands in the Washington
cybersecurity policy discussion, offers a quantitative approach based on data
from the Commerce Department and analogous losses from activities such as car
crashes, piracy and other losses and crimes.
The authors explain: "One way to think about
the costs of malicious cyber activity is that people bear the cost of car
crashes as a tradeoff for the convenience of automobiles; similarly they may
bear the cost of cybercrime and espionage as a tradeoff for the benefits to
business of information technology."
The report, sponsored by security software vendor
McAfee, eschews survey data, which the authors say is flawed because
respondents "self-select," and businesses often either conceal or do
not realize the full extent of the losses from a cyber attack.
"We believe the CSIS report is the first to use
actual economic modeling to build out the figures for the losses attributable
to malicious cyber activity," Mike Fey, executive vice president and CTO
at McAfee, said in a statement.
"As policymakers, business leaders and others
struggle to get their arms around why cybersecurity matters, they need solid
information on which to base their actions."
Cybersecurity is the subject of a long-running
policy debate in Congress, with lawmakers divided over what role the government
should play in setting and enforcing security standards for critical
infrastructure operators in the private sector. Read more:
No comments:
Post a Comment