Cybercrime Statistics are Bad, But No one Agrees How Bad…









[caption id="attachment_1115" align="alignleft" width="300" caption="cybercrime statistical chart"]cybercrime statistical chart[/caption]



The news media, the government, and countless Internet security organizations have warned about the results and impact of cybercrime. Killian Strauss of the Organization for Security and Cooperation in Europe has estimated cybercrime theft at $100 billion annually. Patrick Peterson, chief security researcher at Cisco, has estimated that losses totaled $560 million in 2009. And in March 2009, Edward Amoroso, AT&T's chief security officer, submitted written testimony to the U.S. Senate Committee on Commerce, Science, and Transportation estimating that cybercrime was bringing in illicit revenues of approximately $1 trillion a year.




To some researchers, those wildly different numbers suggest that current methods for calculating cybercrime losses are so poor we actually have no idea how bad the problem is. And without good data, they say, there's no way to fight it intelligently.



These numbers just don’t make sense. Not only are they all over the map, but some of them also seem impossibly high. For example, cybercrime revenues of $1 trillion mean $5,000 for every U.S. adult who spends time online.



"Understanding the impact of any crime is problematic," says Julie Ryan, lead professor in information security management at George Washington University. However, Ryan says, cybercrime presents particular problems because most people aren't well equipped to answer technical questions about it. For example, individual survey respondents might not be sure whether they've been victims of a phishing attack or, indeed, whether anything was taken from them as a result. "So here we have a problem," Ryan says. "Potential crime that is potentially undetectable, compounded by a target space that is mostly ignorant."



For the full story click here: Cybercrime Surveys



One could conclude that although cybercrimes continue to happen in alarming numbers, Internet Security Awareness is not yet increasing proportionately—the lacking ingredient to curtail this growing trend being Internet Security Awareness Training for every employee with access to a company network and the Internet.



Stu Sjouwerman



KnowBe4



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews