Monday, February 16, 2009

$1 Trillion Lost to Cybercrime...Can Hackers Bail US Out?



According to the numbers provided in recent report from McAfee, maybe we should be asking the hackers, instead of US taxpayers to bail us out of this recession. 

McAfee, in a recent report entitled, "Unsecured Economies: Protecting Vital  Information, states that data theft and breaches from cybercrime may have cost businesses as much as $1 trillion globally in lost intellectual property and expenditures for repairing the damage in 2008.

McAfee made the projection based on responses to a survey of more than 800 chief information officers in the U.S., United Kingdom, Germany, Japan, China, India, Brazil, and Dubai.

The respondents estimated that they lost data worth a total of $4.6 billion and spent about $600 million cleaning up after breaches, McAfee said.  McAfee CEO Dave DeWalt spoke to CBR about the results and said that the findings suggested the figure around the world could be much larger.


“The findings are startling,” he said. “We believe the potential figure for total losses worldwide could be as much as $1,000,000,000,000 trillion.”
 In what has to be one of the dumbest mindsets/perceptions out there, the survey also found that respondents worried more about the damage that leakage or loss of  vital information would do to their company’s reputation than about the financial impact.  That statement would lead me to respond that if they're more worried about their company's reputation than financial impact, then they should donate all of their gross revenues to the bailout fund.  That would help their reputation as far as how US taxpayers would perceive them.   C'mon. 


The financial impact of a breach could potentially destroy a company...let alone their reputation.  Of course there "may" be exceptions, for instance,  Kapersky, (now more famoulsy known as "KaperSkyisFalling") F-Secure (who knew that the F stood for Failure) and BitSecure.  (are they contemplating rebranding their company as: "A BitMoreSecure?") whom all were recent victiims of the same Romanian hackers SQL Injection/cross site scripting attack which allow him to gain access to key data.  They have to worry about their company's reputation because they're supposed to "provide security."  On the other hand, ask Heartland Payment Systems if they're more worried, at this point, about their reputation or the financial impact of the breach.

Not surprisingly, McAfee's DeWalt said "that kind of mindset (reputation first, financial impact later) could be very damaging to enterprises."  Asked if he felt companies did not fully understand the value of IP, he said: “Yes, it’s all about brand protection, but that is after the fact. Businesses need a much better understanding of what data they have and where it is stored.” He added that a combination of education, technology and government intervention is they key to improving data security.
"This is the number one security concern at the moment."  McAfee suggested that situation could get worse as businesses are put under increasing pressure to reduce costs during the economic downturn. Reduced spending and staffing levels have led to more porous defenses and increased opportunity for crime," DeWalt said.

Reblog this post [with Zemanta]

Disqus for ePayment News