A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of malicious cyber activity to the U.S. economy – $100 billion.
According to the study, which is entitled ‘Estimating the Cost of Cybercrime and Cyber Espionage’, as many as 508,000 jobs in the U.S. are lost as a result of malicious cyber activity.
“While this translates into a third of a percent decrease in employment, this is not the “net” loss as many workers will find other jobs,” according to the report. “The real concern might be if the lost jobs are in manufacturing or other high paying sectors. If workers displaced by cyber espionage do not find jobs that pay as well or better, the victim country would be worse off.”
“Using figures from the Commerce Department on the ratio of exports to U.S. jobs, we arrived at a high-end estimate of 508,000 U.S. jobs potentially lost from cyber espionage,” explained James Lewis, director and senior fellow, Technology and Public Policy Program at CSIS, and a co-author of the report, in the statement. “As with other estimates in the report, however, the raw numbers might tell just part of the story.”
The cost of malicious activity calculated by the researcher involves more than the loss of financial assets or intellectual property; it also spans damage to brands, consumer losses from fraud, remediation by compromised organizations and other costs. In the report, malicious cyber activity is broken into six areas: the loss of intellectual property; cybercrime; the loss of sensitive business information, including possible stock market manipulation; opportunity costs, including service disruption and reduced trust for online activities; additional cost of securing networks and reputational damaged to the victimized company.
“We believe the CSIS report is the first to use actual economic modeling to build out the figures for the losses attributable to malicious cyber activity,” said Mike Fey, executive vice president and chief technology officer at McAfee, in a statement. “Other estimates have been bandied about for years, but no one has put any rigor behind the effort. As policymakers, business leaders and others struggle to get their arms around why cyber security matters, they need solid information on which to base their actions.”
The full report can be read here.