Cyberonomics Measuring the true cost of Cybercrime Shahar Geiger Maor
Cyber economics v2 -Measuring the true cost of Cybercrime
Nov 02, 2014
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
CyberonomicsMeasuring the true cost of Cybercrime
Shahar Geiger Maor
htt
ps:
//tw
itte
r.co
m/O
p_I
srael/st
atu
s/32
095719
030954
3938
4.2B$
(daily)
Why Measuring Cyber Security?
Cliché
alert!321in :
You Can't Manage What You Don't Measure
“…Cybercrime Cost is estimated $1 Trillion worldwide”
http://www.whitehouse.gov/video/President-Obama-on-Cybersecurity#transcripthttp://www.forbes.com/sites/andygreenberg/2012/08/03/mcafee-explains-the-dubious-math-behind-its-unscientific-1-trillion-data-loss-claim/
Global Risk Landscape (2013)
http://www3.weforum.org/docs/WEF_GlobalRisks_Report_2013.pdf
1.8% Of
GDP
UK = 27B₤
IL = 4.5B
$
The Cost Of Cybercrime in Israel (#1)
:// . . / / / - - - - - - - -https www gov uk government publications the cost of cyber crime joint government and-industry report
The Cost Of Cybercrime in Israel (#1)
4.5B$
http://www.slideshare.net/jimmyschwarzkopf/stki-summit-2012-israeli-it-market
4.5B$ ~66% of 6.7B$
Why Measuring Cyber Security Is So Problematic?
Too many sources of dataThe problems of under-recording and under/over-reportingCybercrime surveys (lack of methodology)Conflicts of interestTerminology and rhetoricsWhat to measure? (impact, loss)
http://www.law.leeds.ac.uk/assets/files/staff/FD18.pdf
The Costs Of Cybercrime To Society
Defense costs
Indirect losses
Direct losses
Cybercrime Supporting Infra.
Criminal revenue
Cost to society
http://weis2012.econinfosec.org/papers/Anderson_WEIS2012.pdf +customizations
Terrorist’s gain
Vendor revenue
0.19% Of GDP
UK = 4.5B₤IL = 460M$
http://weis2012.econinfosec.org/papers/Anderson_WEIS2012.pdf
The Cost Of Cybercrime in Israel (#2)
460M$
http://mops.gov.il/Documents/Publications/CrimeDamage/CrimeDamageReports/CrimeDamageReport2011.pdf
Total cost of crime in Israel
(2012):4B$ Sex Crimes:
170M$
Murder: 100M$
Fraud+ Property: 1,960M$
x2.7
x4.2
23%
Some Insights From An Israeli Security Survey
This survey refers to 2009-2011 (included)Market Average: 2 incidents in 3 years Per organizationMarket score: ~400 incidents in 2011An average security incident looks like this: • Inside factor or known vulnerability/threat• ~50 working hours per incident• ~50K$ per incident (~~~~~~~~~~~)
http://www.slideshare.net/shaharmaor/information-security-stki-summit-2012shahar-geiger-maor-12059675
The Cost Of Cybercrime in Israel (#3)
20M$
http://hackingdefined.org/opisrael/rss.xml
A Brave New Economic Model
Scope Target Impact Timing Reputation
Economic gains
Government’s Role In Cyber Economic MeasurementQuantitative risk assessment may improve cyber security controls and mitigation.
So:
Regulators should encourage the use of cyber economic measurement toolsOne methodologyOne focal pointDiscreet reporting
Thank You!
Related Documents
