Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Cyber economics v2 -Measuring the true cost of Cybercrime


Published on

Published in: Technology, Economy & Finance
  • Be the first to comment

Cyber economics v2 -Measuring the true cost of Cybercrime

  1. 1. Cyberonomics Measuring the true cost of Cybercrime Shahar Geiger Maor
  2. 2. B (daily)
  3. 3. Why Measuring Cyber Security? in :
  4. 4. “…Cybercrime Cost is estimated $1 Trillion worldwide” /mcafee-explains- the-dubious-math-behind-its-unscientific- -trillion-data-loss-claim
  5. 5. Risk Landscap e (2013)
  6. 6. 1.8% Of GDP UK = 27B₤ IL = 4.5B$ The Cost Of Cybercrime in Israel (#1) -industry-and-government-joint-crime-cyber-of-cost-
  7. 7. The Cost Of Cybercrime in Israel (#1) 4.5B$ 4.5B$ ~66% of 6.7B$
  8. 8. Why Measuring Cyber Security Is So Problematic? Too many sources of data The problems of under-recording and under/over-reporting Cybercrime surveys (lack of methodology) Conflicts of interest Terminology and rhetorics What to measure? (impact, loss) .pdf
  9. 9. The Costs Of Cybercrime To Society Defense costs Indirect losses Direct losses Cybercrime Supporting Infra. Criminal revenue Cost to society +customizations Terrorist’s gain Vendor revenue
  10. 10. 0.19% Of GDP UK = 4.5B₤ IL = 460M$
  11. 11. The Cost Of Cybercrime in Israel (#2) 460M$ Total cost of crime in Israel (2012): 4B$ Sex Crimes: 170M$ Murder: 100M$ Fraud+ ​Property : 1,960M$ x2. 7 x4. 2 23 %
  12. 12. Some Insights From An Israeli Security Survey This survey refers to 2009-2011 (included) Market Average: 2 incidents in 3 years Per organization Market score: ~400 incidents in 2011 An average security incident looks like this: • Inside factor or known vulnerability/threat • ~50 working hours per incident • ~50K$ per incident (~~~~~~~~~~~)
  13. 13. The Cost Of Cybercrime in Israel (#3) 20M$
  14. 14. A Brave New Economic Model Scope Target Impact Timing Reputation Economic gains
  15. 15. Government’s Role In Cyber Economic Measurement Quantitative risk assessment may improve cyber security controls and mitigation. So: Regulators should encourage the use of cyber economic measurement tools One methodology One focal point Discreet reporting
  16. 16. Thank You!