The cybercrime economy generates profits and results in loss. A pair of recent articles recently reported that it generates around $100 B [US] in profits [Chicago Tribune and MoneyWeek]. The OSCE recently reported that losses caused by cyber crime are estimated at $100 B [US] annually [HSDailyWire]. Earlier this year, Scott Berinato published an excellent business-friendly description of what he called “The Cybercrime Service Economy” [Harvard Business Review]. None of this is new news. CERT® reported in 2002 that crime groups use the Internet for a full spectrum of major fraud and theft activities [page 3].
It is my experience, though, that there are broad ranks of middle managers and senior business leaders who remain unaware of the breadth and scale of cybercrime activities. In some business sectors, for example financial services, this severely reduces the probability that these individuals will effectively manage risks — a key component of their responsibilities.
Security professionals remain obligated to continue investing energy and creativity into raising security awareness. We need to help non-technology business specialists and generalists find new ways to synthesize their line knowledge and experience with the facts and implications of growing cybercrime threats.
If your experience is different from mine, I am curious to learn what might be working for you.
— References —
“Russian hackers target U.S., Europe for profit and politics.”
By Alex Rodriguez, Chicago Tribune, December 26, 2008 , http://www.chicagotribune.com/news/chi-russia-hackers2_rodriguezdec26,0,5001855.story
“Profit from the fight against cyber-crime.”
By Associate Editor David Stevenson Dec 19, 2008.
“Experts: Internet crime might cause global catastrophe.”
HSDailyWire, November 20, 2008.
“Conversation Starter — The Cybercrime Service Economy.”
Scott Berinato, February 1, 2008,
and in the Harvard Business Review, February 2008, page 26.
Organized Crime and Cyber-Crime: Implications for Business
Phil Williams, CERT® Coordination Center, February 22, 2002,