SlideShare una empresa de Scribd logo

Cyber economics v2 -Measuring the true cost of Cybercrime

Descargar como PPTX, PDF
Shahar Geiger Maor
Shahar Geiger Maor
TecnologíaEconomía y finanzas
1 de 18
Cyberonomics Measuring the true cost of Cybercrime Shahar Geiger Maor
https://twitter.com/Op_Israel/status/320957190309543938 B (daily)
Why Measuring Cyber Security? in :
“…Cybercrime Cost is estimated $1 Trillion worldwide” http://www.whitehouse.gov/video/President-Obama-on-Cybersecurity#transcript http://www.forbes.com/sites/andygreenberg/ /mcafee-explains- the-dubious-math-behind-its-unscientific- -trillion-data-loss-claim
Risk Landscap e (2013) http://www3.weforum.org/docs/WEF_GlobalRisks_Report_2013.pdf
1.8% Of GDP UK = 27B₤ IL = 4.5B$ The Cost Of Cybercrime in Israel (#1) -industry-and-government-joint-crime-cyber-of-cost-https://www.gov.uk/government/publications/the
The Cost Of Cybercrime in Israel (#1) 4.5B$ http://www.slideshare.net/jimmyschwarzkopf/stki-summit-2012-israeli-it-market 4.5B$ ~66% of 6.7B$
Why Measuring Cyber Security Is So Problematic? Too many sources of data The problems of under-recording and under/over-reporting Cybercrime surveys (lack of methodology) Conflicts of interest Terminology and rhetorics What to measure? (impact, loss) http://www.law.leeds.ac.uk/assets/files/staff/FD .pdf
The Costs Of Cybercrime To Society Defense costs Indirect losses Direct losses Cybercrime Supporting Infra. Criminal revenue Cost to society http://weis2012.econinfosec.org/papers/Anderson_WEIS2012.pdf +customizations Terrorist’s gain Vendor revenue
0.19% Of GDP UK = 4.5B₤ IL = 460M$ http://weis2012.econinfosec.org/papers/Anderson_WEIS2012.pdf
The Cost Of Cybercrime in Israel (#2) 460M$ http://mops.gov.il/Documents/Publications/CrimeDamage/CrimeDamageReports/CrimeDamageReport2011.pdf Total cost of crime in Israel (2012): 4B$ Sex Crimes: 170M$ Murder: 100M$ Fraud+ ​Property : 1,960M$ x2. 7 x4. 2 23 %
Some Insights From An Israeli Security Survey This survey refers to 2009-2011 (included) Market Average: 2 incidents in 3 years Per organization Market score: ~400 incidents in 2011 An average security incident looks like this: • Inside factor or known vulnerability/threat • ~50 working hours per incident • ~50K$ per incident (~~~~~~~~~~~) http://www.slideshare.net/shaharmaor/information-security-stki-summit-2012shahar-geiger-maor-12059675
The Cost Of Cybercrime in Israel (#3) 20M$
http://hackingdefined.org/opisrael/rss.xml A Brave New Economic Model Scope Target Impact Timing Reputation Economic gains
Government’s Role In Cyber Economic Measurement Quantitative risk assessment may improve cyber security controls and mitigation. So: Regulators should encourage the use of cyber economic measurement tools One methodology One focal point Discreet reporting
Thank You!

Recomendados

Eric Gundersen Government Push For Open Data Map Where2
Eric Gundersen Government Push For Open Data Map Where2Eric Gundersen Government Push For Open Data Map Where2
Eric Gundersen Government Push For Open Data Map Where2EricGundersen
 
WORLD NEWS - AUGUST 14, 2014
WORLD NEWS - AUGUST 14, 2014WORLD NEWS - AUGUST 14, 2014
WORLD NEWS - AUGUST 14, 2014Headlines.am
 
PCI Challenges
PCI ChallengesPCI Challenges
PCI ChallengesShahar Geiger Maor
 
Trends In The Israeli Information Security Market 2008
Trends In The Israeli Information Security Market 2008Trends In The Israeli Information Security Market 2008
Trends In The Israeli Information Security Market 2008Shahar Geiger Maor
 
Green Security
Green SecurityGreen Security
Green SecurityShahar Geiger Maor
 
Cloud security v2
Cloud security v2Cloud security v2
Cloud security v2Shahar Geiger Maor
 
Social Sec infosec -pptx
Social Sec infosec -pptxSocial Sec infosec -pptx
Social Sec infosec -pptxShahar Geiger Maor
 
Summit 2011 trends in infrastructure services
Summit 2011 trends in infrastructure servicesSummit 2011 trends in infrastructure services
Summit 2011 trends in infrastructure servicesShahar Geiger Maor
 

Recomendados

Eric Gundersen Government Push For Open Data Map Where2
Eric Gundersen Government Push For Open Data Map Where2Eric Gundersen Government Push For Open Data Map Where2
Eric Gundersen Government Push For Open Data Map Where2EricGundersen
 
WORLD NEWS - AUGUST 14, 2014
WORLD NEWS - AUGUST 14, 2014WORLD NEWS - AUGUST 14, 2014
WORLD NEWS - AUGUST 14, 2014Headlines.am
 
PCI Challenges
PCI ChallengesPCI Challenges
PCI ChallengesShahar Geiger Maor
 
Trends In The Israeli Information Security Market 2008
Trends In The Israeli Information Security Market 2008Trends In The Israeli Information Security Market 2008
Trends In The Israeli Information Security Market 2008Shahar Geiger Maor
 
Green Security
Green SecurityGreen Security
Green SecurityShahar Geiger Maor
 
Cloud security v2
Cloud security v2Cloud security v2
Cloud security v2Shahar Geiger Maor
 
Social Sec infosec -pptx
Social Sec infosec -pptxSocial Sec infosec -pptx
Social Sec infosec -pptxShahar Geiger Maor
 
Summit 2011 trends in infrastructure services
Summit 2011 trends in infrastructure servicesSummit 2011 trends in infrastructure services
Summit 2011 trends in infrastructure servicesShahar Geiger Maor
 
News release 1 gcc cyber security - 150413
News release 1 gcc cyber security - 150413News release 1 gcc cyber security - 150413
News release 1 gcc cyber security - 150413GCCCYBER SECURITY
 
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sectoritnewsafrica
 
The economic impact of cybercrime and cyber espionage
The economic impact of cybercrime and cyber espionageThe economic impact of cybercrime and cyber espionage
The economic impact of cybercrime and cyber espionageBee_Ware
 
Honeypots in Cyberwar
Honeypots in CyberwarHoneypots in Cyberwar
Honeypots in CyberwarMehdi Poustchi Amin
 
Delusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceoDelusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceoJoão Rufino de Sales
 
Cyberattacks on the Rise Infographic
Cyberattacks on the Rise InfographicCyberattacks on the Rise Infographic
Cyberattacks on the Rise InfographicSparkCognition
 
Cyber savvy (2)
Cyber savvy (2)Cyber savvy (2)
Cyber savvy (2)naveen p
 
Delusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceoDelusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceoCyber Threat Intelligence Network
 
Rp economic-impact-cybercrime2
Rp economic-impact-cybercrime2Rp economic-impact-cybercrime2
Rp economic-impact-cybercrime2Marcio Kanamaru
 
Cyberterrorismv1
Cyberterrorismv1Cyberterrorismv1
Cyberterrorismv1100688767-barrett
 
Industrial Control Cybersecurity for Critical National Infrastructure
Industrial Control Cybersecurity for Critical National Infrastructure Industrial Control Cybersecurity for Critical National Infrastructure
Industrial Control Cybersecurity for Critical National Infrastructure James Nesbitt
 
50+ facts about State of CyberSecurity in 2015
50+ facts about State of CyberSecurity in 201550+ facts about State of CyberSecurity in 2015
50+ facts about State of CyberSecurity in 2015Marcos Ortiz Valmaseda
 
Most Noticeable Facts About Cybersecurity – Cyberroot Risk Advisory
Most Noticeable Facts About Cybersecurity – Cyberroot Risk AdvisoryMost Noticeable Facts About Cybersecurity – Cyberroot Risk Advisory
Most Noticeable Facts About Cybersecurity – Cyberroot Risk AdvisoryCR Group
 
4.01 Cyber Conference_ press release5.13
4.01 Cyber Conference_ press release5.134.01 Cyber Conference_ press release5.13
4.01 Cyber Conference_ press release5.13Signals Defense, LLC
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorismshaympariyar
 
"Cyber crime", or computer-oriented crime..!!
"Cyber crime", or computer-oriented crime..!!"Cyber crime", or computer-oriented crime..!!
"Cyber crime", or computer-oriented crime..!!amit_shanu
 
Cybersecurity and-cyberwar-singer-en-22186
Cybersecurity and-cyberwar-singer-en-22186Cybersecurity and-cyberwar-singer-en-22186
Cybersecurity and-cyberwar-singer-en-22186Avirot Mitamura
 
Career in Cyber Security - City University.pptx
Career in Cyber Security - City University.pptxCareer in Cyber Security - City University.pptx
Career in Cyber Security - City University.pptxBoni Yeamin
 
Critical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber ThreatCritical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber ThreatMotorola Solutions
 
Hackers and Hacking a brief overview 5-26-2016
Hackers and Hacking a brief overview 5-26-2016Hackers and Hacking a brief overview 5-26-2016
Hackers and Hacking a brief overview 5-26-2016Gohsuke Takama
 
From creeper to stuxnet
From creeper to stuxnetFrom creeper to stuxnet
From creeper to stuxnetShahar Geiger Maor
 
Mobile payment v3
Mobile payment v3Mobile payment v3
Mobile payment v3Shahar Geiger Maor
 

Más contenido relacionado

Similar a Cyber economics v2 -Measuring the true cost of Cybercrime

News release 1 gcc cyber security - 150413
News release 1 gcc cyber security - 150413News release 1 gcc cyber security - 150413
News release 1 gcc cyber security - 150413GCCCYBER SECURITY
 
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sectoritnewsafrica
 
The economic impact of cybercrime and cyber espionage
The economic impact of cybercrime and cyber espionageThe economic impact of cybercrime and cyber espionage
The economic impact of cybercrime and cyber espionageBee_Ware
 
Cyberattacks on the Rise Infographic
Cyberattacks on the Rise InfographicCyberattacks on the Rise Infographic
Cyberattacks on the Rise InfographicSparkCognition
 
Cyber savvy (2)
Cyber savvy (2)Cyber savvy (2)
Cyber savvy (2)naveen p
 
Rp economic-impact-cybercrime2
Rp economic-impact-cybercrime2Rp economic-impact-cybercrime2
Rp economic-impact-cybercrime2Marcio Kanamaru
 
Industrial Control Cybersecurity for Critical National Infrastructure
Industrial Control Cybersecurity for Critical National Infrastructure Industrial Control Cybersecurity for Critical National Infrastructure
Industrial Control Cybersecurity for Critical National Infrastructure James Nesbitt
 
50+ facts about State of CyberSecurity in 2015
50+ facts about State of CyberSecurity in 201550+ facts about State of CyberSecurity in 2015
50+ facts about State of CyberSecurity in 2015Marcos Ortiz Valmaseda
 
Most Noticeable Facts About Cybersecurity – Cyberroot Risk Advisory
Most Noticeable Facts About Cybersecurity – Cyberroot Risk AdvisoryMost Noticeable Facts About Cybersecurity – Cyberroot Risk Advisory
Most Noticeable Facts About Cybersecurity – Cyberroot Risk AdvisoryCR Group
 
4.01 Cyber Conference_ press release5.13
4.01 Cyber Conference_ press release5.134.01 Cyber Conference_ press release5.13
4.01 Cyber Conference_ press release5.13Signals Defense, LLC
 
"Cyber crime", or computer-oriented crime..!!
"Cyber crime", or computer-oriented crime..!!"Cyber crime", or computer-oriented crime..!!
"Cyber crime", or computer-oriented crime..!!amit_shanu
 
Cybersecurity and-cyberwar-singer-en-22186
Cybersecurity and-cyberwar-singer-en-22186Cybersecurity and-cyberwar-singer-en-22186
Cybersecurity and-cyberwar-singer-en-22186Avirot Mitamura
 
Career in Cyber Security - City University.pptx
Career in Cyber Security - City University.pptxCareer in Cyber Security - City University.pptx
Career in Cyber Security - City University.pptxBoni Yeamin
 
Critical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber ThreatCritical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber ThreatMotorola Solutions
 
Hackers and Hacking a brief overview 5-26-2016
Hackers and Hacking a brief overview 5-26-2016Hackers and Hacking a brief overview 5-26-2016
Hackers and Hacking a brief overview 5-26-2016Gohsuke Takama
 

Similar a Cyber economics v2 -Measuring the true cost of Cybercrime (20)

News release 1 gcc cyber security - 150413
News release 1 gcc cyber security - 150413News release 1 gcc cyber security - 150413
News release 1 gcc cyber security - 150413
 
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
 
The economic impact of cybercrime and cyber espionage
The economic impact of cybercrime and cyber espionageThe economic impact of cybercrime and cyber espionage
The economic impact of cybercrime and cyber espionage
 
Honeypots in Cyberwar
Honeypots in CyberwarHoneypots in Cyberwar
Honeypots in Cyberwar
 
Delusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceoDelusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceo
 
Cyberattacks on the Rise Infographic
Cyberattacks on the Rise InfographicCyberattacks on the Rise Infographic
Cyberattacks on the Rise Infographic
 
Cyber savvy (2)
Cyber savvy (2)Cyber savvy (2)
Cyber savvy (2)
 
Delusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceoDelusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceo
 
Rp economic-impact-cybercrime2
Rp economic-impact-cybercrime2Rp economic-impact-cybercrime2
Rp economic-impact-cybercrime2
 
Cyberterrorismv1
Cyberterrorismv1Cyberterrorismv1
Cyberterrorismv1
 
Industrial Control Cybersecurity for Critical National Infrastructure
Industrial Control Cybersecurity for Critical National Infrastructure Industrial Control Cybersecurity for Critical National Infrastructure
Industrial Control Cybersecurity for Critical National Infrastructure
 
50+ facts about State of CyberSecurity in 2015
50+ facts about State of CyberSecurity in 201550+ facts about State of CyberSecurity in 2015
50+ facts about State of CyberSecurity in 2015
 
Most Noticeable Facts About Cybersecurity – Cyberroot Risk Advisory
Most Noticeable Facts About Cybersecurity – Cyberroot Risk AdvisoryMost Noticeable Facts About Cybersecurity – Cyberroot Risk Advisory
Most Noticeable Facts About Cybersecurity – Cyberroot Risk Advisory
 
4.01 Cyber Conference_ press release5.13
4.01 Cyber Conference_ press release5.134.01 Cyber Conference_ press release5.13
4.01 Cyber Conference_ press release5.13
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
 
"Cyber crime", or computer-oriented crime..!!
"Cyber crime", or computer-oriented crime..!!"Cyber crime", or computer-oriented crime..!!
"Cyber crime", or computer-oriented crime..!!
 
Cybersecurity and-cyberwar-singer-en-22186
Cybersecurity and-cyberwar-singer-en-22186Cybersecurity and-cyberwar-singer-en-22186
Cybersecurity and-cyberwar-singer-en-22186
 
Career in Cyber Security - City University.pptx
Career in Cyber Security - City University.pptxCareer in Cyber Security - City University.pptx
Career in Cyber Security - City University.pptx
 
Critical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber ThreatCritical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber Threat
 
Hackers and Hacking a brief overview 5-26-2016
Hackers and Hacking a brief overview 5-26-2016Hackers and Hacking a brief overview 5-26-2016
Hackers and Hacking a brief overview 5-26-2016
 

Más de Shahar Geiger Maor

Networking stki summit 2012 -shahar geiger maor
Networking stki summit 2012 -shahar geiger maorNetworking stki summit 2012 -shahar geiger maor
Networking stki summit 2012 -shahar geiger maorShahar Geiger Maor
 
Information security stki summit 2012-shahar geiger maor
Information security stki summit 2012-shahar geiger maorInformation security stki summit 2012-shahar geiger maor
Information security stki summit 2012-shahar geiger maorShahar Geiger Maor
 
Endpoints stki summit 2012-shahar geiger maor
Endpoints stki summit 2012-shahar geiger maorEndpoints stki summit 2012-shahar geiger maor
Endpoints stki summit 2012-shahar geiger maorShahar Geiger Maor
 
Risk, regulation and data protection
Risk, regulation and data protectionRisk, regulation and data protection
Risk, regulation and data protectionShahar Geiger Maor
 
STKI Mobile brainstorming -MDM Panel
STKI Mobile brainstorming -MDM PanelSTKI Mobile brainstorming -MDM Panel
STKI Mobile brainstorming -MDM PanelShahar Geiger Maor
 
Cloud Security CISO club -April 2011 v2
Cloud Security CISO club -April 2011 v2Cloud Security CISO club -April 2011 v2
Cloud Security CISO club -April 2011 v2Shahar Geiger Maor
 
Summit 2011 trends in information security
Summit 2011 trends in information securitySummit 2011 trends in information security
Summit 2011 trends in information securityShahar Geiger Maor
 
כנס אבטחת מידע מוטו תקשורת V2
כנס אבטחת מידע מוטו תקשורת V2כנס אבטחת מידע מוטו תקשורת V2
כנס אבטחת מידע מוטו תקשורת V2Shahar Geiger Maor
 
Stki Summit 2010 Infra Services V8
Stki Summit 2010 Infra Services V8Stki Summit 2010 Infra Services V8
Stki Summit 2010 Infra Services V8Shahar Geiger Maor
 
Infrastructure Trends -Jan 2010
Infrastructure Trends -Jan 2010Infrastructure Trends -Jan 2010
Infrastructure Trends -Jan 2010Shahar Geiger Maor
 
Info Sec C T O Forum Nov 2009 V1
Info Sec C T O Forum Nov 2009 V1Info Sec C T O Forum Nov 2009 V1
Info Sec C T O Forum Nov 2009 V1Shahar Geiger Maor
 
STKI Summit 2009 -Infrastructure Services Trends
STKI Summit 2009 -Infrastructure Services TrendsSTKI Summit 2009 -Infrastructure Services Trends
STKI Summit 2009 -Infrastructure Services TrendsShahar Geiger Maor
 
Trends in the World and Israeli Green Data Centers (2008)
Trends in the World and Israeli Green Data Centers (2008)Trends in the World and Israeli Green Data Centers (2008)
Trends in the World and Israeli Green Data Centers (2008)Shahar Geiger Maor
 
Trends in the Israeli Infrastructure Services/STKI Summit -Update June 2008
Trends in the Israeli Infrastructure Services/STKI Summit -Update June 2008Trends in the Israeli Infrastructure Services/STKI Summit -Update June 2008
Trends in the Israeli Infrastructure Services/STKI Summit -Update June 2008Shahar Geiger Maor
 
Green IT Trends in Israel July 2008
Green IT Trends in Israel July 2008Green IT Trends in Israel July 2008
Green IT Trends in Israel July 2008Shahar Geiger Maor
 

Más de Shahar Geiger Maor (20)

From creeper to stuxnet
From creeper to stuxnetFrom creeper to stuxnet
From creeper to stuxnet
 
Mobile payment v3
Mobile payment v3Mobile payment v3
Mobile payment v3
 
Networking stki summit 2012 -shahar geiger maor
Networking stki summit 2012 -shahar geiger maorNetworking stki summit 2012 -shahar geiger maor
Networking stki summit 2012 -shahar geiger maor
 
Information security stki summit 2012-shahar geiger maor
Information security stki summit 2012-shahar geiger maorInformation security stki summit 2012-shahar geiger maor
Information security stki summit 2012-shahar geiger maor
 
Endpoints stki summit 2012-shahar geiger maor
Endpoints stki summit 2012-shahar geiger maorEndpoints stki summit 2012-shahar geiger maor
Endpoints stki summit 2012-shahar geiger maor
 
Risk, regulation and data protection
Risk, regulation and data protectionRisk, regulation and data protection
Risk, regulation and data protection
 
STKI Mobile brainstorming -MDM Panel
STKI Mobile brainstorming -MDM PanelSTKI Mobile brainstorming -MDM Panel
STKI Mobile brainstorming -MDM Panel
 
Cloud Security CISO club -April 2011 v2
Cloud Security CISO club -April 2011 v2Cloud Security CISO club -April 2011 v2
Cloud Security CISO club -April 2011 v2
 
Summit 2011 trends in information security
Summit 2011 trends in information securitySummit 2011 trends in information security
Summit 2011 trends in information security
 
DLP Trends -Dec 2010
DLP Trends -Dec 2010DLP Trends -Dec 2010
DLP Trends -Dec 2010
 
כנס אבטחת מידע מוטו תקשורת V2
כנס אבטחת מידע מוטו תקשורת V2כנס אבטחת מידע מוטו תקשורת V2
כנס אבטחת מידע מוטו תקשורת V2
 
Stki Summit 2010 Infra Services V8
Stki Summit 2010 Infra Services V8Stki Summit 2010 Infra Services V8
Stki Summit 2010 Infra Services V8
 
Infrastructure Trends -Jan 2010
Infrastructure Trends -Jan 2010Infrastructure Trends -Jan 2010
Infrastructure Trends -Jan 2010
 
Info Sec C T O Forum Nov 2009 V1
Info Sec C T O Forum Nov 2009 V1Info Sec C T O Forum Nov 2009 V1
Info Sec C T O Forum Nov 2009 V1
 
Security Summit July 2009
Security Summit July 2009Security Summit July 2009
Security Summit July 2009
 
IPv6
IPv6IPv6
IPv6
 
STKI Summit 2009 -Infrastructure Services Trends
STKI Summit 2009 -Infrastructure Services TrendsSTKI Summit 2009 -Infrastructure Services Trends
STKI Summit 2009 -Infrastructure Services Trends
 
Trends in the World and Israeli Green Data Centers (2008)
Trends in the World and Israeli Green Data Centers (2008)Trends in the World and Israeli Green Data Centers (2008)
Trends in the World and Israeli Green Data Centers (2008)
 
Trends in the Israeli Infrastructure Services/STKI Summit -Update June 2008
Trends in the Israeli Infrastructure Services/STKI Summit -Update June 2008Trends in the Israeli Infrastructure Services/STKI Summit -Update June 2008
Trends in the Israeli Infrastructure Services/STKI Summit -Update June 2008
 
Green IT Trends in Israel July 2008
Green IT Trends in Israel July 2008Green IT Trends in Israel July 2008
Green IT Trends in Israel July 2008
 

Último

JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard37
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMKumar Satyam
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)Samir Dash
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAnitaRaj43
 

Último (20)

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptx
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDM
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by Anitaraj
 

Cyber economics v2 -Measuring the true cost of Cybercrime

  • 1. Cyberonomics Measuring the true cost of Cybercrime Shahar Geiger Maor
  • 2.
  • 4. Why Measuring Cyber Security? in :
  • 5.
  • 6. “…Cybercrime Cost is estimated $1 Trillion worldwide” http://www.whitehouse.gov/video/President-Obama-on-Cybersecurity#transcript http://www.forbes.com/sites/andygreenberg/ /mcafee-explains- the-dubious-math-behind-its-unscientific- -trillion-data-loss-claim
  • 8. 1.8% Of GDP UK = 27B₤ IL = 4.5B$ The Cost Of Cybercrime in Israel (#1) -industry-and-government-joint-crime-cyber-of-cost-https://www.gov.uk/government/publications/the
  • 9. The Cost Of Cybercrime in Israel (#1) 4.5B$ http://www.slideshare.net/jimmyschwarzkopf/stki-summit-2012-israeli-it-market 4.5B$ ~66% of 6.7B$
  • 10. Why Measuring Cyber Security Is So Problematic? Too many sources of data The problems of under-recording and under/over-reporting Cybercrime surveys (lack of methodology) Conflicts of interest Terminology and rhetorics What to measure? (impact, loss) http://www.law.leeds.ac.uk/assets/files/staff/FD .pdf
  • 11. The Costs Of Cybercrime To Society Defense costs Indirect losses Direct losses Cybercrime Supporting Infra. Criminal revenue Cost to society http://weis2012.econinfosec.org/papers/Anderson_WEIS2012.pdf +customizations Terrorist’s gain Vendor revenue
  • 13. The Cost Of Cybercrime in Israel (#2) 460M$ http://mops.gov.il/Documents/Publications/CrimeDamage/CrimeDamageReports/CrimeDamageReport2011.pdf Total cost of crime in Israel (2012): 4B$ Sex Crimes: 170M$ Murder: 100M$ Fraud+ ​Property : 1,960M$ x2. 7 x4. 2 23 %
  • 14. Some Insights From An Israeli Security Survey This survey refers to 2009-2011 (included) Market Average: 2 incidents in 3 years Per organization Market score: ~400 incidents in 2011 An average security incident looks like this: • Inside factor or known vulnerability/threat • ~50 working hours per incident • ~50K$ per incident (~~~~~~~~~~~) http://www.slideshare.net/shaharmaor/information-security-stki-summit-2012shahar-geiger-maor-12059675
  • 15. The Cost Of Cybercrime in Israel (#3) 20M$
  • 16. http://hackingdefined.org/opisrael/rss.xml A Brave New Economic Model Scope Target Impact Timing Reputation Economic gains
  • 17. Government’s Role In Cyber Economic Measurement Quantitative risk assessment may improve cyber security controls and mitigation. So: Regulators should encourage the use of cyber economic measurement tools One methodology One focal point Discreet reporting

Notas del editor

  1. ב-7 באפריל 2013 הותקפו אתרי אינטרנט ישראלים בארץ ובעולם במבצע שנודע כ- OpIsrael. המתקפה התרחשה בהמשך למבצע "עמוד ענן" של צה"ל בסוף 2012 ברצועת עזה וכתגובה למדיניות ישראל בשטחים. למבצע הקיברנטי קדמו פרסומים רבים וכן סרטוני תעמולה של ארגון Anonymous אשר הוביל את ההתקפה. מארגני המבצע איימו לנתק את מדינת ישראל מהאינטרנט וקבעו רף חדש במערכה התודעתית וביחסים בין טרור קיברנטי למדינה. במהלך השבועות שקדמו להתקפה הורגשה בשוק המקומי תכונה רבה לקראת העתיד לבוא. בארגונים רבים, במיוחד באלה הנמנים על המגזרים המועדים להתקפות על רקע לאומני, התקיימו ישיבות הכנה, בוצעו פעולות מנע וטיוב למערכות ההגנה, אורגנו התייעצויות עם גורמים מקצועיים ונאסף מודיעין לקראת ההתקפה. במהלך ההתקפה עצמה, אשר נמשכה כל סוף השבוע שקדם ל- 7 באפריל וכן במהלך אותו יום ובימים לאחר מכן, הותקפו אתרים של חברות וארגונים מכל הסוגים, רשויות ציבוריות, משרדי ממשלה, גופים ביטחוניים וכל יעד אחר שהמתקיפים שייכו למדינת ישראל או למוסדות המזוהים עמה. http://www.youtube.com/watch?v=q760tsz1Z7M
  2. דוגמא לסוגיה ניתן למצוא במחקר, שפירסמה בשנת 2009 חברת מקאפי, אשר העריך את סך הנזק הגלובלי כתוצאה מפעולות קיברנטיות בלתי לגיטימיות בסכום הדמיוני של טריליון דולר בשנה. מחקר זה נוצל בשעתו בידי חלק מאנשי הממשל כדי לשכנע את הנשיא אובמה לתקצב בנדיבות את המאמצים הקיברנטיים של ארצות הברית. לדבר על המאמר הראשון של מקאפי ועל זה שהם הסתבכו עם המספר הזה: http://news.slashdot.org/story/13/08/19/1522217/mcafee-regrets-flawed-trillion-dollar-cyber-crime-claimshttp://news.cnet.com/8301-1009_3-57594989-83/cyberattacks-account-for-up-to-$1-trillion-in-global-losses/,
  3. האתגר המרכזי כאן הוא אפוא מדידה אפקטיבית של השפעת עולם הסייבר על הכלכלה. אבל מה עומד מאחורי הביטוי מדידה אפקטיבית? מחקר שפורסם בשנת 2010 על ידי Fafinski, Dutton, Margetts מאוניברסיטת אוקספורד ניסה לעשות סדר במדידה של פשיעת סייבר. מחקר זה הצביע במפורש על חלק מהקשיים המרכזיים באיסוף מידע אמין לביצוע המדידה: עודף במקורות מידע –בעולם שבו אנו חיים קיים מגוון עצום של מקורות מידע. גם בתחום מחקר הסייבר קיימים עשרות רבות של גופים בינלאומיים ומקומיים אשר עוסקים בנושא. הקושי העיקרי כאן הוא שאין תקן אחיד לאיכות הנתונים ואין שום הבטחה לגבי נכונותם.תיעוד חסר של אירועי סייבר –בהמשך לנקודה הראשונה ולמרבה האירוניה, הפחד מפרסום שלילי או ריגול בקרב ארגונים שסבלו מאירוע סייבר, העדר חובת דיווח והעדר תקן לצורת הדיווח מביאים לכך שלכלל תושבי כדור הארץ אין כיום תמונת מצב מהימנה לגבי אירועי סייבר והשפעתם המצטברת על הכלכלה. סקרי סייבר –כמו שכבר הוזכר למעלה, אין מתודולוגיה מוכרת לביצוע סקרים בנושא הנזק הנגרם כתוצאה מאירועי סייבר. כמו כן, אין כמעט סקרים אשר ביצעו עבודה מקיפה למדידה של הנזק הנ"ל. יש לציין כי סקרים ורטיקלים נחשבים למדוייקים יותר וניתן באמצעותם לקבל, לעתים, תמונת מצב טובה על הנעשה במגזר מסויים. עדיין, תמונה כללית על שוק או מדינה אינם בנמצא.ניגוד אינטרסים והטיות –סקרים רבים מבוצעים על ידי גורמים אשר יש להם אינטרס מסויים בשוק של פשיעה קיברנטית. חברות אשר מוכרות מוצרים בתחום עלולות לפרסם נתונים מנופחים על מנת לשדר בהלה ודחיפות ולנסות לשכנע לקוחות לרכוש את מוצריהם.שפה ורטוריקה –אוכלוסיות שונות משתמשות בטרמינולוגיה שונה ועל ידי כך מקשות על כלל הציבור לקבל תמונה מהימנה של האירועים. דוגמא טובה לכך היא הדרמטיזציה שעיתונאים עושים לתחום הסייבר בכיסוי שלו במדיות השונות. דוגמא נוספת מישראל היא השיח הקולני, לעתים, אשר מובל על ידי נבחרי ציבור שונים שמנסים למשוך את תשומת הלב הציבורית לנושא באמצעות תיאורים אפוקליפטים ודימויים מוגזמים. http://www.law.leeds.ac.uk/assets/files/staff/FD18.pdfhttp://main.knesset.gov.il/Activity/committees/Science/News/pages/pr_980_01011900.aspx
  4. עורכי המחקר מציעים להפריד בין תחומים שלגביהם קיים מידע ונתונים אשר מאפשרים לבצע מדידה כמו הונאות בכרטיסי אשראי, הונאות בבנקאות באינטרנט, זיופים שונים בתחום המוסיקה והוידאו ועוד לבין תחומים שאין לגביהם נתונים כלל. בכל תחום מתחומי ההונאה השונים נבחר מקור המידע האמין ביותר לדעת החוקרים וכך הורכבה התמונה השלמה. החוקרים התבססו על הנחה נוספת, לפיה בריטניה אחראית ל 5% מסך התמ"ג העולמי וזאת כדי לבצע מנפולציות על נתונים מהרמה העולמית לרמה המקומית וההיפך. סך הממצאים מרוכזים בטבלה הבאה:http://data.worldbank.org/country/united-kingdomהמספרים המודגשים חושבו בהתבסס על הנחות ומחקרים בכל תחום ואילו המספרים לצידם, שאינם מודגשים, חושבו על פי חלקה היחסי של בריטניה מסך התמ"ג העולמי.על פי נתונים אלו, עלות פשיעת הסייבר בבריטניה עומדת על כ- 18.5 מיליארד דולר (0.77% מהתמ"ג הבריטי). עם זאת, יש לשים לב לפרמטר מאוד חשוב בטבלה: במחקר נלקחו בחשבון סעיפי עלות להונאות מתחומי המס והרווחה מתוך הבנה כי חלק גדול מהאינטראקציה בין האזרח לרשויות היא אלקטרונית. כך, למשל, הונאות מס נעשות כיום, במקרים רבים, במערכות ממוחשבות ועל פי מחקר זה יש לראות בהן הונאות של תחום אשר הופך לקיברנטי. עם זאת, יתכן שלא כולם יסכימו לפרשנות זו, שכן בדוגמה זו מהות העבירה היא לא קיברנטית, למרות שהאמצעי הטכני לביצועה -כן. שני חלקים אלה תורמים כ- 14 מיליארד דולר עלות הכוללת. אם ננקה את שני הסעיפים הללו נראה כי סך העלות כתוצאה מפשיעת סייבר בבריטניה עומדת על כ- 4.5 מיליארד (0.19% מהתמ"ג הבריטי). אם נקיש מנתונים אלה על השוק הישראלי נגלה כי 0.19% מהתמ"ג הישראלי מסתכמים ב- 460 מיליון דולר. וזו, על פי מחקר זה, היא עלות הפשיעה הקיברנטית בישראל.החישוב: תמ"ג בישראל (248 מיליארד $ בקירוב) כפול 0.19%: 248B*0.19%=460M