Cybersecurity Report. PHOTO: Cybercrime Magazine.

McAfee Vastly Underestimates The Cost Of Cybercrime

Cybersecurity vendor comes up short in its latest estimate

Steve Morgan, Editor-in-Chief

Sausalito, Calif. – Dec. 9, 2020

In 2009 at the World Economic Forum (WEF) in Davos, Switzerland, McAfee’s then CEO Dave DeWalt informed Reuters that the total bill for cyber theft and damage in 2008 had topped $1 trillion USD, according to a report published by the Silicon Valley based cybersecurity vendor.

In our opinion, DeWalt’s groundbreaking announcement was on the money. But amidst some industry controversy and pushback, McAfee made a $700 billion downward adjustment to their cybercrime cost figures, recalculating the estimate to be $300 billion.

Since then, McAfee has shared cybercrime will cost the world $6 trillion annually by 2021, according to Cybersecurity Ventures. This figure has appeared in their data sheets and other marketing material in the U.S. and internationally.

Along the way, executives at McAfee, including Rick Echevarria, former VP, Software and Services Group, GM Platforms Security Division at Intel (who previously owned McAfee), wrote that cybercrime damage costs were on track to reach 6 trillion by 2021, according to Cybersecurity Ventures.


Just the Facts: HPE Security

“Cybercrime will cost the world $6 trillion annually by 2021”


Now, 12 years after their original estimation, McAfee has released a report titled “The Hidden Costs of Cybercrime” with its latest findings — the current annual cost of cybercrime is suggested to be $1 trillion USD, up from their $300 billion figure in 2008 (or their $1 trillion figure — you pick).

It appears that the cybercrime costs in McAfee’s new report are derived from a survey of 1,500 companies having to do with their monetary losses. It’s hard to understand how any limited survey can be used to estimate something important as global cybercrime damage costs — which affects organizations of all sizes and types (not just businesses), and consumers.

Caution is advised when it comes to information technology surveys. Cybersecurity reports based on answers from respondents often produce misleading or inaccurate statistics, and they can lead to industry confusion.

In fairness to McAfee, their press release acknowledges they commissioned an outside firm to undertake the research that their report is based on.

OFFICIAL CYBERCRIME COSTS

The WEF (World Economic Forum) aligned with Cybersecurity Ventures’ predictions when they estimated the economic cost of cybercrime to be $3 trillion worldwide in 2015.

The Global Risks Report 2020 from WEF states that in 2021, according to Cybersecurity Ventures, cybercrime damages are expected to reach $6 trillion USD, what would be the equivalent to the GDP of the world’s third-largest economy.

While there is no governing body that produces “official” cybercrime damage costs —  the world’s largest media outlets, major technology and cybersecurity vendors, industry associations, governments, universities, and industry experts have consistently corroborated data shared by Cybersecurity Ventures.

In 2016, we predicted cybercrime would cost the world $6 trillion annually by 2021, up from $3 trillion in 2015.

Recently, we published a new report which estimates global cybercrime costs will grow by 15 percent per year over the next five years, reaching $10.5 trillion USD annually by 2025.

The damage cost estimation is based on historical cybercrime figures including recent year-over-year growth, a dramatic increase in hostile nation-state sponsored and organized crime gang hacking activities, and a cyberattack surface which will be an order of magnitude greater in 2025 than it is today.

Cybercrime costs include damage and destruction of data, stolen money, lost productivity, theft of intellectual property, theft of personal and financial data, embezzlement, fraud, post-attack disruption to the normal course of business, forensic investigation, restoration and deletion of hacked data and systems, and reputational harm.

The latest report is published at OfficialCybercrime.com.

“In addition to direct damages, which are projected to cost the global economy $6 trillion annually by 2021 (per Cybersecurity Ventures), cybercrime is a colossal barrier to digital trust,” according to WEF. “It drastically undermines the benefits of cyberspace and hinders international cyber stability efforts.”

It’s possible that McAfee might recalculate their 2020 report, much the way they did in 2008. The hidden costs of cybercrime are far greater than their current estimate.


Cybercrime TV: Former White House CIO Theresa Payton on Research Sources

Global cybersecurity expert and author relies on Cybersecurity Ventures


Steve Morgan is founder and Editor-in-Chief at Cybersecurity Ventures.

Go here to read all of my blogs and articles covering cybersecurity. Go here to send me story tips, feedback and suggestions.