Whoa, here"s a shocker! According to CIO"s IT Security Hack blog, the cybercrime statistics that certain entities love to quote could be vastly exaggerated.
Much like the numbers given by the MPAA and RIAA when it comes to piracy, the blog suggests that most of the cybercrime statistics that get thrown around are basically drivel. Quoting a recent New York Times article, CIO contends that the methodology used to come up with such statistics is fundamentally flawed.
Most of these statistics come from surveys of consumers and businesses, as opposed to any real, hard data. Literally, the data comes from asking a relatively small number of people about their experiences with cybercrime, then scaling whatever data they come up with to cover the entire population.
Not only is the data probably not representative of the whole population to begin with, but scaling the results up to fit the whole population causes the errors to get bigger and bigger. For instance, back in 2006 the FTC did a survey on identity theft. The answers of two people added $37 billion to the estimate – hardly representative of "everyone."
Basically, it"s almost impossible to come up with accurate statistics when it comes to "real" crime, let alone cybercrime. The fact that a lot of cybercrime victims don"t even realize that they"ve been hacked doesn"t do much to help the problem.
We can probably all agree that cybercrime is definitely a problem. The question is, how big of a problem? Let us know what you think below.