updated 05:37 pm EDT, Mon August 19, 2013
Real threat called the wide spread breaches across Fortune 500 firms
The global chief technology officer of security company McAfee is questioning his own company's estimate on worldwide cybercrime pegged in 2009 at more than $1 trillion annually. He has even said that lower, more recent estimates put out by the company are also "hard for me to swallow." Calling both figures "flawed," the executive believes that quantifying the figure is distracting from the omnipresent real issue: security breaches in companies large and small.
In an interview with the Australian Financial Review, the executive claimed that "people take that half-a-trillion number, and say 'that's what it's worth.' What they forget is organisations are spending a very large amount of money to defer attacks today -- so there's an additive number that has to go on top of that. It would be like saying car crashes kill three people a year in this particular city, so how much should we invest in stop lights," said the executive. "I wish we had never put a dollar figure on it, its very scary to just latch onto the number."
"It's very difficult to put a dollar figure on it," Fey said. "When you meet an engineer that has spent a good chunk of his life working on some innovation and it's stolen overnight, you get a good feeling for what IP loss means. It is the shift in a moment's instance from an innovative company set strategically, to loss. It becomes difficult for that company to invest in innovation."
"We have way too many companies that think they're not interesting to attackers, way too many companies that think they haven't been breached. If you're a Fortune 10,000 company, you've been breached" concluded the CTO.