Cybersecurity, Digital ID & Online Fraud OVERVIEW
Cybersecurity software giant McAfee estimated the global cost of cybercrime to the economy (on a broad basis, including system downtime, reduced efficiency and brand/reputation damage, plus money invested by enterprises and individuals to deter such crimes) at $1+ trillion for 2020, up more than 50% from 2018. Analysts at Gartner estimated the global market for information security and risk management at $133 billion for 2022 and $150 billion for 2021, posting 12.4% growth during this period. One mid-2021 estimate by the U.S. Department of Commerce was that 500,000 unfilled cybersecurity jobs existed in the U.S. alone.
Plunkett Research estimates spending on cybersecurity throughout the U.S. economy at $60+ billion for 2022, on a broad basis, including U.S. Government spending on cybersecurity during fiscal 2022, at $22+ billion. (In addition to U.S. federal initiatives focused specifically on cybersecurity, there are 18 separate federal organizations involved in intelligence—virtually all of which have an interest in cybersecurity, including the FBI and several units within the Defense Department.)
As large as they may be, these numbers fail to emphasize the need by national, state and local governments to improve cybersecurity, especially in the United States, where myriad hacks of files containing sensitive information on U.S. government workers, defense systems, classified scientific and defense research files and other systems show how vulnerable the U.S. is to bad actors based overseas. (Cybercriminals exist everywhere, including in North America and the EU, but the most difficult to deter are thought by some analysts to be in Asia--particularly Africa, North Korea, China, Iran and Russia.)
Major cyberattacks have included the theft of 21 million records of employees (who had high levels of security clearance) from the U.S. Office of Personnel Management—attributed by some security analysts to hackers in China; criminal access to important U.S. nuclear laboratories, government offices and networks of top corporations—attributed by some analysts to hackers located in Russia; an alleged 2019 hack of more than 1 billion pieces of consumer data from the servers of Alibaba; an alleged 2021 hack of data on 700 million users of business-social media site LinkedIn; many instances of major hacks of credit card holders’ data files; and the infamous hack of roughly 143 million files containing vital personal data on U.S. consumers held by credit bureau Equifax.
Likewise, the immense losses to fraud by COVID-related support and aid programs in the U.S., such as PPP loans and unemployment benefits (these COVID-era frauds may have totaled as much as $300 billion—no one really knows), highlight the need for much greater attention to security for government systems.
The U.S. Government does operate a Cyber and Infrastructure Security Agency (CISA), and its budget has been growing. Also, the government is beginning to focus on advanced techniques, including multi-factor authentication for government account and network logins, “zero trust” policies to govern networks, systems and devices, as well as the need to develop responses to the likely capabilities of advanced quantum computers in the future. However, governments tend to move slowly, and it remains to be seen what policies and investments will actually take place over the long term.
Industry Overview Video