Wednesday 30 September 12:00 - 12:30, Red room
Stephen Cobb (ESET)
download slides (PDF)
Cybercrime certainly feels like a major threat to network security. Criminals routinely use networks to steal data, defraud companies and consumers, and disrupt normal business operation in both public and private sectors. But just how big a threat is cybercrime? For a problem long characterized as both huge and existential by politicians and industry pundits, cybercrime has largely gone unmeasured, if 'measure' is taken to mean 'ascertain the size of the problem using sound scientific methodology'.
This presentation reviews the cybercrime literature, both commercial and academic, for answers as to why we lack reliable, consistent, longitudinal data on the size and scope of the cybercrime problem. The following issues are addressed:
The paper concludes with suggestions as to how the current dearth of reliable data may be remedied and a call to action to educate the industry on the appropriate use of available data.
Stephen Cobb has been researching computer security and data privacy for 25 years and has advised government agencies and some of the world's largest companies on information assurance strategy, with a focus on new and emerging threats. The author of several books and hundreds of articles on digital security and privacy, Cobb first spoke at Virus Bulletin in 1994 and has been a Certified Information System Security Processional since 1996. He currently leads a San Diego based research team for security solutions provider ESET and is a graduate research student in the Criminology Department of the University of Leicester in England.