A report recently surfaced placing the global impact of cybercrime at a staggering $450B. Naturally, it pressed on the tender wound and supplied further evidence that we are woefully unprepared, globally, to tackle such a complex challenge.
In 2016 "cybercrime cost the global economy over $450 billion, over 2 billion personal records were stolen and in the U.S. alone over 100 million Americans had their medical records stolen," said Steve Langan, chief executive at Hiscox Insurance, told CNBC. "This is an epidemic of cybercrime, and yet 53 percent of businesses in the U.S., U.K. and Germany were just ill-prepared."
It stokes an emotional response that we simply are not doing enough. It fits the trend of negative news and reinforces the notion that we must do more.
But what if we’re looking at the numbers the wrong way?
Absolute numbers make an impressive point
Stating an absolute number of $450B is designed to suggest a seriousness of the situation. It is a number so large we can’t really fathom it. What we know is that it’s big. And a number this big connected to cybercrime can only mean that we have a problem.
What if we used a percentage instead of an absolute number?
I read the headline and the blurb above. Then I asked how large the global economy is. Specifically, I asked Google. Roughly 20 seconds later, I found the answer in wikipedia:
"In 2014, according to the CIA's World Factbook, the GWP totalled approximately US$107.5 trillion in terms of purchasing power parity (PPP), and around US$78.28 trillion in nominal terms."
There are more questions about how the data for these numbers is sources, compiled, and validated. Good questions for another time. For now, set those aside.
Focus on what happens when we consider the reported impact of cybercrime in the context of the global economy. Turns out that $450 billion of $78 trillion is only 0.0057 or 0.57%.
It’s roughly half a percent.
By way of comparison, retailers celebrate when global shrinkage (a fancy way to describe theft) is held to 1.38%.
How do you feel now about 0.57%?
Keep the numbers small for greater impact
Everyone knows we only get 24 hours in a day. Without looking it up, do you know how many minutes that is? How many seconds are in a day?
While we know there are 60 minutes in an hour and 60 seconds in a minute, we don’t generally consider our days more than by the hour. Specific meetings or events, perhaps. Overall, we tend to use the scale that makes it easier to manage mentally.
How does 0.57% translate, then, in terms of time in our day?
The percentage is small, but what does it mean?
There are 24 hours in a day, which is 1440 minutes, and 86,400 seconds. Losing 0.57% of the day works out to 0.1368 hours, 8.208 minutes, or 492.48 seconds. Even here, the scale is a bit awkward. We tend to think in terms of hours, seconds, and minutes.
But let’s put this into perspective. If we lose 492.48 seconds over the course of the day, that works out to 20.52 seconds each hour. It took me that long to figure out the value of the global economy.
Once you size it that way, how big a deal is it?
Shift your perspective and keep up the good work
The article presented the global impact of cybercrime as a problem demanding immediate attention. It played into a common bias that other people don’t understand and aren’t doing enough. Armed with a staggering number and dire-sounding predictions, it causes alarm intended to create action.
By shifting our perspective, we find that the problem is less than half a percent of our global economy. While an attack on any individual business is potentially devastating, this is hardly a problem demanding urgent action.
In the case of cybercrime, it means we’re doing good. The hours you and your team invest are paying off. Collectively, we’re making a difference. And that’s a reason to take a moment and celebrate.