A new Home Office report finds that the number of crimes committed against wholesale and retail business premises has fallen significantly over the last ten years – from around 21.5m in 2002 to seven million in 2012.
However, the report excludes cybercrime and Daniel Beazer, director of strategy at secure cloud hosting company, FireHost, has made the following comments:
Of course if you count out the largest new market for crimes that has appeared in the last twenty years you are going to produce some rosy crime statistics, showing nice 50%+ drops. However, a report on crime which doesn’t include cybercrime is like a sports study which chooses to ignore football.
And even if the survey had featured cyber attacks, it still probably wouldn’t show a true picture. Crime surveys and statistics by definition only cover reported crime, and most go unreported. All the more so with cybercrime.
If a major retail bank’s ecommerce site has been DDoS’d, or its customers details stolen by a SQL injection, generally we don’t hear about it, for obvious commercial reasons. This is one reason why business is lobbying so hard against the EU’s plans for proactive breach notification of personal data.
If having more burglar alarms makes a business feel more secure, bully for them. However, we need to balance this by making it clear that IT security is of greater importance than ever, and to a larger proportion of businesses than at any other time.
It’s not that we should dramatize the cyber threat, nor should we downplay the possibility of attack of course, we just can’t continue to separate physical acts of crime from felonies perpetrated online. It may make for cozy reading to say that the crime rate is down but does that really benefit anyone?
We can’t have cybercrime relegated; the costs of online attacks are just as great and actually far more likely. Unthinking attitudes to cybercrime, as reflected in documents such as these, could have businesses neglecting to take the necessary precautions online. Government reports such as this one should endeavor to make its readers more, not less vigilant and unfortunately this one could have the exact opposite effect.