View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Security industry responds to ‘facile’ Cambridge cybercrime cost report

It's not a case of one or the other, experts tell CBR

By Cbr Rolling Blog

Security experts have criticised a report from Cambridge University that claimed too much money is being spent on antivirus software.

The report said money would be better spent on apprehending cyber criminals, as currently the cost of protection far exceeds the cost of the threat itself.

However, Rik Ferguson of antivirus firm Trend Micro told CBR that while the full report has not yet been released, the conclusion stated so far seems, "a bit facile."

"Yes, governments absolutely need to devote more time and money to catching the criminals behind online activity," he added. "However, not only is attribution in the cyber world complex almost to the point of impossibility at times, but so is successful prosecution. A successful legal campaign against cybercriminals most often involves close co-operation between the law enforcement and judicial communities of several very different countries."

"So while money spent on policing and securing the internet is money well spent, there is no way to guarantee its effectiveness. Criminals will always search for the least punitive or least policed jurisdiction," Ferguson added.

Ferguson added that the suggestion that spending money on antivirus technology is somehow a waste and funds should be focused elsewhere is not good advice.

"Even where policing is traditionally uncomplicated, such as physical theft, we do not advise people to stop fitting locks to their windows and doors or alarms and immobilisers," he told CBR. "In fact the presence of those same security mechanisms serves to lower their insurance premiums precisely because they demonstrate a reduction of risk."

Content from our partners
Rethinking cloud: challenging assumptions, learning lessons
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business

Meanwhile Graham Cluley of Sophos explained to CBR his concerns about the report’s findings.

"It’s not a case of one or the other," he told us. "Everyone agrees that we should defend our computers with security software. And we all want to see the computer cops properly funded to pursue the bad guys too. But it’s a mistake to think that the money comes from the same pot, or that if you invest in one you can’t, or shouldn’t, also invest in the other."

"I’d certainly love to see the authorities given greater funding to hunt down cybercriminals, but at the same time I’m very aware that such investigations are complex and can take many years. I suspect that the vast majority of computer users would like to protect their PCs at the same time," Cluley added.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.