Published online by Cambridge University Press: 31 January 2019
In this section we present the results of the analyses of the second wave (November 2017 – February 2018). Before entering into detail, we report that the questionnaire was completed primarily by high-level representatives of the participating businesses: 33.9% of the respondents classified themselves as CEO or member of the executive board; 14.4% as Chief Information Security Officer; 14% as managing director; 10.3% as other IT staff and 4.1% as executive director. This suggests that the respondents had a good evidence base to assess both victimization and impact correctly.
The section is structured as follows. First, we discuss the extent to which businesses have been confronted with cybercrime in the 12 months preceding the survey; this includes both the victimization prevalence for each cybercrime type, and the incidence of each type. Next, we focus on the business representatives’ perceptions of the likelihood of their business being attacked in the following 12 months. Third, we estimate the harms to material support, that is, the staff and other costs that the businesses have incurred as a result of cybercrime incidents in the 12 months before the survey, as well as to assess the severity of the financial impact of these incidents. Fourth, we discuss the business representatives’ assessments of the non-material harm that the businesses have experienced as a result of cybercrime in the same time span.
VICTIMIZATION IN THE PAST 12 MONTHS
Half of the businesses in our sample (53.6% or 125 businesses) have been victims of one of the five cybercrime types, at least once in the last 12 months. Specifically, illegal access to IT systems is the most prevalent: 32.7% (or 83 businesses). About a fift h of the respondents reported being victims of data/ system interference (20.2% or 49 businesses), or cyber extortion (18.9% or 47 businesses). Slightly more than a tenth of the respondents indicated that their business had been a victim of internet fraud (12.6% or 30 businesses) or cyber espionage (10.6% or 29 businesses). Figure 3 provides more insight into the incidence of cybercrime in the 12 months before the survey in our sample.
For three of the cybercrime types, there were more repeated victims than single victims: 79.5% of the victims report repeated incidents of illegal access to IT systems, 65.3% of data/system interference, 66.6% internet fraud.
To save this book to your Kindle, first ensure [email protected] is added to your Approved Personal Document E-mail List under your Personal Document Settings on the Manage Your Content and Devices page of your Amazon account. Then enter the ‘name’ part of your Kindle email address below. Find out more about saving to your Kindle.
Note you can select to save to either the @free.kindle.com or @kindle.com variations. ‘@free.kindle.com’ emails are free but can only be saved to your device when it is connected to wi-fi. ‘@kindle.com’ emails can be delivered even when you are not connected to wi-fi, but note that service fees apply.
Find out more about the Kindle Personal Document Service.
To save content items to your account, please confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your account. Find out more about saving content to Dropbox.
To save content items to your account, please confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your account. Find out more about saving content to Google Drive.