McAfee has joined Intel Capital in San Diego for our parent company’s annual showcase of disruptive startups. McAfee is deeply committed to such companies – organizations working very hard to define what McAfee President Michael DeCesare refers to as the Age of the Possible. Given what’s possible, it’s worth taking time to remember that the Innovation Economy our technology industry so celebrates will only continue to be transformative so long as innovation itself is secure. That’s because even the most disruptive ideas are irrelevant if emerging ventures cannot securely develop and protect both intellectual property and the trade secrets that allow innovations to be brought to market.
There are quite a few “crimes of the century” facing us in cyberspace, but cyber espionage is perhaps the most subtle and most insidious because it threatens the evolution of technology itself. And, yes, you’re missing this because its victims have no incentive to acknowledge it publicly.
The fact is that billions of dollars in intellectual property, critical business intelligence, trade secrets, and personal, corporate, and government wealth are open to attack every day—targeted by legions of hackers sponsored by states, corporations, and organized crime.
Earlier this summer, McAfee and the Center for Strategic and International Studies (CSIS) released the report “The Economic Impact of Cybercrime and Cyber Espionage” estimating that the annual loss to the U.S. economy could total as much as $100 billion. The report gauged the total annual loss to the global economy at between $400 billion and $500 billion. Of the categories cited, CSIS identified the theft of intellectual property and business-confidential information as the most troublesome area.
The bottom line of cyber espionage is the lost value of innovations, in terms of wealth and jobs. Ultimately, we’re talking about a lost future.
At stake is the realization of potentially entire revolutions in biotech, semiconductors, aeronautics, advanced robotics, alternative energy, agriculture, and the many hundreds of niche segments in which years of experience, labor, and creativity are focused on transforming our world for the better.
You aren’t hearing about these “crimes of the century” because there is no economic incentive for companies to come forward and share the attack details and business impact of these cyber-attacks. In fact, there is presently nothing but economic disincentives for acknowledging attacks on corporate assets:
- Customers and partners will be wary of working with organizations that acknowledge their shared intellectual property could be at risk
- Few angel investors and venture capitalists are likely to reward companies that acknowledge their intellectual property is under attack.
- Publicly traded equities could take a hit if a company acknowledges that it has been hit
- Victim organizations could become the target of lawsuits around the loss of partner or customer information
- Companies acknowledging attacks could actually invite more attacks if it’s known that their systems are regular targets
These disincentives discourage the disclosure of information that could provide vital intelligence for law enforcement, intelligence services, and IT security researchers, such as our great people at McAfee Labs.
These disincentives also hide the scale and severity of the problem from citizens in need of information to protect themselves online and to demand proactive action from their governments.
Data on cyber-attack technologies and tactics are critical evidence needed to defeat the perpetrators in the digital realm, and perhaps even apprehend them in the physical realm.
The greater concern is the potentially negative impact of an ongoing inability to control intellectual property. The benefits of theft aren’t simply passed on to other companies – the impact could be that new ideas are thwarted from coming to market. The compromise of only a couple product roadmaps or contracts could maroon the next big idea on the whiteboard. After all, the more disruptive the breakthrough, the greater the danger posed to established organizations with established products and services. Often they have the most to lose from disruption, and it’s in their interest for innovation to not happen.
The legal field has often tried to gauge the impact of weak patent laws upon a society’s drive to create “the new.” But do patent laws matter when you have no control over the intellectual property at the heart of your business?
If competitors have access to your contracts, customer records, financial statements, and product roadmaps, does it really matter how well you can innovate if you can’t bring new products to market and build businesses around them?
I assert that that it would be the monumental “crime of the century” for us to miss the biggest opportunities of the Age of the Possible because cyber espionage went unchecked.
In the coming weeks, I will touch on a number of recent developments in cyber espionage, as well as workable solutions for the addressing the challenges confronting us.
Given that the stakes are our future, we need to work quickly with purpose and vision as consumers, citizens, employees, industries, academic communities, and governments to protect the unique opportunities for progress in the Age of the Possible. It would truly be a crime if our grandchildren looked back at our times with regret that we couldn’t protect the progress we’ve worked so hard, and so long, to build and enable.