Citing a report from the Council of Economic Advisers (CEA), the White House said on Friday that cyberattacks cost the US economy somewhere between $57 billion to $109 billion in 2016.
The estimate includes losses from a wide variety of activities, such as DDoS attacks, data breaches, ransom demands, downed infrastructure, lost work hours, and the theft of proprietary data, intellectual property, and sensitive financial and strategic information.
Studies of past incidents shown that most cyber incidents spilled from the original target to linked firms, such as suppliers and downstream customers, affecting their activities as well, mainly due to the activity delay at the original company.
Lack of proper security measures helped attackers, but not as much as the insufficient sharing of cyberattack-related data between companies.
The CEA report views this data sharing as a crucial factor in today's market, mostly because most companies tend to use the same tools for their underlying infrastructure —tools that often share vulnerabilities.
Sharing cyberattack details would not only help victims fight off attackers but would also accelerate the development of the cyber insurance market, the White House believes.
Nonetheless, the CEA report expects things to get better. The main reason being that companies are noticing the mounting costs of dealing with cyberattacks, so they are now funneling more money into their security budgets.
In 2016, Morgan Stanley estimated that cybersecurity spending will double from $56 billion in 2015 to $128 billion by 2020. As all things eventually tend to improve after you through a mountain of cash at them, the report expects private and public sector entities to have more better data and collaborate more often as part of their industries' Information Sharing and Analysis Centers (ISACs).
"Cyber connectivity is an important driver of productivity, innovation, and growth for the US economy, but it comes at a cost," the report reads. "Effective public and private-sector efforts to combat this malicious activity would contribute to domestic GDP growth. However, the ever-evolving nature and scope of cyber threats suggest that additional and continued efforts are critical, and the cooperation between public and private sectors is key."