Archive for August, 2014

Law Firm Marketing Intangible Asset Services

August 20th, 2014. Published under Intangible asset strategy, Law Firms. No Comments.

Michael D. Moberly   August 20, 2014   ‘A long form blog where attention span really matters’!

Intent…

The globally irreversible economic shift away from tangible (physical) asset business dominance to intangible (non-physical) asset business dominance has paved the way for law firms to offer differentiating, relevant, and client specific services related to the management, stewardship, and oversight of their intangible assets. To believe otherwise would certainly constitute an irreparable misreading of the global economic and competitive advantage tea leaves.

This post provides compelling and viable rationales why boutique intellectual property and full service law firms will find it prudent, lucrative, and produce strategically durable competitive advantages and differentiators by delivering intangible asset specific services in business clients.

Why law firms should take note…

One reason emanates from Stone v Ritter (911 A.2d 362 (Del. 2006) which would obligate company leadership, akin to a fiduciary responsibility, to achieve sufficient operational familiarity with their intangible assets to provide consistent and effective asset stewardship, oversight, and management. More specifically, keep boards and significant stakeholders apprised of the status of key, revenue producing intangible assets.

Through my lens, Stone v. Ritter legitimizes opportunities for law firms, so inclined and inspired, to acquire the relevant skill sets to enable articulation and delivery of a variety of intangible asset services to today’s more enlightened and receptive business clients regardless of sector, size, or location. The skill sets will accrue as firm differentiators and competitive advantages to help mitigate stagnating revenues.

Comprehensive intangible asset services…

Collectively, the global universality of intangibles’ and business client’s increasing recognition they are valuable contributors – underliers to company profitability and sustainability, constitutes valid rationales and positioning for motivated law firms to respectfully engage both existing and prospective clients with proposals for intangible asset services. The addition of these services produce realistic potential for a law firm to become the initial and exclusive provider of a range of long-lasting intangible asset related legal services because intangible assets are always in play, and thus relevant components to every business client’s operations, initiatives, and/or transactions they routinely engage.

In a global business environment in which 80+% of most company’s value, sources of revenue, and ‘building blocks’ for growth, profitability, and sustainability evolve directly from intangible assets, it’s no particular secret that conventional financial statements and balance sheets, wherein intangibles largely go unreported, under-valued, and otherwise, unaccounted for, do not provide a complete picture of a company’s soundness, its value, or its strategic and competitive advantage health and potential.

80+%…

It’s an undisputed and irreversible economic fact today that 80+% of most company’s value, sources of revenue, and ‘building blocks’ for growth, profitability, and sustainability today either lie in or directly evolve from 15+ distinct categories of intangible assets ranging from intellectual, structural, and relationship capital, to reputation, brand, R&D, contracts, and hybrid (proprietary) technologies, etc.

Also emanating from this economic fact is the reality that business clients will, with increasing frequency, become fiduciarily obligated to seek legal advisory services variously related to the stewardship, oversight, management, commercialization, and safeguarding of the array of nuanced and company centric intangible assets they produce internally or acquire externally.

Original horizonal thinking and planning…

Law firm strategic planning is no longer a managerial luxury rather it has become a necessity for assuring firm sustainability, profitability, and brand. Collectively, the new realities associated with intangible asset business dominance, warrant levels of thinking and planning that permit horizontal sighted law firms and attorneys the latitude to secure the necessary skill sets to accommodate the expanding range of legal service opportunities emanating from the permanent role of intangible assets in today’s increasingly complex and globally intertwined business incubation, development, growth, and transaction environments.

Intangible asset intensive companies growing globally…

There is no other time in business governance – management history when steadily rising percentages of company value, sources of revenue, and growth potential originate, almost exclusively, from intangible assets.

The contributory value which unique and frequently company/operation centric (proprietary) intangible assets make to company’s value, revenue, competitiveness, brand, and market position, etc., are all too often, under-appreciated, undervalued, un-protected and ultimately their value becomes diluted or melds into open sources to be used by competitors..

Intangible assets are no longer mere tools to manage tangible (physical) assets. Instead, intangibles’ are frequently stand alone commodities that can be developed, positioned, and utilized to produce revenue, enhance competitive advantages, and add value to a company.

But, intellectual property and other forms of (proprietary) intangible assets, particularly intellectual, structural, and relationship capital, can advance a company economically and competitively, only so long as their control, use, ownership, value, and materiality are monitored and sustained.

However, the time frame when company’s can realize the most value from their intangible assets lies in their respective contributory value and functionality (life) cycles both of which are being compressed today, due in no small part to (a.) lower barriers to market, supply, and distribution chain entry by competitors, and (b.) rapid profits accruing to globally predatorial product/service piracy and counterfeiting operations that consistently pollute and de-value legitimate asset supply chains.

Forward looking prudence…

Staying out front of law firms’ go fast, go hard, go global business clientele is best achieved by developing and articulating proprietary and client specific intangible asset services that will accommodate the inevitable and irreversible needs and demands of current and future clients.

Adding intangible asset services to law firms’ repertoire will be disruptive…

For some attorneys and firms, delivering services specific to intangible assets will be misinterpreted as operationally disruptive to time honored conventions for delivering client services and therefore, dismissed. Respectfully, I do not believe such machinations are or should be relevant in the increasingly aggressive, predatorial, and winner-take-all professional services sector which we are in the midst.

Admittedly, not every firm’s business clients have achieved full operational familiarity with their intangible assets to articulate, with specificity, what legal services they need now and will need in the future. Through my lens, that’s a strong rationale why law firms should be tactically and strategically prepared now as the need and demand for such services rises, which it is sure to do.

Law firm re-boot, tactical and strategic speed…

Again, through my lens, what’s being proposed here is not exclusively an if or when, proposition. Rather it represents a rationale why law firms should consider re-booting themselves to inexpensively and rapidly acquire the capacity to achieve a level of professional comfort and expertise to engage clients’ about identifying, unraveling, distinguishing, exploiting, safeguarding, and monitoring the value, materiality, and risk to their intangible assets.

More specifically, while many law firms’ tactical speed, i.e., the efficiencies related to delivering client services, etc., remain important, continuing to be dismissive about firm’s strategic speed, i.e., developing proactive client services that directly reflect globally universal changes in economics is critical to firms’ sustainability. In other words, law firm strategic planning should be designed and executed so as to ‘avoid continuing to skate where the puck was, rather skate to where the puck is now and will be in the future’!

My counsel…

My counsel to law firms is to engage in strategic planning that includes a strong and collaborative vision that encompasses a firms’:

  • organizational structure in terms of how its various practice areas and expertise can be collaboratively aligned to better address business clients’ intangible asset (service) needs, and
  • become more accommodating to the inevitable and collective (global) universalities which the dominance of intangible assets produce.

In other words, attorneys’ and their respective practice areas are now obliged to consider how they may achieve a collaboratively lucrative solution insofar as providing intangible asset services. In other words, help structure the firms’ future to meet its future!

As always, reader comments are most welcome.

CSIS – McAfee Partner on Cyber – Economic Espionage Impact

August 17th, 2014. Published under 'Safeguarding Intangible Assets', Economic Espionage. No Comments.

Michael D. Moberly    August 17, 2014   ‘A long form blog where attention span really matters’!

A collaborative partnership… In 2013, CSIS (Center for Security and Internal Studies) and McAfee partnered to examine cyber – economic espionage impact in a manner more inclusive than what I have previously observed over the past 25+ years. Spoiler alert; Dr. James Lewis, Senior Fellow and Director of CSIS’ Center for Technology and Public Policy Program offered his best guess that ‘the upper limit (of the costs-losses attributed to cyber – economic espionage) might be somewhere under one percent of the GDP’ (gross domestic product). Lewis also states, and I paraphrase, ‘U.S. economic costs-losses to cybercrime and economic espionage attributed specifically to – originating in China, may reach as much as $140 billion annually’.

$140 billion annually, 508,000 jobs…

While I have no basis to dispute those figure, or question Dr. Lewis’ experienced and respected record of achievements in the cyber crime – economic espionage arena, I do suggest there may be some predictable factors insofar as arriving at the $140 billion annual loss figure especially. One of which lies in determining which assets and/or impacts to include and the methodology for determining their near term and long term value in terms of costs and losses companies will experience with respect to market space, competitive advantages, sustainability, etc. Routinely, asset loss – impact valuations attributed to cyber-economic espionage, irrespective of their accuracy or objectivity, produce dollar values characterized in broad ranges on the plus – minus side. Lewis claims, and I agree, describing value loss – impact estimates with such broad range estimates is reflective of multiple difficulties, among them being, as readers know, numerous companies may…

  • be reluctant to reveal or inclined to conceal their losses,
  • not know precisely which/what assets were targeted, stolen, comprised, or misappropriated.

Intellectual property (and other forms of intangible assets) are challenging to value with consistency and objectivity. So, when values are calculated and assigned to stolen, misappropriated, and/or otherwise compromised intangible assets, i.e., intellectual and structural capital particularly, those figures, in my judgment, may be somewhat subjective and/or embedded with a particular bias or even agenda that in turn may influence high or low valuations.

For example, it’s relatively common to see open source media and their ‘talking heads’ to merely regurgitate extraordinarily high dollar volume losses (impacts) to the U.S. economy, attributed to cyber – economic espionage, ranging between $100 and $500+ billion annually.

But, Lewis wisely, yet provocatively, casts such wide ranging estimates of losses attributed to cyber – economic espionage in other contexts, starting with World Bank reports which state global GDP stood at about $70 trillion for the year 2011.  Thus, a $400 billion loss representing the high end range of probable losses caused by cyber crime and cyber espionage is a fraction of a percent of that global GDP figure. This, Lewis says, prompts additional questions, something which I have examined for many years, e.g. can the recipients and/or ultimate beneficiary of the targeted-acquired intangible assets expect to maximize their benefit and use? A second question focuses on the damage to victim companies relative to the cumulative effect of cybercrime and cyber espionage, i.e., market space position, sector competitive advantages, reputation risk, etc.

Guesstimates…

Having thoroughly studied many, what I respectfully refer to as ‘guesstimated’ economic espionage and stolen/infringed intellectual property (IP) reports over the course of 20+ years, I genuinely believe Dr. Lewis’ findings to be as flawless, encompassing, and accurate as can be reasonably expected in the multi-faceted and ambiguous arena from which to acquire reliable and replicable data points. For example, quite interestingly, the CSIS – McAfee report translates these asset loss estimates as representing perhaps as many as 508,000 U.S. jobs.

Conventional surveys to assess – assign dollar value to losses…

Some IP and intangible asset theft – loss estimates rely on surveys, which Lewis quite correctly points out, generally provide imprecise values, unless the survey itself has been carefully constructed and managed. Too, a common challenge, insofar achieving credence to cyber-security-espionage survey findings, Dr. Lewis also points out, is that (survey) respondents are inclined to “self-select”.  When this occurs, it introduces a potential source of distortion to the results.  So, being mindful of these and other data collection challenges to this already sensitive topic for companies, Lewis suggests loss estimates be based on assumptions about scale and effect. Changing those assumptions, Lewis argues, will likely deliver quite different results in terms of loss values.

CSIS – McAfee Assessment model…

As a demonstration of Lewis’ intent to be as objective and encompassing as possible insofar as valuing losses attributed cyber and economic espionage, CSIS secured the expertise of prominent economists, intellectual property experts, security researchers, and even incorporated, what could appear at first blush irrelevant analogies to bring clarity to the figures they were reporting, e.g., comparative statistics for car crashes, product piracy, pilferage, crime stats, and drug usage which collectively were integrated, for comparison purposes, to serve as frameworks to draw upon in devising their assessment (valuation) model. By incorporating these analogies in the design of their assessment model, Dr. Lewis, CSIS, and McAfee were essentially suggesting, should my interpretation be correct, it’s problematic to rely exclusively on conventional methodologies, particularly time honored surveys, to identify dollar values to losses attributed to cyber-economic because…

  1. companies that (publicly) reveal losses attributed to cyber – economic espionage are frequently unable to distinguish, with the necessary precision, the actual (proprietary, IP, intangible) assets which were stolen, compromised, or infringed.
  2. intellectual property – intangible asset losses are admittedly difficult to quantify with consensus, and when they are, the assessment – valuation is likely to reflect subjective guesstimates absent factoring numerous dependant variables which are invariably in play.
  3. the self-selection process associated with most conventional (time honored) survey methodologies, frequently produce some distortion to the findings.

CSIS model includes six classifications of cyber – economic espionage…

Insofar as actually commencing this much needed project, CSIS classified malicious cyber – economic espionage activities into six areas, i.e., wherein there…

  1. was a loss of intellectual property occurred.
  2. was an actual crime committed, i.e., a violation of federal law.
  3. was a loss of sensitive – proprietary business information.
  4. were opportunity costs involved, including business and/or service disruptions that adversely effected consumer/customer expectations and trust particularly those related to the victim company’s online activities.
  5. would be additional costs incurred by the victim company relative to securing their IT networks and incorporate greater resilience measures to provide quicker and fuller recovery when future attacks occur.
  6. damages manifested – materialized as reputational risks to the victim company.

Each of the above should be examined through a lens of reverence in that there is little question the inclusion of these and other factors, collectively help victim companies arrive at a more comprehensive and current appreciation for the losses, costs, and overall impacts caused by acts of cyber – economic espionage.

The worlds’ second oldest profession…

Economic (industrial) espionage is often euphemistically referred to as the world’s second oldest profession behind, of course, to prostitution. Readers do recognize that an, as yet unknown percentage of malicious cyber activity, evolves as economic espionage and is an obvious by-product of the continually evolving IT and Internet arenas. But still, as both cyber – economic espionage are irreversibly embedded in global cultures and business, there remain a percentage of policymakers, company c-suites, and management teams who find it a challenging phenomenon ‘to get their arms and heads around’ insofar as articulating, with strategic clarity, precisely why cyber security and economic espionage prevention/mitigation initiatives are so essential. The answers to these increasingly critical concerns, either of which, when they materialize, can produce substantial, if not utterly debilitating adverse effects to a company’s value, sources of revenue, profitability, growth potential, and overall sustainability. lie in well grounded research to aid c-suites and boards in framing their near term and strategic decisions, actions, and responses. CSIS – McAfee identified components of malicious cyber activity… In the CSIS – McAfee report, Lewis quite appropriately asks what should be counted insofar as arriving at better loss estimates attributed to cybercrime and cyber (economic) espionage. Interestingly, in an effort to address this question, Lewis categorizes malicious cyber activity into the following components, i.e., the…

  1. loss of intangible assets, i.e., intellectual property and sensitive business confidential/- proprietary information.
  2. opportunity costs linked to…
    1. service and employment disruptions, and
    2. reduced trust in online services and activities.
    3. additional costs
    4. securing company and supply chain networks
    5. insurance.
    6. resilience to – recovering from cyber attacks, i.e., developing/executing business continuity and resilience procedures.
    7. reputational risk materialization and damages.

What’s the harm…? If Dr. Lewis is correct in assuming, through the analogies he describes in the Report, some of which appear tantamount to inferring there are “tolerated costs” within in the realm of cyber crime and cyber espionage which manifest as a ‘ceiling’ of sorts, for estimating losses.  This suggests that, at most, cybercrime and cyber espionage costs less than 1% of GDP.  For the U.S. then, in the context of its GDP, Lewis’ best guess is that losses (caused by cyber crime and cyber espionage) may reach $100 million annually. To provide context for this estimate, Lewis points out that annual expenditures on research and development in the US are $400 billion annually, and $100 million in stolen/misappropriated intellectual properties he offers, does not translate to dollar for dollar gain to the recipients and/or ultimate beneficiaries, i.e., the economic, competitive advantage adversaries! As always, reader comments are most welcome!

Cyber Crime and Economic Espionage Assessing Costs and Economic Impacts…

August 11th, 2014. Published under Economic Espionage, Intangible asset protection, Intangible Asset Value. No Comments.

Michael D. Moberly    August 11, 2014    ‘A long form blog where attention span really matters.’

Objective calculation of losses and costs.

Calculating and assigning a dollar value to losses and costs associated with cyber crimes, particularly those which culminate in economic espionage, may appear at first blush to be relatively straightforward tasks. However, when intellectual properties and other categories of intangible assets are targeted and acquired by economic and competitive advantage adversaries, the legitimate holder of those assets is obliged to objectively assess their value?

Similarly, if a cyber attack temporarily brings down a company’s IT network, the targeted company is obliged to objectively calculate losses to productivity, sales, and essential communications as well as costs to return their system to operational normalcy with the necessart security upgrades.  Obviously, there is much more to calculating and assigning a dollar values to such costs/losses than engaging in more guesstimates.

No surprises.

For regular readers, it should come as no surprise that there are significant differences of opinion globally about calculating the costs and losses attributed to malicious cyber activity and economic espionage directed to companies’ R&D, university-corporate research consortiums, etc. As conveyed in previous posts at this blog, dollar value losses cited in numerous respected surveys and studies range from a mere few billion dollars to hundreds of billion dollars annually. To be sure, assigning specific price tags to companies’ cyber – economic espionage losses is challenging, but too, the processes are often embedded with subjective assessments that do not reflect a comprehensive accounting of the peripheral and contributory value of each of the other intangible assets underlying a patent for example. So, it may not be especially prudent to assume the findings of the various surveys and studies have been reached using objective data or calculations that are free from the influence of larger political, social, and national security agendas. This may be a reason why we are witnessing such a broad range of loss estimates regarding cyber – economic espionage.

Is economic-cyber the greatest transfer of wealth in history or merely a rounding error?

While I am not the originator of the above question, there are numerous responsible parties that do characterize losses attributed to cybercrime and economic espionage in this fashion, i.e., as constituting either the greatest transfer of wealth in human history, or merely as rounding errors in a $14 trillion dollar economy?

The former of course represents a perspective intended to elevate the significance and adverse impact of cybercrime-economic espionage, while the latter represents an opposite perspective which is to diminish the ‘sticker shock’ if you will, of the adverse impact by characterizing it in the context of what is to most as incomprehensible dollar amounts or collective national GDP’s.

Having said that, both perspectives, through my lens, warrant inclusion in the broader conversation.

Numerous reports…

Since the passage of the Economic Espionage Act (EEA) in October, 1996, there has been no shortage of surveys and studies launched whose focus has largely been to dramatize the costs, losses, along with an array of adverse (economic, competitive advantage) impacts attributed to acts of cybercrime and economic espionage and adversely effecting either or both the private sector or national security/defense.

Having read and studied most, if not each of these reports over the past 25+ years, I interpret the findings and supporting documentation to be somewhat competitive in the sense that each report strives to be conceptually broader and offer broader ranges of losses and impacts and in more dramatic fashion.

Too, many reports, particularly those published in recent years, are collaborative, in that a known and usually global player (i.e., accounting, consulting, or IT firm) has partnered with a prestigous university (academic unit) or ‘think tank’ assuming this will elevate the reports’ credence and validity in the eyes of its previously targeted audience. In addition, more such reports include examples and/or mini-case studies describing the impact to victimized companies and/or organizations, whom, for multiple reasons have elected to ‘go public’, perhaps at the behest of federal (EEA) prosecutors and thus agree to seek prosecution of the perpetrators, whomever or whatever they may be.

Expectations of receiving damage – loss restitution…

Any victim company’s expectations of receiving damage or restitution payments is slim and therefore are largely symbolic when that is the finding of a court. That’s because a large percentage of those engaged in and prosecuted for EEA-related violations have international origins, which, while within the EEA’s scope may also find it useful to bring such action before the World Trade Organization (WTO).

Factors in play that influence companies to go public…

Readers recognize of course, there are numerous factors in play that comprise a company’s decision to ‘go public’. Going public, represents among other things, a companies’ admission of being victimized followed by a guesstimated admission of the extent – value of the losses being attributed to the acts, which, initially are  often framed in passionate and angry guesstimates of how the acts and losses will impact the victims’ company and even who the culprit(s) may be and how the adverse act was actually committed.

Victim anger and passion aside, we know it is challenging to determine, let alone isolate and accurately assess such losses very rapidly. That’s because, in many instances, the losses are not limited solely to lost or undermined intellectual capital, i.e., trade secrets, proprietary information, and IP. Instead, the full extent of a targeted companies’ losses are frequently more strategic in the form of relationship capital and thus may not be fully realized for several months out.

Reputation risk factor…

Another factor in play with respect to the counsel and ultimate decision to ‘go public’ with a companies’ victimization is the very real possibility that having the matter come under public and regulatory scrutiny, there is, unfortunately, a probability the victim company, will experience the materialization of reputation risk manifesting at some level. I refer to materialization of reputation risk with the phrase  ‘at some level’, because such company specific reputation risks can manifest in different ways for different sets of consumers, stakeholders, and investors, etc.

Yes, a company’s reputation is an intangible asset of the first order. A company’s reputation is embedded with – comprised of many other contributing intangible assets which collectively produce significant value. In other words, reputation represents expectations, and therefore serves as the rationale in which consumers distinguish, seek, and likely purchase one product or service over another because it consistently meets or exceeds our expectations.

Calculating losses attributed to economic espionage require objectively framed equations…

For many years there has been a general inclination to accept, perhaps naively, the guesstimated findings of after-the-fact prognosticative research regarding losses – impacts attributed to cyber – economic espionage valuations. My counsel is that any formula, conventional intangible asset valuation methodology, and/or equation used to calculate the loss and/or compromise of valuable intellectual properties (intangible assets) caused by cyber-economic espionage should…

  • differentiate the assets which have been targeted, lost, and/or compromised by category, i.e., intellectual, structural, and relationship capital to ensure the findings
  • bring quantitative – qualitative distinctions and clarity to a fuller range of related acts/events which can materialize following an act of cyber-economic espionage, e.g., produce adverse stock market reactions if the targeted company is publicly traded, reputation risks, productivity losses, business disruptions, loss of consumer trust, expectations, and goodwill, as well as the costs required to re-establish IT and supply chain security, etc.

As always reader comments are welcome!

Economic – Cyber Espionage Impact

August 8th, 2014. Published under 'Safeguarding Intangible Assets', Economic Espionage. No Comments.

Michael D. Moberly     August 8, 2014    ‘A long form blog where attention span really matters’!

Dr. James Lewis, Director and Senior Fellow, Technology and Public Policy Program at the Center for Strategic and International Studies (CSIS) very appropriately states, among countless other relevant and practical jewels of wisdom in his July, 2013 report titled, ‘The Economic Impact of Cyber Crime and Cyber Espionage’ that there is ‘a wide range of estimates of annual losses, from a few billion dollars to hundreds of billions’.  That statement itself, is not particularly noteworthy, but the distinctive ways Dr. Lewis reframes the statement by identifying various alternative lens in which the impact of economic and cyber espionage can be viewed through comparisons and analogies is very worthy.

This obvious broad range reflects several difficulties, claims Lewis, i.e., because companies may…

  • be inclined to conceal their losses,
  • not be aware of what assets have actually been stolen, comprised, or misappropriated.

Granted, intellectual property (and other forms of intangible assets) difficult to objectively value, and when a value is assigned, in my judgment, it’s often subjective and/or embedded with particular agendas that produce especially high or low ($) valuations.

Some IP and intangible asset estimates rely on the work and findings of other surveys, which Lewis quite correctly points out, generally provide imprecise values, unless the survey itself has been carefully constructed and managed.

Too, a common challenge, insofar achieving credence to cyber-security survey findings, Dr. Lewis point out, is that (survey) respondents are inclined to “self-select”.  When this occurs, it introduces a potential source of distortion in the results.  So, being mindful of these and other data collection challenges to this already sensitive topic for companies, i.e., in economic and cyber espionage, matters, it is not uncommon, Lewis suggests, for loss estimates to be based on assumptions about scale and effect. Changing those assumptions, Lewis argues, will likely deliver quite different results in terms of loss values.

Components of malicious cyber activity…

In the report, Lewis starts by asking what should be counted insofar as arriving at better loss estimates caused by cybercrime and cyber espionage. Interestingly, Lewis categorizes malicious cyber activity into five components, i.e., the…

  1. loss of intangible assets, i.e., intellectual property and business confidential/proprietary information.
  2. loss of sensitive business information, including possible stock market manipulation •
  3. opportunity costs linked to…

a. service and employment disruptions, and

b. reduced trust in online services and activities.

4. additional costs

a. necessary to secure company and supply chain networks

b. for insurance.

c. to recover from cyber attacks, i.e., developing/executing business continuity and resilience procedures.

5. reputational risk materialization and damage to victimized companies.

Putting these components together, Lewis claims, and I agree, the cost of cybercrime and cyber espionage to the global economy can broadly be characterized in the hundreds of billions of dollars annually.

But, Lewis wisely and provocatively, casts those wide ranging estimates in other contexts, starting with World Bank reports which state global GDP stood at about $70 trillion for the year 2011.  Thus, a $400 billion loss representing the high end range of probable losses caused by cyber crime and cyber espionage is a fraction of a percent of that global GDP figure.

This, Lewis says, prompts additional questions, e.g. can the recipients and/or ultimate beneficiary of the acquired intangible assets  expect maximum benefit/use?,  and a second question focuses on the damage to victim companies relative to the cumulative effect of cybercrime and cyber espionage, i.e., market space position, sector competitive advantages, reputation risk, etc.

What’s the harm…?

If Dr. Lewis is correct in assuming, through the analogies he describes in the CSIS Report, some of which appear tantamount to inferring there are “tolerated costs” within in the realm of cyber crime and cyber espionage which manifest as a “ceiling” for estimates of losses.  This suggests that, at most, cybercrime and cyber espionage costs less than 1% of GDP.  For the U.S. then, in the context of its GDP, Lewis’ best guess is that losses (caused by cyber crime and cyber espionage) may reach $100 million annually to the U.S.

To provide context for this estimate, Lewis points out that annual expenditures on research and development in the US are $400 billion annually, and $100 million in stolen/misappropriated intellectual properties he offers, does not translate to dollar for dollar gains to the recipients and/or ultimate beneficiaries, i.e., the economic, competitive advantage adversaries.

As always, readers comments are welcome.