The Internet has simplified daily life activities. However, besides its comfortability, the Internet also presents the risk of victimization by several kinds of crimes. The present article addresses the question of which factors influence cyber-dependent crime and how they vary between three kinds of cyber-dependent offences: malware infection, ransomware infection, and misuse of personal data. According to the Routine Activity Approach, it is assumed that crime is determined by a motivated offender, the behavior of the Internet user, and the existence of prevention factors. Our analyses were based on a random sample of 26,665 Internet users in two federal states in Germany, aged 16 years and older; 16.6 percent of the respondents had experienced at least one form of cyber-dependent victimization during the year 2014. The results indicate that individual and household factors, as well as online and prevention behavior, influence the risk of cyber-dependent victimization. Furthermore, the effects differ between the three types of offences. In conclusion, the risk of being victimized by cyber-dependent crime is not the same for anyone, but depends on multivariate factors according to the idea of Routine Activity Approach. However, in view of the fact that crime-related factors also matter, studying different cybercrime offences separately seems to be an appropriate research approach.
PurposeLiterature repeatedly complains about the lack of empirical data on the costs of cyber incidents within organizations. Simultaneously, managers urgently require transparent and reliable data in order to make well-informed and cost-benefit optimized decisions. The purpose of this paper is to (1) provide managers with differentiated empirical data on costs, and (2) derive an activity plan for organizations, the government and academia to improve the information base on the costs of cyber incidents.Design/methodology/approachThe authors analyze the benchmark potential of costs within existing literature and conduct a large-scale interview survey with 5,000 German organizations. These costs are directly assignable to the most severe incident within the last 12 months, further categorized into attack types, cost items, employee classes and industry types. Based on previous literature, expert interviews and the empirical results, the authors draft an activity plan containing further research questions and action items.FindingsThe findings indicate that the majority of organizations suffer little to no costs, whereas only a small proportion suffers high costs. However, organizations are not affected equally since prevalence rates and costs according to attack types, employee classes, and other variables tend to vary. Moreover, the findings indicate that board members and IS/IT-managers show partly different response behaviors.Originality/valueThe authors present differentiated insights into the direct costs of cyber incidents, based on the authors' knowledge, this is the largest empirical survey in continental Europe and one of the first surveys providing in-depth cost information on German organizations.
Zusammenfassung
Dieser Beitrag stellt Ergebnisse selbstberichteter Delinquenz im Bereich Cyberkriminalität im engeren und weiteren Sinne vor, die im Rahmen einer repräsentativen Befragung der niedersächsischen Bevölkerung ab 16 Jahren im Jahr 2020 zum Thema Cyberkriminalität gewonnen werden konnten (N=4.102). Ein Ergebnis ist, dass der Anteil der Personen, die von eigenen Tathandlungen im Bereich Cyberkriminalität im engeren Sinne innerhalb der letzten zwölf Monate berichteten, mit 0,5 % sehr klein ist. Im Bereich Cyberkriminalität im weiteren Sinne gaben immerhin 9,5 % eigene Tathandlungen innerhalb eines Jahres an. Neben der Darstellung weiterer Ergebnisse zu sozioökonomischen Unterschieden zwischen Tätern, Täterinnen und Nicht-Tätern bzw. Nicht-Täterinnen, zur Täter bzw. Täterinnen-Opfer-Überschneidung sowie zur Beziehung zwischen Tätern, Täterinnen und Opfern wird der methodische Zugang in Hinblick auf zukünftige Täter- bzw. Täterinnenforschung diskutiert.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.