What Cybercrime Stats Have In Common With Sexual Braggadocio

An anonymous reader writes "Microsoft researchers have rubbished figures from cybercrime surveys, deeming them subject to the types of distortions that have long bedeviled sex surveys. All it takes is a few self-styled Don Juans to hopelessly distort the sex-survey figures. Similarly, cybercrime surveys tend to get dominated by a minority of responses, normally those who have or think they have lost a great deal as a result of hacking or malware attack, and are vocal about it. 'Cybercrime surveys are so compromised and biased that no faith whatever can be placed in their findings,' the researchers write."

Re:outliers?

[Ruke]

Firstly: No. Outliers are part of a data set, and it's dishonest to simply dismiss data that does not fit with your expectations.

Secondly: The over-reporters aren't outliers. There is systematic error in asking people to self-report loss due to security breaches. People either fail to respond to polls due to internal security procedures, or they tend towards overestimating their own loss. It's not simply that there's one guy out there saying he lost $5 billion due to hackers; it's that people who respond to the poll tend to overestimate their real losses by some unknown percentage.