From my favorite Swedish Infosec Blog, Crowmoor.se. I don’t speak Swedish, so I couldn’t really read the fine article they linked to.  Do go read their blog post, I’ll wait here.

Back?  Great.  Here are my thoughts on those numbers:

SWEDISH FRAUD STATISTICS RELEASED

The World Bank estimates the population of Sweden to be 9,220,986 - 2008

For Reference, London (2006 figures) was 7.5 million, New York City was 8.275 million in 2007

So the Swedish “market” for fraud was around 60,000 people out of a total population of 9,000,000 suffering an average  of  €1050-1100 each.  This line of thinking draws the inevitable comparison to what VC call The Chinese Soft Drink Argument (If we can just get each person from China to buy one drink, we’ll make a billion!), obviously, but I thought it was interesting to put this into context.

When I saw those numbers, I thought of a couple of other stats I’d like to have at hand:

Break down of types of “attacks” that resulted in fraud (was the attack primarily hacking, was their SE involved, was it phishing, etc.), estimated number of attack attempts, number of arrests, demographics around Internet banking and broadband penetration…

What other information do you think would be helpful to you as a practitioner?

obligatory Swedish Chef reference:

http://www.surveymonkey.com/s.aspx?sm=SjehgbiAl3mR_2b1gauMibQw_3d_3d

There’s something about a registration code, just type in “NEWSCHOOL”.
Please and thank you!

**UPDATE** You may want to check out what Pete Lindstrom has done with that data, in his Blog Post, “Is PCI Working?”