And cybersecurity is the subject of a long-running policy debate in Congress, with lawmakers divided over what role the government should play in setting and enforcing security standards for critical infrastructure operators in the private sector.
The CSIS report evaluated malicious cyber activity in a variety of forms, including crime, intellectual property loss, reputational damage and the cost of bolstering network security and recovery after an attack. The authors also considered the opportunity costs associated with downtime and lost trust, as well as the loss of sensitive business information.
Through an analysis of Commerce Department data on exports and job losses, the authors estimated that cyber espionage could rob the economy of as many as 508,000 jobs. Though he described that figure as a "high-end estimate," co-author Lewis suggested that the real impact could be more severe.
"As with other estimates in the report, however, the raw numbers might tell just part of the story," he said. "If a good portion of these jobs were high-end manufacturing jobs that moved overseas because of intellectual property losses, the effects could be more wide ranging."
The authors are planning to produce a second report that will focus on the less tangible impacts of malicious cyber activity, attempting to quantify the impact on the pace of innovation and the flow of trade.
Kenneth Corbin is a Washington, D.C.-based writer who covers government and regulatory issues for CIO.com. Follow Kenneth on Twitter @kecorb. Follow everything from CIO.com on Twitter @CIOonline, Facebook, Google + and LinkedIn.
Read more about government in CIO's Government Drilldown.