Researchers have published a report [PDF file] suggesting that the UK government spends too much on precautions like anti-virus software and not enough on actively fighting cybercrime.

"The researchers found that cybercriminals make on average a few tens of pounds from every citizen per year, but the indirect costs to those citizens, either in protective measures such as antivirus or in cleaning up infected PCs, is at least ten times as much," The Engineer reports.

"Each year, the country spends US$1 billion on fighting threats, with $170 million going on anti-virus software," writes TechEye's Matthew Finnegan. "This contrasts with $15 million spent on law enforcement. The 'straightforward conclusion' that the researchers draw from this is to 'spend less on defence and more on policing.'"

"The study, which was started after a request from the Ministry of Defence, also said that the amount of money the UK was losing as a result of cybercrime was being exaggerated," writes The Register's Brid-Aine Parnell.

"Advances in information technology are moving many social and economic interactions, such as fraud or forgery, from the physical worlds to cyberspace," lead author Ross Anderson, Professor of Security Engineering at the University of Cambridge’s Computer Laboratory, said in a statement. "As countries scramble to invest in security to minimise cyber-risks, governments want to know how large that investment should be and where the money should be spent."