Cybercrime is one of those things that everyone who's on the Internet for any length of time worries about at least a little bit. Is this site secure? Will my login data and passwords go flying around for anyone who wants access? Is the data in this cloud safe from outside intrusion? These are the questions that give some Internet users pause, and not without good reason. A new report offers some stark tidings for those who really are concerned about such things: the bad guys, so to speak, are outgunning the good guys on most every front.

The report, titled “2014 U.S. State of Cybercrime Survey”, was a cooperative effort between PricewaterhouseCoopers, CSO magazine, the United States Secret Service and Carnegie Mellon University's Software Engineering Institute's CERT team. It covered information from 500 different corporate executives and government agencies, including law enforcement, and the end result came out to be somewhat disturbing. Fully three out of four respondents had had some kind of security breach just in the last year, and the average number of incidents per organization was a whopping 135.

While that number is staggering enough, it only gets worse: over a quarter—28 percent—of respondents said the attacks came from within the businesses itself by either contractors, both former and current employees, or even service providers. Fully 14 percent, meanwhile, said that the monetary losses felt due to cybercrime had actually increased just in the past year. These numbers combined likely help illustrate why the United States Director of National Intelligence recently declared cybercrime a top security threat, according to reports, a measure that actually bumped cybercrime ahead of several other threats that might come more readily to mind. Cybercrime is now a greater threat than espionage, weapons of mass destruction, and even terrorism.

Of course, it does help that the concept of “cybercrime” is so broad. Indeed, the top five methods for cybercrime attacks involve malware, phishing, network interruption, spyware, and denial-of-services attacks. That's a huge swath of possibilities, and also helps to explain one of the report's positive notes -- that more and more public and private organizations are working together in a bid to stop cybercrime.

Though it's possible that that broad definition may be contributing to a false sense of insecurity, so to speak, Pund-IT principal analyst Charles King offered up a bit of explanation. He points out that, when things like trying to access certain documents on a network, or trying to get on a certain part of the company's Intranet without approval can count as “cybercrime,” the numbers can spiral seemingly out of control. Indeed, it's important to note that not all cybercrimes are created equal. We'd never consider an epidemic of jaywalking to be a serious problem, though it's a crime in many places. But by like token, given how much of our lives are online—our work, our play, our memories and so on with the various systems that are out there—protecting the Internet as a whole from harm takes on a new importance.

So indeed, we need to take on cybercrime, and we need to do it zealously. We need safe places to live and work and play online, just as we do in the real world. But we must be careful to not become so zealous that we make it difficult, or even impossible, to live and work and play online. That would remove the whole point of the Internet in the first place, just as it would in real life.