Cyber incidents have not only risen sharply in 2015, but also lean more towards cybercrimes with financial motives, finds out a survey carried out by KPMG
Professional services firm, KPMG India says 94% of the respondents in its Cybercrime Survey indicated that cybercrime is a major threat faced by organisations. While about 72% of Indian companies faced cyberattacks in 2015, only 41% of the respondents indicated that it (cybercrimes and prevention) forms part of the company board agenda, it said.
Highlighting the current cybercrime scenario in India, the report shows that 74% respondents believe that the BFSI sector is a top target for cybercrime with 63% indicating these crimes more often than not amount to gross financial loss. Moreover, 83% respondents of the over 250 C-suite executives that participated in the survey indicated that there is usually external involvement in cyberattacks with directors or management being most vulnerable according to 64%. It was also alarming to note that 54% indicated that spend on cyber defences is less than 5% of IT spend.
Mohit Bahl, Partner and Head Forensics, KPMG in India, says, "Cybercriminals have understood the potential of an illicit financial gain and have begun executing highly sophisticated technology-driven frauds. These cyberfrauds, by nature, are complex and difficult to detect. Organisations need to strengthen their cyber incident response process along with building strong prevention and detection systems. Cyber forensics therefore is becoming a critical component of fraud investigations."
The report also analyses the impact and complexity of cybercrime in India. As businesses throw their doors open to technology, they also expose themselves to the risk of cybercrime that can have far reaching damages ranging from financial, reputational, operational and in certain scenarios, can also impact the physical safety of employees and assets, with 47% citing the risk of disruption of business processes and 49% claiming a reputational damage to the organisation. While surveying the potential vulnerable system targets of cybercrime, 65% respondents indicated that email servers are likely targets while 46% stated end user systems. In the case of industries, though financial services and pharmaceuticals are still the favourite target for cyberattacks, the year 2015 has witnessed attacks across industries. Critical infrastructure is being seen as an attractive target for cyberattacks.