72 per cent of Indian companies faced cyber attack in 2015: Report

The growing incidents of cybercrime have underlined the importance of having a dedicated team to tackle such incidents. The number of cyber incidents rose sharply in 2015, highlighting that more cybercrimes were done with financial motives.

A survey carried out by KPMG- Cybercrime Survey Report 2015- analysed the preparedness of organisations in India to deal with cybercrime and incidents by unearthing its modus operandi and its extent.

Over 250 respondents from the likes of CIOs, CISOs, CAEs, CROs, COOs and related professionals from across India participated in the survey.

As per the report, 94 per cent respondents indicated that cybercrime is a major threat faced by organisations, but surprisingly only 41 per cent indicated that it forms part of the board agenda.

“It is critical for the citizens, both corporates and individuals, to be aware of cyber risks and not fall prey to the vishing/phishing scams. We are undertaking a drive to educate and create awareness among citizens with reference to cyberthreats,” said Ahmad Javed, Commissioner of Mumbai Police.

Highlighting the current cybercrime scenario in India, the report shows that 74 per cent respondents believe that the BFSI sector is a top target for cybercrime with 63 per cent indicating these crimes more often than not amount to gross financial loss.

It was also alarming to note that 54 per cent indicated that spend on cyber defences is less than 5 per cent of IT spend.

“It is also important that the management realises that these are no longer a one-time phenomenon. The nature of cybercrime is constantly evolving, specifically with attackers having a solid arsenal of the ever evolving stealth attack,” said Mritunjay Kapur, Partner and Head, Risk Consulting, KPMG in India.

“Cybercriminals have understood the potential of an illicit financial gain and have begun executing highly sophisticated technology-driven frauds. These cyberfrauds, by nature, are complex and difficult to detect. Organisations need to strengthen their cyber incident response process. Cyber forensics therefore is becoming a critical component of fraud investigations,” said Mohit Bahl, Partner and Head Forensics, KPMG in India

The report also analyses the impact and complexity of cybercrime in India. As businesses throw their doors open to technology, they also expose themselves to cybercrime risks.

While surveying the potential vulnerable system targets of cybercrime, 65 per cent respondents indicated that email servers are likely targets while 46 per cent stated end user systems.

According to Atul Gupta, Partner at KPMG in India, “People and vendors are one of the many critical yet one of the weakest links in the cyber defence chain. Cyber investigations of large cybercrimes reveal that social engineering has predominantly been one of the preferred methods to extract critical information.”

Cyber risk assessment is not a focus area for several enterprises across functions and people. Their emphasis is only on technology with 74 per cent respondents stating that a detailed annual IT and cyber risk assessment is not carried out.


(Image: Thinkstock)