Skip to main content

79 per cent organisations identified cybersecurity as one of the top five business risks: KPMG cybercrime survey 2017

69 per cent of organisations are of the opinion that ransomware is a significant risk  to them and 43 per cent of organisations indicated that they have experienced ransomware attacks in the past year, states KPMG in India’s Cybercrime survey report 2017. The survey report reveals several concerns pertaining to the changing regulatory landscape as almost two-third of the law agencies feel that there are not adequate laws to address matters related to cybercrime prevention, detection, and investigation. It highlights that 40 per cent of end users feel, cross country jurisdictions being involved, is a hindrance in lodging a complaint with the cyber cells. Not surprising then that a mere 3 per cent of the organisations have reported cyber incidents to a local law enforcement agency. 

More than 300 participants which includes CIOs, CISOs, CIAs, COOs, security professionals, top law enforcement officers and end users from all over India participated in the survey.

Speaking at the report launch, Akhilesh Tuteja, Partner and Head - Risk Consulting for KPMG in India and Co-Leader - Global Cyber Security, KPMG said, “Cybercrime has moved from corporate espionage and theft of Intellectual Property to use of advanced technology and malicious software, with the intent of holding companies to ransom and the threat of sabotaging brand reputation with data security breaches.”

The survey report shows that with an increased trend of attacks, the top management of organisations are now beginning to understand the need for cyber intelligence, cyber resilience, and measures to decrease the impact from cyber-attacks. This is visible from the fact that 58 per cent organisations have included cyber risk as part of the boardroom agenda, which has moved up from 41 per cent as recorded in the 2015 KPMG in India’s Cybercrime study.  

Commenting on this finding Sudesh Anand Shetty, Partner – Risk Consulting, KPMG in India said, “Cyber breaches should no longer be looked upon as isolated incidents linked with IT or IT security. Organisations should consider it as an indicator to a potential cyber fraud and be vigilant online.  Security awareness is key and we encourage organisations to report matters as observed to be potentially investigated.”

48 per cent of the organisations say that cybersecurity risk assessment is one of the important pre-requisites that needs to be addressed before outsourcing to any third party. Unfortunately, only 30 per cent of the organisations have clearly defined requirements with reference to cybersecurity expectations, incident response and data breach prevention and have educated vendors about the same. 

Organisations are increasingly adopting different measures to combat cybersecurity risks which include development of a thorough cybersecurity framework, risk assessment, cybersecurity awareness trainings, etc. 29 per cent of organisations believe that the cyber incident response teams and cybersecurity specialists in organisations require major skills and talent enhancement making cyber incident response a key element of cyber strategy. Another interesting finding of the report is that only 18 per cent organisations are of the opinion that they are fully prepared to withstand and respond to large scale cyber-attacks, while 69 per cent of organisations are in the process or have formalised cyber response processes and procedures. 

Commenting on this, Atul Gupta, Partner IT Advisory and Leader- Cyber security, KPMG in India said, “Cybersecurity has emerged as one of the key business risks and boards are addressing this proactively. Cyber-attacks are a reality in today's world and there is a need for an organisation to have balance between the protect and response measures, currently the preparedness on response to cyber-attacks need to be enhanced significantly.” 

Cybercrime survey report 2017 champions the need for organisations across sectors to set up robust risk management measures/systems, thereby allowing a smooth and secure pace for the impending digital transformation most of them have embarked on. Some of the measures are: 
1. Identification of crown jewels
2. Cyber risk assessment and threat management
3. Vulnerability management with advance measures such as red teaming
4. Cyber in supply chain
5. Cyber awareness beyond normal practices
6. Cyber analytics
7. Incident response mechanism to include periodic cyber drills and updated talk/run books

Organisations today need to understand that cyber risks are not just IT or security risks but a serious business risk that can completely shut down the business. 


Popular posts from this blog

Cloud Computing powering India’s priority of ‘Digital-first country’

By: Sunil Mahale, India MD and VP, Nutanix
Digital transformation has been recognized as being vital to the growth of our nation. This transformation has enjoyed the unanimous approval and contribution from all stake holders including enterprises, MSMEs, government bodies and citizens. But this level of adoption in a country with a population of over a billion people would need a robust technology base that is capable to collecting and distributing vital data seamlessly.
Digital India envisions creating high speed digital highways, that will impact commerce and create a digital footprint for every individual. Technologies based on mobility, analytics, Internet of things and most importantly, cloud technologies are the building blocks for the digital India missionThere is a growing need to manage huge volumes of data, and making them readily available to public through digital cloud services. Cloud has a pivotal role in enabling this change.
While Data centers have become crucial to th…

RevStart launches its RevItUp Incubation Programme

Underlining its vision of creating a nurturing ecosystem for start-ups to grow in, RevStart, a co-working and incubation centre, has announced the launch of its RevItUp Incubation Programme. The 12-week long programme will be held at RevStart Incubation Centre in Noida from July 1, 2018 onwards. As part of the programme, RevStart will select five high potential start-ups from the ed-tech sector, AI, Consumer Internet, Sustainability, as well as for-profit social impact companies to assist them with developing their business, along with connecting them to global mentors across industries and sectors. In addition, start-ups selected for the programme will receive INR 5 lakh to Rs. 25 lakhs worth of cash and benefits, while RevStart will get an equity stake in the ventures.
The RevItUp Incubation Programme has been created to enhance the founding team’s industry, product, and company building knowledge and capabilities through a world-class curriculum. The programme will focus on tailor…

Insurtech startup Kruzr raises $1.3 Million from Saama Capital and Better Capital

InsurTech startup Kruzr has raised 1.3 Million USD (Rs. 9.5 Cr) for its seed round led by Saama Capital with participation from Better Capital. Kruzr is a preventive motor insurance technology which helps insurance companies personalize policy premiums & improve their risk model by delivering an engaging preventative driving assistant to their customers. Kruzr is founded by Pallav Singh, Ayan, and Jasmeet Singh Sethi.

Kruzr blends the power of voice technology and artificial intelligence in its personal driving assistant that helps drivers minimize mobile distractions, drowsy driving, speeding and external risks like weather and accident-prone zones. In pilots with insurers, Kruzr managed to cut down distracted driving by 80%. Kruzr is working with motor insurance companies in Europe, UK and India to bring its technology to their customers to prevent accidents & improve claims.

“Road accidents cause over 1.3 million deaths globally every year, and motor insurance companies los…