72pct of Indian Companies Faced Cyber Attacks in 2015: KPMG Survey


BANGALORE: Cyber incidents have not only risen sharply in 2015, but also lean more towards cybercrimes with financial motives. According to KPMG Cybercrime survey report 2015, 72 percent of Indian companies faced cyberattack in 2015.

In a survey of more than 250 C-suite executives in India, nearly 94 percent respondents indicated that cybercrime is a major threat faced by organisations, but surprisingly only 41 percent indicated that it forms part of the board agenda.

Highlighting the current cybercrime scenario in India, the report showed that 74 percent respondents believe that the BFSI sector is a top target for cybercrime with 63 percent indicating these crimes more often than not amount to gross financial loss.

Moreover, 83 percent respondents indicated that there is usually external involvement in cyberattacks with directors/management being most vulnerable according to 64 percent.

It was also alarming to note that 54 percent indicated that spend on cyber defences is less than 5 percent of IT spend, the report stated.

 “The last few years have seen multifold increase in cybercrimes across regions and sectors. Given the proliferation of connected technologies, organisations today face a significant challenge to be resilient against cyberattacks and incidents. It is also important that the management realises that these are no longer a one-time phenomenon. The nature of cybercrime is constantly evolving, specifically with attackers having a solid arsenal of the ever evolving stealth attack,” said Mritunjay Kapur, Partner and Head, Risk Consulting, KPMG in India.

The report also analyses the impact and complexity of cybercrime in India. As businesses throw their doors open to technology, they also expose themselves to the risk of cybercrime that can have far reaching damages ranging from financial, reputational, operational and in certain scenarios, can also impact the physical safety of employees and assets, with 47 percent citing the risk of disruption of business processes and 49 percent claiming a reputational damage to the organisation.

While surveying the potential vulnerable system targets of cybercrime, 65 percent respondents indicated that email servers are likely targets while 46 percent stated end user systems.

In the case of industries, though financial services and pharmaceuticals are still the favourite target for cyberattacks, the year 2015 has witnessed attacks across industries.

Critical infrastructure is being seen as an attractive target for cyberattacks.

About 65 percent respondents stated that cybercriminals carry out attacks for financial gains while another 46 percent believe corporate espionage to be the motive, the report highlighted.

Cyber risk assessment is not a focus area for several enterprises across functions and people. Their emphasis is only on technology with 74 percent respondents stating that a detailed annual IT and cyber risk assessment is not carried out.

Also Read:

10 Top Indian Institutes Might Shut Doors Following UGC Orders

10 Career Moves to Get a Head Start Before 2016

Source: PTI