Monday May 27, 2019
Home Science & Technology Indian compan...

Indian companies more prone to cyber attacks

0
//

New Delhi: Threat of cybercrime looms large in India as nearly 72 per cent Indian companies facing cyber attacks in 2015 with financial gain or corporate espionage the main motives, professional services firm KPMG said on Monday.

To get a pulse of cyber crime in India and unearth its extent and modus operandi, KPMG, for its ‘The Cybercrime Survey Report 2015’, surveyed 250 top business executives in the capacities of CIO, CISO, CAE, CRO and COO and found 94 percent respondents indicating cybercrime to be a major threat.

“The last few years have seen a multi-fold increase in cyber crimes across regions and sectors. Given the proliferation of connected technologies, organisations today face a significant challenge to be resilient against cyber attacks and incidents,” said KPMG’s head, risk consulting, Mritunjay Kapur in a statement.

However, according to the survey, only 41 percent of the respondents said cyber crime figured in their organisation’s board agenda and the spend on cyber defence mechanism is less than five percent of the IT spend in Indian firms.

“Cyber risk assessment is not a focus area for several enterprises across functions and people. Their emphasis is only on technology with 74 per cent respondents stating that a detailed annual IT and cyber risk assessment is not carried out,” it said.

Banking Financial Services and Insurance (BFSI) sector is the top target for cyber crime in India as highlighted by 74 percent of the respondents followed by pharmaceutical industry while 63 percent respondents indicated that cyber crimes more often than not amount to gross financial loss.

Nearly 83 percent of the respondents believed in external involvement in cyber attacks while 64 percent respondents said directors and management are the most vulnerable targets.

Kapur also noted that the nature of cybercrime is “constantly evolving, specifically with attackers having a solid arsenal of the ever evolving stealth attack”.

KPMG India’s head, forensics, Mohit Bahl said, “Organisations need to strengthen their cyber incident response process along with building strong prevention and detection systems. Cyber forensics, therefore, is becoming a critical component of fraud investigations.”

Analysing the impact and complexity of cybercrime in India, the report said, “As businesses throw their doors open to technology, they also expose themselves to the risk of cybercrime that can have far-reaching damages ranging from financial, reputational, operational and in certain scenarios, can also impact the physical safety of employees and assets.”

According to 65 percent of the respondents, potentially vulnerable system targets include email servers while 46 percent respondents indicated end user systems.

“People and vendors are one of the many critical yet one of the weakest links in the cyber defence chain. Cyber investigations of large cybercrimes reveal that social engineering has predominantly been one of the preferred methods to extract critical information,” said KPMG India partner Atul Gupta.

(IANS)

(Picture credit:www.digitalmunition.me)

Next Story

IoT in Healthcare at Serious Cyber Attack Risk, Say Experts

To ensure security, medical device designers (particularly those with IoT components) should have a 360 degree view of the various parts of the network, said Fishman

0
Misuse of antibiotic drugs have lead to the threat of antimicrobial resistance, Pixabay

While the healthcare industry is rapidly adopting new-age technologies such as the Internet of Things (IoT) and Artificial Intelligence (AI) to improve access and outcomes especially in the rural areas, companies must ensure that the technology acts with responsibility and transparency, say experts.

In recent years, India has seen IoT adoption in education, governance and financial services. The technology has also enabled doctors see and interact with patients in remote telemedicine centres – with the case history and medical data automatically transmitted to the doctor for analysis.

“India has an acute shortage of doctors which impacts both the quality and reach of healthcare services in rural and urban centres,” John Samuel, Managing Director (health and public service) at Accenture, told IANS.

“A digital platform powered by advanced digital technologies can enable continuous remote patient monitoring and reporting, allowing hospitals to extend care to more people, and reduce the burden on healthcare infrastructure,” Samuel added.

According to the “IoT India Congress 2018”, the Indian IoT market is expected to grow from $1.3 billion in 2016 to $9 billion by 2020 across sectors such as telecom, health, vehicles and homes, among others.

It is emerging as the next big thing to become a $300 billion global industry by 2020 and India is all set to capture at least 20 per cent market share in the next five years, says a Nasscom report.

However, lack of basic security awareness among staff as well as state-of-the-art cybersecurity solutions has made the healthcare industry a favourite target for hackers.

A 2016 report from cybersecurity firm SecurityScorecard found that healthcare is the fifth highest in ransomware counts among all industries, and more than 77 per cent of the entire healthcare industry has been infected with malware since August 2015.

FILE – The U.S. campaign for the smart use of antibiotics parallels similar efforts in Europe and Canada.

Among them was the notorious WannaCry ransomware attack in 2016 which affected over 300,000 machines across 150,000 countries, including the UK’s National Health Service (NHS).

“Despite suffering from ransomware attacks, organisations remain unprepared for the next round of large-scale attacks,” Yariv Fishman, Head of Product Management (Cloud Security and IoT) at Check Point Software Technologies, told IANS in an email interaction.

Fishman pointed out that it is not mandatory for medical device manufacturers to include cybersecurity capabilities as part of their offerings.

Once integrated into a hospital, medical devices are fully utilised to meet patient care requirements.

Also Read- Israeli Officials Deny Hackers’ Voter Registry Breach Claim

As a result, even if a software patch that may prevent a potential cyber-attack is available, it usually takes lot of time for implementation.

Other reasons include old or unpatched operating systems and flat networks in which, guests, patients, doctors and connected medical devices, all share the same network.

To ensure security, medical device designers (particularly those with IoT components) should have a 360 degree view of the various parts of the network, said Fishman.

“They also need to segment parts of the network in order to contain malware attacks and mitigate the potential risk of one part of the network attacking other parts and integrate threat prevention solutions,” he noted. (IANS)