Story image

Information & cyber 'insecurity' top risk in India for 2017

08 Nov 2017

Pinkerton’s India Risk Survey 2017 puts information and ‘cyber insecurity’ at the top of the list for risk ratings this year, topping out terrorism risk, business espionage, intellectual property theft and accidents.

The report says that the increasing number of cyber attacks and cyberespionage require stronger investment in the security of cyber infrastructure.

India is undergoing a phase of ‘information and cyber insecurity’ as it moves towards asset digitization and service delivery, the report says.

Information and cyber insecurity is not the top risk across all of India’s sectors, however. E-Commerce, hospitality, media & entertainment, NGOs and retail scored higher for risks such as natural hazards, terrorism and political governance & instability.

The report cites the WannaCry malware as the worst cyber incident this year. Systems across the private and public sectors were attacked.

“While the WannaCry ransomware was attempting to penetrate into the Indian cyber-domain, the country was put on highlight and official sources have declared that India was not as affected as reported. Several corporations, such as the Power Grid Corporation of India Limited (PGCIL), were ready to block the malware by setting up a precautionary firewall,” the report says.

If organisations were to focus more on creating robust security mechanisms, it would foster stronger trust between Indian firms and foreign industries.

It cites McAfee research that puts the global economic cost of cybercrime at more than US$40 billion. This is expected to reach $2.1 trillion by 2019.

“According to the NCRB1, a total of 8,045 cases were registered in 2015 as compared to 7201 cases in 2014 with a rise of 11.7 per cent in cyber related crime (under the IT Act),” the report says.

“NCRB data reveals that a majority of cyber-crimes were registered for greed and financial gain, which accounts for 33.3% (3,855 out of 11,592 cases).”

Although there are high costs associated with cybersecurity enhancement, the implications from weak security will be even higher. Information and cyber insecurity will also remain the top business risk for a number of years.

The report suggests that training sessions can reduce human error; and business and government cooperation can boost security.

Business espionage is also a risk because not only are critical business infrastructures sensitive, but also because it is becoming more covert and harder to detect.

“Therefore, business are advised to ensure recommended firewalls to safeguard from any hacking-activity. Organisational functioning and flow of information must be protected at all cost. More importantly, valuable assets and sensitive data must be secured,” the report says.

Google puts Huawei on the Android naughty list
Google has apparently suspended Huawei’s licence to use the full Android platform, according to media reports.
Using data science to improve threat prevention
With a large amount of good quality data and strong algorithms, companies can develop highly effective protective measures.
General staff don’t get tech jargon - expert says time to ditch it
There's a serious gap between IT pros and general staff, and this expert says it's on the people in IT to bridge it.
ZombieLoad: Another batch of flaws affect Intel chips
“This flaw can be weaponised in highly targeted attacks that would normally require system-wide privileges or a complete subversion of the operating system."
Forget endpoints—it’s time to secure people instead
Security used to be much simpler: employees would log in to their PC at the beginning of the working day and log off at the end. That PC wasn’t going anywhere, as it was way too heavy to lug around.
DimData: Fear finally setting in amongst vulnerable orgs
New data ranking the ‘cybermaturity’ of organisations reveals the most commonly targeted sectors are also the most prepared to deal with the ever-evolving threat landscape.
IXUP goes "post-quantum" with security tech upgrade
The secure analytics company has also partnered with Deloitte as a reseller, and launched a SaaS offering on Microsoft Azure.
ExtraHop’s new partner program for enterprise security
New accreditations and partner portal enable channel partners to fast-track their expertise and build their security businesses.