Global organizations spend approximately 15% of their IT budget on Security Solutions. And in-spite of such high investment, 9 out of 10 large global businesses have admitted to having suffered some kind of security breach in 2015 alone. Tens of thousands of British Airways frequent flyer accounts were hacked. Although no personal information was stolen, vulnerabilities were spotted in the online security system. But what happens if you do not have a robust Security solution? Businesses in India invest less than 5% of their budget in IT security and this is a growing concern.
According to PwC Information Survey 2015 the average number of security incidents detected by respondents in India increased by 117 per cent over the previous year whereas, the increase in incidents of cyber security breach globally stood at 39 per cent during the same period. Losses as a result of incidents of cyber security also surged by 135 per cent over the previous year, and the average cost per incident increased by close to 8 per cent, the report said. IBM and Ponemon Institute determine that the average cost incurred by Indian enterprises for a data breach has increased to Rs. 9.73 crore this year as opposed to Rs. 8.85 cr in 2015. Hence, it is evident that there is a growing need for organizations to invest more in IT security, specifically enterprise network security solutions to reduce cyber security risks and protect their business information. If you’re still not convinced, read along:
A KPMG India Survey revealed that 72% of the companies surveyed suffered some form of cyber-attack within 2015 itself.
- Cyber Crime is happening all around you: A KPMG India Survey revealed that 72% of the companies surveyed suffered some form of cyber-attack within 2015 itself. Financial Services, as expected was the worst affected with 72% attacks, with Pharmaceuticals & Chemicals, and Oil & Gas and Utilities closing the list of the top three. Half way across the world, a recent breach on the US Government led to exposing personal information on 191 million registered voters. This is a huge alarm bell for Governments and businesses worldwide. Cyber Crime is only becoming more common.
- Cyber Crime leads to multiple losses: Financial losses are the primary metric that is often used to measure the scale of a security attack. In India, 63% of all respondents indicated that cyber attacks in 2015 led to financial losses. Globally, the average total financial losses due to cyber crime amounted to about US$ 2.5 million. However, it’s important to note that cyber crime does much more damage, with 55% companies suffering theft of intellectual property/sensitive data, 49% suffering reputational damage, and 47% also experienced disruption of business processes. Sony suffered massive attacks on both its PlayStation Network (PSN) and Sony Pictures. The combined losses from the two hacks are estimated at around US$ 24 Billion, where over 77 million users were affected. The Sony Pictures hack was far more damaging because it resulted in the loss of almost all of its digital content, including unreleased movies, and also of social security numbers, salary data and other private data of employees.
- Cyber Crime can lead to Regulatory Non-Compliance & Lawsuits: Companies, especially in the Financial Services, Healthcare and some other sectors have a liability to ensure safety of customer information and sensitive data. A cyber crime attack can lead to them becoming non-compliant. This is a case for 27% of respondents to KPMG’s survey. Loss of customer information can also lead to a number of lawsuits, and settling them can be very expensive. A 2014 attack on Target, a US based retail store, led to the loss of over 70 million records of data, primarily consisting of credit and debit card details. The result was 140+ lawsuits and a total of US$10 Million which the company had to pay for settling.
- Cyber Crime targets your most Mission Critical Systems: 65% of all cyber crimes reported by Indian companies happened on E-Mail Server while a whopping 31% of the attacks were designed to take down the ERP system.
- Cloud is More Vulnerable: With Cloud becoming the technology of choice increasingly, Gartner reveals it is more vulnerable to cyber threats and attacks. Hence, while adopting Cloud based security models, organizations must focus on the security measures.
As per PWC, employees are the top reasons for security threats arising within businesses, with current and past employees leading to a gigantic 60% of all security related incidents, with 22% being caused by consultants and service providers.
- Threats from within: As per PWC, employees are the top reasons for security threats arising within businesses, with current and past employees leading to a gigantic 60% of all IT security related incidents, with 22% being caused by consultants and service providers. While most of these incidents are inadvertent, a good security system can help in preventing such incidents. The Panama Papers saga is an interesting case study here, where an internal source submitted encrypted internal documents from Mossack Fonseca, a Panamian law firm dealing with offshore companies. The attack exposed several high-profile personalities world over and started from within the company!
Cyber crimes are detrimental for organizations and can lead to huge financial losses as well as collateral damage in the form of loss of customer trust, brand image and even customers, besides impacting compliance, and more.
The time is critical to re-examine the security threats and ensure the safeguards are robust to prevent irrecoverable damages to business and profits with comprehensive enterprise network security solutions.