Malware is the most common type of cyber-attack, with 73% firms considering it a menace followed by phishing (43%).
New Delhi: As many as 79 per cent of Indian companies consider cyber security one of their top 5 business risks, a survey said Friday.
The ‘Cybercrime Survey Report 2017’ by consulting firm KPMG says 58 per cent of the organisations included cyber risk in their boardroom agenda in 2016.
Malware is the most common type of cyber attack, with 73 per cent of the firms considering it a menace followed by phishing (43 per cent), says the report.
Besides, one in two organisations experienced attacks from ransomware — a malware that threatens to publish the victim’s data or block access to it unless a ransom is paid — in the past year.
The KPMG report also highlights that cybercrime is highly underreported with only 3 per cent of the organisations having reported a cyber-incident to the local law enforcement agency.
Also, 73 per cent of the law enforcement authorities surveyed said ATM card theft was the most commonly reported cybercrime.
On the positive side, there is an overall increase of 50 per cent in the number of cybercrimes reported in 2016 compared to the year before.
Awareness on how to report a cybercrime seems to be another key concern, says the report.
Over a quarter of those surveyed felt that the information on the regulations and requirements of reporting a cybercrime were not easily known to everyone. Forty per cent of end-users felt that lack of clarity over jurisdiction is a stumbling block in lodging a complaint with the cyber police.
The organisations are also underprepared to tackle cyber-attacks. One out of two organisations believes it is not adequately prepared to handle ransomware attacks as a major threat.
Adopting a new piece of technology often opens the door to cyber security risks, the report points out.
The report says 80 per cent of the organisations are using at least one of four emerging technologies such as cloud, mobility, social media, and digital enablement. But three-quarters of the organisations have cybersecurity budgets less than a tenth of the budgets set aside for dealing with risks coming out of the technology adoption.
The report comes from a survey of nearly 300 law enforcement officers, top executives, security professionals and end-users from various industry sectors.