According to KPMG’s, Cyber Crime Survey Report 2015, around 72 per cent of the companies in India have faced cyber-attacks in the year 2015. In India a spate of cyber security issues have been witnessed like the Gaana.com or Ola Cabs apps being hacked. Such issues have raised the alarm for the whole enterprise community. And it doesn’t seem to be stopping here. According to a report from McAfee Labs, the number of cyber attacks where malware holds user data hostage is expected to grow in 2016 as hackers target more companies and advanced software is able to compromise more types of data. In many cases the objective would be financial gain or corporate espionage, either ways, resulting in heavy losses for the enterprise.
Today, no single new age enterprise is immune to cyber threats. The humongous amount of information popping out of various social and mobile platforms continues to add to organizations' vulnerabilities, making them attractive targets for complex cyber crimes.
For today’s digital businesses, a lot of value is tied to data and any loss to it can put their whole reputation at stake. Hence more and more companies are finding themselves terrorized by cyber threat agents who are looking for new, sophisticated routes to gain access to confidential business data. Burgess Cooper, Partner, Information & Cyber Security Advisory Services, EY, points out, “Technology is increasing a company’s vulnerability to be attacked through increased online presence, broader use of social media, mass adoption of mobile devices, increased usage of cloud services and the collection/analysis of big data.”
Kaushal Dalal, Managing Director, FireEye India cites an example. “We’ve assisted a number of clients in dealing with digital blackmail schemes. These typically involved attackers threatening to publicly release stolen data unless their ransom demand was met by the victim.”
Despite cyber threat issues growing at an alarming rate, what is surprising is that many companies do not know how to respond in the event of an attack. Surveys indicate that many Indian companies do not have a threat response strategy in place.
Cooper shares some insights on the results of a simulation war game that it conducted where it asked top executives from a slew of companies how they would react to a message from someone saying that their customer database had been hacked and put on the internet. “We had CEOs who said they would call their chief information security officers to check if they had truly been hacked, others said they would call their chief marketing officer, some said they would call their corporate communications officer; and there was the realization that there was no agreement. The point we want to make here is no one really knows what and how to respond in an event of cyber-attack,” he says.
Apparently a lot more focus is now being directed to cyber security initiatives, investments are being pumped in, and the issue is being addressed in boardroom discussions, yet many a times companies ignore the need for a well-thought out cyber threat response strategy. So more than the threat event itself, the inability of enterprises to fight back in case of such an event and to eliminate the chances of a re-occurrence in the future is now becoming a matter of serious concern.
Dalal further emphasizes on the seriousness of the matter and indicates that there is clearly a long way to go when it comes to identifying and combating attacks. “Over the past year we have seen an increasing number of “disruptive” attacks globally, and the situation is much worse in India. Our M-Trends 2016 report reveals attackers were present in a victim’s network before being discovered for a median of 146 days in 2016. While this dropped from 205 in the previous year, attackers can extricate data in less than an hour, so we have a long way to go,” he says.
A wait and watch strategy in dealing with cyber security will spell danger for organizations across sectors and regions, as it is near–certain that a breach will happen and you might only know when it hits you. Moreover, in the event of a cyber attack, many a times the objective will be to bring the business back up and running, while it is also equally important to identify the real cause of the incident, measure the risks, and devise strategies to avert such a situation in the future. That’s where the presence of a cyber threat response plan becomes so crucial. With an incident-response (IR) plan organizations can manage such events effectively and minimize the damage arising out of it in a way that it doesn’t negatively impact the confidence of stakeholders.