There are not enough laws in India to address issues related to cybercrime prevention, detection and investigation, says a KPMG in India’s Cybercrime Survey Report.

The survey noted that 69 per cent of organisations believe that ransomware is a significant risk to them, and in fact, 43 per cent indicated they had experienced ransomware attacks in the past one year.

Additionally, 48 per cent of the organisations surveyed were of the opinion that cybersecurity risk assessment was one of the important pre-requisites that needs to be addressed before outsourcing to any third party.

About 40 per cent of the end-users feel that cross-country jurisdictions act as a hindrance in lodging a complaint with cyber cells, and only 3 per cent of the organisations have reported cyber incidents to a local law enforcement agency.

Commenting on this finding, Sudesh Anand Shetty, Partner – Risk Consulting, KPMG in India, said: “Cyber breaches should no longer be looked upon as isolated incidents linked with IT or IT security. Organisations should consider it as an indicator to a potential cyber fraud and be vigilant online.”

He added: “Security awareness is key and we encourage organisations to report matters as observed to be potentially investigated.”

Security professionals, top law enforcement officers and end-users from all over India were among the 300 participants that took part in the survey.

The study also highlighted measures to deal with the threat, which can be used to shape the cyber risk management stance of organisations.

Some of the measures suggested by the survey were cyber risk assessment and threat management, vulnerability management with advance measures such as red teaming, cyber in supply chain and cyber awareness beyond normal practices.

Related Topics
comment COMMENT NOW