Businesses Facing Cyber Risks

With businesses worldwide becoming more reliant on information technology, increased globalization and greater interconnectedness, new forms of crime and fraud have begun to hit businesses across the world, including India. This article takes a look at the new threats that businesses are facing today that were rarely seen even a few years ago.

According to a “recent survey”: conducted by one of the world’s leading risk consulting companies, Kroll, as many as four out of five companies across the world have suffered from corporate fraud in the past three years.
With new technologies, new investors and expansion into new overseas markets creating new opportunities for fraud, in some sectors, more than a fifth of companies have lost more than $1m to new age crimes such as identity theft, various IT crimes, and false reporting by asset managers.

The risks of fraud for business are greater today than in the past and even the hint of a fraud can sometimes place a company under severe scrutiny or in financial distress. “The latest and the largest data breach in recent history”:,1895,2187289,00.asp was reported by the $17 billion US retail giant TJX when private credit card data from some 46 million customers fell into the hands of cyber thieves. TJX had to spend $6.5 million in lawyer fees to settle law suits filed by customers on this account and reported a “whopping $168 million hit”:,1895,2171101,00.asp on its earnings for 2007 arising from this incident.

Analysts have, however, pointed out that the real material loss to TJX would be hardly significant mainly because of the terms of the settlement and the fact that the US has by now well developed mechanisms to tackle identity theft, something that is absent in India.

Anyway the Kroll survey by the Economist Intelligence Unit of 900 senior executives worldwide reveals:

* Theft of physical assets or stock, which was experienced by 34% of surveyed respondents, is particularly widespread. In addition, a fifth of companies suffered from information theft, self-dealing, financial mismanagement, internal financial fraud, procurement fraud, or corruption and bribery.

* The average cost due to fraud to large companies –with annual revenues of more than $5bn – was more than $20m, with about 1 in 10 losing more than $100m. More than a fifth of all companies in some sectors had lost more than $1m – healthcare, pharmaceuticals and biotechnology; construction, engineering and infrastructure; and financial services.

* Theft, loss of or attack on information are the biggest concerns to companies when asked how they assess their future risk, with 20% of respondents describing themselves as highly vulnerable. More than 30% believe that IT complexity has increased their exposure to fraud.

* High staff turnover is the most frequent cause of increased exposure to fraud, which is cited by 32% of respondents. Close behind are complex IT arrangements (31%), entry into new markets (28%) and increased collaboration between unrelated companies (26%) – all of which are factors that are closely tied with modern business practice. Entry into new markets is of particular concern for larger organizations (38%).

* The extent of corruption and bribery varies widely from one region to another. The proportion of companies that has recently suffered from it in the Middle East and Africa (39%) is by some distance the highest. But more than twice as many Eastern European respondents (29%) have experienced the problem than those from Western Europe, (14%), and more than three times as many from Latin America (29%) as from North America (9%).

As is evident, all the major causes of cyber crime such as high employee turnover, complex IT arrangements etc are all prevalent in many Indian companies which is the reason that managers here have to become specially vigilant about these new and emerging business risks.