Cyber remains top of the list for Indian risk managers finds RIMS-Marsh survey
Large-scale cyberattacks remain the top risk for corporations across India, according to a joint study conducted by Marsh, the world’s leading insurance broker and risk adviser, and RIMS, the North America-based international risk management society.
The resulting report, Excellence in Risk Management – State of Risk Management in India in 2019, was published by RIMS and Marsh at the RIMS Risk Forum in Mumbai on 22 November.
According to the report, about 62% of the 179 survey respondents – including c-suite executives and senior risk professionals across 23 industries – identified cyberattacks as the top risk facing their organisations. Extreme weather events (17%), data fraud or theft (10%), and fiscal crises (9%) were highlighted among the other top risks for Indian businesses.
This year’s report also examines the maturity of the risk management function across the country’s leading organisations. RIMS notes that, while firms have been slow to change their cybersecurity strategies and make further investments, an increasing number recognise the importance of implementing a comprehensive risk management framework and the potential for good risk management to be a competitive advantage.
More than 68% of the respondents listed the integration of risk management into strategic planning as the top investment priority when it comes to strengthening the risk management function in 2020. Another 15% ranked upgrading risk management technology as a key investment goal. The bad news is that some 11% of respondents said building risk management capabilities is not a significant investment focus for their organisation.
Cyber came top of the agenda in the survey for the second year running, which should come as no surprise to anyone connected with the Indian economy as it has become a prime target for cybercriminals.
A recent study by IT major Cisco found that India was the most attacked nation in the internet of things space globally during the last quarter, with financial services and transportation sectors seeing the highest number of breaches.
Last September, Cisco reported that India faces the highest number of cybersecurity threats in the Asia-Pacific region, with more than 500,000 alerts daily – nearly triple the number of alerts at global companies.
“India, like other countries, has been susceptible to malicious cyberattacks and there is growing awareness among corporates of the need to ensure they have appropriate cybersecurity controls,” said Sanjay Kedia, country head and CEO, Marsh India.
“Firms need to keep up with the evolution of cyber threats if they are to capitalise on technology-based opportunities. This will require organisations to make additional investment to ensure they have adequate protection. Quantifying cyber risk can help organisations make better-informed capital allocation decisions, enable better performance measurement, and put cyber risk in the same economic terms as other enterprise risks,” he added.
RIMS has invested time, effort and money into expanding its global footprint in recent times and Asia, along with Australia and New Zealand, is the top regional focus. India is one major Asian economy where the RIMS strategy really appears to be bearing fruit. “India’s risk management community continues to demonstrate its strength, as well as its passion for developing advanced capabilities that support growth and innovation. We are proud to work with Marsh on this important report, to gain insight from professionals in the region, and deliver valuable resources that support their future endeavours,” commented RIMS CEO Mary Roth.