Cyber still tops the business risk charts
The perception of cyber risk as being ‘just an IT thing’ is changing in India thanks a number of regulatory developments and some high-profile breaches.
Yet, despite the rising awareness, companies cannot afford to be complacent when it comes to cyber security.
Speaking to an audience of risk and insurance managers at the Parima event in Mumbai, Unnati Bajpai, regional practice leader, cyber and technology PI, Asia for Allianz Global Corporate & Specialty SE India, stressed the need for cyber due diligence and the importance of cyber hygiene practices in safeguarding organisations against cyber threats.
She also emphasised that anyone can be targeted for cyber exposure. “All sectors, from small-scale enterprises to large conglomerates, are susceptible to cyber-attacks,” she said.
Bajpai cited an example of a funeral home experiencing a cyber-attack, emphasising that cyber risks can impact organisations of any size or industry. She encouraged organisations to consider outsourcing their cyber security needs for enhanced protection.
The awareness of cyber risk has been helped by government initiatives. Earlier this year, the Indian government launched the National Cyber Crime Reporting Portal – an online service that records incidents of cyber fraud. The initiative came on the back of 52,974 recorded cyber crimes in 2021, a 6% increase one the previous year.
In addition to the greater awareness of cyber as a business risk, there is also more awareness of the different options for risk transfer and incident response. “In terms of coverage, there has been a shift in perspective towards enterprise-level security and the importance of considering the entire business ecosystem,” said Bajpai.
Uttara Vaid, the founder of Uttara Vaid Advisory, spoke of the progress made in cyber insurance, including the availability of separate standalone cyber insurance policies.
Prasanna Kumar, head of financial services and professional group, India, Aon stressed the importance of looking beyond individual insurance purchases and considering enterprise-level security.
He emphasised the need for organisations to negotiate better terms, limits, and coverage for cyber insurance. Prasanna also highlighted the convergence of information technology and operational technology as a critical aspect for cybersecurity in the coming years.