Rs 20,000 crore. It is a staggering figure. According to a CloudSek report, India could face the estimated loss this year because of cybercrime. The fact that cybercrime has been on the rise is not surprising. With the latest tech at disposal, cybercriminals are using AI tools, deepfakes, and ransomware-as-a-service software to breach secure corporate servers. Reports also suggests India could face a whopping 1 trillion cyberattacks by 2033 unless businesses do more manage risk.

As more enterprises and businesses go digital in India, cyber risk also increases. In the tech-focused new world, traditional measures such as firewalls and antiviruses can no longer offer solid solutions to eliminate attacks and threats. Cyber resilience is a key facet of business growth. Firms must work on a sharp cybersecurity strategy to detect and mitigate threats before they escalate into catastrophic breaches. Before moving into the solutions, we need to take a look at the types of cybercrimes that happen and which are the sectors under the most risk.

Countering brand impersonation

Trust is the most important factor connecting customers and brands, and a breach could result in terrible consequences. Cybercriminals look to attack it. Brand impersonation is increasing as cybercriminals attempt to exploit trust to deceive customers, partners, and employees. This could include phishing attacks mimicking corporate emails to fake websites that can steal customer data.

For instance, in 2023, prominent bank customers were the target of an elaborate phishing scam in which fraudulent websites resembling bank portals tricked users into entering account details. There has also been a spike in cases of deepfake fraud, where cybercriminals use AI-generated voices or videos to impersonate executives and conduct fraudulent transactions, as was seen when a finance executive transferred millions of dollars based on a ‘supposed’ video call from their CEO.

The financial hit aside, these incidents can damage a business’s reputation and impact customer trust. Companies must take strong corrective measures to monitor such issues and counter this menace.

What sectors are under threat

According to the India Risk Report 2024, cybersecurity is among the top three risks for Indian enterprises, with cyber threats surging 15% year-on-year, making India one of the most targeted nations globally. Despite this, 60% of businesses remain in the early stages of cybersecurity preparedness, underscoring the need for stronger risk mitigation.

Multiple reports suggest that some sectors face the brunt of cyber-attacks. The BFSI sector is usually a target of these attacks, with cyber criminals learning about and exploiting key vulnerabilities in banking systems, frequently conducting fraudulent transactions and breaking into databases, resulting in breaches that expose millions of customer records. The Cloudsek report estimates the BFSI sector can face losses of up to Rs 8,200 crore due to cybercrime. Major retail and e-commerce platforms, point-of-sale systems, and online payment gateways are also susceptible to attacks, resulting in the leak of customer details and increasing chances of impersonation and fraud, thus impacting consumer confidence.

Government entities can also face attacks from freelancers, hacktivists, and state-backed actors who can mount serious attacks on critical infrastructure projects, leak public databases, and render crucial portals inoperable. These attacks can result in major issues and paralyse the state’s capacity to perform essential functions. To eliminate risk, companies and government entities should work on implementing zero-trust architectures and introduce real-time threat intelligence and continuous security monitoring to win the battle against bad actors.

What does this mean?

There is no doubt that cyber threats are real and must be combated. Firms should build a structured, proactive approach to cybersecurity rather than work on one that reacts to issues that can crop up. It can start with a broader implementation of AI-driven security tools that can discover anomalies, predict the possibility of attacks and offer solutions. Solid real-time monitoring and threat intelligence that helps detect and contain breaches early must follow this. Regular training modules and phishing simulation exercises for employees to create an organization-wide security first mandate will help improve cyber security.

Cyber insurance plans can also help and are emerging as a crucial component of corporate risk management. Like other facets of life, cyber insurance offers a financial safety net, incorporates all the elements mentioned above, and makes sure companies can recover from major cyber security breaches or incidents without facing massive financial liability.

A look at the future

Cyber threats will continue to evolve and threaten to breach even fortified defenses. The way forward is to work on a proactive cybersecurity strategy that combines the best of AI-driven defense mechanisms, real-time monitoring, and solid cyber insurance plans in place. Enterprises must act now to strengthen their cyber resilience. The cost of inaction is high, and those best prepared can emerge successful and thrive.

The author is Gaurav Arora – Chief of Reinsurance, Underwriting & Claims for Property & Casualty at ICICI Lombard.

Disclaimer: The views expressed are solely of the author and ETCISO does not necessarily subscribe to it. ETCISO shall not be responsible for any damage caused to any person/organization directly or indirectly.>