In the wake of the recent ransomware and cyber-attacks, cyber security has re-emerged as a talking point in boardrooms.
Just last week user data of nearly 120 million Reliance Jio subscribers was leaked online. While Reliance Jio denied the data leak, customers expressed concern of cyber-security following the leak. Offices of the WPP group of companies severed connections from their global servers for a whole week following a ransomware attack. Many teams had to pause live projects and resume work only after the systems were secured. The attack that crippled a multinational advertising and marketing agency sent shockwaves through the industry and corporate India as a whole.
The frequency of such threats has led to an increase in awareness about them. “Currently, somewhere between 100 to 150 companies buy cyber insurance in India. As a fraction of the total number of companies, the number of companies buying this policy is very low. The fraction has been increasing over the past few years. Especially over the last year, we have seen a great increase in enquiries because of losses close to home such as the Bangladesh bank heist, the Indian banks card data theft and more,” said Sanjay Datta, Chief – Underwriting & Claims, ICICI Lombard General Insurance Company Limited.
Brands that have been in the financially sensitive space, like BFSI, have always been conscious of cyber-threats and cyber-security. “Other businesses in the advertising and marketing industry were not aware that their businesses could be shut down because of a security breach,” said N Chandramouli, CEO, TRA.
“From good to have, cyber-security has become a must-have now,” said Rupa Roy, Head of Marketing, INDIA & SAARC & Head of Global Marketing Services at McAfee. The threat to brand reputation that accompanies a massive cyber breach makes cyber-security a CMO’s concern too. Given the rapid transition towards creating a secure organisation, “The marketing head should have a say in how the cyber security paradigms are being made in an organisation,” she said.
The attack on WPP generated enough fear for other companies to also shut down for a day or so, to check and secure their systems. “If offices cut off links in anticipation of a cyber-attack, it shows that the client and brand is vulnerable. That potentially intimidates the client. Clients can be unforgiving sometimes and change loyalties because of such incidents,” Chandramouli said.
Datta said, “Any news of a cyber-attack on a company can significantly impact its market reputation and undermine customer confidence.” With the increase in volume of online transactions that India is currently witnessing, a serious cyber threat could give customers a serious jolt. “Any impact on customer confidence can be detrimental to brand value, it will also impact other stakeholders,” he added.
Now that the potential threat has become real, companies are contemplating investing more into cyber-security now, said Chandramouli. “They have realised that cyber-attacks like these can hold companies hostage for more than 2-3 days and cause financial and reputational harm,” he said.