A survey conducted by consultancy firm KPMG recently shows that the number of incidents of e-fraud and of online security breaches is the highest in India. Of the 1,250 medium and large companies surveyed worldwide, respondents from India reported the highest rate of e-commerce security breaches at 23 per cent, followed by 14 per cent respondents from Germany and the UK.
As many as 83 per cent of the respondents stated that legal action was not taken when a breach occurred. The reasons cited for this were inadequate legal remedies available, prevalence of out-of-the-court settlement, failure to quantify loss sustained as a result of breach, no possibility of recovery and lack of evidence in most cases.
The survey also indicated that where a security breach occurred, it was approximately three times more likely to be caused by external intruders than internal intruders. The damage caused, or attempted by the reported security breaches were primarily by planting virus on the system, system crashes, website defacement or alteration and system resource being redirected or misappropriated.
More From This Section
In fact, 50 per cent of companies identified hackers and poor implementation of security policies as the greatest threats to their e-commerce systems. A large 79 per cent stated that the highest probability of a breach occurring to their e-commerce system would be perpetrated through the Internet or other external access.
As many as 72 per cent of respondents from India rated the threat of a security breach over their internal systems as high. Most respondents consider the risk of a breach occurring as a result of human error to be moderate.
Further, 83 per cent believed that their e-commerce system was more of a target for fraud than non e-commerce systems. The most commonly rated reason was the greater market exposure associated with e-commerce.
On the extent of damage wrought by e-fraud, 72 per cent of the firms surveyed reported that their greatest area of concern was the risk of any damage that could be detrimental to their company's reputation.
According to KPMG, a company's desire to protect reputation was primarily responsible for many frauds going unreported. Many companies preferred to deal with the discovery of fraud as an internal matter. The threat of damage to the other components of their e-commerce systems was rated low to moderate.