Cyber Fraud: Proactive Response NeededKroll's Khurana on Latest Fraud Trends, Challenges in India
One of the highlights of the India chapter of Kroll's recently released Global Fraud Report is that 80 percent of the respondents have been victims of one form of fraud or the other. More interestingly, this year, 51 percent of polled companies globally have identified cyber fraud as a major risk. And India shares in the pie. (See: Report: Cyber Risk, Insider Fraud Major Concerns)
Reshmi Khurana, Managing Director and Head of South Asia at Kroll Advisory Solutions, says Kroll is already seeing many financial companies and other entities that use a lot of data and rely on IT for business to be significantly vulnerable to cyber fraud. However most Indian companies are still taking a reactive stance to this, she says.
"We are increasingly seeing Indian clients come to us with problems such as these. But I think the practices are still very much reactive in nature. It needs to become more proactive," Khurana says. "They need to evaluate what their areas of cyber vulnerability are, what assets are threatened by cyber risk, and what they would do if there was an incident. The incident response readiness is very important and is currently lacking in India."
In India, one can clearly put companies into two or three categories when it comes to cyber risk. There are those that clearly see this as a strategic risk and are taking proactive steps, she says. This universe is still small. The broader companies in India still see this as an IT issue and need to start linking this to business operations and other risks.
"Cyber fraud and risk are still considered technology issues, until and unless an incident occurs," she says. "That's when it comes to the fore that that technology aspect actually links to various other parts of the business."
Kroll also does pre-investment due diligence consulting for organizations, and Khurana expects to see cyber and technology aspects to gain increasing prominence in these exercises. Due diligence traditionally focuses on the numbers, quality of management, business practices and so forth, she says. But high technology adoption means that technology is changing so fast that companies need to work harder to stay on top of it and institute mechanisms to ensure it does not make them vulnerable to fraud.
"I believe as companies become increasingly reliant on information technology, it will become important for investors to assess the quality of that technology; and also then, how vulnerable that technology is to fraud," she says. (Also read: India's Growing Breach Potential)
In this exclusive interview with Information Security Media Group, Khurana shares insight and analysis from Kroll's Annual Global Fraud Report for 2015-16. She also outlines the landscape for fraud, sharing analysis on the cyber aspects and the market's approach to these issues, including:
- The state of cyber fraud response in India;
- The increasing dependence on technology and the changing the face of fraud risk;
- GRC and the use of technology to fight fraud in India.
Khurana is now the Managing Director and Head of Operations in South Asia for Kroll Advisory Solutions. She has more than 13 years of experience in the US, South Asia and South East Asia conducting complex corruption investigations, litigation support and due diligence on the management, operations and business models of organizations. Her clients include asset management companies, corporations in the mining, oil & gas, consumer packaged goods and pharmaceutical industries and law firms. Prior to joining Kroll, she was a consultant with McKinsey & Company in India.