www.pwc.

com/id

Global Economic Crime Survey

2016
Survey Findings on Cyber Crime

Size, scale and depth of the survey

PwC

Febrary 2016
2

Economic crime an obstinate threat

Affecting both developed & emerging markets

Percentage of responding organisations that

experienced economic crime

36%
PwC

Febrary 2016
3

Need for controls to be embedded in culture

Threats come from both within and outside organisations

1 in 5 organisations have not carried out a

fraud risk assessment in the past 24 months

22%
PwC

Febrary 2016
4

Top three most commonly reported types of economic crime 2016

Age-old
crimes lead,
but one
pervasive
enemy jumps
ahead
PwC

While asset misappropriation, bribery and corruption, procurement

fraud and accounting fraud the traditional leaders in this category all
showed a slight decrease this year over 2014s statistics, one crime has
been on a steady increase everywhere since it first appeared in our survey
back in 2011-

Cybercrime has now

jumped to 2nd place.
Febrary 2016
5

Cyber threats climb

Call for preparation and greater leadership involvement

Cybercrime is the 2nd most

reported economic crime

PwC

32%

February 2016
6

Cybercrime is a boundless threat

PwC

February 2016
7

Perception of the risk of cybercrime

Ready or not?
Over half of our survey
respondents (53%, up 10%
over 2014) see an increased
risk of cyber threats, perhaps due
to intensifying media coverage.
But

Our survey suggests that

companies are nonetheless
inadequately prepared to face
current cyber threats.

PwC

February 2016
8

The impact
Reputational Damage

Legal, investment &/or enforcement costs

Service disruptions

13%

7%

10%

17%

31%

23%

18%

36%

35%

3%

28%

30%

6%

38%

3%
High
Medium

Theft of loss of personal identity information

11%

16%

27%

36%

9%

Low
None
Don't know

Regulatory risks

8%

Actual financial loss

9%

17%

Intellectual property theft (incl. theft of data)

9%

15%

19%

30%

38%

37%

22%

6%

30%

45%

6%

8%

Among survey respondents, reputational damage was considered the most damaging impact of a cyber breach
followed closely by legal, investment and/or enforcement costs.
The insidious nature of this threat is such that of the 56% who say they are not victims, many have likely been
compromised without knowing it.
A concerning trend we have observed is that of hackers managing to remain on organisations networks for extended
periods of time without being detected.
PwC

February 2016
9

The two kinds of cybercrime and what they mean for you

PwC

Cyber fraud

Transfer-of-wealth/IP attacks

Monetisable cybercrime, such as

identity and payment card theft,
are the events that tend to grab
the headlines, with millions of
dollars of losses and as many
victims. Despite their high profile,
they rarely pose an existential
threat to companies.

The more critical economic crime

facing organisations is that of
international cyber espionage the theft of critical IP such as
trade secrets, product
information, negotiating strategies
and the like.

Cyber professionals call such

breaches extinction-level
events, and for good reason:

The damage could extend to the

While the long-term damage, both to the entitybillions
and the economy,
is potentially
far higher
of dollars,
and include
for transfer-of-wealth attacks, the regulatory pain and media scrutiny arising from the
destruction of a line of business, a
theft of credit cards or personally identifiable information can be vast.
company or even a larger
economic ecosystem. Not only are

February 2016
10

Cyber threat vectors: the five categories

PwC

February 2016
11

Boards are not paying enough attention

Frequency of
requests for
information
by boards
regarding
organisations'
ability to deal
with cyber
incidents

PwC

February 2016
12

Cyber Incidence Readiness

Percentage of
respondents with
fully operational
Incident Response
Plans

37%
PwC

31%
dont have a plan

&

14% of these dont

think they need one
February 2016
13

First Responder Teams

PwC

February 2016
14

www.pwc.com/id
Michael Hurle

Chairil Tarunajaya

Technical Advisor

Partner

michael.hurle@id.pwc.com

chairil.tarunajaya@id.pwc.com

Handikin Setiawan

Elizabeth Goodbody

Director

Technical Advisor

handikin.setiawan@id.pwc.com

elizabeth.x.goodbody@id.pwc.com

Jeffry Kusnadi

Pandu Aryanto

Senior Manager

Director

jeffry.kusnadi@id.pwc.com

pandu.aryanto@id.pwc.com

This content is for general information purposes only, and should not be used as a substitute for consultation with professional advisors.
PwC Indonesia is comprised of KAP Tanudiredja, Wibisana, Rintis & Rekan, PT PricewaterhouseCoopers Indonesia Advisory, PT Prima Wahana Caraka and PT PricewaterhouseCoopers Consulting
Indonesia each of which is a separate legal entity and all of which together constitute the Indonesian member firm of the PwC global network, which is collectively referred to as PwC Indonesia.
2016 PwC. All rights reserved. PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity. Please see http://www.pwc.com/structure for further details.