THREE FOURTH INDIAN BUSINESSES HIT BY CYBER ATTACKS
Today, cyber risk is a top agenda item at the board level. With the cyber risk landscape id changing fast and attacks becoming more frequent, severe and systemic, the primary concern facing organisations is that security breaches to technology and physical infrastructure could lead to data loss, financial losses, regulatory sanctions, reputational damage and operational threats. The domestic cyber insurance market is slowly gaining traction, with India bracketed alongside the US and China as among the world’s most cyber attack-prone countries.
Although the cyber insurance market is still miniscule, Indian corporates have started to show interest in such products and have realised the prospective threats emanating from cyber hacking. Cyber security continues to be a major issue in India with 76% organizations hit by online attacks in the last year, as compared to 68% incidents across the globe, reveals a new global survey from security firm Sophos. The survey, ‘7 Uncomfortable Truths of Endpoint Security’, reveals that IT managers are more likely to catch cyber criminals on their organization’s servers and networks than anywhere else. In fact, IT managers discovered 39% of their most significant cyber attacks on their organization’s servers, and 35% on its networks.
Only about 8% were discovered on endpoints and about 19%, which is almost double the global average, were found on mobile devices. In other key findings, 97% IT managers admitted that security expertise is one of the greatest issues in India, and while 92% Indian IT managers wish they had a stronger team in place to properly detect, investigate and respond to security incidents, 89% believe cyber security recruitment is a challenge.
Given India’s fast-growing affinity towards technology and its services, it is important that the country’s businesses take more active steps towards cyber security.
As we accelerate towards becoming a trillion-dollar digital economy, building the right framework for cyber resilience and security is critical for the country. The government on its part has taken a number of initiatives in this direction; however, the involvement of each citizen and all organizations to make it a collective and coordinated movement is must for the success of the cyber secure eco system. India currently ranks 15th in a list of the world’s least secure countries with respect to cyber security. The global survey ‘7 Uncomfortable Truths of Endpoint Security’ conducted by Sophos, an endpoint security provider has found that 76% of Indian businesses were hit by cyber attacks in the past year, the highest after Mexico and France. In its global survey, Sophos said that more than 18% threats discovered in India are on mobile devices, almost double than the global average, while only 7.9% were discovered on endpoints. 39% threats were discovered on the organisation’s servers and 34.5% on its networks. 76% of Indian businesses were hit by cyber attacks in the past year, the highest after Mexico and France. More than 18% threats discovered in India are on mobile devices, almost double than the global average, while only 7.9% were discovered on endpoints. 39% threats were discovered on the organisation’s servers and 34.5% on its networks.
Server security stakes are at an all-time high:
Server security stakes are at an all-time high with servers being used to store financial, employee, proprietary, and other sensitive data. Today, IT managers need to focus on protecting business-critical servers to stop cyber criminals from getting on to the network. They can’t ignore endpoints because most cyber attacks start there, yet a higher than expected amount of IT managers still can’t identify how threats are getting into the system and when. 14% of IT managers who were victim to one or more cyber attacks last year can’t pinpoint how the attackers gained entry and 17% don’t know how long the threat was in the environment before it was detected. The survey emphasises the need to have better endpoint detection and response capabilities. On average, Indian organizations spend 48 days a year (four days a month) investigating potential security incidents. It comes as no surprise that IT managers ranked identification of suspicious events (22%), alert management (19%) and prioritization of suspicious events (13%) as the top three features they need from EDR solutions to reduce the time taken to identify and respond to security alerts. The survey polled more than 3,100 IT decision makers from mid-sized businesses in 12 countries in Colombia, Brazil, UK, France, Germany, Australia, Japan, India, and South Africa.
Key India-specific survey findings:
- Most cybercriminals are detected at the server (39%) or on the network (35%); 8% are found on endpoints
- More than 18% threats discovered in India are on mobile devices, almost double than the global average
- 92% Indian IT managers wish they had a stronger team in place to properly detect, investigate and respond to security incidents
- 89% IT managers surveyed believe cyber security recruitment is a challenge
- 97% IT managers admitted that security expertise is one of the greatest issues in India
- Three – fourth of Indian organisations admitted not being able to take full advantage of implemented EDR solutions
- 67% Indian organisations plan to add Endpoint Detection and Response (EDR) capabilities to fight cyber attacks
- After Mexico and France, Indian businesses most hit by cyber attacks
- Growing use of mobile to commit cybercrime
- Adoption of legitimate digital platforms for illicit activities
- Use of advanced technologies both to commit and to fight cybercrime
- Not realising they are a prime target for cybercriminals
- Viewing cyber security as the responsibility of the Information Technology Deptt.
- Believing security threats are external and not internal or accidental
- Thinking a cloud provider is responsible for backup and security of all information
- Failing to use cloud hosted email securely
- https://www.thehindu.com/news/national/india-third-most-vulnerable-countryhttps://www.businesstoday.in/technology/news/wannacry-ransomware-attack
- https://www.irdai.gov.in/Defaulthome.aspx?page=H1
- https://scroll.in/pulse/861096/interview-we-need-a-medical-regulator
- http://www.mondaq.com/india/x/781972/Financial+Services/International+Financial+Services+Centres
- Newspapers & Journals.
Leave a Reply