52% of Indian companies endured cyber attacks in the last 12 months, said Sophos in the second edition of its survey report titled ‘Cybersecurity in the Asia Pacific and Japan‘. The report, in collaboration with Tech Research Asia (TRA), revealed that despite increasing cyberattacks, cybersecurity budgets have remained stagnant and top management teams still underestimate the level of damage threats can do to organizations.
Insignificant increase in budgets
In India, many companies have independent security budget, but it is not sufficient to deal with rising cyber-attacks. Out of the 52% affected companies, 71% admitted it was a serious or very serious attack. 65% said it took longer than a week to remediate.
While the frequency and intensity of attacks have increased, cybersecurity budgets compared to a percentage of sales have remained essentially unchanged between 2019 and 2021. However, the report estimates the median percentage of technology budgets spent on cybersecurity to increase insignificantly from 9% currently to 10% in the next 24 months.
Managing Director (Sales), Sophos India and SAARC Sunil Sharma said, “Cyber breaches are a reality that we cannot afford to ignore. Within an organization, there will always be multiple threats that can exploit various vulnerabilities and launch full-blown cyberattacks. The only way to stop these threats is to actively hunt for them and neutralize them. This makes threat hunting an important function to mitigate the damage caused by cyberattacks. Hence, there is a strong need for increased cybersecurity budgets to include threat hunting in-house or outsourced services like managed detection and response (MDR).”
Data Breach costs are rising
An increase in data breaches costs many organizations a fortune. According to a recently published report Annual Data Breach cost by IBM, the average cost of a data breach has risen to $4.24 million per incident globally.
Another report by Check Point Research says India is the most ransomware-affected nation in 2021. Organizations on average face 213 attacks every week, against 51 in the Asia Pacific Region, 29 in North America, and 14 in Europe in Latin America. Africa faces only 4 attacks per week.
A rise in cyber attacks has also contributed to an increase in cyber insurance premiums.
While Sharma talks about actively hunting vulnerabilities, the Indian Computer Emergency Response Team’s vulnerability disclosure program does not shield security researchers from legal action. Read more.