Indian ITDMs Are Confident In Their Cybersecurity Postures

by CXOtoday News Desk    Dec 19, 2017

Cyber security

The importance of employing cybersecurity best practices and fundamentals as well as the urgency to avoid complacency in defending against cyber attacks is increasing. According to a Fortinet research, 73 percent of Indian IT decision makers (ITDMs) at 250+ employee organizations are confident in their cybersecurity posture, despite 84 percent of organizations being breached in the past two years. In addition, 96 percent believe they are doing better than their peers with regards to cybersecurity, while only 1percent believe they are lagging behind.

“ITDMs continue to prioritize the maintenance and upgrade of their cybersecurity solutions in an attempt to combat today’s cybersecurity adversaries. Although important, other security best practices within their broader cyber and technology strategy are still missed opportunities. In particular, the urgency to prioritize security hygiene, educate with broader awareness, or implement security approaches that leverage automation, integration, and strategic segmentation, is critical to defending against the highly damaging Internet attacks possible in our near future,” said Patrice Perche, senior executive vice president, worldwide sales and support at Fortinet.

Complacency despite clear concerns

Respondents revealed that 39percent of breaches experienced in the last two years were the result of social engineering, ransomware, and email phishing. In 2018, 87percent of Indian businesses are planning programmes to educate employees in IT security, reflecting a growing awareness that breaches are caused by carelessness and ignorance as much as maliciousness.

Another top concern for Indian organizations is protecting access to the network. Only three quarters (76percent) of ITDMs feel confident that they have full visibility and control of all devices with network access. A similar 72percent of ITDMs feel confident that they have full visibility of the access level of all third parties who frequently have access to networks. This lack of confidence in the network visibility suggests that this is an area that should be treated as a top concern for organizations. Yet, basic security measures like network segmentation are only being planned by 21percent of businesses in 2018. Without network segmentation,  malware entering a network will often be left to spread.

Employee knowledge key for security in organizations

When asked about what they would have done differently over their career in security, 51percent of Indian ITDMs wish they had invested more in employee security awareness training to prevent a security breach. Educating users can lessen the chance that they become a victim of an intrusion attempt that targets one of the weakest links in the cybersecurity chain: employees themselves.

In 100percent of breach incidents, in the first instance, the Indian board blames the IT department – either a specific individual (45percent) or the department as a whole (55percent). Employees outside the IT department get blamed in 40percent of breach incidents, even though they’re often recognized as the weakest link. The IT department can no longer be the only one responsible when it comes to a breach. BYOD and IoT, the use of cloud-based applications, and shadow IT, all extend the security responsibility to the broader organization − and employees.

Balanced Cybersecurity Investment Priorities Are Critical

In 2017, Indian ITDMs ranked the following as their no.1 priority investment:

·         42percent - New security solutions and services

·         38percent - Upgrading security solutions

·         10percent - Implementing security policies and process

·         4percent - Auditing and assessment

·         3percent - Employee training

The continued technological investment allows businesses to keep pace with malicious attacks and prepare for them by implementing a comprehensive security solution. Investments in new and upgraded security solutions will continue in 2018, but 34percent of Indian respondents also reveal that investments towards employee training will become one of the top 3 investment priorities.