India faces one of the highest cyber security threats in the Asia-Pacific region with over 500,000 security alerts on a daily basis, which is nearly thrice the number of alerts faced by global companies, according to a Cisco 2018 Asia-Pacific Security Capabilities Benchmark Study released today.
According to the report, India leaves nearly 39% or approximately up to 200,000 alerts unattended due to lack of required skill sets. This was in line with its global peers in the APAC region who left half of the legitimate cyber threat alerts unattended. This presents a significant concern for the cybersecurity defenders who need to identify the genuine threats from a vast number of daily alerts.
The study further adds that a whopping 56% of the investigated alerts in India turn out to be false adding to the burden of existing security defenders who need to ensure that they are working on the right alerts. This leads to cybersecurity defenders experiencing cyber fatigue and give-up on trying to stay ahead of malicious attackers and hence more work is needed to equip security professionals with adequate tools to help them get more accurate information about their environment and the attacks happening against it.
Interestingly, India witnesses the second highest instances of legitimate threats in the Asia-Pacific region behind Australia. While Australia witnesses 65% legitimate cybersecurity threat, India is at par with the regional standard at 44%.
The report further added that Indian breaches caused a lower financial impact as opposed to its regional counterparts with 27% of the Indian respondents reporting the cost of a breach to less than $100,000 while a fifth of them reporting a breach cost between $5 million to $10 million. The cost of a breach is highest in Australia with 52% reporting that an attack costs between USD$1-5 million, compared to Japan (23%) and India (25%), the report added. This includes costs from lost revenue, loss of customers, and out of pocket expenses, etc.
“As India is taking huge strides in transforming into a digital economy, cybersecurity threats could pose a serious risk for its success. Companies and governments alike should consider adopting advanced security technologies that include machine learning and artificial intelligence capabilities and also look at bridging the gap of skilled cybersecurity professionals in the country through relevant training and support. Considering the increasing threats in today’s digital age, organizations should have a comprehensive security architecture in place, one which ensures critical data is protected across disparate networks and environments, and technologies that dynamically respond to threats as they emerge,” said Vishak Raman, Director, Security, Cisco.
Today, cyber threats are starting to evolve from just targeting IT infrastructure to attacking operational technologies (OT), intensifying the challenge for companies. Hence, companies are making massive improvements in their security operations to curb losses arising out of high-cost data breaches, with a whopping 70% of the respondents agreeing to the security upgrade.
Also, respondents expect scrutiny of their security policies to increase over the next one year from all stakeholders, especially their customers who are keen to ensure their data is protected. This has put India Inc. at the forefront of cyber security ecosystem, offering relevant training to its staff and responding to the concerns about its readiness to fight cybercrime as defenders cite lack of trained staff as the second highest reason for not adopting advanced security practices and technology.
Further, the use of multiple vendors and products is making the challenge more complex. Across the country, almost half of the surveyed organizations (57%) work with more than 10 security vendors, while 8% say they have more than 50 vendors in their environment. This creates complexity and increases vulnerability, as having different security products, can lengthen the time to detect and contain a breach.
As key recommendations, the report states that companies should consider adopting next-generation endpoint process monitoring tools, access timely, accurate threat intelligence data and processes that allow for data to be incorporated into security monitoring and eventing and implementi first line-of-defense tools that can scale, like cloud security platforms.
At the same time, organizations should employ network segmentation to help reduce outbreak exposures and consider reviewing and practicing security response procedures regularly.