DEFCON 1: More resources are needed since Indian organizations are unable to stop 50% of major cyberattacks.

serious cyberattacks

DEFCON 1: More resources are needed since Indian organizations are unable to stop 50% of major cyberattacks.

According to a recent survey, almost half of cyberattacks against Indian organizations go unnoticed since preventative steps aren't taken. This raises concerns about the organization's capacity to defend against such attacks. As to the survey, a startling 64% of cybersecurity teams are excessively occupied with handling major occurrences to be proactive in countering possible attacks.

The report, conducted by Columbia-based cybersecurity firm Tenable, surveyed 825 IT and cybersecurity professionals, including 69 individuals from India, in 2023. It revealed that a significant 78 per cent of Indian respondents believed their organisations could improve their defences against cyberattacks if more resources were dedicated to preventive cybersecurity efforts.

However, the study also found that 71 per cent of organisations in India prioritised uptime over essential tasks such as patching and remediation, creating a disconnect between IT and security teams. This lack of coordination was acknowledged by 43 per cent of Indian organisations, further complicating their ability to respond effectively to cyber threats.

One of the key findings of the report was that 81 per cent of organisations relied on third-party programs for Software as a Service (SaaS) applications and services. Unfortunately, only 54 per cent of these organisations had sufficient visibility into these third-party environments, hampering their ability to implement proactive security measures.

Tenable India Country Manager, Kartik Shahani, emphasised the urgency of the situation, stating, “In today’s threat landscape, by the time organisations react to cyberattacks, the battle is half lost.”

The report shed light on the structural and operational challenges within Indian organisations, highlighting a misalignment of goals between IT and security teams. This disconnect makes it difficult for these critical components of an organisation to work together effectively toward a shared cybersecurity goal.

Shahani noted, “While there are no quick fixes to these challenges, implementing an exposure management program enables security professionals to better allocate time and resources so they can focus on taking the preventive actions that legitimately reduce an organisation’s cyber risk.

It requires security teams to place as much importance on proactive efforts as they currently do on reactive incident response efforts. It requires security and IT professionals to consider how siloed organisational structures — and the myriad security tools used in support of those silos — are hindering their ability to see what an attacker sees. And it requires a way for security professionals to analyse the data coming from disparate tools to empower them to draw meaningful insights they can apply to their risk reduction goals.”

The report’s data was drawn from a study titled “Old Habits Die Hard: How People, Process and Technology Challenges Are Hurting Cybersecurity Teams in India,” underlining the need for improved cybersecurity practices in Indian organisations.