Only 24 per cent organisations surveyed in India are ready to defend against cyber security threats. This was revealed in Cisco's first-ever Cybersecurity Readiness Index titled 'Resilience in a Hybrid World' which was released on Tuesday at the Cisco India Summit in Jaipur. The index has been developed against the backdrop of a post-Covid hybrid world, where users and data must be secured wherever work gets done.
The report highlights where businesses are doing well and where cybersecurity readiness gaps will widen if global business and security leaders do not take appropriate action.
The report points out that organisations have moved from an operating model that was largely static wherein people operated from single devices from one location, connecting to a static network to a hybrid world in which they increasingly operate from multiple devices in multiple locations, connect to multiple networks, access applications in the cloud and on the go and generate enormous amount of data. The report further states that such a situation presents new and unique cybersecurity challenges for companies.
The Cisco report has measured the readiness of companies to maintain cybersecurity resilience against modern threats. These measures have covered five core pillars such as identity, devices, network, application workloads and data and encompasses 19 different solutions within the pillars. The survey was conducted by an independent third-party and asked 6,700 private sector cybersecurity leaders across 27 markets to indicate which of these solutions they had deployed and the stage of deployment. Companies were then classified into four stages of increasing readiness, Formative, Progressive and Mature.
As per the report, India scored high in the global chart in terms of maturity (24 per cent), performing above the global average of 15 per cent on cybersecurity readiness. About 38 per cent of companies in India fall into the Beginner or Formative stages. While organisations in India are faring better than the global average, the number is still very low, given the risks. As per the report this readiness gap is telling, not least because 90 per cent of respondents said they expect a cybersecurity incident to disrupt their business in the next 12 to 24 months. The cost of being unprepared can be substantial as 80 per cent of respondents said they had a cybersecurity incident in the last 12 months, and 53 per cent of those affected said it cost them at least $500,000.
“Organisations have moved from an operating model that was largely static to a hybrid world, which presents new and unique cybersecurity challenges. In this environment, understanding how organisations are preparing to deal with these new challenges is critical. The index has been built with a focus on five core pillars of identity, devices, network, applications, and data, and examines organisational postures in securing these,” remarked Vish Iyer, Vice President, Architectures, Cisco APJC. He added that these five pillars need to be protected with a mix of point tools and integrated platforms to achieve security resilience while reducing complexity and only then will businesses be able to close the cybersecurity readiness gap.
As per the report, business leaders must establish a baseline of ‘readiness’ across the five security pillars to build secure and resilient organisations. This need is especially critical given that 95 per cent of the respondents plan to increase their security budgets by at least 10 percent over the next 12 months. By establishing a base, organisations can build on their strengths and prioritise the areas where they need more maturity and improve their resilience.
“Cybersecurity is a top priority for businesses as they continue their digitisation journey. With hybrid work becoming mainstay and services being application-driven, it is critical that organisations close the security readiness gap. Assessing security readiness and ensuring that organizations adopt an integrated platform approach to secure the five key pillars will play an integral role in helping businesses futureproof themselves,” pointed out Samir Mishra, Director, Security Business Group, Cisco India and SAARC.