Jaipur: Only 24 per cent of Indian companies are at a ‘mature’ level of cybersecurity readiness, US-based tech giant Cisco has said in its latest report.
In its Cybersecurity Readiness Index released Tuesday, Cisco said that while organisations in India are faring better than the global average of 15 per cent, “the number is still very low, given the risks”.
The survey, which saw the participation of 6,700 private sector cybersecurity leaders across 27 markets, classifies companies into four stages of cyber readiness: beginner (score of less than 10), formative (score of 11-44), progressive (score of between 45-75), and mature (score of 76 and higher).
According to the survey, about 38 per cent of companies in India fall into the beginner or formative stages.
The report said that 80 per cent of around 1,000 respondents in India had reported a cybersecurity incident in the last 12 months. Moreover, 53 per cent of the affected organisations had to pay at least $500,000 to address these incidents, it said.
The index, according to Cisco, calculates companies’ cybersecurity measures based on five parameters — identity, devices, network, application workloads, and data.
“Organisations have moved from an operating model that was largely static, to a hybrid world, which presents new and unique cybersecurity challenges. In this environment, understanding how organisations are preparing to deal with these new challenges is critical,” Vish Iyer, vice-president of architectures at Cisco APJC (Asia-Pacific, Japan, and China), said at the Cisco India Summit 2023 in Jaipur, where the report was released.
“The index has been built with a focus on five core pillars of identity, devices, network, applications, and data, and examines organisational postures in securing these,” he added.
Iyer further said that the five pillars measured by the index need to be protected “with a mix of point tools and integrated platforms to achieve security resilience while reducing complexity”.
“Only then will businesses be able to close the cybersecurity readiness gap,” he added.
Also Read: India’s had its worst year of cyberattacks, but 2023 will see govt & firms ramp up defences
‘Companies need to build on their strength’
According to the report, about 90 per cent of the Indian respondents said they expect a cybersecurity incident to disrupt their business in the next 12 to 24 months, and 95 per cent of respondents said their organisations plan to increase their cybersecurity budget by at least 10 per cent over the next 12 months.
The report recommended that businesses establish a baseline of ‘readiness’ across the five security pillars, build on their strengths and prioritise the areas where they need more maturity and improve their resilience.
“Cybersecurity is a top priority for businesses as they continue their digitisation journey. With hybrid work becoming mainstay and services being application-driven, it is critical that organisations close the security readiness gap,” Samir Mishra, director of the security business group at Cisco India & SAARC, said at the event.
Disclaimer: The author attended the Jaipur summit on Cisco’s invitation.
(Edited by Uttara Ramaswamy)
Also Read: India’s rapid digitisation has one major casualty—cybersecurity