Sustained tech investment allows businesses to keep pace with malicious attacks and implement a comprehensive security solution. According to a recent survey done by IT security firm Fortinet, 73% of Indian IT decision makers at 250-plus employee enterprises are confident in their cybersecurity posture, despite 84% of enterprises being breached in the past two years. In addition, 96% believe they are doing better than their peers with regards to cybersecurity, while only 1% believe they are lagging behind. Respondents revealed that 39% of breaches experienced in the last two years were the result of social engineering, ransomware and email phishing. In 2018, 87% of Indian businesses are planning programmes to educate employees in IT security, reflecting a growing awareness that breaches are caused by carelessness and ignorance as much as maliciousness.
Another top concern for Indian businesses is protecting access to the network. Only three quarters (76%) of Indian IT decision makers feel confident that they have full visibility and control of all devices with network access. A similar 72% of the decision makers feel confident that they have full visibility of the access level of all third parties who have access to networks. This lack of confidence in network visibility suggests this should be a top concern for enterprises. Yet, basic security measures like network segmentation are only being planned by 21% of businesses in 2018.
When asked about what they would have done differently over their career in security, 51% of Indian IT decision makers wish they had invested more in employee security awareness training. In 100% of breach incidents, in the first instance the Indian board blames the IT department—either a specific individual (45%) or the department as a whole (55%). Employees outside the IT department get blamed in 40% of breach incidents, even though they are often recognised as the weakest link.