A recent survey by Zscaler, the leader in cloud security, has revealed a major disconnect between confidence in cyber resilience and the reality of preparedness among Indian organisations. The study, which surveyed IT decision-makers in 12 countries, highlights that while 97% of Indian IT leaders believe their cyber resilience measures are effective, an alarming 67% acknowledge that the budget allocated for resilience does not meet the growing threat landscape. Additionally, only 53% of organisations in India have updated their cyber resilience strategy to combat AI-driven threats, raising concerns about the country’s readiness for modern cyberattacks.
Cyber Resilience Demands Stronger Leadership Commitment in India
The report underscores a critical issue – while 57% of Indian IT leaders say cyber resilience is a top priority for their leadership (compared to the global average of 39%), this focus is yet to translate into sufficient funding and proactive strategies. Additionally, 70% of Indian organisations do not involve CISOs in resilience planning, reinforcing a siloed approach that limits strategic alignment and effective execution.
“The possibility of a major failure scenario for organisations is not an ‘if’ but ‘when’, as the statistics in our report show,” said Jay Chaudhry, CEO, Chairman and Founder, Zscaler. “It proves the need for proactive resilience to combat and mitigate inevitable incidents before they become a significant issue for business continuity. Proactive resilience is essential to address incidents before they threaten business continuity. Cyber resilience is foundational to overall business resilience, and outdated firewalls and VPNs allow persistent attacks, making a zero trust architecture crucial for defending against advanced threats. Leadership must collaborate with IT teams to develop a strong cyber resilience strategy based on Zero Trust, preparing for and mitigating the impact of sophisticated AI-driven attacks. We call this becoming ‘Resilient by Design’.”
Over-Reliance on Prevention Leaves Indian Organisations Vulnerable
Despite growing threats, Indian businesses continue to overly prioritise prevention, with 61% of IT leaders identifying complex IT infrastructure as the top barrier to resilience. The study also finds that while 94% of Indian IT leaders believe in the resilience-enhancing potential of cloud solutions—the highest globally—many organisations remain reliant on legacy security models.
Moreover, only 43% of Indian organisations use risk hunting to mitigate the blast radius of cyber-attacks, and less than half adopt proactive measures like Zero Trust micro-segmentation (45%) or deception technologies (39%).
“India’s digital transformation is unlocking new opportunities but also increasing cyber risks, especially with the rise of GenAI-driven threats and evolving regulations like the DPDP Act,” said Ananth Nag, Vice President and Managing Director, India at Zscaler. “To bridge the gap between confidence and preparedness, organisations must simplify IT infrastructure, leverage AI-powered security, and adopt proactive risk-hunting tools. With GenAI accelerating attack sophistication, traditional security is no longer enough. At the same time, DPDP Act compliance requires a stronger focus on data protection and governance. By embedding Zero Trust principles, businesses can enhance resilience, meet regulatory requirements, and secure long-term digital growth. A proactive cybersecurity approach ensures they stay ahead of emerging threats while maintaining business continuity and innovation in an ever-evolving digital landscape.”
A Zero Trust architecture enables a Resilient by Design approach
To mitigate cyber resilience risk, organisations should embed visibility and control into their security strategy. Understanding failure scenarios more quickly and thoroughly based on the insights from an AI-powered cloud security platform to mitigate the blast radius of an incident strengthens the resilience posture. This outcome is what Zscaler enables with a ‘Resilient by Design’ approach. Because cyber threats evolve and advance so quickly, Zscaler leverages AI to dynamically adjust access based on changing risk. The Zscaler Zero Trust Exchange reduces risk across all four stages of the attack chain and supports a ‘Resilient by Design’ approach:
- Minimise the attack surface
- Prevent initial compromise
- Eliminate lateral movement
- Stop data loss