Most companies expect cyber attacks to increase over next one year, but claim they are well-equipped to deal with any kind of data breaches, according to a survey. Firms also expect their cyber security budget to go up in the next one year, the C-Suite Survey 2018 by US-based data analytics firm Fico said.
The study, conducted by independent research company Ovum, was based on interviews with senior staff in the security and IT functions from four to five industries, that have large consumer customer bases, and are having more than 500 employees. “Nearly 88 per cent of Indian companies saw their organisation as above average or better in cyber preparedness compared to competitors,” the survey said.
The research, however, said a lack of objective measurement of cyber risk posture could be influencing the over-optimistic view of their performance. While Indian organisations are realistic about overall levels of risk and expect it to increase, they are not as realistic about their own cyber-readiness, it said. The finding showed that close to 56 per cent of respondents expect cyber attacks to rise in the coming year, 42 per cent see them remaining the same, while 2 per cent expect them to drop.
Mid-size organisations, with employee strength between 1,001 and 4,999, are the most concerned, with 80 per cent expecting cyber attacks to rise. Of the industries surveyed, retail and telecom appear to have made the most progress over the past year with cybercrime defences, both with 20 per cent of companies reporting a decrease in attacks.
Last year, 47 per cent of financial services companies surveyed reported an increase in cyber attacks, with no company reporting a decline. Close to 62 per cent of companies expect their cyber security budget to increase, according to the survey. “Indian financial services companies were the most likely to see a spend increase, with 67 per cent expecting bigger budgets, compared to 60 per cent for retail and e-commerce, and just 53 per cent for telecom companies,” it said.
Cyber security investment trends in the country, according to the study, are primarily driven by expectation of increasing threat and pressure from customers or investors. There’s less concern about privacy and other regulations or the legal implications of a breach, it highlighted. Around 82 per cent of respondents currently have cyber risk insurance, with 48 per cent said their policies cover all likely risk.
Another 14 per cent of respondents said they plan to purchase insurance in the coming year. The research further said with attacks expected to increase in volume and bigger penalties expected from regulators, breach risk is more important than ever before. “Organisations must take the opportunity to objectively understand their likelihood of suffering a breach, so that they can take the necessary steps to transfer or mitigate risk, it said.