We surveyed over 1,200 employees at Indian businesses to find out how their companies approach cybersecurity.

Key cybersecurity challenges and solutions for businesses

Analysts predict that India’s digital economy will continue to expand rapidly over the next six years. But as businesses race to develop their capabilities, how can they keep themselves safe from cyber threats? 

We surveyed 1,264 employees at businesses in India to understand how companies view the threat landscape, what cybersecurity software they use to protect their data, and how AI is impacting cybersecurity. This article represents part one of our findings. In part two, we’ll look in more detail at cybersecurity as it relates to individual employees.

95% of the respondents to our survey are either involved in cybersecurity decision-making, participate in cybersecurity initiatives, or have a full awareness of their company’s cybersecurity measures. The remaining 5% have a partial awareness of the solutions in place. In the two articles, we refer to these groups as ‘more cyber-aware’ and ‘less-cyber-aware’ respectively.

You can scroll down to the bottom of this article for a full methodology.

Most businesses saw a data breach in the past year

Businesses in India are justified in having cybersecurity top-of-mind in 2024. According to our research, 61% of them experienced a data breach in the past 12 months. The causes of these breaches fell across three major areas:

  1. External attackers with malicious intent (hackers) (61%)
  2. Careless internal users who left data unsecured (58%)
  3. Malicious insiders who stole data (35%)

Ransomware and phishing continue to be major external threats to businesses, and we will explore each of them in more detail across these two articles. But even if we exclude these attack types, one-third (33%) of the more cyber-aware respondents in our survey said their company had been the victim of a cyberattack.

Two factors affect a company’s susceptibility to these attacks: the strength of the threats directed at them and the vulnerabilities in their own defences. The more cyber-aware participants in our survey were acutely aware of both. In particular, attacks and vulnerabilities within their supply chain were a major concern. They also identified AI-enhanced attacks, where hackers use artificial intelligence to create and deliver their payloads, as a problem. As we will explore later on, they also view AI as a crucial part of their defences.

Top 5 security vulnerabilities and cybersecurity threats.

Key takeaway: Most businesses we surveyed in India experienced some kind of data breach in recent months. This may have sharpened their focus towards the types of attacks directed at them, as well as the shortcomings in their own cyber defences.

But research also reveals that weak points can appear anywhere in a business. Organisations should consider how areas such as supply chain management and software development can be made more robust to reduce overall risk.

Cybersecurity spend is on the rise for 82% of firms

Given the high occurrence of breaches, it is not surprising that investment in cybersecurity is increasing. 82% of the more cyber-aware respondents reported that their company increased spending in this area from 2022 to 2023, while only 1% reported a decrease.

Organisations have already put many measures in place. Some of these are technical, while others relate to company policies and procedures.

Some security measures companies have deployed to protect data.

Key cybersecurity measures for businesses in India 

  • 61% of the more cyber-aware respondents said their company carries out formal cybersecurity risk assessments. These help organisations identify and quantify risks and apply appropriate controls to mitigate them. Companies can use dedicated risk management software to help them do this.
  • Nearly half (48%) said the company uses network segmentation to isolate certain parts of their IT infrastructure, either physically or logically. This can make it harder for attackers to access the most sensitive areas, even if they have found their way into public-facing ones, for example. There are many tools that companies can use to segment their networks, including firewall software.
  • Data classification is another important technique, which helps organisations apply protective policies to data according to how valuable it is and how many people need to access it. Some data management tools offer ways to classify data, and 46% of the more cyber-ware employees in our survey said their company uses data classification techniques. 
  • 46% again say there company applies zero-trust network policies. This means that users and devices must always be verified, even if they’re connecting from theoretically safe areas of the network, like within corporate offices. This can be achieved with various technologies, with network access control software being a typical example.

Two-thirds saw ransomware attacks, but most didn’t pay up

Ransomware attacks were a relatively common occurrence, at least for the majority of respondents. 48% of the more cyber-aware employees said that their company experienced one in the past 12 months, and 18% said they saw multiple attacks.

Ransomware attacks happen when an attacker is able to deploy malicious software on a victim’s computer systems. This software then locks down the system or encrypts vital data. Attackers promise to remove the software upon payment of a ransom. 

However, in the majority of cases reported to us, respondents who fell victim to an attack never ended up paying out. Having protective measures in place can enable organisations to avoid paying a ransom, either by reverting to backups of their data, decrypting or removing the software, or accepting that the data is lost and carrying on with business as usual.

Different ways in which companies have resolved a ransomware attack.

But the cost to retrieve data can be extremely high. 33% of those that knew how their company’s ransomware attack was resolved said the ransom demand was in the ₹8,01,000 - ₹20,00,000 range, while 16% said it was over ₹41,01,000. The remainder were faced with a ransom of less than ₹8,00,000 (48%) or were not sure of the amount (3%).

Key takeaway: Businesses in India are likely to encounter ransomware attacks at some point, so it pays to be prepared. Ensure that your company has adequate backup and recovery procedures for your data, and that your email security (the origin for many attacks) is up to scratch.

Better password management can help guard against cyberthreats

Although it’s considered good practice to use strong, unique passwords for every online account we use, many people reuse passwords across accounts. This is usually for convenience, since it can be hard to remember so many different combinations. In our survey, 41% of respondents said they reuse passwords. But if one of these passwords is compromised and falls into the hands of a criminal, they could use it across several accounts, increasing the potential for damage.

Employers can mitigate against this in several ways. Password management software lets users create strong (hard to crack) passwords for each account, store them in a secure repository, and use them across devices.

Companies can also implement two-factor authentication (2FA). This involves an additional layer of verification on top of a password when logging into systems, such as a fingerprint, passcode, or verification from a secondary device. 93% in our survey said their employer uses 2FA for accessing some or all business applications, and 87% said they use biometric identification methods— the most popular being fingerprints and facial scanning. 

Some security biometric measures used by companies for data protection.

94% say their company uses AI for cybersecurity

AI generated a lot of excitement in 2023. Companies are using it to create content, help them be more productive, and solve problems, and the world of cybersecurity has not missed out.

94% of the more cyber-aware respondents in our survey said their company uses AI for cybersecurity. This group also said that it enhances their threat detection and response capabilities in several areas:

  • 65% said AI helps with real-time monitoring by detecting threats as they occur.
  • 54% said it improves data integration by merging data from their threat intelligence feed with internal network behaviour.
  • 52% said that AI automates routine security tasks, such as alert triage, incident response, and patch management.

Looking ahead, companies appear keen to continue their AI investment. Priorities here include cloud security, network security, and email security.

Specific areas within cybersecurity where AI is an investment priority.

However, the excitement around AI shouldn’t mask the fact that it’s not perfect. Those respondents whose companies use AI for cybersecurity admit that there are problems with data quantity and quality (identified by 48%), the requirement for additional human expertise (46%), and the fact that attackers can manipulate AI systems to evade detection (37%).

Key takeaway: Almost all the respondents we spoke to said that their company uses AI for cybersecurity, so this is no longer a differentiating technology. Companies may want to consider the added value of skilled people to work alongside the AI tools they already have. 57% of those whose company uses AI for cybersecurity said that humans can provide essential business context to AI decisions about threats, for example. And 52% thought that security professionals have an important role to play in training others about best practices.

Mitigating cyberthreats in 2024

Investment in cybersecurity is on the rise, which may be a reflection of the relatively high incidence of data breaches and attacks in the recent past. Cyber-aware employees, especially, show concern about the range of threats in cyberspace, but also say that organisations have deployed a wide spectrum of techniques to defend against them. AI continues to be an important part of these defences, but requires human expertise to function at its best.

The second article in this series looks at how businesses in India can engage employees in their cybersecurity efforts and how individuals can contribute to better cyber defences.

Looking for cybersecurity software? Check out our catalogue.


Methodology:

The data for Capterra’s 2024 Data Security Survey was collected between November 10th and 26th 2023 and comprises answers from 1264 respondents. We selected our survey sample based on the following criteria:

  • India resident
  • Aged between 18-65 years-old
  • Full-time employee
  • Works for a company which uses cybersecurity software tools for protection and has some awareness of which tools are used