The findings come from Trend Micro’s biannual Cyber Risk Index (CRI) report, which measures the gap between respondents’ cybersecurity preparedness versus their likelihood of being attacked. In the first half of 2021, the CRI surveyed more than 3,600 businesses of all sizes and industries across Asia-Pacific, North America, Europe, and Latin America.
The CRI is based on a numerical scale of -10 to 10, with -10 representing the highest level of risk. The current index for India stands at -0.69, which indicates an “elevated” risk.
Indian organizations ranked the top three negative consequences of an attack as lost IP, critical infrastructure damage/disruption, and cost of outside consultants and experts.
- 57% said it was somewhat too very likely that they’d suffer serious cyber-attacks in the next 12 months.
- 34% suffered 7+ cyber attacks that infiltrated networks/systems.
- 20% had 7+ breaches of information assets.
- 30% of respondents said they’d suffered 7+ breaches of customer data over the past year.
Among the top two infrastructure risks was cloud computing. Many respondents admitted they spend “considerable resources” managing third party risks like cloud providers.
The top security risks to infrastructure include malicious insiders, cloud computing infrastructure and providers, organizational misalignment and complexity, as well as negligent insiders.
The main challenges for cybersecurity preparedness include the organisation’s IT security personnel having a lack of sufficient knowledge, skill and expertise to protect data assets and IT infrastructure; IT security function complying with data protection and privacy requirements; as well as IT security architecture having high interoperability, scalability and agility.