Trend Micro has revealed that the risk of cyber attacks has increased in the last year. According to a new survey, 73% of organizations in India report they are likely to experience a data breach that impacts customer data in the next 12 months.
The findings come from Trend Micro’s biannual Cyber Risk Index (CRI) report, which measures the gap between respondents’ cybersecurity preparedness versus their likelihood of being attacked. In the first half of 2021, the CRI surveyed more than 3,600 businesses of all sizes and industries across Asia-Pacific, North America, Europe, and Latin America.
The CRI is based on a numerical scale of -10 to 10, with -10 representing the highest level of risk. The current index for India stands at -0.69, which indicates an “elevated” risk.
“Once again we’ve found plenty to keep CISOs awake at night, from operational and infrastructure risks to data protection, threat activity and human-shaped challenges,” said Vijendra Katiyar, Country Manager, India & SAARC, Trend Micro. “To lower cyber risk, organizations must be better prepared by going back to basics, identifying the critical data most at risk, focusing on the threats that matter most to their business, and delivering multi-layered protection from comprehensive, connected platforms.”
Indian organizations ranked the top three negative consequences of an attack as lost IP, critical infrastructure damage/disruption, and cost of outside consultants and experts.
Key findings for India from the report include:
- 57% said it was somewhat to very likely that they’d suffer serious cyber-attacks in the next 12 months.
- 34% suffered 7+ cyber attacks that infiltrated networks/systems.
- 20% had 7+ breaches of information assets.
- 30% of respondents said they’d suffered 7+ breaches of customer data over the past year.
“Trend Micro’s CRI continues to be a helpful tool to help companies better understand their cyber risk,” said Dr. Larry Ponemon, CEO for the Ponemon Institute. “Businesses globally can use this resource to prioritize their security strategy and focus their resources to best manage their cyber risk. This type of resource is increasingly useful as harmful security incidents continue to be a challenge for businesses of all sizes and industries.”
Among the top two infrastructure risks was cloud computing. Many respondents admitted they spend “considerable resources” managing third party risks like cloud providers.
In India, the top cyber threats highlighted in the report were as follows:
- Watering hole attacks
- Malicious insiders
- Advanced persistent threats (APT)
The top security risks to infrastructure include malicious insiders, cloud computing infrastructure and providers, organizational misalignment and complexity, as well as negligent insiders.
The main challenges for cybersecurity preparedness include organization’s IT security personnel having lack of sufficient knowledge, skill and expertise to protect data assets and IT infrastructure; IT security function complying with data protection and privacy requirements; as well as IT security architecture having high interoperability, scalability and agility.