It is more critical than ever for companies in India to refresh the technologies and solutions in their cybersecurity infrastructure, according to findings of the latest study by Cisco. Titled “Security Outcomes Study Volume 2”, the study highlighted that 37 percent of cybersecurity technologies used by companies in India are considered outdated by security and privacy professionals working at these organizations.
The study is based on a global survey of more than 5,100 security and privacy professionals across 27 markets. This includes more than 2,000 professionals from 13 markets in Asia-Pacific. The study aims to determine the most impactful measures teams can take to defend their organizations against the evolving threat landscape. Respondents, including professionals from companies in India, shared their approaches to updating and integrating their security architecture, detecting and responding to threats, and staying resilient when disaster strikes.
Respondents from India also consider their cybersecurity infrastructure unreliable and complex, with 33 percent and 40 percent respectively highlighting this in the survey.
The good news is that companies in India are addressing this by investing in modern cybersecurity technologies to improve their security posture. Nearly nine in 10 (89 percent) respondents in India said their company is investing in a ‘Zero Trust’ strategy, with 44 percent saying their organization is making steady progress with adopting it and 45 percent saying they are at a mature state of implementing it. In addition, 88 percent of respondents said their company is investing in Secure Access Service Edge (SASE) architecture, with44percent making good progress with adoption and a similar number saying their implementation is at mature levels.
These two approaches are crucial to building a strong security posture for companies in the modern cloud-first and application-centric world. Organizations are facing multiple challenges while operating in this environment, including complexity in connecting users to applications and data across various cloud platforms, inconsistent security policies across disparate locations and networks, difficulty in verifying the identity of users and devices, lack of end-to-end visibility of their security infrastructure, etc.
The SASE architecture is widely seen as an effective way to address these challenges. Simply put, SASE combines networking and security functions in the cloud to deliver secure access to applications anywhere users work. ZeroTrust, meanwhile, is a simple concept that involves verifying the identity of each user and device every time they access an organization’s network to reduce security risks.
The value of cloud-based security architectures cannot be overstated. According to the study, organizations with mature implementations of Zero Trust or SASE architectures are 35 percent more likely to report strong security operations than those with nascent implementations.
Vishak Raman, Director, Security Business, Cisco India and SAARC, added, “Cisco’s Security Outcomes Study indicates where the biggest gaps lie in India Inc.’s cybersecurity posture. In response, nearly 60 percent of companies are expanding their investments in cloud-based security technology plans. As they ramp up these efforts, they must focus on building a robust cloud-based, integrated, and highly automated architecture to ensure agility and intelligence in threat remediation and enable visibility and management of newly distributed users and applications.”
Other key global findings of the study include:
- Organizations that leverage threat intelligence achieve faster mean time to repair (MTTR), with rates 50 percent lower than non-intel users.
- Organizations with integrated technologies are seven times more likely to achieve high levels of process automation. Additionally, these organizations boast over 40 percent stronger threat detection capabilities.
- Automation more than doubles the performance of less experienced staff, supporting organizations through skills and labor shortages.
- As the threat landscape continues to evolve, testing business continuity and disaster recovery capabilities regularly and in multiple ways is more critical than ever, with proactive organizations 2.5 times more likely to maintain business resiliency.
- Organizations with board-level oversight of business continuity and disaster recovery operations within cybersecurity teams perform best.