Indian companies cannot detect if they were attacked says F-Secure

Security highlighted with the help of a cursor

India is one of those countries which is one of the worse hit when it comes to cyber-attacks. The number of cyber-attacks just increase by the year and there is no one doing nothing about it. India is also one of the least secured countries when it comes to cyber-security and dealing with it. There is a lot of things which drive you down to that conclusion but the truth is there for everyone to see. Companies are having trouble even detecting the attacks on them.

F-Secure, a company that deals with cyber-security, did a survey that helped us understand how much the Indian companies lack when it comes to cyber-security. The term is like an unknown item to be unlocked for the Indian companies. It is more like another box that is ignored while there are many boxes to be looked at and opened.

F-Secure used honeypots to help its survey and understand how the Indian companies have not reported the threats and attacks even after the number of attacks increased by 32% from the previous year and were four times more in the second half of 2018. The survey report shows something which is obvious and not surprising at all. It shows that many companies have not reported attacks because their security is outdated and the attacks were not even visible as they are immune to firewalls and endpoint protection.

There were 22% of companies that did not detect any attack. There were 20% of companies that detected a single attack while there were 31% of companies that detected two to five attacks. Now, when F-Secure did a check, a single company had around 15 threats in one month. That company had 1300 endpoints. There were seven threats and 325 endpoints in a single month at another company. There were only quarter companies that said they were using a detection and response solution service.

Leszek Tasiemski, Vice President of F-Secure said that the type of threats from five or ten years ago is totally different from today. If a company is using that kind of protection schemes then it is always going to be a problem.

He said while talking to ET, “Today’s threats are completely different from 10 or even 5 years ago. Preventative measures and strategies won’t stop everything anymore, so I’ve no doubt that many of the companies surveyed don’t have a full picture of what’s going on with their security. Many organizations don’t really value security until an incident threatens to cost them a lot of money, so I’m not completely surprised that there are companies detecting zero attacks over the course of a year.”

The finance and ICT saw the maximum number of attacks. These are the sectors which need to be protected well. Healthcare and manufacturing sectors were the least attacked and looked after by the hackers. However, that doesn’t mean they don’t need protection. The protection is needed for every company with a viable hacking interest.

-Unmesh Phule

Comment here