Cybersecurity in India is at the level of zero. The country is suffering from a lot of breaches and there are zero exposure and zero protection. The companies do not have any kind of infrastructure as well. There is a minority of companies in India which have the needed protection for the cyber-attacks coming their way. This is the state of the companies in India. There are so many of them which are not even aware of cybersecurity which is kind of sad as India is a country that is one of the largest IT hubs in the world.
That said, there was a survey conducted by EY’s Global Information Security. It was shown that there are many other things in India that put the companies to the immense threat at the moment. It was found out that India was one of the two worse hit countries in the past few years when it comes to cyber-attacks. India was not only the second worst-hit countries in the past few years, but it was also the third worst-hit countries when it comes to the ransomware WannaCry which caught over 40,000 computers off-guard. There were many other attacks like NotPetya, Spectre, Meltdown which hit the country in 2017.
There are many reasons for this and the survey was also done to find out the reasons for the attacks. The companies cooperated well with the surveying team as some of them were aware of the vulnerabilities the companies have while some of the world vulnerability was new.
One of the major reasons for India being in the worse two of the world is because of the employees. There are many careless employees out there working for some of the major companies and on some important projects. The employees are unaware and careless when it comes to cybersecurity. They do not check the authenticity of certain software before downloading and have very weak passwords. The awareness is not there and the companies also do not have any kind of workshops to make their workforce aware of it. Almost 32% of the risk was due to the workforce of the company.
There were many other factors that affected a company’s security. The outdated security controls, unauthorized access, related to cloud computing use, smartphone and tablet use, social media and internet of things. The outdated security controls caused the most risk exposure amongst mentioned above. About 21% of the risk was generated because the company did not have viable software and protection required to oust the attacks.
Unauthorized access came in the third position with 19% of risk while cloud computing use, smartphone use, social media were stuck at fourth with 8% of the risk exposure. The internet of things also caused 4% of the risk.
However, the most surprising revelation amongst all was the workforce causing so many problems regarding security for the company. It has almost become a huge problem for companies in India. Some of the Indian companies do not have enough money to set up a team that looks after security while some of them do not even have secure connections while they work.
This is the condition of Indian companies and they need to change it and change it very quickly.