More than half of Indian organisations said that they fell victim to successful cyberattacks in the last 12 months. Out of this, 71 per cent admitted that the attack was either serious or very serious in nature, as revealed by cybersecurity firm Sophos. Around 65 per cent of these companies said that it took them longer than a week to remediate.
The survey found that while attacks are increasing in frequency and severity, cybersecurity budgets have remained largely unchanged as a percentage of revenue between 2019 and 2020. India also reported the highest percentage of companies with an independent security budget.
Companies expect a rise in the median percentage of technology budgets spent on cybersecurity from 9 per cent currently to 10 per cent in the next 24 months.
As much as 44 per cent of Asia Pacific and Japan (APJ) organisations surveyed suffered data breach in 2020 -- a significant hike from 32 per cent in 2019. Of these successful breaches 55 per cent of companies said that the loss of data was either 'very serious' (24 per cent) or 'serious' (31 per cent). Around 17 per cent of organisations said that they suffered at least 50 attacks per week.
Malware, AI/ML-driven attacks and nation state attacks will be the most serious threats to enterprise cybersecurity over the next two years, the cybersecurity firm estimated.
Sunil Sharma, Sophos India Managing Director of sales said, "Cyberbreaches are a reality that we cannot afford to ignore. Within an organisation, there will always be multiple threats that can exploit various vulnerabilities and launch full blown cyberattacks. The only way to stop these threats is to actively hunt for them and neutralise them. This makes threat hunting an important function to mitigate the damage caused by cyberattacks," adding that the budget allocated by Indian organisations for cybersecurity is not enough.
"Ultimately, security is about right sizing the risk. If the risk increases, budgets should also increase, but in this climate of uncertainty, we've seen organisations take a conservative approach to security spending, which is impacting their ability to stay ahead of cybercriminals," said Trevor Clarke, lead analyst and director at Tech Research Asia.
Sophos studied the responses of 900 business decision makers across Asia Pacific and Japan. The survey The Future of Cybersecurity in Asia Pacific and Japan was conducted by Sophos along with Tech Research Asia. A total of 900 responses were captured across Australia, India, Japan, Malaysia, Philippines and Singapore as well as qualitative insights from virtual roundtable events in Australia, India, Japan and Singapore.