Despite being highly vulnerable at the hands of attackers, Indian IT leaders and C-suit employees oppose each other when it comes to cyber security approach
Indian businesses are under increasing risk from serious cyber-attacks as 8 in 10 IT and C-suit business leaders in India experiencing increased cyber attacks on their firms in 2015, according to the ‘corporate data security practices research’ conducted by The Economist Intelligence Unit (EIU).
Indian leaders are at high-alert, so much that one third of businesses in India (33%) expecting to be targeted within 90 days – a number higher than the Asia-Pacific region, as per the research.
Despite being highly vulnerable at the hands of attackers, Indian IT leaders and C-suit employees oppose each other when it comes to cyber security approach. As cyber threats grow in sophistication, any gaps in security resulting from a ‘disconnect’ between C-suite and IT leaders can lead to the loss of intellectual property, competitive positioning and customer data.
Almost one third of IT leaders (32%) regard cyber security as their number one corporate priority, while only 8% percent of C-suite business leaders share a similar point of view. Similarly, while 36% of IT leaders believe security budgets will significantly increase in the next two years, only 21% of C-suite business leaders foresee likewise, as per the research.
Critical risks identified by both groups were ‘unknown cyber threats that move faster than their defenses’, ‘resources and data that may unknowingly reside in the cloud’, ‘employees who are careless or untrained in cyber security’, and ‘illegitimate users and devices accessing corporate networks’.
Leaders in India are more concerned about the ‘theft of customer data’ than their regional counterparts, with four in 10 (31.8%) believing that this could cause the greatest harm to their businesses.
What can be done?
As per the research, there is need for IT leaders to be more conversant with business risks and objectives. By having deeper conversations and translating cyber risks into business terms, IT leaders can justify requests for more investment in security. The C-suite can then better understand the business implications associated with evolving threats and make informed decisions around strategy and budgets.
A layer in between physical infrastructure and applications will be necessary for businesses to detect and respond to cyber-attackers taking advantage of new gaps or exposed frontiers. Virtualization has become the most ubiquitous infrastructure layer covering compute, network, storage, clouds and devices.
There is need for an organizing framework with true architecture that all the leading players can align to so that security can be architected in. By changing the dynamics of how we deliver trusted services over vulnerable infrastructure - the IT security industry has an opportunity to chart a new path forward, as per the research.