Enterprises in India face longer downtimes and higher costs from cyber breaches compared to their Asia-Pacific and global peers, says a study by networking giant Cisco.
About 46% of the companies in India report more than 5,000 threat alerts in a day of which 43% go unattended, posing a risk to enterprise security, the San Jose, California-based Cisco found. Also, a quarter of them loses $1 million or more due to major breachs.
Over a third of Indian enterprises deal with a downtime of nine hours or more. This compared to just 30% globally. Longer downtimes often result in higher financial costs.
The results were part of Cisco's Asia Pacific CISO Benchmark study 2019.
The real challenge for enterprises lies in how well they react to a threat alert. For instance, the losses or downtime can be minimised depending on how many of the alerts are investigated, and how many of those found to be genuine are eventually remediated, Cisco said.
Around 43% of threats go unattended, a similar figure for 2018 was 39%.
Of the threats that were investigated and found to be genuine, only 41% were remediated, down from 52% in 2018.
Vishak Raman, director for security business at Cisco India and SAARC said that while organisations in India have made significant improvements to their cybersecurity postures in the last year with increased security budgets, focussed workforce training, and integrated security infrastructure, high workloads and alert fatigue continue to be a big challenge.
"Hence, enterprises in India are looking at increasing the level of automation in their security strategy as well as opting for an integrated end-to-end solution to secure their infrastructure,” Raman added, according to a statement.
Cybercriminals have moved beyond attacking IT infrastructure and are now attacking operational technology infrastructure, the study found.
"In India, 25% of respondents have already experienced an attack on their operational infrastructure (versus 21% globally), and 34% expect this trend to increase in the next year," the company's study noted.
Multiple vendors and complex systems
The use of multiple vendors is making security issues more complex. Compared to 33% globally, 29% of companies in India are using more than 10 vendors. Also 4% are using more than 50 vendors in India, compared to 3% globally.
Most respondents of the study said it is challenging to manage a multi-vendor environment with 89% saying that it is somewhat or very challenging to orchestrate multiple vendor alerts. This is in line with the global trend, with 79% of respondents across the world highlighting this as an issue, it said.
The study, based on close to 2,000 security professionals from across the APAC region, highlights that security practitioners in the Asia Pacific are being kept busier than their global counterparts.