Employee error among top cybersecurity challenges in India: Sophos

Employee error among top cybersecurity challenges in India: Sophos
Photo Credit: Photo Credit: Pixabay
23 Oct, 2019

Over 60 percent of Indian business are concerned about being exposed to cyber threats due to employee error, says a new study by UK-based cybersecurity firm, Sophos.

Cybersecurity is commonly handed to the IT staff, making it difficult for employees to work on security in addition to completing their other tasks. 

About 66 percent business decision-makers believe lack of security expertise is a challenge for their organisation, with 69 percent observing recruitment of skills to be a struggle. About 66 percent of them find it hard to stay up to date with cybersecurity technologies,  according to a statement. 

Employee attitude and behaviour negatively affect corporate cybersecurity. About 90 percent of the Indian organisations believe the biggest obstacle to their security in the next two years will be improving cybersecurity awareness and education among employees and their leadership.

Around 30 percent of the Indian organisations are planning to outsource and introduce in-house skill development, training, and awareness programs for their employees in the next 24 months.

Less than half or about 43 percent of organisations in India have a dedicated cybersecurity budget. In most cases, however, budgets are included as part of other broader IT spends.

Organisation of IT security structures is diverse — one-third of those surveyed have a dedicated chief information security officer (CISO), while others have an IT leader or a chief technological officer (CTO) overseeing these issues.

Only 19 percent of Indian organisations are regularly making significant changes to their cybersecurity approach, with 38 percent intending to make changes to their security approach within the next two years.  

“As the threat landscape evolves, businesses too need to advance their defense mechanisms with synchronized security solutions that are designed to strengthen their cybersecurity posture,” said Sunil Sharma, managing director, sales, Sophos India and SAARC, according to a statement. 

“IT teams should also not shy away from tough discussions on the impact of breaches they have faced and instead leverage them with their CEOs to help invest in predictive synchronised security for their business,” he added.

The report, ‘the future of cybersecurity in Asia Pacific and Japan – culture, efficiency, awareness, was based on data from 900 responses captured with 200 each in Australia, India and Japan and 100 each in Malaysia, Philippines and Singapore.