Security investments reflect digital take-up in India

Indian organisations are taking data security seriously and implementing a wide range of security systems as they move online

Indian organisations such as the government are taking information security seriously and implementing a wide range of security systems as they increasingly move online and offsite.

The Indian government is leading by example, embarking on a plan to realise its ambition of creating a workforce of 500,000 professionals skilled in cyber-security in the next five years through capacity building, skill development and training. The government plans to build and operate a 24X7 National Critical Information Infrastructure Protection Centre (NCIIPC).

Meanwhile, businesses are increasing relying on the internet for customer interactions and corporate operations

According to the findings of TechTarget research, which polled 340 India-based IT professionals, businesses are addressing a breadth of security risks through technology.

The most common security plans for the next year are initiatives around network-based security, with 50.3% of respondents planning this. Data loss prevention (47.4%) and application based security (41.2%) were the next most planned.

The proportion planning other security initiatives include: Threat detection/management (38.8%); identity and access management (34.1%); security data management/analysis (33.8%); mobile endpoint security (31.5%); virtualization security (34.1%); vulnerability management (35.3%); and encryption (34.7%).

Less than 1% (0.6%) did not plan on running initiatives in any of these areas and 8% did not know.

Nasscom chairman and Mindtree CEO, KK Krishnakumar Natarajan, said cyber security in India is far more advanced than physical security, but said it must continuously evolve to secure citizens and businesses in the light of a high number of attempted attacks.

KK Krishnakumar Natarajan said that, in contrast to its physical security, India is advanced in cyber protection

“India has to create the full ecosystem relating to cybercrime. The framework, the tools, and the assets you will use to protect data and ensure there are no risks," he said.

He said it is not just about technology. “We need to get the legal and regulatory response to attacks right,” he said.

Businesses in India are on a steep adoption curve when it comes to taking on online-based services but the infrastructure in companies is often invested in at a lower rate.

Vikram Nair, head of Europe at Tech Mahindra, said Indian businesses rely on the internet and it is a challenge to keep security up to date. 

“When I left India in 1996 the infrastructure was fixed lines that did not extend across the country but now mobile has changed things," said Vikram Nair. 

“You cannot survive as a business without the internet in India and the take-up of mobile is buoyant. But there is a lot of under-investment in the IT equipment that connects businesses to the internet, including security.”



Read more on Security policy and user awareness