Does India spend enough on IT security?

India is moving towards a digital future with dreams of smart cities, but Indian IT companies seem to be unconscious to the need for data security

India is moving towards a digital future with dreams of smart cities, efficient road networks and better communication channels, however Indian IT companies seem to be either avoiding or are unconscious to the fact these dreams require data security.

With the increasing threat of cyber security breaches and information leaks, spend on security has become one of the most important considerations in corporate yearly budgets.

However, a study conducted by PwC has revealed while business loss due to information leaks was up by 20%, information security budgets in Indian enterprises actually reduced by 17%.

According to the study, the average cost of a security incident for Indian companies has more than doubled from $194 in 2013 to $414 in 2014, and there has been a 20% increase in the average losses as a consequence. But Indian companies have reduced the average security spending from $4.8m in 2013 to $4m in 2014.

The frequency of attacks has also increased, imposing financial and non-financial threats to the firms. The annual survey of security, IT and business executives in India showed the total number of security incidents detected was more than one million in 2014, which translates to 2,800 attacks per day.

PwC India executive director of cyber security, governance risk and compliance services Sivarama Krishnan said cyber security is no longer an issue that concerns only IT and security professionals.

"The impact has extended to the C-suite and boardroom,” he said. "It is now a persistent business risk. Awareness and concern about such security incidents and threats are a priority for the consumers as well.”

According to Provensec security researcher Ashish Kumar, firms need to spend more on IT security and hire talented IT security professionals.

“Cyber crime has become such a major problem for us with so many new forms of virus and malware, different hacking techniques and more than enough data breaches," he said.

Read more on Security policy and user awareness