hywards - stock.adobe.com

How Indian organisations are keeping pace with cyber security

Indian organisations are shoring up their defences to improve their cyber resilience amid intensifying cyber threats targeted at key sectors such as healthcare and logistics

Organisations in India have reaped productivity gains and other business benefits from digital adoption, but like their counterparts elsewhere, the corresponding growth in cyber threats is putting their digitisation efforts at risk.

According to research by Check Point Software, Indian enterprises faced an average of 1,787 cyber attacks per week in the past six months, against the global average of 983, while a separate study by TeamLease, a technology professional services platform, found that organisations in healthcare, education, research and government were most vulnerable to cyber attacks.

As with most countries, the most common threats in India were ransomware which hit 73% of Indian businesses in 2022, higher than the global average of 66%, according to a recent survey by Sophos. The most targeted industries were government, education, financial services and manufacturing.

Santosh Ingalkar, head of operations at logistics company KSH Distriparks, said cyber attacks on vital infrastructure, data breaches, malware attacks and phishing emails are all prominent hazards.

“Cyber attacks against key infrastructure, such as the defence, energy and financial sectors, have major consequences,” he said. “The damage that ensues may result in data theft and security problems. Such assaults have the potential to paralyse or delay vital functions, resulting in economic and corporate losses. Such risks have already been observed in our business, and we recognise this as a possible disaster.”

Bhoopendra Solanki, chief information officer of Sakra World Hospital, said the healthcare sector is particularly vulnerable as cyber criminals know healthcare providers hold sensitive customer data, and will pay to ensure data security and privacy, making them attractive targets for hackers motivated by financial gains.

Ingalkar said another fragile segment is small and medium-sized enterprises. “Small-scale industries have less capital and are more focused on producing and providing services,” he said. “These industries place less emphasis on IT infrastructure and cyber security, making them more vulnerable to cyber attacks and easy targets for cyber hackers.”

Read more about cyber security in India

Jonas Walker, director of threat intelligence at Fortinet, said the digitisation of retail and the rise of e-commerce makes those sectors susceptible to payment card data breaches, supply chain attacks and attacks targeting customer information. “Educational institutions also hold a wealth of personal information, including student and faculty data, making them attractive targets for data breaches and identity theft,” he added.

But enterprises in India are not about to let the bad actors get their way. Sakra World Hospital, for example, has segmented its networks and implemented role-based access, endpoint detection and response, as well as zero-trust capabilities for its internal network. It also conducts vulnerability assessments and penetration tests to secure its external assets.

“Zero-trust should be implemented on your external security appliances as well,” he added. “The notification system should be strong and prompt so that action can be taken immediately to mitigate any cyber security risk.”

For KSH Distriparks, data encryption is essential. Ingalkar said cloud providers often provide data encryption at rest and in transit, so even if unauthorised persons obtain access to the data, they will be unable to read or use it without the encryption keys.

Ingalkar said his company also deploys monitoring and log analysis tools that track and analyse activities across the IT environment to identify security gaps and anomalies, and allow for rapid response and mitigation. With people often the weakest link in cyber security, it has also invested heavily in security awareness and training for employees and biometric authentication.

Strong measures

Amid rising cyber threats against critical infrastructure, the Indian government has taken strong measures to fortify the country’s cyber security posture through the National Critical Information Infrastructure Protection Centre and the National Cyber Coordination Centre.

It has also formulated a new policy on cyber security amid growing incidents of malware attacks on critical sectors. The National Cyber Security Reference Framework 2023 is particularly aimed at helping critical sectors such as banking, energy and others – arming them with strategic guidance on cyber security concerns.

According to Cisco’s Cybersecurity readiness index, about 24% of organisations in India have a “mature” level of readiness in terms of their resilience in mitigating cyber threats. This, when compared with the global average of 15%, is indicative of India’s better cyber security posture. With 90% of enterprises expecting a security incident to disrupt their business in the next 12 to 24 months, this evolution will have to keep a good pace.

Against this backdrop, Fortinet’s Walker called for organisations in India to develop a comprehensive cyber security strategy that is tailored to their needs. Regular security assessments, staying informed about emerging threats and adapting security measures are key to mitigating risks effectively, he said.

John Shier, field chief technology officer for commercial at Sophos, said organisations in India will continue to face challenges related to legacy issues in cyber security, adding that the top three root causes of attacks in India last year were exploited vulnerabilities, compromised credentials and phishing.

“Improving the resilience of systems through timely patching and hardening access through strong authentication mechanisms will reduce much of the risk that organisations currently experience,” he said. “In addition, managed detection and response services are essential for organisations that cannot ensure constant, proactive monitoring of their environments for suspicious signals, and rapid investigation and response to potential breaches.”

Read more on Hackers and cybercrime prevention

Data Center
Data Management