Information security incident reporting has increased three-folds in India Inc, the survey finds. At the same time, financial losses due to security breaches have seen a significant decrease. On the flip side, data also suggests that losses from security incidents are not measured completely by respondents in most cases. While 63% of organizations consider loss to customer business while computing losses, only 35% factor in brand image and reputation while estimating an incident’s impact.
Audit and consulting costs are only listed by 53% of respondents, with only 38% factoring in losses from court settlements. Most reported incidents involve exploitation of removable storage (35%), data (32%), and mobile devices (23%). Internal risk is seen as the biggest factor, with close to 51% of respondents saying that current employees expose organizations to breaches. This is 15% higher than the global average.