Just 24 percent of organisations surveyed in India have the ‘mature’ level of readiness needed to be resilient against modern cybersecurity risks, according to a new Cisco study released on Tuesday.
Cisco, in a separate announcement, said it aims to train 500,000 cybersecurity professionals over 3 years across India.
Cisco’s first-ever Cybersecurity Readiness Index highlighted where businesses are doing well and where cybersecurity readiness gaps will widen if global business and security leaders don’t take action.
Underlining that readiness is critical, the Cisco study revealed that 90 percent respondents said they expect a cybersecurity incident to disrupt their business in the next 12 to 24 months.
India scored high in the global chart in terms of maturity (24 percent), performing above the global average of 15 percent on cybersecurity readiness. About 38 percent of companies in India fall into the beginner or formative stages.
Conducted by an independent third party, the survey asked 6,700 private sector cybersecurity leaders across 27 markets to indicate which of the solutions they had deployed and the stage of deployment. Companies were then classified into four stages of increasing readiness — beginner, formative, progressive, and mature.
While beginner (overall score of less than 10) implies initial stages of deployment of solutions, formative (score between 11 – 44) have some level of deployment, but performing below average on cybersecurity readiness. In the index, progressive (score between 45 – 75) meant considerable level of deployment and performing above average on cybersecurity readiness, whereas mature (score of 76 and higher) have achieved advanced stages of deployment and are most ready to address security risks.
While organisations in India are faring better than the global average, the number is still very low, given the risks.
According to Cisco, this readiness gap is telling, not least because 90 per cent of respondents said they expect a cybersecurity incident to disrupt their business in the next 12 to 24 months.
The cost of being unprepared can be substantial as 80 percent of respondents said they had a cybersecurity incident in the last 12 months, and 53 percent of those affected said it cost them at least USD 500,000 (roughly Rs. 4 crore).
“Cybersecurity is a top priority for businesses as they continue their digitisation journey. With hybrid work becoming mainstay and services being application-driven, it is critical that organisations close the security readiness gap,” Samir Mishra, Director, Security Business Group, Cisco India and SAARC, said.
Business leaders must establish a baseline of ‘readiness’ across the five security pillars to build secure and resilient organisations. This need is especially critical given that 95 percent of the respondents plan to increase their security budgets by at least 10 percent over the next 12 months. By establishing a base, organisations can build on their strengths and prioritise the areas where they need more maturity and improve their resilience.
The five key pillars are identity, devices, network security, application workloads, and data.
Meanwhile, Cisco announced its goal to train 500,000 people across India with cybersecurity skills over the next 3 years.
This goal is part of Cisco’s 10-year ambition to empower 25 million people with digital skills worldwide through Cisco’s Networking Academy. The flagship programme is celebrating its 25th anniversary this year. During this time, the programme has reached 17.5 million students across 190 countries. Since starting operations in India, it has trained 1.2 million students through 718 partnerships with educational institutions and organisations offering Networking Academy courses.
The two announcements were made at the Cisco India Summit (CIS) 2023 in Jaipur.
Cisco said the future of India’s growth and global competitiveness depends on building a strong digital economy which in turn relies on a digitally-skilled workforce.
“With the speed and scale of digitisation across the country, there will be an increased demand for skilled cybersecurity professionals as organisations look to defend themselves against an evolving and complex threat landscape,” Cisco said.