rediff.com

NewsApp (Free)

Read news as it happens
Download NewsApp

Available on  

Rediff News  All News 
Rediff.com  » Business » Indian firms face deficit in cyber security infra: Websense

Indian firms face deficit in cyber security infra: Websense

July 18, 2014 16:21 IST

Investigators with the US Federal Trade Commission look at computer monitors in the FTC Internet lab where cyber crime investigations take place in Washington, DC.Cyber security infrastructure in enterprises in India faces a startling deficit and there is a disconnect between executives and security teams, a report said on Friday.

Prepared by cyber security firm Websense and Ponemon Institute, the report, 'Exposing the Cybersecurity Cracks: A Global Perspective', also revealed that firms have limited visibility into attack activity.

"The report reveals that how better communication and information about cybersecurity, the right investment in skilled personnel and enabling technologies and the adoption of security measures will minimise risk of current and emerging cyber threats," Websense Regional Director SAARC Surendra Singh told PTI.

The study surveyed 545 IT and IT security practitioners in India with an average of 8 years experience in the field, he added.

The research was also conducted in 14 other countries -- the US, Canada, Australia, China, Hong Kong, Singapore, United Kingdom, Germany, France, Netherlands, Sweden, Italy, Mexico and Brazil.

According to the report's findings, 25 per cent of cyber security teams never speak with their executive team about cyber security. Of those that did, 25 per cent spoke just annually and 18 per cent spoke semi-annually. Just 1 per cent spoke weekly.

Sixty-seven per cent of respondents said they personally know another security professional whose firm had sensitive or confidential data stolen as a result of an insider threat, the report said. Sixty-four per cent say the data stolen by the insider was customer information and 59 per cent say intellectual property was stolen, it added.

Only 32 per cent of respondents believe their company is investing enough in skilled personnel and technologies to be effective in executing its cyber security objectives or mission. In fact, 45 per cent of companies represented in this research do not provide cyber security education to their employees.

"Very few companies take steps internally to deal with new and emerging threats."

"When there is awareness about a new cyber threat, the primary response is to reach out to outsiders such as CERT, law enforcement and industry peers," the report said.

Fifty-five per cent say providers of security solutions hype the threats and risks companies face, while 63 per cent of respondents say their company very frequently or frequently has purchased a security solution that was a disappointment.

Singh suggested that firms need to eliminate uncertainty of cyber risks and invest in technologies that provide visibility and details about high-risk behaviour and attempted attacks.

© Copyright 2014 PTI. All rights reserved. Republication or redistribution of PTI content, including by framing or similar means, is expressly prohibited without the prior written consent.