69% Indian firms face serious cyber attack risk: Study

While 69 per cent Indian and 63 per cent Australian companies are most at risk of cyber attack, 35 per cent of organisations in the region suffered at least one cyber security incident in the last 12 months, says a sector study.

According to a recent study by leading IT analyst firm Frost & Sullivan, findings of which were released on May 9 here by Forcepoint, a leader in global cyber security, around 83 per cent of organisations in the Asia Pacific region do not think about cyber security while embarking on digital transformation projects.

Although a majority of the organisations (72 per cent) conduct regular breach assessment to protect themselves against cyber attacks, still 55 per cent of them continue to be at risk.

"It's clear from this study that many APAC organisations are on the back foot when it comes to enterprise cyber security in the borderless organisation," said Kenny Yeo, Industry Principal, APAC ICT, Frost & Sullivan.

With 95 per cent of respondents having embarked on a digital transformation journey, adopting emerging technologies, including cloud computing, mobility, Internet of Things, and artificial intelligence/machine learning, the study reveals a big push among APAC organisations for digitization.

However, 65 per cent of respondents acknowledged that they were seriously hampered in execution of digital transformation projects due to rising cyber attacks.

One of the key reasons for this is the less mature approach by business leaders to involve cyber security when designing digital transformation projects. It is also evident from the fact that around 83 per cent of the companies did not consider cyber security until after their digital transformation projects had begun.

Cloud has become one of the key components that is leading digital transformation with 69 per cent of firms adopting cloud. But 54 per cent of respondents perceive that their cloud service provider will take the full responsibility for security.

Normally, security and compliance are a shared responsibility between an organisation and the cloud service provider. This serious misconception around responsibility of security in the cloud is resulting in a higher number of cyber attacks, says the study.

The finding suggests the majority of companies have taken measures to protect themselves against cyber incidents, with 72 per cent of them performing breach assessments at least once per quarter. Despite the readiness, 55 per cent of organisations were at risk -- either they have encountered a security incident before or they did not do any checks to assess if they have been breached.

The Frost & Sullivan study reveals the impact digital transformation is having on each organisation's risk posture. As more digital technology is built into business like cloud and mobility, it is opening each firm up to more threats.

Data exfiltration, impersonation -- both theft of digital identity and online brand impersonation -- as well as loss of intellectual property and malware infection emerged as the top security blind spots for companies rolling out digital transformation. They have high levels of business impact and long recovery times, says the study.

Over 400 organisations across Asia Pacific participated in this study, with 100 respondents each from Australia, Hong Kong, India and Singapore. They hailed from key industries like financial services, telecom, manufacturing, energy & utilities, retail, education and health care.

While 53 per cent respondents were from large enterprises, the rest were from mid-sized enterprises and small and medium businesses. Around 75 per cent respondents were C-level executives and senior IT and security decision makers.

(Prakash Jha was in Kuala Lumpur at the invitation of Forcepoint. He can be contacted at prakash.j@ians.in)

--IANS

pcj/gb/mr