Ransomware attack top threat in India, human error leading cause of breaches

The 2024 Thales Data Threat Report highlights a significant increase in cyberattacks, with ransomware and human error being the top culprits.

Despite ransomware being ranked as the biggest growing threat in India, only 20% of have a formal ransomware plan in place, with 10 per cent resorting to paying the ransom demands, revealed a recent survey by  Thales, a cybersecurity company. 

"Ransomware and malware stand out as the fastest-growing threat of 2024, with 42 per cent of respondents ranking them as topmost fastest growing type of threat. Cloud assets, including SaaS applications, cloud-based storage, and cloud infrastructure management, remain the primary targets for such attacks," revealed the report. 

The report shows that for a second year running, human error remains the leading cause of data breaches, with 34% of enterprises pinpointing this as the root cause. 

Compliance is the key to data security

The research found that 40% of respondents in India failed a compliance audit in the past twelve months – with the report highlighting a very clear correlation between compliance and data security.

19% of respondents had experienced a breach that very same year."Fundamental understanding of what systems, applications, and data are at risk continue to lag due to changing regulatory and threat landscapes. Only a third (31%) of Indian organisations are able to fully classify all of their data, with a worrying 20% stating that they classify very little or none of their data," noted the report. 

Here are the key findings: 

Ransomware on the Rise: 11% of Indian respondents admitted to experiencing ransomware attacks in the past year. Ransomware encrypts a company's data, making it inaccessible, and attackers demand a ransom to unlock it. Worryingly, only 20% of Indian companies have a formal plan to deal with ransomware attacks, and 10% end up paying the ransom.

Human error is a big problem: For the second year in a row, human error, such as misconfiguration of systems or falling for phishing scams, is identified as the leading cause of data breaches globally, impacting India as well.

Compliance is Key: The report underlines a strong link between compliance and data security. Businesses that failed a compliance audit in the past year were 10 times more likely to suffer a data breach. Only 40% of Indian respondents passed their compliance audits.

Data Visibility Issues: Many Indian organizations (69%) struggle to classify all their data, making it difficult to protect it. This lack of visibility can be a major security risk.

"Enterprises need to know exactly what they’re trying to protect. With data privacy regulations continually changing in India and across the world, enterprises need to have good visibility across their organisation to stand any chance of staying compliant,” said Ashish Saraf, VP and Country Director, Thales in India.

“If there’s one key takeaway from this year’s study, it’s that compliance is key. In fact, respondents that had a good hold over their compliance processes and passed all their audits were also less likely to suffer a breach. As India continues to progress in the technological landscape, we’ll start to see more compliance and security functions coming together. This would be a huge positive step to strengthen cyber defenses and build trust with customers,” he added.