Cybersecurity hasn't kept pace with tech adoption: ESET's Parvinder Walia

Indian MSMEs often believe they are too small to be targeted and skip cybersecurity measures, making them the first victims of such digital attacks

Cybersecurity measures and policies in India have not kept pace with the rapid rise in adoption of technologies such as artificial intelligence (AI), generative AI, cloud and digital payments, leading to higher attacks on the country’s digital systems, Parvinder Walia, president (Asia Pacific and Japan) at cybersecurity firm ESET, pointed out.

 

“Many of these companies (in India) are so small that they do not have an in-house cybersecurity team, and rightly so, because maybe they want to invest more in their core expertise rather than investing a lot in cybersecurity. Their infrastructure is quite outdated,” he said. 

 

Most micro, small, and medium enterprises (MSMEs) in India believe they are too small to be targeted and therefore are unwilling to invest in cybersecurity, he said, adding that this is one of the primary reasons why they become the first victims of such digital attacks.

 

These companies, Walia added, also outsource their cybersecurity needs to third-party vendors, which leaves them particularly vulnerable, as one human error on the part of the vendor can expose the organisation for no fault of their own.

 

Though the cost of developing and deploying cybersecurity architectures, such as always-on and zero-trust, is slightly higher, MSMEs and companies must adopt these measures, along with continuous monitoring and threat hunting within their networks, he said.

 

In 2024, Indian companies and individuals lost nearly Rs 23,000 crore to cybercriminals, more than twice the roughly Rs 7,500 crore loss in 2023, according to data from the Ministry of Home Affairs. To mitigate such losses, ESET launched a cybersecurity awareness training program in India in August this year to help MSMEs and local companies prevent cybersecurity breaches resulting from human error.

 

The advent of artificial intelligence will further exacerbate these issues, as cybercriminals will refine their attack methodologies by using them to create more sophisticated deep fakes and unauthorised attacks, Walia said.