Microsoft and Frost & Sullivan Study also reveals that:
- Cybersecurity attacks have led to job losses in more than three in five (64%) organizations over the last year
- Cybersecurity concerns delay Digital Transformation plans
- Nine in ten (92%) of Indian organizations surveyed are looking to leverage Artificial Intelligence to enhance their cybersecurity strategy
Delhi, 05 December 2018- A Frost & Sullivan study commissioned by Microsoft reveals that a large-sized organization in India incurs an average of US$10.3 million of economic loss from cyberattacks whereas a mid-sized organization incurs an average of US$11K. Cybersecurity attacks have also resulted in job losses across different functions in more than three in five (64%) organizations that have experienced an incident during the survey period.
The study, titled “Understanding the Cybersecurity Threat Landscape in Asia Pacific: Securing the Modern Enterprise in a Digital World”, aims to provide business and IT decision makers with insights on the economic cost of cybersecurity breaches in the Asia-Pacific region identify the gaps in organizations’ cybersecurity strategies. The study involved a survey of 1,300 business and IT decision makers ranging from mid-sized organizations (250 to 499 employees) to large-sized organizations (>than 500 employees). The study reveals that more than three in five organizations (62%) surveyed in India have either experienced a cybersecurity incident(30%) or are not sure if they had one as they have not performed proper forensics or data breach assessment(32%).
“As companies embrace the opportunities presented by cloud and mobile computing to connect with customers and optimize operations, they take on new risks,” said Keshav Dhakad, Group Head & Assistant General Counsel, Corporate, External & Legal Affairs (CELA), Microsoft India “With traditional IT boundaries disappearing the adversaries now have many new targets to attack. Companies face the risk of significant financial loss, damage to customer satisfaction and market reputation—as is evident from high-profile breaches this year.”
To calculate the cost of cybercrime, Frost & Sullivan has created an economic loss model based on macro-economic data and insights shared by the survey respondents. This model factors in three kinds of losses which could be incurred due to a cybersecurity breach, viz., direct (financial losses associated with the incident; indirect ( the opportunity cost to the organization such as customer churn due to reputation loss); and induced (impact on the broader ecosystem and economy, such as the decrease in consumer and enterprise spending). “Although the direct losses from cybersecurity breaches are most visible, they are but just the tip of the iceberg,” said Benoy CS, Director & Business Unit Head – Digital Transformation Practice Middle East, North Africa & South Asia, Frost & Sullivan. “There are many other hidden losses that we have to consider from both the indirect and induced perspectives, and the economic loss for organizations suffering from cybersecurity attacks can be often underestimated.”
The Study also examined the current cybersecurity strategy of organizations in India. It found that for organizations that have encountered cybersecurity incidents, remote code execution and data exfiltration are the biggest concerns as they have the highest impact with the slowest recovery time. A large number of cybersecurity tools and a complex environment also add to the turnaround time. Most organizations lack a cybersecurity strategy, while for a large majority cybersecurity was an afterthought. About 59% (3 in 5) of respondents in the Study said that the fear of cyberattacks has hindered digital transformation projects. (37%) see cybersecurity strategy only as a means to safeguard the organization against cyberattacks rather than a strategic business enabler. A mere 18% seeing cybersecurity as a digital transformation enabler.
Focus on AI: While the threat of cyber-attacks is ever increasing, the report also highlights that rapid advancements in technologies like AI will act as a key equalizing factor. The study reveals that more than nine in ten (92%) organizations in India have either adopted or are looking to adopt an AI approach towards boosting cybersecurity. Additionally, more than one in five (22%) of Indian organizations have already witnessed benefits of using AI to achieve faster and more accurate detection of threats.
In conclusion, the report also recommends a set of best practices for organizations to improve their defense against cyber threats. This includes positioning cybersecurity as a digital transformation enabler; ongoing investment in strengthening security fundamentals; reducing the number of tools and complexity, and leveraging integrated best-of-suite tools; continuously assessing and reviewing compliance and leveraging AI and Automation to increase capabilities and capacity. According to Mr. Dhakad, “The ever-changing threat environment is challenging, but there are ways to be more effective using the right blend of modern technology, strategy, and expertise. Microsoft is empowering businesses in India to take advantage of digital transformation by enabling them to embrace the technology that’s available to them, through its secure platform of products and services, combined with unique intelligence and broad industry partnerships.”
Microsoft in cybersecurity
Microsoft’s approach to cybersecurity rests on three core functional areas: protect, detect and respond. To support a comprehensive, cross-company and cross-industry approach to cybersecurity, Microsoft invests more than a billion dollars in a year in security research, innovation and development. It is the first company in the industry to win a certification ISO/IEC 27018 that validates the highest levels of data security and privacy. More information and access to tools and resources, can be found here: Microsoft Cybersecurity.
About Microsoft India
Microsoft (Nasdaq “MSFT” @microsoft) enables digital transformation for the era of an intelligent cloud and an intelligent edge. Its mission is to empower every person and every organization on the planet to achieve more. Microsoft set up its India operations in 1990. Today, Microsoft entities in India have over 8,000 employees, engaged in sales and marketing, research and development and customer services and support, across 11 Indian cities – Ahmedabad, Bangalore, Chennai, New Delhi, Gurugram, Noida, Hyderabad, Kochi, Kolkata, Mumbai and Pune. Microsoft offers its global cloud services from local data centers to accelerate digital transformation across Indian start-ups, businesses, and government agencies. In 2016, Microsoft opened one of its eight Cyber Security Engagement Centers in the country, to address security needs of both public and private sectors.