Human Error Is One Of the Prime Reasons Behind Security Breaches For Indian Businesses

Human error is one of the significant factors that facilitates cybersecurity breaches in an organization. A Sophos report shows how Indian businesses lack appropriate preparedness levels when it comes to cybersecurity. However, there is a silver lining. This article discusses the report's key findings and why there is a need for Indian businesses to adopt robust cybersecurity measures.

By
Opinions expressed by Entrepreneur contributors are their own.
You're reading Entrepreneur India, an international franchise of Entrepreneur Media.

Human error is a significant factor that opens a window for threat actors to access organizational networks. According to a survey by Sophos, a pioneer in cybersecurity and endpoint protection, about 63 per cent of businesses in India believe that a lack of security expertise could pose a significant challenge to their organization. Moreover, the majority of them are afraid of their employees getting involved in some malicious activity. 

Adobe

Major Concerns For Businesses

Almost 90 per cent of businesses around the country state their most significant concern is to tighten their cybersecurity posture and educate their staff about various cybersecurity threats and how to avoid them. The Sophos survey report also reveals that 30 per cent of organizations across the country are prepared to outsource cybersecurity training to create more awareness amongst their staff and enhance cybersecurity in the organization.

Are Businesses Willing To Create a Separate Security Budget?

In India, only 43 per cent of businesses allot a dedicated sum towards cybersecurity in their annual budget. In most organizations, cybersecurity is included in the overall IT budget.  

The Sophos report further states that only one-third of organizations across the country have a dedicated Chief Information Security Officer (CISO). While an IT Manager oversees cybersecurity in some organizations, the CTO spearheads and manages security in other organizations. In addition, most organizations keep security management in-house, and only a few tasks like cybersecurity training and testing are outsourced.

Embracing the Latest Technology

In India, only 19 per cent of organizations implement major enhancements to their cybersecurity systems, and 38 per cent of organizations have reportedly said to have planned to make alterations in their cybersecurity approach.

The report also reveals that 79 per cent of people at the top of the business line feel that involving deeply integrated solutions in their cybersecurity plans is important. They believe that these systems will detect, investigate and react to any cybersecurity threats to the organization.

Key Findings of the Report

The Sophos survey report reveals some key findings, which include:

•    There is a lack of senior-level management and employees with robust cybersecurity awareness in around 90 per cent of organizations.

•    63 per cent of businesses state that majority of their cybersecurity issues are caused by staff error.

•    Although one-third of the organizations surveyed reported having gone through a data breach, only 19 per cent of businesses considered cybersecurity a severe issue.

•    59 per cent of organizations lack the expertise and software to detect, investigate and report cybersecurity threats and attacks.

Final Words

Human error poses a significant threat to an organization's cybersecurity. Amidst all the concerns the report has highlighted about the cybersecurity posture of Indian businesses, one bright side has come to light, i.e., 79 per cent of key business personnel wanting to adopt robust cybersecurity measures that can help them detect, investigate, and tackle cyber threats. In today's digital world, where the number of malicious actors is ever-growing, it is only apposite for businesses to allocate a considerable budget to reinforce cybersecurity measures to stay a step ahead of these adversaries and steer clear of cyber attacks that can put a dent on their operations and brand value. 

Remesh Ramachandran

Written By

Remesh Ramachandran is an ethical hacker. He has solved several sophisticated cybercrime and real-world hacking cases, and has worked for the government and various other national and international agencies. Remesh is currently working as a CISO (Chief Information Security Officer) for an organisation.