You can be on Entrepreneur’s cover!

Human Error Is One Of the Prime Reasons Behind Security Breaches For Indian Businesses Human error is one of the significant factors that facilitates cybersecurity breaches in an organization. A Sophos report shows how Indian businesses lack appropriate preparedness levels when it comes to cybersecurity. However, there is a silver lining. This article discusses the report's key findings and why there is a need for Indian businesses to adopt robust cybersecurity measures.

By Remesh Ramachandran

Opinions expressed by Entrepreneur contributors are their own.

You're reading Entrepreneur India, an international franchise of Entrepreneur Media.


Human error is a significant factor that opens a window for threat actors to access organizational networks. According to a survey by Sophos, a pioneer in cybersecurity and endpoint protection, about 63 per cent of businesses in India believe that a lack of security expertise could pose a significant challenge to their organization. Moreover, the majority of them are afraid of their employees getting involved in some malicious activity.

Major Concerns For Businesses

Almost 90 per cent of businesses around the country state their most significant concern is to tighten their cybersecurity posture and educate their staff about various cybersecurity threats and how to avoid them. The Sophos survey report also reveals that 30 per cent of organizations across the country are prepared to outsource cybersecurity training to create more awareness amongst their staff and enhance cybersecurity in the organization.

Are Businesses Willing To Create a Separate Security Budget?

In India, only 43 per cent of businesses allot a dedicated sum towards cybersecurity in their annual budget. In most organizations, cybersecurity is included in the overall IT budget.

The Sophos report further states that only one-third of organizations across the country have a dedicated Chief Information Security Officer (CISO). While an IT Manager oversees cybersecurity in some organizations, the CTO spearheads and manages security in other organizations. In addition, most organizations keep security management in-house, and only a few tasks like cybersecurity training and testing are outsourced.

Embracing the Latest Technology

In India, only 19 per cent of organizations implement major enhancements to their cybersecurity systems, and 38 per cent of organizations have reportedly said to have planned to make alterations in their cybersecurity approach.

The report also reveals that 79 per cent of people at the top of the business line feel that involving deeply integrated solutions in their cybersecurity plans is important. They believe that these systems will detect, investigate and react to any cybersecurity threats to the organization.

Key Findings of the Report

The Sophos survey report reveals some key findings, which include:
• There is a lack of senior-level management and employees with robust cybersecurity awareness in around 90 per cent of organizations.
• 63 per cent of businesses state that majority of their cybersecurity issues are caused by staff error.
• Although one-third of the organizations surveyed reported having gone through a data breach, only 19 per cent of businesses considered cybersecurity a severe issue.
• 59 per cent of organizations lack the expertise and software to detect, investigate and report cybersecurity threats and attacks.

Final Words

Human error poses a significant threat to an organization's cybersecurity. Amidst all the concerns the report has highlighted about the cybersecurity posture of Indian businesses, one bright side has come to light, i.e., 79 per cent of key business personnel wanting to adopt robust cybersecurity measures that can help them detect, investigate, and tackle cyber threats. In today's digital world, where the number of malicious actors is ever-growing, it is only apposite for businesses to allocate a considerable budget to reinforce cybersecurity measures to stay a step ahead of these adversaries and steer clear of cyber attacks that can put a dent on their operations and brand value.

Remesh Ramachandran

CISO | Security Researcher | Ethical hacker

Remesh Ramachandran is an ethical hacker. He has solved several sophisticated cybercrime and real-world hacking cases, and has worked for the government and various other national and international agencies. Remesh is currently working as a CISO (Chief Information Security Officer) for an organisation.


Get Your Business a One-Year Sam's Club Membership for Just $14

Shop for office essentials, lunch for the team, appliances, electronics, and more.

Business News

James Clear Explains Why the 'Two Minute Rule' Is the Key to Long-Term Habit Building

The hardest step is usually the first one, he says. So make it short.

Business News

Microsoft's New AI Can Make Photographs Sing and Talk — and It Already Has the Mona Lisa Lip-Syncing

The VASA-1 AI model was not trained on the Mona Lisa but could animate it anyway.

Science & Technology

AI Will Radically Transform the Workplace — Here's How HR Teams Can Prepare for It

HR intrapreneurs are emerging as key drivers of AI reskilling, thoughtful organizational restructuring and ethical integration, shaping an inclusive future where technology enhances both efficiency and employee development.

Business News

Some Costco Stores Are Now Selling a Frozen Item That Looks Just Like a Trader Joe's Fan Favorite

The Frozen Kimbap is a Trader Joe's cult favorite, and now a version can be found at Costco, too.