Cybersecurity is like any other security – you don’t realize its importance unless you need it. In the digitized world, it will be safe to say that every company is a tech-based company. Even if it doesn’t sell technology-based products or services, it uses technology to run and manage the business. In fact, with the world evolving into a unified marketplace, an increasing number of companies have branches or employees spread across the globe. Hence, most organizations leverage the internet to keep their processes running.
Having said this, it is also essential to understand the growing number of cybercrimes and the ever-increasing cybercriminal-ecosystem. With over half a billion internet users and over 1.2 billion mobile accounts, India as a country is a breeding ground for cybercriminals. India was amongst the world’s top 5 cyber-targeted nations along with the US, UK, Singapore and Ukraine. According to the India Threat Landscape Report 2020 by cyber intelligence platform CYFIRMA, Healthcare, government agencies, banks, manufacturing, retail, IT service providers and e-commerce platforms are likely to be on their radar into early 2021.In such a landscape, cybersecurity needs to become an integral part of every business. However, cybersecurity in India is still in its nascent stages. Let’s look at the top 5 challenges to the adoption of cybersecurity among professionals and businesses.
CYBER SECURITY IS TREATED AS AN ‘IT’ PROBLEM AND NOT A ‘BUSINESS’ PROBLEM
The first challenge to the adoption of any technology or service is the mind-set of the stakeholders. In India, typically, any problem associated with the technology is branded as an ‘IT” problem. Business owners assume that the IT department will take care of the problem and it will be business-as-usual soon. However, if the IT department is not equipped with the right resources (equipment or human resources), then there can be times when it can fail to fend off a cyber-attack. When that happens, businesses spring into action attempting damage control and realizing their folly. And it usually is too late.
LACK OF CYBERSECURITY PROFESSIONALS
In recent years, many organizations are realizing the importance of cybersecurity and have been trying to ramp up their processes and human resources to keep them protected against online threats. However, the number of available professionals far outweighs the demand. As many as 64,000 cybersecurity jobs are on offer in different companies and in these open positions, about 11,000 are for cyber security product developers, according to the Data Security Council of India. There is a huge demand for managed security services, system integration, network security, compliance security, information security, threat management, big data analytics and cloud security.
Regulators in India are taking active note of the increasing cyber-attacks and formulating guidelines and frameworks for implementing comprehensive cybersecurity mechanisms in organizations. But there is still a lot of scope for granular and sector-specific regulations. Further, with data being exchanged across borders, Indian regulators also need to keep in sync with the global norms. Moreover, compliance parameters and processes are yet to see a concrete shape.
INCREASING DEPENDENCY ON THIRD-PARTY VENDORS
Even companies who dedicate time and resources to cybersecurity can lose sensitive data if the third-party vendors used by them get hacked. There is an increasing dependency on third-party vendors for cost and process efficiency. Unless there is a culture of cybersecurity in the market, the adoption rates will below.
AWARENESS AND READINESS
Two main aspects that need to be addressed to increase the adoption of cybersecurity in India are awareness and adoption. Ransomware/ Malware/ Phishing activity has also been on the rise in India. Organizations need to know the potential losses they can face if their systems get hacked or infected with a virus or malware. They also need to stay abreast of the latest cybersecurity processes adopted by organizations around the world. Once they are aware and ready to accept cybersecurity as an integral part of their core processes, adoption would be easier, comprehensive, and more effective.
Interestingly, the common thread among all these challenges is the people factor. Are they aware, trained, and capable of recognizing and dealing with cyber-threats? In essence, it boils down to empowering people. As people realize the importance of this growing technology, we will soon have an ecosystem that has cybersecurity as an essential corporate pillar.
Views expressed in this article are the personal opinion of Jitendra Singh, Chief Technology Officer, TalentSprint.