Over 18 percent threats discovered in India are on mobile devices, which is almost double the global average
Nearly 76 percent of Indian businesses were victims of cyberattacks in 2018, right behind Mexico and France, according to a study by network and endpoint security firm Sophos.
In its report titled 'Seven Uncomfortable Truths of Endpoint Security', the firm said most cyber criminals in India are detected at the server (39 percent) and on the network (35 percent). Around 8 percent are found at endpoints and over 18 percent threats discovered in India are on mobile devices. This is almost double the global average.
The report was published after surveying over 3,100 IT decision makers from mid-sized businesses in 12 countries, including the US, Canada, Mexico, Colombia, Brazil, UK, France, Germany, Australia, Japan, India and South Africa.
"IT security continues to be a major issue across the globe with 68 percent of organisations surveyed hit by cyberattacks in the last one year (76.3 percent organisations in India). On average, organisations impacted by cyber attacks were struck at least twice," the survey said.
"Server security stakes are at an all-time high with servers being used to store financial, employee, proprietary, and other sensitive data. Today, IT managers need to focus on protecting business-critical servers to stop cyber criminals from getting on to the network. They can’t ignore endpoints because most cyberattacks start there, yet a higher than expected amount of IT managers still can't identify how threats are getting into the system and when," said Sunil Sharma, Managing Director Sales at Sophos India & SAARC, told Business Standard.
It is important to note that 14 percent of IT managers who fell victim to one or more cyberattacks last year are not sure how the attackers gained access to their systems. Around 17 percent do not know how long the threat was in the system before detection.
The survey suggested that IT managers should get endpoint detection and response (EDR) technology to isolate threats and the digital footprints of attackers that enter a network.Indian organisations that probe one or more potential security incidents every month take 48 days a year (four days a month) for the process. The report stated that 75 percent of Indian organisations are not able to benefit from their EDR solutions. Nearly 67 percent of the organisations surveyed plan to add EDR capabilities to fight the cyber threat.