A Frost & Sullivan study commissioned by Microsoft reveals that a large-sized organisations in India incurs an average of $10.3 million of economic loss from cyber attacks whereas a mid-sized organisations incurs an average of $11,000 (Rs 8,03,110).
The report stated that cyber attacks have also resulted in job losses across domains in more than three out of five organisations that have experienced an incident during the survey period.
The study involved a survey of 1300 business and IT decision makers ranging from mid to large-sized organisations and revealed that more than three in five organisations (62%) surveyed in India have either experienced a cybersecurity incident or are not sure if they had one as they have not performed proper forensics or data breach assessment.
“As companies embrace the opportunities presented by cloud and mobile computing to connect with customers and optimize operations, they take on new risks,” said Keshav Dhakad, Group Head & Assistant General Counsel, Corporate, External & Legal Affairs (CELA), Microsoft India
He added, “With traditional IT boundaries disappearing the adversaries now have many new targets to attack. Companies face the risk of significant financial loss, damage to customer satisfaction and market reputation—as is evident from high-profile breaches this year.”
To calculate the cost of cybercrime, Frost & Sullivan has created an economic loss model based on macro-economic data and insights shared by the survey respondents.
This model factors in three kinds of losses which could be incurred due to a cybersecurity breach are direct (financial losses associated with the incident; indirect (the opportunity cost to the organisation such as customer churn due to reputation loss); and induced (impact on the broader ecosystem and economy, such as the decrease in consumer and enterprise spending).
“Although the direct losses from cybersecurity breaches are most visible, they are but just the tip of the iceberg,” said Benoy CS, Director & Business Unit Head, Digital Transformation Practice Middle East, North Africa & South Asia, Frost & Sullivan.
He added, “There are many other hidden losses that we have to consider from both the indirect and induced perspectives, and the economic loss for organizations suffering from cybersecurity attacks can be often underestimated.”
While examining the current cybersecurity strategy of organisations in India, the study found that for organisations that have encountered cybersecurity incidents, remote code execution and data exfiltration are the biggest concerns as they have the highest impact with the slowest recovery time.
Artificial Intelligence (AI) in Cybersecurity Defense
With the increasing threat of cyber attacks, the report highlights that the rapid advancements in technologies like AI can become a potent opponent against cyber attacks as it can detect and act on threat vectors based on data insights.
The study reveals that more than nine in ten (92%) organisations in India have either adopted or are looking to adopt an AI approach towards boosting cybersecurity. More than one in five (22%) of Indian organisations have already witnessed benefits of using AI to achieve faster and more accurate detection of threats.
The report recommends organisations to look at cybersecurity as a digital transformation enabler, investment in strengthening security fundamentals, maximise skills and tools, assessment, and leverage AI and automation.