Cyber security is still seen as a ‘server room’ issue and not as a critical issue that needs the attention of the Boards of India Inc, a survey by professional services firm EY has revealed.

Cyber risks are more viewed as Information Technology department functionality, than being discussed at the level of the Boards.

“The message of our latest survey is that corporates in India should take up cyber security as board-level issue. This is not happening yet,” Nitin Bhatt, Country Head, Risk Advisory, EY, said on Tuesday.

For its latest report, titled ‘Path to cyber resilience: Sense, Resist and React’, EY has surveyed 1,735 global C-suite executives, including 124 CxOs from India.

This report was released by Gulshan Rai, National Cybersecurity coordinator, National Security Council, Prime Minister’s Office.

According to the survey, outdated information security architecture and controls has most increased risk exposure for India Inc over the last 12 months, with as many as 61 per cent of the respondents citing this aspect as their topmost vulnerability.

Careless or unaware employees is their second most important concern (58 per cent), while vulnerabilities related to mobile computing, social media and cloud computing also feature prominently as contributing to enhanced risk exposure for corporate India.

Among threats, the majority (54 per cent) believe that cyber attacks are primarily targeted at defacing/disrupting organisations or towards stealing intellectual property or data (51 per cent), followed by fraud (48 per cent).

As many as 69 per cent of Indian respondents reported an increase (about 15 per cent) in their cyber security budgets over the last 12 months and almost three-fourths expect budgets to increase further in the next year.

Despite the increased investments, 75 per cent of the respondents say that their cyber security function does not fully meet the organisation’s needs.

Related Topics
comment COMMENT NOW