Nearly 61 per cent of organisations in India lack structured cybersecurity training: Survey

Hemani Sheth Mumbai | Updated on October 13, 2020 Published on October 13, 2020

Nearly 61 per cent of Indian organisations lack well-structured cybersecurity training modules for their employees, according to a survey by cybersecurity firm, Cyberbit.

According to the report, this number is especially concerning considering that a majority of the workforce still works remotely.

It adds that 77 per cent of cybersecurity professionals work remotely, while 23 per cent work on-premises or hybrid.

Of the cybersecurity professionals working remotely, 50 per cent said they had not been given any cybersecurity training by their organisations.

A majority of organisations rely on training that provides limited practical exposure. According to the survey, 89 per cent of organisations “still rely on classroom training, external certificates, and tabletop exercises that emphasise theory and have limited practical exposure.”

“These approaches are great to develop knowledge, but don’t prepare SOC teams with the practical skills required for the experience of a real-world attack,” the report said.

Of the organisations surveyed, 11 per cent have deployed a Cyber Range that exposes their security teams to simulated cyberattacks.

“Training using a cyber range provides experiential learning (i.e. learning by doing or hands-on-training) that ensures SOC staff are prepared and equipped to deal with any incident using “muscle memory” acquired through regular practice,” the report said.

“We expect more and more organisations to invest in Cyber Ranges in India, especially after the Covid-19 pandemic has given cybercrime a boost, making the need for skilled cybersecurity professionals even more significant,” it added.

The firm also surveyed universities in the Asia-Pacific “to understand the maturity of their cybersecurity training programmes.” According to the report, 60 per cent of the universities surveyed lacked hands-on education for cybersecurity students.

Rakesh Kharwal, MD-India, Cyberbit, said, “With the pandemic worsening, the cybercrime situation and an increasing number of Indian employees working from home, India is still unable to fulfill the demand for a competent and agile cybersecurity workforce.”

“Although the demand for cybersecurity professionals in India is at an all-time high, the dearth of proper educational institutions that impart accelerated cybersecurity training is a key factor responsible for the shortage of skilled professionals in the country. There is a fundamental flaw in the method of training and building cybersecurity workforces in our country,” he added.

“It is essential to note that cybersecurity training can’t be taught in classrooms as theory classes, or by reading books and PPTs, or going through product videos. It must be based on a real-life corporate environment, using commercially available cyber tools and simulation experiences. Only then can India produce a resilient cybersecurity workforce and solution stack that is well-equipped to neutralise all kinds of imminent cyber threats," he added.

Follow us on Telegram, Facebook, Twitter, Instagram, YouTube and Linkedin. You can also download our Android App or IOS App.

Published on October 13, 2020
  1. Comments will be moderated by The Hindu Business Line editorial team.
  2. Comments that are abusive, personal, incendiary or irrelevant cannot be published.
  3. Please write complete sentences. Do not type comments in all capital letters, or in all lower case letters, or using abbreviated text. (example: u cannot substitute for you, d is not 'the', n is not 'and').
  4. We may remove hyperlinks within comments.
  5. Please use a genuine email ID and provide your name, to avoid rejection.