More than half of Indian organisations admit to falling sufferer to a profitable cyberattack within the final 12 months: Sophos survey

  • Sophos research of 900 enterprise resolution makers throughout Asia Pacific and Japan signifies COVID-19 accelerated interval of digitisation and was a catalyst for enhancing cybersecurity, however systemic safety points persist
  • Although Indian organisations reported the very best share of getting an impartial safety finances, this was not sufficient to cease cyberattacks
  • Malware, AI/ML pushed assaults and nation state assaults thought-about the three most critical threats to enterprise safety in subsequent 24 months
  • Two thirds of Indian organisations say they’ve not less than a proactive functionality with regards to cyber safety: the biggest share amongst Asia Pacific and Japan areas

Sophos, a world chief in next-generation cybersecurity, right this moment introduced the findings of the second version of its survey report, The Future of Cybersecurity in Asia Pacific and Japanin collaboration with Tech Research Asia (TRA). The research reveals that regardless of cyberattacks rising, cybersecurity budgets have remained stagnant and government groups proceed to underestimate the extent of injury threats can do to organisations.

Insignificant rise in budgets, regardless of important rise in assaults

In India, regardless of having the very best share of corporations with an impartial safety finances, 52 per cent of organisations say they fell sufferer to a profitable cybersecurity assault within the final 12 months. Of these profitable breaches, 71 per cent of organisations admitted it was a critical or very critical assault, and 65 per cent mentioned it took longer than every week to remediate.

While assaults are rising in frequency and severity, cybersecurity budgets remained largely unchanged as a share of income between 2019 and 2021. At the identical time, India reported the very best share of corporations which have an impartial safety finances. Furthermore, they count on an increase within the median share of expertise budgets spent on cybersecurity from 9 p.c right this moment to 10 p.c within the subsequent 24 months.

Adding his ideas, Sunil Sharma, managing director – gross sales, Sophos India and SAARC, mentioned, “Cyberbreaches are a reality that we cannot afford to ignore. Within an organisation, there will always be multiple threats that can exploit various vulnerabilities and launch full blown cyberattacks. The only way to stop these threats is to actively hunt for them and neutralize them. This makes threat hunting an important function to mitigate the damage caused by cyberattacks. Hence, there is a strong need for increased cybersecurity budgets to include threat hunting in house or outsourced services like managed detection and response (MDR). Our findings show there is budget allocated for cybersecurity in India, but it isn’t enough. Indian organisations need to view cybersecurity as a value to the business and increase their budgets accordingly.”

Overall, 44 per cent of Asia Pacific and Japan (APJ) organisations surveyed suffered an information breach in 2020, up from 32 per cent in 2019. Of these profitable breaches, 55 per cent of corporations rated the lack of knowledge as both “very serious” (24 per cent) or “serious” (31 per cent). Seventeen per cent of organisations surveyed suffered not less than 50 assaults, per week. As cyberattacks proceed to rise, the report discovered that malware, AI/ML-driven assaults and nation state assaults would be the most critical threats to enterprise cybersecurity over the subsequent 24 months.

“Ultimately, security is about right sizing the risk. If the risk increases, budgets should also increase, but in this climate of uncertainty, we’ve seen organisations take a conservative approach to security spending, which is impacting their ability to stay ahead of cybercriminals,” mentioned Trevor Clarke, lead analyst and director at Tech Research Asia.


About this analysis

Sophos commissioned Tech Research Asia (TRA) to undertake this analysis into the Asia Pacific and Japan cybersecurity panorama. This features a main quantitative survey the place a complete of 900 responses have been captured throughout Australia, India, Japan, Malaysia, Philippines and Singapore. In addition to this, TRA captured qualitative insights from digital roundtable occasions in Australia, India, Japan and Singapore (with ASEAN illustration).

About Sophos

As a worldwide chief in next-generation cybersecurity, Sophos protects greater than 400,000 organizations of all sizes in additional than 150 international locations from right this moment’s most superior cyber threats. Powered by SophosLabs and SophosAI – a world menace intelligence and knowledge science crew – Sophos’ cloud-native and AI-powered options safe endpoints (laptops, servers and cellular gadgets) and networks towards evolving cyberattack methods, together with ransomware, malware, exploits, knowledge exfiltration, active-adversary breaches, phishing, and extra. Sophos Central, a cloud-native administration platform, integrates Sophos’ whole portfolio of next-generation merchandise, together with the Intercept X endpoint resolution and the XG next-generation firewall, right into a single “synchronized security” system accessible by means of a set of APIs. Sophos has been driving a transition to next-generation cybersecurity, leveraging superior capabilities in cloud, machine studying, APIs, automation, managed menace response, and extra, to ship enterprise-grade safety to any dimension group. Sophos sells its services solely by means of a world channel of greater than 53,000 companions and managed service suppliers (MSPs). Sophos additionally makes its progressive business applied sciences out there to shoppers through Sophos Home. The firm is headquartered in Oxford, U.Okay. More data is offered at

About Tech Research Asia

TRA is a fast-growing IT analyst, research, and consulting firm with an skilled and various crew in Sydney | Melbourne | Singapore | Kuala Lumpur | Hong Kong | Tokyo. We advise government expertise patrons and suppliers throughout Asia Pacific. We are rigorous, fact-based, open, and clear. And we provide analysis, consulting, engagement and advisory companies. We additionally conduct our personal impartial analysis on the problems, developments, and methods which can be essential to executives and different leaders that need to leverage the ability of contemporary expertise. TRA also publishes the open and online journal, TQ.


Please enter your comment!
Please enter your name here