66% Indian respondents say unauthorized users could access their network, rendering their perimeter security ineffective
Despite the increasing number of data breaches and nearly 36.6 million data records being lost or stolen in India in 2016, the vast majority of IT professionals still believe perimeter security is effective at keeping unauthorized users out of their networks, as per Breach Level Index. However, companies are under investing in technology that adequately protect their business, according to the findings of the fourth-annual Data Security Confidence Index released recently by Gemalto.
Surveying 1,050 IT decision makers worldwide, businesses feel that perimeter security is keeping them safe. Out of the 100 IT decision makers from India, most (98%) believe that it is quite effective at keeping unauthorized users out of their network. However, 49% are not extremely confident their data would be protected, should their perimeter be breached, a slight decrease on last year (58%). Despite this, nearly seven in 10 (69%) organizations report that they believe all their sensitive data is secure.
Perimeter security is the focus, but understanding of technology and data security is lacking
Many businesses are continuing to prioritize perimeter security without realizing it is largely ineffective against sophisticated cyberattacks. According to the research findings, 93% of Indian respondents said their organization had increased investment in perimeter security technologies such as firewalls, IDPS, antivirus, content filtering and anomaly detection to protect against external attackers. Despite this investment, two thirds (66%) believe that unauthorized users could access their network, rendering their perimeter security ineffective.
These findings suggest that there is a lack of confidence in the solutions used, especially as over a third (38%) of organizations have seen their perimeter security breached in the past 12 months. The reality of the situation is worsened when considering that, on average, less than 10% of data breached (11%) was encrypted.
Businesses’ confidence is further undermined by over half of respondents (45%) not knowing where [all] their sensitive data is stored. In addition, over a third of businesses do not encrypt valuable information, such as payment (33%) or customer (39%) data. This means that, should the data be stolen, a hacker would have full access to this information, and can use it for crimes including identify theft, financial fraud or ransomware.
Not all businesses are compliant
The recent set of attacks and increase in the recorded data breaches in India has again brought forth the attention to lack of robust Breach Notification laws in the country as the lack of transparency only aggravates the problem.
About the survey
Independent technology market research specialist Vanson Bourne surveyed 1,050 IT decision makers across the US, UK, France, Germany, India, Japan, Australia, Brazil, Benelux the Middle East and South Africa on behalf of Gemalto. The sample was split between Manufacturing, Healthcare, Financial Services, Government, Telecoms, Retail, Utilities, Consultation and Real Estate, Insurance and Legal, IT and other sectors from organizations with 250 to more than 5,000 employees.