A study on corporate data security practices conducted by The Economist Intelligence Unit (EIU), highlights growing cybersecurity vulnerabilities in India, with nearly 8 in 10 IT and C-suite business leaders experiencing increased cyber-attacks on their firms in 2015. This study was sponsored by VMware globally.
Indian businesses are under increasing risk from serious cyber-attacks, with a third (33 percent) of the respondents expecting to be targeted within 90 days – a number higher than the Asia-Pacific region. These findings suggest that many leaders in India are concerned about growing instances of cyber-attacks and their lack of preparedness as they explore new IT innovations to advance their business. This reinforces the need for a new approach to security.
Conducted by The Economist Intelligence Unit (EIU) in the first quarter of 2016, the survey’s primary objective was to analyze the differences, if any, between the C-suite and senior IT executives on data security.
A key finding from the study is the opposing view of the perceived importance of cyber security as a high-priority initiative in India. IT leaders (32 per cent) in India regard cyber security as their number one corporate priority, while only 8 percent of C-suite business leaders share a similar point of view. Similarly, while 36 percent of IT leaders believe security budgets will significantly increase in the next two years, only 21 percent of C-suite business leaders foresee likewise.
“Forward-thinking organizations understand that the reactive security approach of today is no longer doing its job. They also acknowledge that people and systems can be easily bypassed or blindsided if the business lacks a ubiquitous IT architectural plan that cuts across all levels of compute, network, storage, clouds and devices,” said Arun Parameswaran, managing director, VMware India. “By taking a software-defined approach to IT, security is ‘architected’ into everything, empowering organizations to gain the flexibility required to succeed as a digital business.”
Critical risks identified by both groups were ‘unknown cyber threats that move faster than their defenses’, ‘resources and data that may unknowingly reside in the cloud’, ‘employees who are careless or untrained in cybersecurity’, and ‘illegitimate users and devices accessing corporate networks’.
Leaders in India are more concerned about the ‘theft of customer data’ than their regional counterparts, with four in 10 (31.8 percent) believing that this could cause the greatest harm to their businesses.
As cyber threats grow in sophistication, any gaps in security resulting from a ‘disconnect’ between C-suite and IT leaders can lead to the loss of intellectual property, competitive positioning and customer data.
IT leaders must therefore become more conversant with business risks and objectives. By having deeper conversations and translating cyber risks into business terms, IT leaders can justify requests for more investment in security. The C-suite can then better understand the business implications associated with evolving threats and make informed decisions around strategy and budgets.
VMware NSX — The Platform for Network Virtualization
A layer in between physical infrastructure and applications will be necessary for businesses to detect and respond to cyber-attackers taking advantage of new gaps or exposed frontiers. Virtualization has become the most ubiquitous infrastructure layer covering compute, network, storage, clouds and devices.
Network virtualization through VMware NSX delivers a completely new operational model for networking that forms the foundation of the software-defined data center. NSX builds networks in software, allowing data center operators to achieve levels of agility, security and cost savings that were previously not possible through physical networks.
“What’s needed is an organizing framework — a true architecture that all the leading players can align to so that security can be architected in,” said Parameswaran. “By changing the dynamics of how we deliver trusted services over vulnerable infrastructure, the IT security industry has an opportunity to chart a new path forward.”