Indian Organisations Unprepared For Rising Cybersecurity Complexity: Samir Mishra, Cisco

What are your views on India's cybersecurity scenario? What are the pain points for businesses across the country?

In India, the cybersecurity landscape is concerning for businesses. Cybersecurity in India is getting more complex and the organisations are not yet ready. According to Cisco's Cybersecurity Readiness Index, only 24 per cent of Indian firms are prepared for cyber threats, but 90 per cent expect incidents in the next 12-24 months. Despite this, 95 per cent plan to increase cybersecurity budgets by at least 10 per cent. Cisco identifies key trends: interconnected ecosystems pose risks across value chains, making everyone an insider threat. Remote work and hybrid environments add complexity. The Internet of Things (IoT) is expanding vulnerabilities. Identity attacks are rising, with 36 government websites hacked and 4.29 lakh incidents in financial institutions in H1 2023. Businesses must adapt to this evolving landscape for effective defense.

What are the proactive measures that organisations can adopt to secure their data?

Organisations and users play crucial roles in data security. Security should be integrated into every aspect of a company. Users should connect securely, even on public Wi-Fi. A 'triad of technology' and 'people' is vital. Moving to a platform-based approach reduces complexity caused by siloed products. A multi-layered, zero-trust framework enhances security. Extended detection and response are essential. A security culture should promote effective data security, access controls and encryption. An incident response plan must be in place. Strong password practices, regular updates, security training and phishing awareness are key. Adopting these proactive measures is critical to safeguarding data.

Cisco and the Data Security Council of India recently partnered to develop a joint POV document – Cyber Incident Response: Addressing Challenges and Strengthening Resilience. Please put light on the same.

This report addresses the evolving field of cybersecurity, emphasising challenges faced by IT security and SOC teams that hinder their agility and speed in incident response. It advocates for an expanded role for CISOs and the development of a strategy with actionable recommendations. The report promotes a triad of technology, process, and people and highlights technology's role in building a robust incident response strategy. It underscores the benefits of XDR and the importance of fostering a security culture within organizations across processes and people.

Your view on cyber security skilling, how is Cisco helping to skill the talent?

The cybersecurity skilling gap is a global problem. Last year around 4 million jobs in the sector were unfilled worldwide. The challenge is maintaining security and resilience due to a lack of personnel. India aims to establish digital trust, requiring a cybersecurity skills revolution. Collaboration among industry, academia, and government is vital for innovation and growth. Cisco Networking Academy, through 718 partnerships, has trained 1.3 million students in networking, programming, and cybersecurity. They commit to training five lakh more in cybersecurity over three years. Additionally, they partner with Firozabad Police to reskill officials in cybersecurity, contributing to India's vision of inclusive prosperity through digital trust.

What does Cisco's recent acquisition with Splunk mean for the company - how will it impact its business in India?

Cisco’s partnership with Splunk will unlock the true value of data and help make organisations of all sizes more digitally resilient. The collaboration is marking the two established leaders complementary capabilities in AI, security and observability. Together we bring together two powerful innovation engines and create one of the largest software companies globally. It will accelerate Cisco’s strategy to securely connect everything to make anything possible.

How is India different from markets such as US, China in terms of Cybersecurity?

There has been exponential growth in cybersecurity in India due to increasing digitalisation and connectivity. We have 800 million internet users in India and that is going to increase to 1.2 billion users, as per data shared by the Minister of State for Electronics and Information Technology (MeITY). The intensity of digitisation is also increasing the potential cybersecurity risks. Secondly, the government's policies on data protection and data privacy are also creating an environment focusing on cybersecurity. 

According to the Cybersecurity Readiness Index report by Cisco, India scores high in the global chart in terms of maturity (39 per cent), performing above the global average of 15 per cent on cybersecurity readiness. About 38 per cent of companies in India fall into the beginner or formative stages. If you look at the 63 million MSMEs in India, not all will have the technical know-how, technology and people to support that. So, there is a big growth in cybersecurity in the country and a huge opportunity for organisations to continue to focus on this market.

What are Cisco's future plans for India?

Cisco has doubled down its commitment to India by announcing investment in significant security innovations, infrastructure and talent in India to help businesses become more agile and resilient. We have announced investments in innovative risk-based security capabilities, expanded our data centre footprint and continue to build a dedicated security engineering workforce in India. We will continue to make these innovations and investments to help the country become a resilient and trusted nation. Our vision is to build a secure digital future for India.