What’s Stopping Organisations in India from Practicing Preventive Cybersecurity?

Uncover the obstacles hindering preventive cybersecurity and ways to build cyber resilience for your Indian organisation in a commissioned study conducted in 2023 by Forrester Consulting on behalf of Tenable.

As the threat landscape becomes more complex, Indian organisations are challenged to obtain an accurate picture of their attack surface. An array of people, process and technology challenges are hindering progress and making it extremely difficult for security teams to practice preventive cybersecurity.

A new white paper, “Old Habits Die Hard: How People, Process and Technology Challenges Are Hurting Cybersecurity Teams in India”, reveals that, in the last two years, the average organisation was prepared to preventively defend 58% of the cyberattacks they encountered. However, having only this much coverage leaves them vulnerable to 42% of these attacks, which they were forced to reactively mitigate rather than stop altogether. 

More than three-quarters (78%) of security and IT leaders believe their organisation would be more successful at defending against cyberattacks if it devoted more resources towards preventive cybersecurity. The white paper is based on a commissioned survey of 825 cybersecurity and IT leaders, including 69 Indian respondents, conducted in 2023 by Forrester Consulting on behalf of Tenable.

Challenges at a glance

People Challenges: Cybersecurity and IT teams are often siloed and their performance is evaluated using separate and contradictory criteria and goals. Internal attitudes make coordination between IT and security teams difficult and time-consuming.

The study reveals a striking statistic: Six in 10 respondents (64%) concur that their cybersecurity teams are too busy fighting critical incidents, leaving them little time to adopt a proactive approach to reducing their organisation's cyber risk. 

Process Challenges: Managing a plethora of third-party technologies without proper processes can make Indian organisations vulnerable. In the era of cloud-based services and applications, 8 in 10 respondents (81%) rely on third-party programs for managing SaaS apps and services. However, more concerningly, only slightly over half (54%) indicate that they have either high or very high visibility into these third-party environments. This lack of visibility can be a ticking time bomb, creating potential blind spots that cyber attackers could exploit.

Technology Challenges: Professionals using siloed tools are unable to determine the relationships among users, systems and software, and different measurement metrics among all the different tools make it difficult to accurately assess risk. While most respondents (78%) say they consider user identity and access privileges when they prioritise vulnerabilities for remediation, 64% say their organisation lacks an effective way of integrating such data into their preventive cybersecurity and exposure management practices.

Tackling these challenges with exposure management

Amidst these challenges, there is a silver lining. Indian organisations, irrespective of their current cybersecurity maturity level, have the power to take proactive steps toward reducing cyber risk. Implementing a robust exposure management program is the key to overcoming these hurdles.

An exposure management program empowers organisations to assess their vulnerabilities, prioritise remediation efforts, and streamline their cybersecurity operations. By shifting the focus from reactive measures to proactive strategies, businesses can stay ahead of cyber threats and fortify their defences.

By addressing these challenges head-on and embracing a proactive approach to cybersecurity, Indian businesses can safeguard their digital assets, customer trust, and their overall reputation. The Forrester Consulting study serves as a wake-up call, highlighting the urgency of taking action. It's time for Indian organisations to shed old habits, empower their teams, and embrace a future where preventive cybersecurity reigns supreme.

To learn more about these challenges, gain insights into how the most mature organisations are addressing them and see recommendations for how to overcome them, download the white paper, “Old Habits Die Hard: How People, Process and Technology Challenges Are Hurting Cybersecurity Teams in India”.