Experts believe so, because the pandemic is going to leave the country with a positive legacy: bucking up on data protection.
2020 was one of the most unforgettable years for Indian cybersecurity professionals. From the work-from-home (WFH) culture to various hackings, Indian CISOs simultaneously faced new challenges and new opportunities to explore.
According to the market trends, cybersecurity would be the primary topic and concern of 2021. IDC expects security spending here to experience a compounded annual growth rate (CAGR) of 8.1% from now until 2024, to reach US$174.7bn.
This amount of investment on security is due to the expected rise in cybersecurity threats: 55% of enterprise executives said they planned to increase their cybersecurity budgets in 2021 and 51% were planning to add full-time cybersecurity staff in 2021.
The writing is on the wall
India has seen a 37% increase in cyberattacks between Q1 and Q4 of 2020, according to Kaspersky report showing that its products detected and blocked 52,820,874 local cyber threats in the country between January and March this year.
The country follows a calendar year from April to March, and 2020 was and will be a tough year for many businesses’ fiscal closing. The Reserve Bank of India has made GDPR compliance compulsory for all financial organizations, mandating that small co-operative banks and other privately owned Non-banking financial companies (NBFC) to have strong cybersecurity policies in place protecting the data. The central government had also mandated the healthcare sector to protect the patient details and keep all data within the country.
Since the enactment of such laws, many BFSI and healthcare companies have had to invest in ensuring full security, and this in turn, has caused all their suppliers and other stakeholders also to comply with the laws.
While the Government announced nationwide lockdowns from Kashmir to Kanyakumari during the, many conventional organizations which were not tech-savvy were forced to make their availability online for both internal and external customers. While
According to Shibu Paul, Vice President, Array Networks: “India’s tech industry is stepping into a new decade and looks forward to an unprecedented change. As IT and security teams take on other tasks like securing remote workers and transitioning their business online, this leaves an even bigger resource gap in terms of security.” He added that risk-based and predictive vulnerability management will gain popularity in the enterprise segment. “Zero trust, endpoint security, IoT, AI/ML, Cloud and other features will see an increased usage by the tech industry.”
Stepping up on cybersecurity
Rajnikant Das, CEO and Founder, E-SOFT solutions Inc, said this is a phase where every third-world country is reinventing and reinvesting on cybersecurity. “Close to 80% of India companies used to see cybersecurity as just installing antivirus and firewall products. Aspects like data classification, data loss prevention, phishing, spam, mobile-device management, data breaches were not a priority then. Even if the organizations were having the proper infrastructure, there were no policies in place to bring it to the ground level. Today many organizations are working with 50% staff strength and slowly everyone has started understanding the importance of allocating a separate budget only for cybersecurity.”
According to the Indian cybersecurity experts, enterprises have started realizing data is the future, and any breaches that will cost dearly. A CISO of a fast-moving consumer goods firm, on condition of anonymity, said: “Previously, whenever I asked for allocation of more budget for customer and data protection, I was rejected. Now, after a breach by an ex-employee, the Board has volunteered to provide the budget I ask for.” He divulged the fact that many CISOs from other sectors are also being given higher budgets and priorities for cybersecurity and data management, so India will have a sudden rise in the investments in these areas.
Said Suresh Mallesh of iTechSolns & Systems: “Predicting the future in the dynamic world of data security is difficult. However, in the coming days every corporation in India will address the trust issues for every user accessing the network, combining zero trust with EDR or XDR or other visibility solutions, and AI and ML will be embedded in data security.”
Remarkably, the COVID-19 pandemic has matured the Indian market as a whole, and because of this, more exciting things are lined up for CISOs in the year and beyond.