Wednesday, May 22, 2024
Outlook.com
Outlook India
Outlook Business

91% of Indian Organizations Experienced Ransomware Attacks in 2022: CyberArk Survey

As organizations navigate the current landscape, consolidating operations with trusted partners and solutions will be vital in establishing resilience against cyber threats

91% of Indian Organizations Experienced Ransomware Attacks in 2022: CyberArk Survey

Outlook Start-Up Desk

POSTED ON June 16, 2023 10:07 PM

Indian organizations are bracing themselves for identity-related compromises in 2023, with 100% of surveyed organizations expecting such incidents, and 61% anticipating AI-enabled attacks, according to the CyberArk 2023 Identity Security Threat Landscape Report. The report sheds light on the growing tension between economic conditions and technological advancements, particularly in the field of artificial intelligence (AI), and its impact on the vulnerability of identity-centric cybersecurity.

The report highlights the emergence of "cyber debt," where investment in digital and cloud initiatives outpaces cybersecurity spending, resulting in an expanding and unsecured attack surface. In 2022, organizations experienced a growth in cyber debt as security spending lagged behind investments in broader digital business initiatives. In 2023, cyber debt is at risk of compounding due to economic pressures, increased staff turnover, a decline in consumer spending, and an uncertain global environment. The ongoing investments in digital and cloud initiatives by business leaders seeking efficiency and innovation have had cascading effects on cybersecurity.

The majority of Indian organizations (84%) expect identity-related compromises to occur as part of digital transformation initiatives such as cloud adoption and legacy app migration. Additionally, 80% of organizations anticipate cybersecurity issues driven by employee churn, which could lead to insider threats posed by disgruntled former employees or the exploitation of leftover credentials.

The report identifies AI-enabled threats as a major concern for security professionals in 2023, with 61% of those surveyed expecting such threats to affect their organizations. AI-powered malware tops the list of concerns. Ransomware attacks have also seen a significant increase, with over 90% of organizations surveyed reporting such incidents, compared to 70% in CyberArk's 2022 report. Alarmingly, 55% of the affected organizations reported paying ransoms twice or more, suggesting they fell victim to double extortion campaigns.

In terms of security threats, 92% of Indian organizations expressed concern about code or malware injection into their software supply chains. The report highlights that identities, both human and machine, are central to almost all attacks. Three-fourths of identities in Indian organizations require sensitive access, making them attractive targets for attackers. Critical areas of the IT environment are found to be inadequately protected, and the report identifies specific identity types that pose significant risks.

Credential access ranks as the top risk, cited by 45% of respondents, followed by defense evasion, execution, initial access, and privilege escalation. Business-critical applications, such as revenue-generating customer-facing apps, enterprise resource planning (ERP), and financial management software, are considered the most vulnerable due to unknown and unmanaged identities accessing them, with 53% of organizations highlighting this area as high risk. However, 70% of organizations have implemented identity security controls to protect these critical applications.

Third-party entities, including partners, consultants, and service providers, are identified as the riskiest human identity type, according to 44% of respondents.

Matt Cohen, CEO of CyberArk, emphasized the need to balance business efficiency and innovation with the pressing need to prevent cyber debt and build long-term cyber resilience. Rohan Vaidya, Regional Director of India & SAARC at CyberArk, stressed the importance of securing the identity-centric attack surface and adopting a risk-based strategy to protect critical assets.

As organizations navigate the current landscape, consolidating operations with trusted partners and solutions will be vital in establishing resilience against cyber threats.

  • Related Articles

    This will enable MSMEs to make informed decisions, drive business growth, and enhance profitability

    Recordent Launches Analytics Tools As Part Of Its Credieye Product Suite

    Manish Kheterpal, co-founder and managing partner at WaterBridge Ventures and IVCA’s VC Council member stated this at #VC101, a knowledge-sharing programme for first-time fund managers (FTFMs)...

    More Tact Needed In Navigating LP–GP Negotiations, Says Manish Kheterpal, Co-Founder Of Waterbridge Ventures

    The Delhi government had earlier in the week banned app-based taxi services such as Rapido and Uber in view of absence of a policy for plying bike taxis on city roads

    Bike Taxi Ban: Drivers Write To Delhi LG Citing Livelihood Threat