The use of unregistered devices and multiple networks by employees to access work platforms is adding new security challenges for organizations in India amid hybrid work practices, as per a new Cisco study.
As much as 95 per cent of business leaders in India said their employees are using unregistered devices to log into work platforms. Around 82 per cent said their employees spend more than 10 per cent of the day working from these unregistered devices, the study says.
The report is based on an independent survey of 6,700 business and IT leaders with cybersecurity responsibilities at organizations ranging from 10 to over 1,000 employees globally. All interviews were conducted online between August and September 2022, with respondents representing 27 markets.
This risk associated with such a practice is recognized by security leaders, with 95 per cent of respondents in India saying logging in remotely for hybrid work has increased the likelihood of the occurrence of cybersecurity incidents.
This scenario is further complicated as employees are logging into work from multiple networks across their homes, local coffee shops, and even supermarkets. About 94 per cent of respondents in India say their employees use at least two networks for logging into work, and 57 per cent say their employees use more than five networks.
The use of unregistered devices is forcing security professionals to tackle complexities in the current threat landscape, the survey said. Some 80 per cent of respondents in India said they had experienced a cybersecurity incident in the past 12 months. The top three types of incidents suffered were malware, data leaks, and phishing.
Around 81 per cent of businesses who suffered a cybersecurity incident said it had cost them at least US$100,000, and 53 per cent said it cost them at least US$500,000.
With the challenges well recognized, 95 per cent of security leaders in India expect their organization to increase its cybersecurity budget by more than 10 per cent over the next year, and almost all (99 per cent) expect upgrades to IT infrastructure within the next 24 months.
“2022 has witnessed several ambiguities, both presented as opportunities and risks. While it has accelerated the digital transformation journey of most businesses, it has also disproportionately expanded the attack surface,” said Samir Kumar Mishra, Director of Security Sales, Cisco India and SAARC.
“Today, disruption is happening faster than ever. It calls for a re-evaluation of the cybersecurity architecture to ensure that predictivity and intelligence are embedded at the core providing real-time visibility into distributed applications, security, networks, users, and services. Security resilience, preparedness, and response must be at the forefront to navigate through the intensifying threat landscape in 2023,” he added.
Even as businesses gear up to protect themselves from internal and external threats, the study found 90 per cent of the security leaders in India expect cybersecurity incidents to disrupt their businesses over the next 12-24 months.