Skills shortage continues to be a key focus area in organisations across India. When it comes to cybersecurity, 75 per cent of firms surveyed expect to have some problems with recruiting employees over the coming 24 months while 29 per cent expect to face a major challenge. As many as 61 per cent of companies believe their board truly understands cybersecurity, reveals a survey by Sophos.
A total of 86 per cent of respondents also believe cybersecurity vendors do not provide them with the information they need to help educate executives, and 93 per cent of companies agree their biggest security challenge in the next 24 months will be the awareness and education of employees and leadership.
The Future of Cybersecurity in Asia Pacific and Japan report further states that the top two attack vectors of concern for APJ organisations are directly addressable by ongoing education and awareness campaigns: phishing or whaling attacks, and weak or compromised employee credentials.
The survey also highlights that cybersecurity professionals face a variety of challenges and frustrations in their roles, most of which are related to awareness, perception, messaging, and education. The top three frustrations in India are — executives assuming cybersecurity is easy while cybersecurity personnel over exaggerate threats and issues, too much ‘fear and doubt’ messaging that makes it hard to talk accurately about cybersecurity and it is frequently relegated in priority.
“With ransomware attacks continuing to become more complex, organisations need a genuine, actionable cybersecurity education program. The current reactionary tendencies we’re seeing have created an ‘attack, change, attack, change …’ cycle regarding cybersecurity strategies, which is putting cybersecurity teams constantly on the backfoot. Shifting priorities to become more proactive must start at the top and requires direction from executives, including investments in awareness and education across entire organisations,” Aaron Bugal, global solutions engineer, APJ, at Sophos.
“The issue isn’t technology, it’s education. Increasing spend on cybersecurity won’t help unless organisations understand from the top down the true nature and critical threat that cyberattacks constitute to their organisational capabilities, their customers and their own existence,” he added.
“Cybersecurity professionals continue to face many frustrations in their roles this year, with many feeling their warnings and messages fall on deaf ears. Apart from lacking skilled security specialists, many of the other frustrations are directly addressable through education and awareness programs, starting at the executive and board level. The challenge for cybersecurity professionals faced with low levels of security understanding among company boards is that many are unlikely to invest in the necessary programs to alleviate these frustrations,” said Bugal.
Read all the Latest News , Breaking News and IPL 2022 Live Updates here.