Posted by Mumbai: Cloud infrastructure is the greatest source of cyber risk in Indian businesses revealed the new study conducted by Forrester Consulting on behalf of Tenable, the exposure management company.
A 70% of Indian IT leaders and cybersecurity experts view cloud infrastructure as the greatest source of cyber risk in their organisation. The perceived risks stem from the use of public cloud (36%) and/or multicloud (23%) and private cloud infrastructure (10%).
These findings are part of the Indian edition of “Old Habits Die Hard: How People, Process and Technology Challenges Are Hurting Cybersecurity Teams in India,” based on a commissioned study of 825 IT and cybersecurity professionals including 69 Indian respondents.
The study revealed that the respondents are particularly worried when they try to correlate user and system identities, access, and entitlement data leads to complexity. Within this context, 78% of Indian respondents emphasised the importance of considering user identity and access privileges. However, 64% say their organisations struggle to integrate this crucial data into preventive cybersecurity practices, revealing a gap between recognition and practical implementation.
The report outlines the challenges and risks associated with cloud infrastructure and specific cloud security concerns. It highlights that 57% of Indian respondents express that a lack of data hygiene in user data and vulnerability management systems prevents employees from making prioritisation decisions.
Additionally, 56% of organisations spend 11 hours or more per month creating security reports for business leaders and 46% use multi-tabbed spreadsheets to analyse data from different solutions.
While 28% hold monthly meetings on business-critical systems, 9% of organisations only meet once a year (or less), indicating a need for more consistent strategic discussions on organisational security.
The study also showed that 78% of respondents allocate 25 or more employees to tasks related to deploying, supporting, maintaining, and managing vendor relationships for cybersecurity tools. This underscores the substantial human resources required for effective cybersecurity measures.
Almost everything in the cloud is one excess privilege or misconfiguration away from exposure, according to Kartik Shahani, Country Manager of Tenable India.
“The intricate cloud landscape prompts organisations to resort to various tools and point solutions to counteract these threats. Unfortunately, this approach drains resources, leading to substantial costs as they grapple with configuring and implementing disparate products,” said Shahani.
“Effectively securing the cloud requires more than just technical proficiency; it demands a nuanced understanding of assets, vulnerabilities, and their alignment with overarching business objectives,” Shahani concluded.