Ransomware attacks have been steadily rising over the past several years. It has become a major concern for all types of organizations worldwide. Thales Data Threat Report 2024 report found that 93% of IT professionals globally believe security threats are increasing in volume or severity, a significant rise from 47% last year.
11% of respondents accepted that they fell victim to a ransomware attack in the last year in India, with 10% paying the ransom. Misconfiguration/ human error was identified as the top cause of data breaches in India and worldwide for the second year. 43% of respondents failed a compliance audit last year globally, with those companies 10x more likely to suffer a data breach
“Enterprises need to know exactly what they’re trying to protect. With data privacy regulations continually changing in India and across the world, enterprises need to have good visibility across their organization to stand any chance of staying compliant,” said Ashish Saraf, VP and Country Director, Thales in India.
Ransomware attacks can devastate businesses and even government organizations. Such an attack causes not only financial losses but also data loss, operational disruptions, and reputation loss.
Ransomware threats continue to increase in volume and severity
The report’s findings indicate that 11% of respondents suffered ransomware attacks in India in the past year. Despite ransomware being ranked as the topmost growing threat by the respondents in the country, only 20% have a formal ransomware plan in place, with 10% resorting to paying the ransom demands.
Ransomware and malware are major security threats of 2024, with 42% of respondents ranking them as the topmost fastest-growing type of security threat. Cloud assets, including SaaS applications, cloud-based storage, and cloud infrastructure management, remain the primary targets for such attacks.
The report shows that for a second year running, human error remains the leading cause of data breaches, with 34% of enterprises pinpointing this as the root cause.
The research found that 40% of respondents in India failed a compliance audit in the past twelve months – with the report highlighting a very clear correlation between compliance and data security.
19% of respondents had experienced a breach that very same year.
Operational complexity continues to cause data headaches
31% of Indian organizations can fully classify all of their data, with a worrying 20% stating that they classify very little or none of their data.
Operational complexity remains a barrier worldwide. While the number of respondents reporting five or more key management systems is down (53% versus 62% last year), the average number declined only slightly (from 5.6 to 5.4).
The reality of multi-cloud across services and changing global data privacy regulations means that data sovereignty is a leading priority for businesses. 28% identified mandatory external key management as the leading way to achieve sovereignty. 39% said that data residency would no longer be an issue provided that external encryption, key management, and separation of duties were implemented.
“If there’s one key takeaway from this year’s study, it’s that compliance is key. In fact, respondents that had a good hold over their compliance processes and passed all their audits were also less likely to suffer a breach. As India continues to progress in the technological landscape, we’ll start to see more compliance and security functions coming together. This would be a huge positive step to strengthen cyber defenses and build trust with customers,” he added.
These insights are drawn from the 2024 Thales Data Threat Report, conducted by 451 Research.
Also Read: Addressing Emerging Cyber Security Threats in the BFSI Sector: Recommended Measures
