India is currently facing a surge in phishing and ransomware attacks, prompting urgent calls for the swift adoption of Artificial Intelligence (AI) and automation in security operations. A recent survey conducted by IDC, commissioned by Fortinet, sheds light on the state of Security Operations (SecOps) in the Asia-Pacific region, with a focus on India.
Key findings from the survey reveal the following challenges and trends in India:
– Most common cyber threats: Phishing and insider threats top the list of concerns for organizations in India, with ransomware, unpatched vulnerabilities, and identity theft also posing significant risks.
– Ransomware surge: Ransomware incidents have doubled in India, with phishing and malware being the primary attack vectors.
– Insider threats and remote work: Remote work has led to an increase in insider threat incidents, highlighting the need for addressing human factors in cybersecurity.
– Resourcing IT security teams: Only 44% of businesses have dedicated IT resources for security teams, presenting a challenge in strengthening security measures.
– Impact of emerging technologies: Hybrid work, AI, and cloud technology adoption pose significant challenges for organizations in India.
SecOps in India is also grappling with alert fatigue and threat containment issues:
– Threat containment and preparedness: Concerns about being underequipped for threat containment highlight the need for enhancing cybersecurity capabilities.
– Alert fatigue: More than 50% of enterprises face a high number of incidents daily, leading to alert fatigue and emphasizing the need for targeted training on phishing awareness.
– Workload and time constraints: With limited SecOps professionals available, the workload per professional is high, underscoring the importance of efficient processes and automation.
– False positives and response time: The challenge of false positives persists, with automation being key to validating alerts in a timely manner.
– Skills development: Keeping teams’ skills updated is a challenge, with automation identified as a key skill for SOC teams.
Despite these challenges, there is a positive trend towards automation adoption in SecOps in India:
– High adoption and untapped potential: Automation tools are widely embraced in security operations, with opportunities for improvement identified in incident containment, remediation, and threat containment.
– Productivity gains: Significant productivity gains have been experienced due to automation, with faster incident detection times being attributed to automation.
– Future plans and focus areas for optimization: Organizations are actively pursuing the optimization of automation processes to streamline cybersecurity operations.
Looking ahead, organizations in India prioritize faster threat detection, holistic automation, and enhancing security operations preparedness as key priorities for the future.
As cybersecurity threats continue to evolve, the integration of AI-assisted tools, reassessment of staffing, and increased automation are crucial for organizations in India to strengthen their security resilience. Fortinet’s Security Operations Solutions, underpinned by advanced AI, provide a comprehensive strategy for incident detection and response, empowering organizations to navigate the dynamic cybersecurity landscape effectively.