Phone : +91 95 8290 7788 | Email : sales@itmonteur.net

Register & Request Quote | Submit Support Ticket

Home » Cyber Security News » Budget, budget everywhere, but no cyber funds in sight!, IT Security News, ET CISO

Budget, budget everywhere, but no cyber funds in sight!, IT Security News, ET CISO

Budget, budget everywhere, but no cyber funds in sight!, IT Security News, ET CISO


By Krishna Mukherjee

Hollywood flicks such as The Revenant, Gravity, Mad Max: Fury Road, and The Martian have one thing in common: the protagonist is fighting a battle for survival with no resources in-hand. This scenario mirrors the situation faced by today’s cybersecurity heroes. CISOs are tasked to keep cyberattacks at bay but are given limited budgets and often lack the necessary skill sets.

The rise in cyberattacks and the constant pressure to keep systems operational are taking a toll on CISOs. “Corporate cybersecurity spending in India is much lower. Indian organizations spend an average of just $2.8 million annually on cybersecurity, which typically amounts to less than 10% of their IT budgets. This (Cybersecurity budget) is inadequate given the escalating cyber threat landscape,” says Senior IPS officer Brijesh Singh, Principal Secretary to Maharashtra Chief Minister.

According to the ETCISO Annual Survey, CISO Trend 2023-24, the average security budget allocation for Indian industries stands at 7.6% of the total IT budget. Despite being the most targeted sector, the BFSI industry allocates only around 9% of IT budgets to cybersecurity, the government allocates 9%, followed by manufacturing at 8.8%, ITES at 6.9%, and healthcare at 4%.

“The problem is that every organization wants superhero-level response and protection from CISO teams but is unwilling to spend even peanuts on cyber initiatives, R&D, team training, etc. Budget allocations should specifically address cyber losses and include a dedicated cyber budget to protect the new oil—data,” said one of the CISOs, who wished to remain anonymous.

In fact, our country’s defence budget stands at around 13% of overall spending, he added.

India faces sophisticated APT groups like Sidewinder and Transparent Tribe, which target critical infrastructure and government entities. These threats require advanced threat intelligence and response capabilities that are often underfunded. As per industry reports, India saw a significant surge in cyber attacks, with a 46% year-over-year increase. Indian organizations encountered an average of 3,201 attacks per week, the second-highest in the Asia-Pacific region, trailing only Taiwan.

“As the recent Microsoft outage demonstrated, a well-coordinated cyberattack can bring the country to its knees. It is critical that we build-in cybersecurity budgets during IT procurement, and the same needs to be done at a national level,” opined Dr. Jaijit Bhattacharya, President, Centre for Domestic Economy Policy Research.

Former National Cyber Security Coordinator of India Rajesh Pant mentioned that there’s a need to show cybersecurity expenditure separately by the government in the budget. The list should also include losses that occurred due to cyber attacks.

The current cybersecurity investment landscape in India is grossly inadequate given the sophisticated threat environment. Organizations must recognize that cybersecurity is not just an IT expense but a critical business investment. Failure to allocate sufficient resources to cybersecurity initiatives will inevitably lead to significant financial and reputational damages in the long run.

Although RBI’s mandate for banks to allocate 3% of their IT budgets to cybersecurity is a step in the right direction, it is still insufficient. “According to the WEF, cybersecurity is one of the top 10 global risks. Regulators should mandate organizations to spend a certain percentage of their budgets on cybersecurity, but this allocation gets diluted when it becomes part of the IT budget,” said Dr. Durga Prasad Dube, EVP & CISO, Reliance Industries.

Raman Pillai, Director of IT at Verse Innovation, indicated that the stumbling block is convincing the boards to allocate the right cybersecurity budget.

“Ideally, there should be a dedicated section on cybersecurity, but I believe this will happen in the next one to two years. There are still large industries that are not subject to any regulations and therefore do not prioritize data breaches. While the DPDPA might introduce some changes, the practicality of resolving cases and raising awareness among people remains uncertain,” said Kishen Kendre, Head-IT, Blue Star.

Cybersecurity is no longer a peripheral issue that organizations and governments can afford to neglect. The rapid increase in cyber attacks serves as a clarion call for everyone to take cybersecurity seriously. The DPDP is a step in the right direction, but corporations need to adopt a focused approach to cybersecurity and allocate sufficient budgets to stay ahead of perpetrators.

  • Published On Jul 24, 2024 at 03:34 PM IST

Join the community of 2M+ industry professionals

Subscribe to our newsletter to get latest insights & analysis.

Download ETCISO App

  • Get Realtime updates
  • Save your favourite articles


Scan to download App

Information Security - InfoSec - Cyber Security - Firewall Providers Company in India

 

 

 

 

 

 

 

 

 

 

 

 

What is Firewall? A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.

 

Secure your network at the gateway against threats such as intrusions, Viruses, Spyware, Worms, Trojans, Adware, Keyloggers, Malicious Mobile Code (MMC), and other dangerous applications for total protection in a convenient, affordable subscription-based service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols.

 

Firewall Firm is an IT Monteur Firewall Company provides Managed Firewall Support, Firewall providers , Firewall Security Service Provider, Network Security Services, Firewall Solutions India , New Delhi - India's capital territory , Mumbai - Bombay , Kolkata - Calcutta , Chennai - Madras , Bangaluru - Bangalore , Bhubaneswar, Ahmedabad, Hyderabad, Pune, Surat, Jaipur, Firewall Service Providers in India

Sales Number : +91 95 8290 7788 | Support Number : +91 94 8585 7788
Sales Email : sales@itmonteur.net | Support Email : support@itmonteur.net

Register & Request Quote | Submit Support Ticket