New Delhi: Cybersecurity readiness remains alarmingly low in Indian companies, with only 7 per cent of firms in India expected to achieve a mature level of readiness by 2025, according to a recent report by global technology firm Cisco. This marks an increase from last year’s (2024) Index, in which only 4 per cent of Indian organisations were designated as mature, the Cisco 2025 Cybersecurity Readiness Index noted.
This demonstrates that despite an improvement from last year, cybersecurity preparedness remains low, especially as hyper-connectivity and AI introduce new complexities for security practitioners.
The report added that artificial intelligence (AI) is both revolutionising security and escalating threat levels, with 9 in 10 organisations (95 per cent) facing AI-related security incidents last year. However, only 66 per cent of respondents expressed confidence that their employees fully understand AI-related threats.
The report further observed that more than half of Indian organisations (57 per cent) suffered cyberattacks in the previous year, hindered by complex security frameworks and disparate point solutions.
The Cybersecurity Readiness Index also highlighted that industry respondents view external threats—such as malicious actors and state-affiliated groups (46 per cent)—as more significant than internal threats (54 per cent), underscoring the urgent need for streamlined defence strategies to thwart external attacks.
The Index evaluates companies’ readiness across five pillars—Identity Intelligence, Network Resilience, Machine Trustworthiness, Cloud Reinforcement, and AI Fortification—encompassing 31 solutions and capabilities.
A deep dive into the findings reveals that the lack of cybersecurity readiness in India is alarming, as 81 per cent of respondents anticipate business disruptions from cyber incidents within the next 12 to 24 months.
In India, about 96 per cent of organisations use AI to better understand threats, 88 per cent for threat detection, and 77 per cent for response and recovery—underscoring AI’s vital role in strengthening cybersecurity strategies.
The report also notes that Generative AI (GenAI) tools are widely adopted, with 46 per cent of employees using approved third-party tools. However, 28 per cent have unrestricted access to public GenAI, and 43 per cent of Information & Technology (IT) teams are unaware of employee interactions with GenAI—highlighting major oversight challenges.
On the investment front, about 98 per cent of organisations plan to upgrade their IT infrastructure, yet only 54 per cent allocate more than 10 per cent of their IT budget to cybersecurity—down 7 per cent year over year.