Faced with rise in malicious cyber attacks that try to steal critical data, Indian firms will spend over Rs 25 crore on average on information security this year, a study by global consulting firm PwC revealed.
According to Pricewaterhouse Coopers’ (PwC) the State of Information Security Survey 2014, spending by companies marks a 100 per cent increase compared to 2012.
“Indian companies are spending more than Rs 25 crore on information security as they are reporting an increase in security incidents. This marks a 100 per cent increase in firms spending above this amount, compared to 2012,” it said.
The survey, PwC’s sixth in India, was conducted as part of Global State of Information Security Survey 2014 by PwC, CIO Magazine and CSO Magazine. It covered 624 CEOs and senior management from across 17 industry sectors in India, it added.
20 Coolest Jobs in Information Security
- Information Security Crime Investigator/Forensics Expert
- System, Network, and/or Web Penetration Tester
- Forensic Analyst
- Incident Responder
- Security Architect
- Malware Analyst
- Network Security Engineer
- Security Analyst
- Computer Crime Investigator
- CISO/ISO or Director of Security
- Application Penetration Tester
- Security Operations Center Analyst
- Prosecutor Specializing in Information Security Crime
- Technical Director and Deputy CISO
- Vulnerability Researcher/ Exploit Developer
- Security Auditor
- Security-savvy Software Developer
- Security Maven in an Application Developer Organization
- Disaster Recovery/Business Continuity Analyst/Manager
There has been 98 per cent increase in the number of information security incidents in May-June 2013 compared to the same time in 2012, when 2,989 such incidents were reported by the respondents, it said.
PwC’s evaluation, based on criteria like effectiveness of strategy, evaluation of security events and so on revealed that only 38 per cent of respondents covered can be considered as having advanced security system in place, the report revealed.
“Survey results show that focus on emerging technologies and safeguards is the route to improvement. Organisations must identify most valuable assets and prioritise protection,” PwC India Leader (Information Technology Risk Management) Sivarama Krishan told PTI.
Security incidents should be seen as a critical business risk that may not always be preventable, but can be managed to acceptable levels, he added.
Compared to global figures, India is playing catch-up in deploying safeguards like behavioural profiling, monitoring, security information and event management technologies and threat intelligence, the report said. (Source: PTI)