The top three attack types are social engineering, APT, and ransomware.
According to the State of Cybersecurity 2021 Part 2 survey report from ISACA, many firms in India are experiencing a rise in cybersecurity attacks, with 32 percent of respondents reporting more cyberattacks than the previous year.
The report looks at developments in the cyber threat landscape, such as the frequency and types of attacks, trust in cybersecurity teams and cybersecurity awareness initiatives, intricacies in security operations and reporting structures, and cyber maturity as a business imperative.
Rising Cyberattacks
While nearly one-third of businesses are being attacked more frequently, the most frequent types of attacks are similar as in previous years, including social engineering, Advanced Persistent Threat (APT), ransomware, unpatched systems, injection flaws, broken authentication, and sensitive data exposure.
According to the report, 29 percent of respondents reported that their company will be targeted by a cyberattack in the coming year. According to the report, 34 percent of respondents believe that firms under-report cybercrime even when it is obliged to do so.
While 74 percent of respondents said their firms perform cyber risk assessments to maintain regulatory compliance, 69 percent said their organizations conduct cyber risk assessments to prevent data loss, indicating that many organizations appreciate the importance of tackling this threat.
David Samuelson, CEO of ISACA, said “With the increase in the number and rate of cyberattacks worldwide, cybersecurity professionals are facing a challenging threat landscape that requires constant vigilance,”
He added “These survey findings illustrate just how essential it continues to be for the global cybersecurity community to actively keep up to date with best practices and training, and ensure their teams are well staffed to detect and respond to attacks.”
Team and Leadership Dynamics in Cybersecurity
When it comes to cybersecurity teams and leadership, the report found that having a CISO at the top is preferred, with 61 percent of respondents indicating their cybersecurity teams report to the CISO vs 16 percent reporting to the CIO. In addition, 40 percent of individuals who responded to the survey felt that cybersecurity training and awareness initiatives have improved overall cybersecurity awareness in their workplaces.