India ranks second when it comes to its firms adopting cybersecurity insurance. Even with the recent security breaches, Indian firms are confident in their cybersecurity preparedness, a report says.
Given the amount of insurance reported in the country, India is second only to the UK.
Cybersecurity insurance set in place to limit the losses from a variety of cyber-threats. These threats could be in the form of data breaches, business interruption, and network damage.
A robust cybersecurity insurance market can reduce the number of successful cyber-attacks.
The report says 82% of Indian firms have cybersecurity insurance and telecommunication providers are most equipped, with 80% having insurance and 60% with comprehensive coverage.
18% of executives say their firms do not have any cybersecurity insurance, 48% report having cybersecurity insurance that covers all risks. 40% of financial services companies say they have comprehensive coverage.
The survey found that Indians outnumbered the global average of 76% respondents who felt their cybersecurity efforts were better. However, the number of firms reporting comprehensive coverage is about 48%, indicating there is still a level of risk taken by business in India, it stated.
The consultancy agency Ovum carried out the survey on behalf of the analytics firm FICO. It included 500 Indian companies and companies from 10 other countries.
The country manager for India at the firm said that it is encouraging to see the high uptake of cybersecurity insurance across India. India has a well-developed IT sector and is on the ball with this issue. He added however, there is clearly a bit of a disconnect amongst security managers about their place in the competition.
He added the data breaches in India in the past 12 months have continued to have an impact on local businesses, so there is recognition that insurance plays an important role in risk mitigation and is an important consideration to minimising disruption.
According to the report, Indian financial services and utility industry executives were the “least realistic” with 100% rating their firms as above average or top performers, while retail services had the highest percentage who said their firms were top performers at 60%.
However, about one in three companies are limited to tools that provide only a point-in-time assessment of what their cybersecurity risk is, or do not currently have a robust assessment program. This leads to the conclusion that a lack of an objective measure of cybersecurity threats could be the cause of India’s unrealistically optimistic view about the level of its cybersecurity.
The report said that it is statistically improbable that such a high percentage of companies is better than average.
Victims of cyber-attacks in India lost almost US $18.5 billion last year, less than China losing US $66.3 billion, Brazil losing US $22.5 billion and the US losing US $19.4 billion.
56% of all the surveyed Indian firms predict that the level of cyber-threats and data breach activity will increase. Out of which, 80% of the financial service firms expected the number of cyber-attacks will go up. This was in comparison to Indian utility companies that estimate threat activity will stay the same.
62% of Indian firms say cybersecurity investment will increase in the year ahead.
