As cybercrime evolves into a highly lucrative enterprise, the complexity and sophistication of cyber threats continue to grow. These threats often target businesses across various sectors, exploiting vulnerabilities in systems, networks, and processes.
In this environment, staying ahead of cybercriminals is not just a matter of technology but also strategy and awareness. Businesses that fail to prioritize cybersecurity risk not only financial losses but also their long-term survival.
In today’s hyper-connected and rapidly evolving threat landscape, companies are targeted with a variety of techniques that range from phishing and ransomware to supply chain and social engineering attacks. And yet, as per the 2024 Cisco Cybersecurity Readiness Index, merely 4% of organizations in India have the readiness against modern cybersecurity risks, as compared to 3% globally.
However, 59% of organizations fall into the Beginner or Formative stages of readiness. A large number of companies are working towards building defences against these sophisticated attacks, yet they either struggle to defend themselves or are slowed down by their own overly complex security postures that are dominated by multiple-point solutions.
Cisco suggests that the gap that arises between confidence and readiness indicates that companies may appear to be confident in their ability to handle the threat landscape, but eventually fail to accurately assess the true magnitude of the challenges they encounter. That today's organizations need to prioritize investments in integrated platforms and lean into AI in order to operate at machine scale and finally tip the scales in the favor of defenders, is what Cisco recommends.
The readiness against the threats is further hampered by critical talent shortages. 59% of companies surveyed in the Cisco study said they had more than ten roles related to cybersecurity unfilled in their organization at the time of the survey.
According to another study done by global cybersecurity firm Sophos, nearly 65% Indian enterprises paid ransoms to recover data while dealing with cybersecurity attacks. The average ransom demand clocked in at $4.8 million (roughly Rs 40 crore), while the median payment came in around $2 million (roughly Rs 17 crore). Moreover, it took an additional $1.35 million (around Rs 11 crore), on an average, to recover the data.
Cybersecurity experts point out that this reiterates the state of readiness of Indian enterprises in combating cybersecurity and nearly 60% of Indian companies will be found functioning under the cybersecurity poverty line.
The good news is that Indian companies exhibited the most readiness within the AI fortification pillar, with 14 percent in the mature stage and 59 percent in the progressive stage.
Reliance on end-to-end encryption for protecting sensitive information
Yogendra Singh
Head-IT/SAP, Barista Coffee Company
“Barista has a well-defined security policy and governance framework, which is effectively monitored, communicated, and enforced across the organization. Regular risk assessments are conducted to identify vulnerabilities and threats. Barista has a well-documented and tested incident response plan and recovery plan in place. Our infrastructure is robustly designed with firewalls, endpoint protection, EDR, XDR, and patch management tools. Additionally, Barista conducts regular security training and awareness programs for employees.
Key challenges faced
Cyber threats are constantly evolving, making it difficult to stay ahead of attackers. New vulnerabilities are discovered regularly, and sophisticated attack methods, such as ransomware or advanced persistent threats (APTs), pose significant risks. This makes it challenging to maintain an up-to-date and effective security posture. Limited budgets, personnel, or technical resources may hinder the ability to invest in advanced security tools, hire skilled professionals, or implement necessary processes. Without adequate resources, it becomes difficult to strengthen security measures, conduct regular risk assessments, or ensure comprehensive employee training. Despite having regular security training, employees may not always be fully engaged or aware of the latest security risks, leading to human errors or lapses in security. Third-party vendors, suppliers, and partners can introduce additional security risks if they do not adhere to the same security practices. We have implemented end-to-end encryption for both data at rest and data in transit to protect sensitive information from unauthorized access to ensure that even if data is intercepted, it remains unreadable without the proper decryption keys. We have also implemented data backup solutions and disaster recovery plans to ensure data can be recovered in case of an incident or breach.”
Using AI and ML technologies to enhance cybersecurity defenses
Dr. Makarand Sawant
Director & CTO - SEAFB
“We, at Samruddhi Enterprises AFB (SEAFB), have done a detailed assessment of our security posture to identify threat vectors and exposure. We have then compared these inputs with the industry standards and benchmarks to identify our current level of security maturity.
Key concern areas
Increasing use of digital platforms for delivering business services are making it more challenging for securing data. We therefore ensure to secure data at all exposure points without impacting business requirements and customer experience.
Following industry best practices in security
We have implemented threat intelligence solutions with industry best practices and standards to monitor for the purpose of identifying and responding to any security incident. We are also implementing ISMS processes as systems as per DPDPA requirements. As far as a robust incident response plan is concerned, we have implemented threat intelligence solutions with automation to monitor, identify and respond to any security incident.
SEAFB is leveraging Artificial Intelligence and Machine Learning technologies to enhance our cybersecurity defenses. We are implementing threat intelligence solutions with AI/ML technologies to monitor, identify and respond to any security incident.”
Dealing with ever evolving threats with adequate security measures
Partha Protim Mondal
CIO, Berger Paints India
“In today’s AI era, understanding your security threat landscape and the maturity to deal with modern age vulnerability is extremely crucial. We have assessed our strength and weaknesses against the predefined security maturity metrics to assure an enriching and mature security posture for the organization. For instance, we have enforced a stringent governance and control that ensures that we have formal security policies and governance structures in place. Again, having an Enterprise Risk Management strategy ensures that we have well defined security risks identified for the organization, have a risk register in place wherein every identified security risk has been prioritize based on severity and its probability of occurrence, mitigation plan for those identified risk with timeline and most importantly we ensure to review such risk periodically.
We also have adequate measures and tools in our arsenal to deal with ever evolving security threats. The modern-age technologies like MDR (Managed Detection and Response), Email Security Software, Zero Trust Framework always give us an edge to stay protected. Training and Awareness is the most crucial aspect of any security methodologies. Most of the security breach happens because of the inadequate knowledge on information security of users who fall prey to the cyber attackers easily.
Key impediments tackled
There were a few challenges and impediments while enforcing a stringent policy at our organizations. Implementing changes based on assessment findings often require a cultural shift within the organization. Resistance to change can hinder the effectiveness of security improvements. Also, the rapid evolution of cyber threats means that security measures and assessments must continuously adapt.”
Assessing new dangers to improve defenses and resistance
Rushikesh Jadhav
CTO, ESDS Software Solution
“At ESDS, we take a holistic approach to security maturity that includes industry best practices, regulatory compliance, and advanced threat intelligence. Our security framework adheres to global standards such as ISO 27001, GDPR, and PCI DSS, ensuring a robust cybersecurity posture. Our security maturity varies from progressive to mature, with investments in continuous threat monitoring and a Security Operations Center (SOC) that operates 24/7. We detect abnormalities with AI-driven threat intelligence, encrypt data at rest and in transit, deploy Zero Trust Architecture (ZTA) to manage access and reduce insider threats, and conduct frequent vulnerability assessments and penetration testing (VAPT) to identify and mitigate risks.
To ensure data protection and compliance, we have implemented a comprehensive, multi-layered approach to protect sensitive information while following international and local regulations.
Data Encryption and Access Controls- Data Encryption: We use AES-256 encryption for data at rest and TLS 1.3 for data in motion against unauthorized access. The Zero Trust Security Model controls access to sensitive data with multi-factor authentication (MFA) and least privilege principles.
Compliance with Industry Regulations: ISO 27001 and PCI DSS Certified: We ensure that our data processing is in line with international security standards.
ESDS also has a very structured and well-documented Incident Response (IR) plan, which adheres to the best practices of NIST (National Institute of Standards and Technology). We are always using AI and ML to enhance our cybersecurity defenses to automatically detect and alert threats. AI and ML are the tools needed to predict, avoid, detect, and respond to cyberattacks.”
Investing continuously in security R&D to improve threat detection capabilities
Anil Nama
CIO, CtrlS Datacenters
“At CtrlS, we maintain a high level of security maturity, bolstered by our extensive experience in the field. We maintain established protocols for evaluating and addressing security risks, which include criteria for the selection and application of security measures such as access controls, encryption, and firewalls. Additionally, we have formulated policies and procedures for the monitoring and identification of security incidents, encompassing reporting mechanisms and incident response strategies. Furthermore, we provide guidelines to ensure adherence to legal and regulatory obligations pertaining to security.
Access to user data within CtrlS Datacenters is strictly restricted to authorized individuals, governed by comprehensive policies that regulate access, scripting, updates, and remote connections. Data is stored within secure networks that are password-protected and not accessible to the public. Information transmission between users and CtrlS is encrypted ensuring industry-standard encryption strength. Our intrusion detection system, embedded within CtrlS, enhances our readiness, management, and defense against network threats, addressing a broad range of risks including DDoS attacks, port scans, and backdoor breaches. We conduct regular vulnerability assessments and penetration tests to identify and address potential security vulnerabilities. Furthermore, CtrlS is committed to ongoing investment in security research and development to improve threat detection capabilities, thereby ensuring the continuous protection of sensitive information.
Leveraging AI-based tools to detect breaches in real-time
Prince Joseph
Group Chief Information Officer, SFO Technologies Pvt. Ltd. (NeST Group)
“While progress has been made, there are gaps in addressing evolving threats. Even organizations that comply with audits and regulations often experience breaches due to vulnerabilities in attack surfaces. Rising cloud adoption and digital transformation require constant updates to security architecture. Security maturity involves not just periodic checks like VAPT or red teaming but meaningful efforts to strengthen all surfaces and ensure a proactive, robust posture against increasingly sophisticated attacks.
Key challenges faced
Key challenges include addressing vulnerabilities in dynamic environments, insufficient integration between traditional and cloud-native security solutions, and ensuring timely updates to security postures. Breaches often expose gaps despite regulatory compliance. Additionally, exercises like VAPT and red teaming, while common, lack depth when treated as checkbox activities. Organizations must move towards proactive, adaptive strategies that consider all attack vectors, including emerging risks from AI-driven and cloud-based architectures.
We ensure compliance with strict regulations through continuous audits, data encryption, and multi-layered access control. A comprehensive incident response plan is in place, incorporating rapid threat detection, containment, and recovery protocols. However, the dynamic nature of cyber threats necessitates ongoing reviews and drills to strengthen readiness. The plan is supported by a well-equipped Security Operations Center (SOC) and we are looking to leverage AI-based tools to detect breaches in real-time. It emphasizes collaboration across teams to mitigate damage and ensure business continuity effectively.”
Securing data across multiple environments is our top priority
Narayan Mishra
Co-Founder & CTO, Tummoc
“At Tummoc, we have built a strong security framework that aligns with industry best practices, placing us at an advanced stage of security maturity. However, cybersecurity is an ongoing process, not a static one. We continuously enhance our measures to stay ahead of evolving threats and regulatory requirements.
SECURING DATA, EDUCATING USERS
The biggest challenge we face is the constantly changing nature of cyber threats, like phishing and ransomware. As a cloud-native platform, securing data across multiple environments remains a top priority. We also focus on educating users and employees about security best practices, recognizing that technology alone cannot prevent all risks.
LAYERED SECURITY FOR PROTECTION
Data privacy is a core principle at Tummoc. We employ a multi-layered security approach, utilizing AES-256 encryption for data at rest and TLS encryption for data in transit. Our compliance framework is in line with GDPR, the IT Act 2000, and CERT-In guidelines. Role-based access control (RBAC) and multi-factor authentication (MFA) safeguard against unauthorized access. Regular security audits and penetration testing are key to identifying vulnerabilities. While we do not yet leverage AI/ML for cybersecurity, we employ rule-based monitoring and a mix of manual and automated tools. Continuous monitoring and security patching are integral to our strategy, ensuring we stay ahead of potential threats.”
Saviynt meets all global and local compliance standards
Akshay Sivananda
CISO, Saviynt
“We evaluate our security maturity using industry-standard frameworks like the NIST Cybersecurity Framework (CSF) to assess our overall security posture and control effectiveness. This approach helps us identify and manage cybersecurity risks in a way that is clear to both the board and the organization. We also use common control frameworks to implement detailed controls and maintain compliance with various certifications. A central focus of our security strategy is resilience—ensuring that we can recover operations swiftly within defined recovery timeframes while restoring systems and business processes to acceptable levels of performance and data accuracy.
EVOLVING THREATS POSE A BIG CHALLENGE
The biggest challenge we face is the rapidly evolving threat landscape. Cybercriminals are increasingly leveraging automation, advanced engineering, and AI to create complex attacks, making traditional defense methods insufficient. Ransomware, including Ransomware-as-a-Service (RaaS), remains a major concern. Another challenge is the unmanaged proliferation of generative AI within organizations. While GenAI can enhance productivity, it poses risks that need to be carefully managed.
ROBUST COMPLIANCE AND RESPONSE
To address these issues, Saviynt maintains a strong compliance posture, holding certifications like SOC 1 Type 2, SOC 2 Type 2, ISO 27001, and FedRAMP Moderate. Our robust Incident Response (IR) plan includes standardized communication and transparency with customers. Additionally, we leverage AI/ML technologies in our cybersecurity defenses to manage evolving threats and enhance security.”
Compass strengthens security maturity with global assessments
Manish Mamtani
CIO, Compass Group India
“We assess our security maturity through a global security assessment framework, with each country submitting quarterly responses, complete with evidence and artifacts. These assessments are reviewed by the Regional Risk Security Officer and Group CISO, complemented by independent evaluations from cybersecurity organizations. Additionally, we undergo 12-15 annual assessments from our multinational clients, ensuring compliance with global standards and driving continuous improvement of our security practices.
MANAGING CYBERSECURITY ACROSS LOCATIONS
The biggest challenge is managing cybersecurity across our distributed workforce, with employees at over 600 customer sites. Ensuring all are informed about cybersecurity, data privacy, and IT policies is crucial. We address this through clear, simple communication via targeted campaigns, making complex topics easier to understand. Our data privacy and security controls align with regulations, and the Security Assessment Framework ensures their effective implementation. Quarterly assessments ensure ongoing compliance and adaptation to evolving regulatory requirements.
STRENGTHENING DEFENCE WITH AI
We also have a robust incident response plan, part of our Security Incident Response Management (SIRM). To validate its effectiveness, we regularly conduct tabletop exercises. Additionally, we leverage AI/ML technologies to enhance our cybersecurity defenses. Advanced solutions are deployed across key areas such as internet gateways, malware protection, spam management, Security Operations Centers (SOC), and Cloud Security Posture Management (CSPM), adding an extra layer of protection against emerging cyber threats.”
We prioritize crisis management with future-ready security
Dr. Harsha Thennarasu
Founder & CISO, HKIT Security Solutions
“We assess our security readiness by thoroughly understanding cyber threats, including their origin, methods, and solutions. We focus on crisis management when threats arise and prevent future risks by maintaining global security intelligence. This is achieved through collaboration with research forums and ethical hackers. Our approach involves continuous threat forecasting, strategic development, and acquiring future-ready skills. We refine policies and governance to stay ahead of emerging threats, focusing on people, organizational structures, technology, and physical controls.
KEEPING UP WITH THREATS
One of the biggest challenges we face is the rapid pace of technological transformation. We must adopt and implement new technologies swiftly while training teams and securing leadership’s support for cybersecurity. Financial constraints and the recruitment of skilled cybersecurity experts also pose challenges. The speed of technological adoption must match the evolving tactics of cybercriminals, creating a constant race against time.
MULTI-LAYERED SECURITY DEFENCE
To ensure data privacy and compliance, we’ve transformed leadership’s understanding of cybercrimes and their business impact, including penalties and service disruptions. By discussing business case studies and legal implications, we foster a top-down approach to drive awareness among stakeholders. We’ve deployed a multi-layered incident response plan that incorporates real-time, reactive, proactive, and forecast responses. Additionally, we’re developing AI-based tools to combat emerging threats.”
We strengthen cybersecurity through structured continuous improvements
Jaspreet Singh
Partner and GCC Industry Leader, Grant Thornton Bharat
“We start by defining our security objectives and selecting a suitable cyber maturity assessment framework. A self-assessment evaluates current practices, highlighting strengths and weaknesses. Based on the findings, we create an improvement plan, prioritize actions, and allocate resources. The plan’s implementation is closely monitored, with regular updates to ensure continuous improvement and alignment with emerging challenges. This approach gives us a clear understanding of our security posture, guiding necessary improvements.
OVERCOMING SECURITY CHALLENGES
However, we face several challenges, including rapidly evolving cyber threats, complex IT infrastructures, and securing remote workforces. Cybercriminals are becoming more sophisticated, using tactics such as AI-driven attacks, ransomware, phishing, and zero-day exploits. Securing cloud and on-premises systems while managing third-party risks adds complexity. The rise of remote work has also made securing access across multiple locations more difficult.
DATA PRIVACY MEASURES IN PLACE
To ensure data privacy, we implement data mapping, strong security controls, and compliance training. Our incident response plans are updated, and audits ensure alignment with regulations. Third-party risk management ensures partners meet security standards. We leverage AI and machine learning for enhanced cybersecurity, enabling faster threat detection, predictive analytics, and automated operations. AI plays a crucial role in strengthening our defenses against cyber threats, ensuring rapid incident response and protection.”
We align security practices with industry standards
Tejas Shah
Head – IT, Prince Pipes and Fittings
“Our approach to assessing security maturity focuses on aligning practices with industry standards and best practices. We ensure robust security through regular updates, risk assessments, and strong policies. Key priorities include role-based access control (RBAC), multi-factor authentication (MFA), and password management. We emphasize patch management, user training, and continuous evaluation of firewalls and endpoint protection. Regular security audits and vulnerability assessments help proactively identify and mitigate risks, ensuring our security framework adapts to emerging threats.
ADDRESSING SECURITY ADOPTION BARRIERS
A major challenge in enhancing security is overcoming user resistance to change and the cultural shift required for adopting new security practices. Additionally, balancing limited budgets with the need for stronger security measures remains difficult. Addressing these hurdles requires ongoing efforts to foster security awareness and commitment at all organizational levels, ensuring full adoption and alignment with security goals.
ENHANCING DATA PRIVACY AND COMPLIANCE
To ensure data privacy and compliance, we implement strict measures like collecting only necessary data, enforcing RBAC, and requiring MFA for sensitive information access. Regular audits and assessments reinforce compliance and improve data protection. Additionally, AI and machine learning technologies play a crucial role in fortifying cybersecurity. AI-driven tools aid in proactive threat hunting, dark web monitoring, and attack surface management. Automated vulnerability scanning and AI-powered endpoint detection further enhance our security.”
Evaluating cybersecurity readiness and capabilities at every level
Dinesh Kaushik
CIO, Sharda Motor Industries
“We assess your current level of security maturity in the following ways -
· Interpretation: This question seeks to understand how the organization evaluates its cybersecurity capabilities and readiness.
· Addressing key points -
ü Use of maturity models (e.g., NIST Cybersecurity Framework, CMMI).
ü Regular security audits, assessments, and gap analyses.
ü Monitoring and metrics for security performance.
ü Training and awareness programs for employees.
To implement and ensure data privacy and compliance with relevant regulations, we do an interpretation to focus on legal and operational steps to protect sensitive data and maintain compliance. Other potential measures include encryption of data in transit and at rest, Access control mechanisms (e.g., role-based access), Regular data audits and monitoring, Compliance with standards (e.g., GDPR, CCPA, HIPAA) and Data retention and destruction policies.
Besides, we assess the adoption of advanced technologies in combating cyber threats. Examples of AI/ML use include threat detection and anomaly identification, predictive analytics for proactive threat management, automating routine tasks like log analysis, identifying and blocking phishing attempts and enhancing user behavior analytics.”
Aligning with industry standards and best practices for assessing security maturity
Dr. Jagannath Sahoo
Head – Information Security, Gujarat Fluorochemicals Limited
“Assessing your organization's security maturity involves evaluating how well its security practices, policies, and technologies align with industry standards and best practices. We follow the below steps to Assess Security Maturity -
· Defining the Security Maturity Model as per ISO 27001, NIST CSF Framework
· Establishing Evaluation of different Domains, GRC, Asset Management, Threat & Vulnerability Management, Incident response & recovery, Security Awareness training, Compliance & Audit.
· Benchmark Against Standards & Perform a gap analysis against chosen standards
· Conduct Internal and External Audits using scorecards and checklists & using Engage third-party auditors for unbiased evaluation
· Using e Security Maturity Tools like Security Scorecard
· Evaluate Metrics and KPIs, Monitor MTTD, MTTR, number of incidents, audit scores, and system compliance
· Incorporate Stakeholder Feedback by Gathering inputs from IT teams, business units, and external partners
· Create a Roadmap for Improvement
· Monitor Progress and Reassess.
Some of the challenges faced in assessing security maturity are lack of clear framework adoption, limited visibility, resource constraints, complexity of integration, dynamic threat landscape, compliance overload, stakeholder alignment and tools & technology gaps.”
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
