40% of Victims in The Survey Learned of The Attack After Finding Their Data Exposed Online or By Being Notified by Customers or The Media
23% of Targeted CompaniesTook More Than a Month to Recover From The Impact of The Attack
OXFORD, U.K. – March 9, 2022 – Sophos, a global leader in next-generation cybersecurity, today announced that more than 60% of Indian organizations, surveyed by Sophos for a new study of cybersecurity experiences in India, fell victim to a cyberattack during 2021.
The survey questioned cybersecurity leaders in Indian organizations with between 1,000 and 2,000 employees and found that many of the victim organization didn’t immediately realize they’d been hit. Just under one fifth (19%) of respondents surveyed said they discovered the attack within two weeks, but 22% took three to four weeks to realise they’d been targeted.
Even then, many only learned about the attack from an external source. While half said they’d discovered the attack when they were unable to access data or systems (21% overall) or were contacted by the attackers (19%), a significant 40% only realized they’d been targeted when they found their company data exposed online (17%) or were notified by customers (12%) or the media (11%).
Almost a quarter (23%) of victim organizations in the survey said it took more than a month for the organization to recover from the impact of the attack.
“Sophos’ survey shows that organizations in India are at significant risk of a cyberattack, including ransomware, which can have a far-reaching impact on customers, reputation and operations,” said Sunil Sharma, managing director – sales, Sophos India and SAARC. “In addition, many organizations may be under-prepared to detect and respond to an attack. According to the survey, attackers can remain in victim networks for weeks before being detected, and a considerable number of organizations learned of the attack from external sources after the damage was done.”
Make your inbox more interesting.
Subscribe to our newsletter.“As cyberattackers increasingly use legitimate and everyday IT tools and techniques to implement their attacks, being able to spot the warning signs that an attack is underway and acting fast to neutralize a threat are becoming harder than ever. Human-led, active threat hunting is now a key component of a defense-in-depth security strategy. And while it was encouraging to find that 80% of the cybersecurity leaders surveyed believe that threat hunting is an effective approach for strengthening their cybersecurity defenses, the survey findings suggest that some organizations may need support in putting that into practice. Fortunately, there are many external partners and service providers who can help to supplement in house resources and skills with effective threat detection, investigation and response.”
Tech Research Asia (TRA) conducted the survey for Sophos and questioned cybersecurity leaders in 500 Indian organisations with between 1,000 and 2,000 employees.
# # #
About Sophos
Sophos is a worldwide leader in next-generation cybersecurity, protecting more than 500,000 organizations and millions of consumers in more than 150 countries from today’s most advanced cyberthreats. Powered by threat intelligence, AI and machine learning from SophosLabs and SophosAI, Sophos delivers a broad portfolio of advanced products and services to secure users, networks and endpoints against ransomware, malware, exploits, phishing and the wide range of other cyberattacks. Sophos provides a single integrated cloud-based management console, Sophos Central – the centerpiece of an adaptive cybersecurity ecosystem that features a centralized data lake that leverages a rich set of open APIs available to customers, partners, developers, and other cybersecurity vendors. Sophos sells its products and services through reseller partners and managed service providers (MSPs) worldwide. Sophos is headquartered in Oxford, U.K. More information is available at www.sophos.com.