cybersecurity measures to address the increasing threat of cyberattacks. Due to the pandemic COVID-19, Indian corporates pursuing remote working policies and saw numerous threats and cyber attacks that are putting these organizations at constant risk of losing valuable assets. With growing cyberattacks, India’s digital sector, and fintech recommend setting up a board for a country-wide cybersecurity policy to educate these corporates on a needed framework and strategy for tackling cyber threats. Despite an increase in large-scale cyberattacks, most Indian corporates are unprepared to tackle these challenges. Only 19% of Indian companies have a sufficient budget to have the desired level of cybersecurity. India has always been a target of mass cybersecurity attacks like ransomware. Stats show that 32% of organizations believe that careless employees are the targets of cyberattacks. The ongoing lockdown situation had made the situation worse for Indian corporates and has fueled the demand for an advanced framework and policy nationwide. Attacks like ransomware, phishing, or others like crypto-mining and trojans are a few hidden attacks that need preventative measures and more considerable funds to safeguard our national security. In this chapter, we will discuss where Indian corporates should focus on preparing against cyber attacks. Outdated and Unpatched Software Technology thinkers and cyber experts have also pointed to the lack of encryption and security standards that are the root of most publicly known data breaches. Due to the expansion of the enterprise, it has become challenging for IT teams, especially in smaller Indian cities, to handle this complex network of devices. Moreover, numerous companies and government offices still have outdated or unpatched software that doesn’t support the latest security patches. Therefore, these places are still targets for malicious actors. Although India’s cybersecurity needs are not different from the rest of the world, most of them are due to unpatched vulnerabilities. Cybersecurity programs in India should take a risk-based approach to educate enterprises to focus on vulnerabilities that matter the most rather than relying on legacy tools and inefficient processes to navigate the complex threats. Cybersecurity Skill Shortage Cybersecurity skill shortage is one of the most significant pain points for Indian corporates. Most of them experience their first malware attack on their job, as cybersecurity training certifications are theory-based with no exposure to real life. Many cyber attacks incidents have seen inefficiency of the cybersecurity team to handle this incident. Therefore, it is essential for cybersecurity analyst to train employees that mirrors actual attacks pre-emptively. Detection And Response Capabilities One of the biggest lessons that corporates should learn from these financial attacks is conventional tools like antivirus or firewalls can’t detect the newer attacks. Companies should invest in detection technologies like EDR with machine learning and artificial intelligence capabilities and don’t rely on signatures or IOCs. The volume of attacks that corporates in India are experiencing is growing exponentially. Therefore, corporates need to incorporate an orchestration and automation response platform, dramatically accelerating detection and subsequent remediation. Business Continuity During the COVID-19 pandemic Business continuity during the COVID-19 lockdown is one of the biggest challenges for Indian firms. They are at risk of losing web connectivity and outages and data security vulnerabilities, and cybersecurity attacks. The pandemic is seen in many incidents of phishing, misinformation campaigns, and other hacking attacks that are making their way around the internet. According to research by PwC, the number of cyberattacks on Indian firms has doubled in the past few months as cybercriminals are using this period of the pandemic as an opportunity to infiltrate corporate networks and steal data. Analysts also judge that employees working remotely at home could create cybersecurity problems for the business and the employers due to personal system usage. As these systems are not protected from cyberattacks, there may be confidential/sensitive data breaches. Security Plan The sudden shift to a remote-work model has allowed employees to combine personal technology with work networks, contributing to an expanded attack surface. Many of these devices may be older or unsecured, which introduces new severe risks. It has become challenging for security teams to manage this expanded and complex attack surface. Enterprises should take the best precautionary steps to support and protect employees during this global pandemic. Businesses need to look at various means by which they can address the complex security challenges due to remote working during the COVID-19 outbreak. Thus, network security, data availability, and protection have become crucial priorities for Indian corporates for truly seamless business continuity. About SNS Secure Network Solutions India ( SNS ) provides a quantifiable, risk-based approach to build cybersecurity based on globally recognized frameworks and standards. Partnering with us will give your business a solution to focus on cyber threats that will have the most significant impact. We have been protecting business since last 20 years ! Write to us at [email protected]