The cyber Indian: Growing sense of hopelessness in Indian consumer, thinks nothing can protect from cybercrime

According to an ISACA study in October, 40% of consumers in India have stopped doing business with companies known to have compromised on cybersecurity.

The Indian consumer is starting to take a grim view of companies that have experienced cyberattacks and security breaches, as cybercrime becomes part of everyday operations. Research is pointing towards the criticality of cybersecurity, and businesses must take heed.

Read more: ‘Digital trust is the bedrock of business relationships & is critical for strategic digital transformation’

This is worrying for Indian companies that experienced a cybersecurity breach in customer personal identifiable information (PII). 23% are not confident a business can safely secure their personal identifiable information. 

The study revealed a growing sense of hopelessness in consumers who think nothing can be done to protect them from cybercrime. The study found that 41% consumers in India have had their personal information stolen by cyber criminals.

One in three respondents (36%) in India reported a significant increase in cybercrimes over the past 12 months, and nearly half (47%) don’t think there is anything they can do or use to protect themselves from cybercrimes

One in three respondents (36%) in India reported a significant increase in cybercrimes over the past 12 months, and nearly half (47%) don’t think there is anything they can do or use to protect themselves from cybercrimes.

The research indicates a significant number of consumers in India (78%) would be more confident doing business with companies that hire certified cybersecurity professionals. In addition, 74% of consumers surveyed believe companies should be independently graded on data security practices and the scores shared with the public.

State of Cyber in India

It isn’t without reason that the Indian consumer is becoming wary of cybercrime, which is indeed on the rise in India. Last month, the internal systems of All India Institute of Medical Sciences (AIIMS) succumbed to one of the worst ransomware attacks. The institute has now switched many of its operations from digital to manual.

According to the ESET Threat Report T2 2022, India has one of the highest number of Android trojan detections. Such malicious apps have a wide range of spying capabilities including recording audio and video. India (35%) also ranked second after China (53%) as the geolocation for bots making up the largest IoT botnet ‘Mozi’.

According to Juniper Research, online payment fraud losses, which includes losses across the sales of digital goods, physical goods, money transfer transactions and banking, as well as purchases like airline ticketing, will exceed US$343 billion globally over the next five years. As a comparison, this equates to over 350% of Apple’s reported net income in the 2021 fiscal year, showing the massive extent of these losses.

Our country has witnessed 18 million cyberattacks in the first quarter of 2022 alone. Cyberattacks are growing in complexity and intricacy, massively hampering all key industries from healthcare and IT to finance and retail

“India is amongst the top three nations in Asia, basis the number of cyberattack incidents in 2022. Our country has witnessed 18 million cyberattacks in the first quarter of 2022 alone. Cyberattacks are growing in complexity and intricacy, massively hampering all key industries from healthcare and IT to finance and retail. With each day, attackers are rolling out newer, more lethal strategies to navigate public and private data networks and gain access to mission-critical data,” says Balaji Rao, Area Vice President, Commvault, India & SAARC.

“We must look back at the major operational shifts that India and the world has been witnessing with the onset of pandemic. Flexible and remote work models have become more prominent than ever,” he adds.

Services such as SaaS is highlighting the acute need for enterprises to adopt comprehensive solutions to safeguard data, and also partner with data experts to design a future-ready, cloud data strategy to fight the threats of tomorrow.

Businesses Working to Educate & Protect the Consumer

Businesses are working to educate and protect the consumer. In Jaipur, Truecaller tied up with CyberPeace Foundation, a non-partisan civil society organization, to organise the first Nukkad Natak (street play) focused on digital safety under the #TrueCyberSafe campaign. The joint initiative aimed at spreading awareness and training people to tackle cyber frauds leading to a safer online experience for society.

Recently, SentinelOne, an autonomous cybersecurity platform company, announced a Singularity XDR platform expansion with Ping Identity, enabling joint automated response between identity access management and enterprise attack surfaces. By utilizing both identity and endpoint defenses, joint customers can better investigate and stop attacks, preventing lateral movement and protecting high-value enterprise assets.

As fraudsters become more sophisticated in their attacks, merchants and issuers will become more adept at utilising highly advanced AI-enabled fraud detection methods to combat crime

Cloud company Akamai Technologies, Inc., recently announced an evolution of its DDoS protection platform (Prolexic) with a global rollout of new, fully software-defined scrubbing centres, which will extend its dedicated defense capacity to 20 Tbps and accelerate future product innovations.

Commvault recently launched its one-of-a-kind cyber deception service called Metallic® Threat-Wise™, which detects and contains ransomware threats by employing decoys. It proactively lures bad actors into engaging fake resources, identifies threats in production environments, and provides businesses with tools to protect data.

Since the beginning of ransomware, encryption has been at the heart of the extortion process; however, newer extortion techniques which include exfiltration go beyond rapid malware spread, and data recovery alone cannot protect business data that has been leaked to the Dark Web. If an undetected bad actor attacks systems within a few hours, these systems can suffer catastrophic damage; no matter how essential data recovery is it cannot suffice on its own.

Rao puts forth a solution. “Cyber deception is one such cutting-edge defence strategy, which puts organisations one step ahead of the attacker, a proactive, early warning system intercepting a threat before their data is compromised. Even the stealthiest zero-day attacks that evade conventional detection technology and circumvent security controls can be exposed with cyber deception, leading to a resilient, secure future for your organisational data.”

Predictions That Point to the Criticality of Cybersecurity

According to Juniper Research, digital identity revenue will exceed US$53 billion globally by 2026, as verification becomes critical for every industry. This growth reflects that, as users migrate to digital channels, the need to verify identity digitally also grows. As fraudsters exploit opportunities, verification capabilities will proliferate to wider industries and use cases than ever before.

Read more: Financial services in APJ among the most cyberattacked verticals

Juniper also predicts the global business spend on AI-enabled financial fraud detection and prevention strategy platforms will exceed US$10 billion globally in 2027, rising from just over US$6.5 billion in 2022.

Reason, as fraudsters become more sophisticated in their attacks, merchants and issuers will become more adept at utilizing highly advanced AI-enabled fraud detection methods to combat crime. The report identified the ability of AI to recognize fraudulent payment trends at scale as being critical to provide improved fraud prevention.