By Prateek Vijayvergia
India today is at the forefront of leading and driving technology-led initiatives. However, the fast-expanding digital ecosystem has increased the cyberattack vector in a significant manner. This year, CERT-In, India’s nodal cyber security agency, revealed that ransomware attacks in the first half of 2022 increased by 51% from the previous year. As India is increasingly connected to a global supply chain, global attacks show a cascading effect. A recent report by Check Point highlights the increasing volume of attacks, revealing that in the third quarter of 2022, global attacks increased by 28% when compared to the same period in 2021.
How a data breach can impact your business
The average data breach cost in India reached an all-time high of INR 189 million (USD 2.32 million) in 2022, up from INR 180 million (USD 2.21 million) in 2021 and an increase from INR 163 million (USD 2 million) in 2020. A data breach can have serious implications, including the loss of intellectual property, which can have a huge impact on a company’s competitiveness. This can also cause a loss of reputation and a decline in sales. Customers often refuse to do business with a company that has recently suffered a data loss. From a compliance perspective, this can also lead to legal implications as states or individuals may take action against a company following a data breach.
The increasingly important role of cyber insurance
To mitigate the risks posed by data breaches, many Indian and global organizations are looking to cyber insurance. As the name suggests, cyber insurance protects organizations against the damages caused by cyberattacks. Depending on the specifics of the insurance coverage secured, an organization can be covered against financial losses due to data breaches and costs incurred against data recovery, litigation, and investigations. Cyber insurance plans can offer protection against damages due to different types of cyberattacks, including DDoS attacks, phishing attacks, and ransomware. While every insurance firm is different, cyber insurance premiums typically do not cover the costs that arise after the loss of important data, hardware failure, or IP theft.
Today, most banks and IT companies purchase cyber insurance coverage due to their high connectivity and exposure to IT systems. However, as cyberattacks have started occurring with increasing frequency across sectors like manufacturing and healthcare, even companies that recently started digitizing their processes are facing cyber risks and opting for cyber insurance coverage.
Steps your business should take
The premium paid for cyber insurance depends on the health of the IT infrastructure setup, the type of data security processes and systems in place, and the availability of backup systems, among other factors. Two steps companies can take to reduce the risks they face, and likely reduce the cost of cyber coverage for their operations, are multi-factor authentication (MFA) and endpoint detection and response (EDR).
Implementing an MFA system adds a layer of protection and prevents unauthorized access, reducing the likelihood of a breach occurring. It accomplishes this by requiring users to provide a second set of credentials, often a code texted to their mobile device, before gaining access to a network.
EDR systems monitor networks and collect information to automatically identify threats and respond with specific corrective measures defined by the organization. This rules-based approach can minimize the impact of a cyber incident and help the organization recover quickly.
As threats grow in both frequency and severity, cyber insurance is a must-have investment that all organizations, irrespective of their size, must consider. In a digital and hyper-connected world, running a business without a cyber insurance policy is like riding a car without brakes, both risky and reckless.
Author is SVP, technology services at Xceedance.
Disclaimer: Views expressed are personal and do not reflect the official position of the author’s institution or policy of Financial Express Online. Reproducing this content without permission is prohibited.