A survey from Cyberbit revealed that over 61% of organizations in India do not have enough cybersecurity training modules to train their workforce. It is found that most of the companies rely upon on-the-job training for their Security Operations Center (SOC) team. Over 90% of organizations are not disclosing their security teams to the MITRE ATTCK framework, and only 32% of companies are aligning their training to MITRE. MITRE ATTCK is a globally accessible knowledge base of cybercriminals tactics on real-world observations of cyberattacks.
Nearly 89% of organizations still depend on classroom training, external certificates, and tabletop exercises, which do not provide practical skills. The survey also claimed that organizations know their employees need cybersecurity training but are not implementing any. However, 11% of organizations stated they have deployed a cyber range that exposes SOC teams to simulated cyberattacks.
India Witnessed 1.45 Mn Cyberattacks
Computer Emergency and Response Team – India (CERT-In) recorded over 1.45 million cybersecurity incidents including breaches and hacks between 2015 and 2020. According to India’s Ministry of Electronics and Information Technology (MeITY), Cert-In reported 49,455, 50,362, 53,117, 208,456, 394,499 and 696,938 cybersecurity incidents during the year 2015, 2016, 2017, 2018, 2019 and 2020 (till August) respectively. The figures were out after the ministry was asked about growing cyberattacks targeting Indian citizens as well as commercial and legal entities. According to a report, released by the U.S. Internet Crime Complaint Centre of the Federal Bureau of Investigation, India stands third in the world among the top 20 countries that are victims of internet crimes. Reports also suggest that the number of internet users in India has grown six-fold between 2012-2017 with a compound annual growth rate of 44%.