McAfee study - India is fourth lowest in security adoption !

McAfee and the Center for Strategic and International Studies (CSIS) revealed the findings from a global report 'In the Dark, Crucial Industries Confront Cyber attacks' that reflects the cost and impact of cyber attacks on critical infrastructures. Critical infrastructure refers to computer systems of vital economic assets such as power grids, railways, nuclear energy plants, etc. that make strong targets for criminal threats, industrial espionage and politically motivated sabotage.

According to the report findings, India ranked fourth in terms of lowest levels of security adoption after Brazil, France and Mexico, adopting only half as many security measures as leading countries such as China, Italy and Japan. Concurrently, China and Japan were also among the countries with the highest confidence levels in the ability of current laws to prevent or deter attacks in their countries.

The report states that currently only 60 percent of the Indian respondents had claimed to deploy a threat monitoring service and use software update and patch management service; 40 percent revealed having policies prohibiting USB stick usage and policy enforcement on unauthorized software. None of the Indian respondents claimed to adopt any security measures for smart grid controls. Also 60 percent of the respondents have been victims of extortion or cyber attack in the past two years.

Michael Sentonas, VP, Chief Technology Officer, Asia Pacific, McAfee commented, "Threats to assets in a wide range of core sectors continue to emerge and evolve in complexity with far- reaching ramifications on a nation's critical infrastructures. Today's rapidly proliferating threats require enterprises to adopt a comprehensive risk-based approach with stronger network controls."

The report states that currently only 60 percent of the Indian respondents had claimed to deploy a threat monitoring service and use software update and patch management service; 40 percent revealed having policies prohibiting USB stick usage and policy enforcement on unauthorized software. None of the Indian respondents claimed to adopt any security measures for smart grid controls. Also 60 percent of the respondents have been victims of extortion or cyber attack in the past two years.

The survey comprised 200 IT security executives from global critical electricity infrastructure enterprises in 14 countries, including India and the findings suggest that the rate of security adoption in enterprises is not commensurate with the rapid growth of threats.