As per findings in the recent handbook titled “Cybersecurity for SMEs & Startups” by CyberPeace Foundation (CPF), a leading civil society organization and think tank of cybersecurity and policy experts, startups and SMEs remain the most vulnerable segment in India when it comes to cyberattacks. The eBook is being launched in joint collaboration with the United Nations Global Compact Network (UNGCNI), Autobot Infosec and The Institution of Electronics and Telecommunication Engineers (IETE). The eBook not only reveals key findings of cybersecurity vulnerabilities in the Indian startup & SME ecosystem but also recommends best practices to avoid the same.
When it comes to the most common challenges faced by organizations, one of the most critical ones is the cybersecurity risks. They interrupt the functioning of an organization and compromise the confidentiality, integrity, and availability (CIA) of valuable information assets. However, the cybersecurity risks themselves stretch across a broad spectrum.
As per the findings in the eBook, the most common forms of cybersecurity challenges faced by startups are –
Negligence by employees: The most common forms of employee negligence which lead to cyberattacks including data breaches are accidental loss of the device containing confidential data, leaving the workstation unprotected or unattended, sharing confidential information such as passwords via paper notes & remote working using an unsecured or public network connection.
Employee Mobility: With COVID19 prompting startups & SMEs to institute work from home policies, the potential for cyberattacks has increased manifold. Most employees tend to use personal unsecured devices to do work which results in data breach. IoT devices used by employees are often unsecured which results in the maximum number of data breaches.
Most common types of cyberattacks faced by startups & SME’s are Ransomware, Cyptojacking, Phishing, Password targeting attacks & APT attacks.
Talking about the findings & report, Vineet Kumar, Founder and President, CyberPeace Foundations, said, ”On one hand India is the 3rd largest startup nation in the world while on the other hand majority of Indian startups & SMEs routinely disregard cybersecurity. The challenge is exacerbated by SMEs who may not have the knowledge or understanding of cybersecurity. I think startups and SMEs are particularly lax in terms of ensuring #cybersecurity, they only take it seriously after the breach has happened, which is very irresponsible. With the launch of the eBook, we hope to address the problem and create more awareness for budding startups & SMEs who are building businesses online.”
Launching the eBook on CyberSecurity for SMEs and Start-ups, Lt. General (Dr.) Rajesh Pant, PVSM, AVSM, VSM, National Cyber Security Coordinator (NCSC), Prime Minister’s Office mentioned, “To know how to defend yourselves or your organization, it is important to understand how the attacks happen and what methodology do cyber predators use to harm organizations. October is considered as “CyberSecurity Month” and seeing that everyone across the nation is taking initiative and coming up with this eBook is very relevant and I compliment everyone for this.”
Commenting on the grave issue, Dr. Jagdish Bakal, President, The Institution of Electronics and Telecommunication Engineers (IETE) said, ”As per the Government of India, India has the 3rd largest startup ecosystem in the world; expected to witness YoY growth of consistent annual growth of 12-15%. India has about 50,000 startups in India in 2018; around 8,900 – 9,300 of these are technology-led startups 1300 new tech startups were born in 2019 alone implying there are 2-3 tech startups born every day. The pace of growth in the startup ecosystem has increased to 15% year-on-year in 2018, while the growth of the number of incubators and accelerators has grown to 11%.”
very good