Cyber Resilience in India: A Reality Check

• 97% of Indian IT leaders believe their current cyber resilience measures are effective, yet ransomware attacks continue to rise and cost organizations billions of dollars per year.
• Only 53% of Indian IT leaders say their cyber resilience strategy is up-to-date in preparation for modern attacks in response to the rise of AI.
• While 59% of Indian IT leaders expect to face a significant failure scenario within the next 12 months, 67% have already experienced one in the last 12 months.

A recent survey by Zscaler, the leader in cloud security, has revealed a significant disconnect between confidence in cyber resilience and the reality of preparedness among Indian organizations. The study, which surveyed IT decision-makers in 12 countries, highlights that while 97% of Indian IT leaders believe their cyber resilience measures are effective, an alarming 67% acknowledge that the budget allocated for resilience does not meet the growing threat landscape. Furthermore, only 53% of organizations in India have updated their cyber resilience strategy to combat AI-driven threats, raising concerns about the country’s readiness for modern cyberattacks.

Cyber Resilience Demands Stronger Leadership Commitment in India

The report underscores a critical issue – while 57% of Indian IT leaders say cyber resilience is a top priority for their leadership (compared to the global average of 39%), this focus is yet to translate into sufficient funding and proactive strategies. Additionally, 70% of Indian organizations do not involve Chief Information Security Officers (CISOs) in resilience planning, reinforcing a siloed approach that limits strategic alignment and effective execution.

“The possibility of a major failure scenario for organizations is not an ‘if’ but ‘when’, as the statistics in our report show,” said Jay Chaudhry, CEO, Chairman, and Founder of Zscaler. “It proves the need for proactive resilience to combat and mitigate inevitable incidents before they become a significant issue for business continuity. Proactive resilience is essential to address incidents before they threaten business continuity. Cyber resilience is foundational to overall business resilience, and outdated firewalls and VPNs allow persistent attacks, making a Zero-Trust architecture crucial for defending against advanced threats. Leadership must collaborate with IT teams to develop a strong cyber resilience strategy based on Zero Trust, preparing for and mitigating the impact of sophisticated AI-driven attacks. We call this becoming ‘Resilient by Design’.”

Over-Reliance on Prevention Leaves Indian Organizations Vulnerable

Despite growing threats, Indian businesses continue to overly prioritize prevention, with 61% of IT leaders identifying complex IT infrastructure as the top barrier to resilience. The study also finds that while 94% of Indian IT leaders believe in the resilience-enhancing potential of cloud solutions—the highest globally—many organizations remain reliant on legacy security models.

Moreover, only 43% of Indian organizations use risk hunting to mitigate the blast radius of cyber-attacks, and less than half adopt proactive measures like Zero Trust micro-segmentation (45%) or deception technologies (39%).

“India’s digital transformation is unlocking new opportunities but also increasing cyber risks, especially with the rise of GenAI-driven threats and evolving regulations like the DPDP Act,” said Ananth Nag, Vice President and Managing Director, India at Zscaler. “To bridge the gap between confidence and preparedness, organizations must simplify IT infrastructure, leverage AI-powered security, and adopt proactive risk-hunting tools. With GenAI accelerating attack sophistication, traditional security is no longer enough. At the same time, DPDP Act compliance requires a stronger focus on data protection and governance. By embedding Zero Trust principles, businesses can enhance resilience, meet regulatory requirements, and secure long-term digital growth. A proactive cybersecurity approach ensures they stay ahead of emerging threats while maintaining business continuity and innovation in an ever-evolving digital landscape.”

A Zero Trust Architecture Enables a Resilient by Design Approach

To mitigate cyber resilience risk, organizations should embed visibility and control into their security strategy. Understanding failure scenarios more quickly and thoroughly based on the insights from an AI-powered cloud security platform to mitigate the blast radius of an incident strengthens the resilience posture. This outcome is what Zscaler enables with a ‘Resilient by Design’ approach. Because cyber threats evolve and advance so quickly, Zscaler leverages AI to dynamically adjust access based on changing risk. The Zscaler Zero Trust Exchange reduces risk across all four stages of the attack chain and supports a ‘Resilient by Design’ approach:

• Minimize the attack surface
• Prevent initial compromise
• Eliminate lateral movement

Published On Mar 13, 2025 at 09:01 AM IST

Join the Community

Join the community of 2M+ industry professionals. Subscribe to our newsletter to get the latest insights & analysis.

Download ETCISO App

Get Realtime updates, Save your favourite articles. Scan to download the App.

Available on Play Store and App Store.