Cyber Security Spend by Indian Firms Down 17 Per Cent: PwC

Published: 21st October 2014 01:02 AM  |   Last Updated: 21st October 2014 01:02 AM   |  A+A-


NEW DELHI: Average security spend by Indian firms has come down by 17 per cent to USD 4 million this year even as information security breaches have become more frequent and damaging.

According to consultancy firm PwC, Indian companies spent an average of about USD 4.8 million on security last year.

This is despite the average cost of a security incident for Indian companies spiralling to USD 414 in 2014, from USD 194 in 2013.

"The average cost of a security incident for Indian companies has more than doubled from USD 194 in 2013 to USD 414 in 2014 and there has been a 20 per cent increase in the average losses as a consequence," said the PwC report - State of the Information Security Survey - India 2015.

However, even as information security breaches become more frequent and damaging, Indian companies have reduced the average security spending, it added.

"As organisations move ahead and embrace new technologies without fully comprehending the implications, they are becoming susceptible to an array of cyber-security threats and these threats today have become increasingly complex," said the report.

Even with the growing impact that cyber security incidents can have on the entire enterprise, boards of organisations remain oblivious and continue to treat cyber security as an IT problem, it added.

"Cyber security is no longer an issue that concerns only  IT and security professionals. The impact has extended to the C-suite and boardroom," PwC ED and Leader (India Cyber Security, Governance Risk and Compliance Services) Sivarama Krishnan said.

It is now a persistent business risk. Awareness and concern about such security incidents and threats are a priority for the consumers as well, he added.

The report revealed that current and former employees have been cited by respondents as the most common causes of incidents.

Loss of data through associations with customers and vendors also contribute to a reasonable chunk of incidents caused by insiders. The lack of effective mechanisms to manage risks to data stemming from third parties is largely responsible, it said.


Disclaimer : We respect your thoughts and views! But we need to be judicious while moderating your comments. All the comments will be moderated by the editorial. Abstain from posting comments that are obscene, defamatory or inflammatory, and do not indulge in personal attacks. Try to avoid outside hyperlinks inside the comment. Help us delete comments that do not follow these guidelines.

The views expressed in comments published on are those of the comment writers alone. They do not represent the views or opinions of or its staff, nor do they represent the views or opinions of The New Indian Express Group, or any entity of, or affiliated with, The New Indian Express Group. reserves the right to take any or all comments down at any time.

flipboard facebook twitter whatsapp