According to Gemalto’s 2017 Breach Level Index report, there were 29 data breach incidents in India in 2017 – a 20% increase on the previous year.
These include the malicious outsider attack on food delivery app Zomato and the Reliance Jio customer database leak.
Key findings of the 2017 Breach Level Index report
In 2017, the Asia-Pacific region experienced 113 data breaches – a 24% drop from 2016. The region now accounts for just 7% of breaches worldwide.
India is one of only two Asia-Pacific countries listed in the report that saw an increase in the number of data breaches from 2016.
The study also found that worldwide there are:
- 7,125,940 compromised records every day;
- 296,914 compromised records every hour;
- 4,949 compromised records every minute; and
- 82 compromised records every second.
2018 has already seen several data breaches hit India
In April 2018, the website of India’s ministry of defence was reportedly hacked, leaving visitors unable to access the website.
More recently, a number of Andhra Pradesh government websites have suffered a string of data breaches.
Inc42 reported earlier this month that customer information was published by an unsecured dashboard on the Anna Sanjivini website, breaching the draft of the Digital Information in Healthcare Security Act (DISHA).
Another Andhra Pradesh government website was revealed to track state-run ambulances in real time, allowing anyone to monitor their movement and access patient information. This sparked concerns about the absence of data security laws in India; a report forming the basis of a data privacy law is expected to be submitted soon by the Justice BN Srikrishna Committee.
Growing need for Indian organisations to be cyber secure
The report’s findings, along with the recent data breaches, highlight the urgent need for organisations across India to better protect their data.
Organisations should look to adopt best-practice information security standards to protect themselves, such as ISO 27001, the international standard that describes best practice for an information security management system (ISMS).
At the heart of an ISO 27001-compliant ISMS are business-driven risk assessments, which will enable you to identify and treat security threats according to your organisation’s risk appetite and tolerance.
Benefits of ISO 27001 certification
An organisation with ISO 27001 certification will:
- Avoid penalties and financial losses due to data breaches;
- Meet increasing client demands for greater data security;
- Protect and enhance its reputation;
- Get independently audited proof that its data is secure; and
- Meet local and global security laws, such as the EU General Data Protection Regulation (GDPR).