- Survey reveals urgent need for prioritisation of network and security architecture transformation and adoption of a Zero Trust ‘Resilient by Design’ approach for cyber resilience strategies in the face of inevitable future attacks
- 97% of Indian IT leaders ‘believe’ their current cyber resilience measures are effective, yet ransomware attacks continue to rise and cost organizations billions of dollars per year.
- But only 53% of Indian IT leaders say their cyber resilience strategy is up-to-date in preparation for modern attacks in response to the rise of AI.
- While 59% of Indian IT leaders expect to face a significant failure scenario within the next 12 months, 67% have already experienced one in the last 12 months.
India, March 12, 2025 – A recent survey by Zscaler, the leader in cloud security, has revealed a major disconnect between confidence in cyber resilience and the reality of preparedness among Indian organizations. The study, which surveyed IT decision-makers in 12 countries, highlights that while 97% of Indian IT leaders believe their cyber resilience measures are effective, an alarming 67% acknowledge that the budget allocated for resilience does not meet the growing threat landscape. Additionally, only 53% of organizations in India have updated their cyber resilience strategy to combat AI-driven threats, raising concerns about the country’s readiness for modern cyberattacks.
Cyber Resilience Demands Stronger Leadership Commitment in India
The report underscores a critical issue – while 57% of Indian IT leaders say cyber resilience is a top priority for their leadership (compared to the global average of 39%), this focus is yet to translate into sufficient funding and proactive strategies. Additionally, 70% of Indian organizations do not involve CISOs in resilience planning, reinforcing a siloed approach that limits strategic alignment and effective execution.
“The possibility of a major failure scenario for organizations is not an ‘if’ but ‘when’, as the statistics in our report show,” said Jay Chaudhry, CEO, Chairman and Founder, Zscaler. “It proves the need for proactive resilience to combat and mitigate inevitable incidents before they become a significant issue for business continuity. Proactive resilience is essential to address incidents before they threaten business continuity. Cyber resilience is foundational to overall business resilience, and outdated firewalls and VPNs allow persistent attacks, making a zero trust architecture crucial for defending against advanced threats. Leadership must collaborate with IT teams to develop a strong cyber resilience strategy based on Zero Trust, preparing for and mitigating the impact of sophisticated AI-driven attacks. We call this becoming ‘Resilient by Design’.”
Over-Reliance on Prevention Leaves Indian Organizations Vulnerable
Despite growing threats, Indian businesses continue to overly prioritize prevention, with 61% of IT leaders identifying complex IT infrastructure as the top barrier to resilience. The study also finds that while 94% of Indian IT leaders believe in the resilience-enhancing potential of cloud solutions—the highest globally—many organizations remain reliant on legacy security models.
Moreover, only 43% of Indian organizations use risk hunting to mitigate the blast radius of cyber-attacks, and less than half adopt proactive measures like Zero Trust micro-segmentation (45%) or deception technologies (39%).
“India’s digital transformation is unlocking new opportunities but also increasing cyber risks, especially with the rise of GenAI-driven threats and evolving regulations like the DPDP Act,” said Ananth Nag, Vice President and Managing Director, India at Zscaler. “To bridge the gap between confidence and preparedness, organizations must simplify IT infrastructure, leverage AI-powered security, and adopt proactive risk-hunting tools. With GenAI accelerating attack sophistication, traditional security is no longer enough. At the same time, DPDP Act compliance requires a stronger focus on data protection and governance. By embedding Zero Trust principles, businesses can enhance resilience, meet regulatory requirements, and secure long-term digital growth. A proactive cybersecurity approach ensures they stay ahead of emerging threats while maintaining business continuity and innovation in an ever-evolving digital landscape.”
A Zero Trust architecture enables a Resilient by Design approach
To mitigate cyber resilience risk, organizations should embed visibility and control into their security strategy. Understanding failure scenarios more quickly and thoroughly based on the insights from an AI-powered cloud security platform to mitigate the blast radius of an incident strengthens the resilience posture. This outcome is what Zscaler enables with a ‘Resilient by Design’ approach. Because cyber threats evolve and advance so quickly, Zscaler leverages AI to dynamically adjust access based on changing risk. The Zscaler Zero Trust Exchange reduces risk across all four stages of the attack chain and supports a ‘Resilient by Design’ approach:
- Minimize the attack surface
- Prevent initial compromise
- Eliminate lateral movement
- Stop data loss
The full survey report ‘Unlock the Resilience Factor: Why Resilient by Design is the Next Cyber Security Imperative’ can be downloaded via this link.
Methodology
In December 2024, Zscaler commissioned Sapio Research to conduct a survey of 1,700 IT decision-makers (IT leaders) across 12 markets (Australia, France, Germany, India, Italy, Japan, Netherlands, Singapore, Spain, Sweden, UK & Ireland, US). These IT leaders work at companies with 500+ employees and across industries.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream formerly known as CIO News LinkedIn Account | The Mainstream formerly known as CIO News Facebook | The Mainstream formerly known as CIO News Youtube | The Mainstream formerly known as CIO News Twitter
About us:
The Mainstream formerly known as CIO News is a premier platform dedicated to delivering latest news, updates, and insights from the tech industry. With its strong foundation of intellectual property and thought leadership, the platform is well-positioned to stay ahead of the curve and lead conversations about how technology shapes our world. From its early days as CIO News to its rebranding as The Mainstream on November 28, 2024, it has been expanding its global reach, targeting key markets in the Middle East & Africa, ASEAN, the USA, and the UK. The Mainstream is a vision to put technology at the center of every conversation, inspiring professionals and organizations to embrace the future of tech.
