Cybersecurity gaps persist in data privacy and incident response - ETCISO.in

Cybercrime & Fraud 1 min read Cybersecurity gaps persist in data privacy and incident response Indian enterprises exhibit a cybersecurity maturity score of 6.3 out of 10, with significant gaps in access provisioning, data disposal, and incident management. Despite digital transformation, many organizations struggle with secure configurations and patch management, leaving them vulnerable to prevalent threats like Trojans and advanced attacks. ETCISO Desk Agencies Updated On Apr 21, 2026 at 09:09 AM IST Indian enterprises continue to face gaps in cybersecurity maturity even as digital transformation expands their attack surface. According to the India Cyber Threat Report 2026, based on insights from more than 180 organizations, India’s average cybersecurity maturity score stood at 6.3 out of 10. The report also noted 265.52 million detections across more than 8 million endpoints in 2025, averaging 505 detections per minute. The survey found weaknesses across multiple areas. While 74.6% of organizations have implemented data classification frameworks, gaps remain in access provisioning, secure data disposal and least-privilege enforcement. It also found that 27.6% of organizations do not have an incident management process, limiting their ability to detect, contain or recover from breaches effectively. Webinar From shadow AI to secure access Employees across your organisation could be using unauthorised AI tools and uploading content to social media platforms daily, creating security blind spots and compliance risks. Thu, 23 Apr 2026 Register Now Event Leveraging AI to Strengthen Threat Investigation and Response Organizations in India are navigating a rapidly evolving threat landscape, where attacks are more targeted, investigations are more complex, and alert volumes continue to rise. Many security teams are asking the same question: how can we scale investigation and response without overloading analysts or slowing down decision-making? Organizations operate in very different environments, but from a cybersecurity standpoint, they are dealing with the same core challenges, including protecting sensitive data, managing third-party risk, and maintaining operations under constant threat. The idea today is to look at where those challenges overlap. This roundtable will bring together security leaders to explore how AI is being applied in real-world Security Operations environments. Rather than focusing on theory, the discussion will center on practical experiences, challenges, and lessons learned. Fri, 24 Apr 2026 Taj Santacruz, Mumbai Register Now Webinar Unified AI Security A Strategic Framework for Protecting AI Apps and Workloads Thu, 07 May 2026 Register Now Event ETCISO Identity & Access Management Summit 2026 The ETCISO Identity & Access Management Summit convenes security and risk leaders to decode what “Identity 2.0” means in practice—modern authentication, identity governance at scale, privileged access control, and AI-powered defense strategies—to help enterprises secure access, reduce identity risk, and stay audit-ready with provable controls in an increasingly complex threat landscape. Fri, 08 May 2026 Taj Santacruz , Mumbai Register Now 10 Speakers Event ETCISO Decrypt 2026 With cybersecurity now among the TOP ENTERPRISE RISKS GLOBALLY, organisations face increasing challenges from AI-powered attacks, ransomware evolution, and expanding digital ecosystems. In this environment, CISOs are transitioning from security operators to enterprise risk leaders. The 7th Edition of DECRYPT 2026 provides a platform for cybersecurity decision-makers to gain strategic insights, share resilience strategies, and engage in peer-driven discussions. Thu, 25 Jun 2026 Taj Santacruz, Mumbai Register Now 10 Speakers Award The Economic Times Enterprise Security Awards 2026 Celebrating India’s finest across creativity, craft, and design. A definitive platform honouring ideas that blend culture, innovation, and measurable impact to drive relevance, value, and growth. Nominations till Wed, 10 Jun 2026 Nominate Now Show More Secure configuration and patch management also remain weak. Many organizations continue to operate end-of-life systems without mitigation, while patching practices are inconsistent, with some prioritizing only critical updates and others lacking a structured process altogether. The report notes that these weaknesses are significant in the context of a broader threat landscape in which Trojans and infectors account for nearly 70% of attacks, and behavior-based detections blocked more than 34 million advanced threats. It also highlights regulatory implications under India’s Digital Personal Data Protection Act, 2023, which requires stronger data governance, including classification, consent management, breach notification and safeguards. The report says gaps in data security and incident response can directly affect compliance readiness, especially where exposed assets lead to the leakage of personal data through misconfigurations or unpatched vulnerabilities. By ETCISO Desk Agencies Published On Apr 21, 2026 at 09:09 AM IST See more on: cybersecurity maturity, data protection, India Cyber Threat Report, cyber threats in India, data security gaps