Cybersecurity gaps persist in data privacy and incident response - ETCISO.in

Cybercrime & Fraud 1 min read Cybersecurity gaps persist in data privacy and incident response Indian enterprises exhibit a cybersecurity maturity score of 6.3 out of 10, with significant gaps in access provisioning, data disposal, and incident management. Despite digital transformation, many organizations struggle with secure configurations and patch management, leaving them vulnerable to prevalent threats like Trojans and advanced attacks. E Agencies Published On Apr 21, 2026 at 09:09 AM IST Copy Link Share on WhatsApp Share on Linkedin Share on X Share on Telegram Share on Facebook Indian enterprises continue to face gaps in cybersecurity maturity even as digital transformation expands their attack surface. According to the India Cyber Threat Report 2026, based on insights from more than 180 organizations, India’s average cybersecurity maturity score stood at 6.3 out of 10. The report also noted 265.52 million detections across more than 8 million endpoints in 2025, averaging 505 detections per minute. The survey found weaknesses across multiple areas. While 74.6% of organizations have implemented data classification frameworks, gaps remain in access provisioning, secure data disposal and least-privilege enforcement. It also found that 27.6% of organizations do not have an incident management process, limiting their ability to detect, contain or recover from breaches effectively. Secure configuration and patch management also remain weak. Many organizations continue to operate end-of-life systems without mitigation, while patching practices are inconsistent, with some prioritizing only critical updates and others lacking a structured process altogether. The report notes that these weaknesses are significant in the context of a broader threat landscape in which Trojans and infectors account for nearly 70% of attacks, and behavior-based detections blocked more than 34 million advanced threats. It also highlights regulatory implications under India’s Digital Personal Data Protection Act, 2023, which requires stronger data governance, including classification, consent management, breach notification and safeguards. The report says gaps in data security and incident response can directly affect compliance readiness, especially where exposed assets lead to the leakage of personal data through misconfigurations or unpatched vulnerabilities. By , Agencies Published On Apr 21, 2026 at 09:09 AM IST See more on: cybersecurity maturity, data protection, India Cyber Threat Report, cyber threats in India, data security gaps Telegram Facebook Copy Link Comments What are your thoughts? Comment Now Read Comment (1)