A new global study by Cohesity, a leader in AI-powered data security and resilience, has found that while Indian organisations are rapidly adopting cybersecurity strategies, nearly 50% still face major gaps in recovery capabilities after a cyberattack. The report, titled “Risk-Ready or Risk-Exposed: The Cyber Resilience Divide”, surveyed over 3,200 IT and security decision-makers across eleven countries to examine how prepared enterprises truly are to withstand and recover from modern cyber threats.
Despite growing investment in data protection tools, 61% of Indian respondents said their organisations experienced a material-impact cyberattack in the past year. The findings reveal a sharp divide between perceived preparedness and actual response capability — particularly in data recovery and cross-functional coordination.
“Confidence runs high, but reality lags — many overestimate their level of resilience,” said Mayank Mishra, Regional Director, Sales, India & SAARC at Cohesity. “True resilience is proven only after a breach, not before it.”
Ransom Payments Persist Amid Recovery Failures
The report paints a concerning picture of post-attack behaviour. 83% of Indian organisations admitted to paying ransom demands following a breach, and one-third (32%) disclosed ransom payments exceeding US$1 million (₹8.87 crore). The persistence of ransom payouts suggests that many organisations lack the recovery speed and confidence required to resume operations independently.
Almost all Indian respondents (99%) reported that data restoration after an attack takes longer than 24 hours, with 12% needing a full week or more. This prolonged downtime translates into significant financial and reputational loss, undermining the perceived benefits of existing cyber resilience strategies.
Only 10% of Indian organisations demonstrated maturity across all five core areas of resilience — data protection, data recovery, threat detection and investigation, application resilience, and data risk optimisation — underscoring the gap between preparedness and performance.
Coordination Gaps and GenAI Risks Widen the Divide
Cohesity’s research also highlights a lack of coordination between IT, security, legal, and business teams during cyber incidents. 66% of Indian respondents acknowledged weak cross-functional communication during attacks, while nearly half cited leadership pressure to restore systems before threats were fully remediated.
The study further warns that the rapid adoption of Generative AI has outpaced organisational risk frameworks. 85% of Indian IT and security leaders said GenAI is advancing faster than their companies can safely manage, increasing exposure to data leakage and model manipulation. Yet most recognise GenAI’s potential to improve detection, response, and recovery when deployed responsibly.
Mishra stressed that the next phase of cyber resilience will require automated response and recovery solutions that can minimise downtime and enable faster restoration. “Traditional disaster recovery models are no longer enough,” he said. “Organisations must integrate AI-driven resilience strategies to anticipate, absorb, and recover from cyber disruptions with agility.”
Bridging the Gap Between Confidence and Capability
As India’s digital economy scales, the Cohesity report underscores an urgent need for real-world resilience testing, not just policy declarations. Experts warn that high confidence levels among Indian enterprises often mask fragile recovery mechanisms, which could prove catastrophic during large-scale ransomware or data integrity attacks.
Analysts suggest that improving inter-departmental collaboration, AI-assisted incident response, and data integrity verification will be key to turning resilience from a buzzword into a measurable strength.
