A new global study by Cohesity, a leader in AI-powered data security and resilience, shows that despite widespread adoption of cyber resilience strategies in India, about 50 percent of organizations have gaps that need addressing.

The ‘Risk-Ready or Risk-Exposed: The Cyber Resilience Divide’ report, which was pulled from 3,200 IT and security decision-makers in eleven countries, reveals the reality of the resilience divide – highlighting that while cyber threats are escalating in both volume and complexity, many organizations remain ill-equipped to respond effectively. This disconnect is leading to measurable business impact—financially, operationally, and reputationally—amid misplaced confidence in their cyber resilience.

According to respondents, companies’ cyber resilience strategies are under mounting pressure amid a worsening threat environment. 61 percent of Indian respondents confirmed their organization had experienced a cyberattack with material impact in the past 12 months.

Results indicate that data recovery remains a significant challenge in India, almost all (99 percent) of Indian respondents said it takes their organizations more than 24 hours to restore data from backups after a cyberattack, with 12 percent needing at least a week.

Ransom Payments Persist with Cybercriminals Cashing In
The business impact is undeniable. Over eight in ten Indian organizations (83 percent) paid a ransom after a cyberattack in the past year, while 32 percent have paid ransom(s) of $1,000,000/ Rs. 8,87,00,000 or higher.
This underscores that resilience gaps directly translate into financial and reputational damage.

Also Read: WAVES Summit 2025: Paving Way for Tech Pluralism

Resilience as Competitive Advantage
True resilience depends on the practices and capabilities that back them up. However, when assessed against real-world performance criteria, only 10 percent of organizations in India demonstrate maturity across five essential areas: data protection, data recovery, threat detection and investigation, application resilience, and data risk optimization.

The Key Hurdles Teams Faced
Amongst the top challenges experienced during a cyberattack was the inability to communicate or coordinate internally when critical systems — such as email, collaboration tools, and ticketing platforms — were down. This was on par with challenges where security tools were evaded and backups were targeted. Both were cited by 49 percent of respondents in India. 47 percent stated that there was pressure from leadership to restore systems before the attack was remediated.

Also Read: AI Appreciation Day: From Innovation to Transformation

Two-thirds (66 percent) of Indian organizations admitted to gaps in cross-functional coordination — particularly between IT, security, legal, and business operations — during a cyberattack.

GenAI Adoption Accelerates Beyond Risk Tolerance
The study additionally highlights a parallel challenge. As enterprises integrate new forms of AI into daily operations, many IT functions are struggling with the speed and scale of GenAI adoption. Eighty-five percent of Indian IT and security leaders said GenAI is advancing faster than their organizations can safely manage risks. Yet most also recognize its transformative potential to improve detection, response, and recovery.

“In India, the importance of cyber resilience cannot be overstated,” says Mayank.

Also Read: The Global Fintech Fest 2025: Enabling Finance for Better World

Organizations can no longer rely on traditional disaster recovery approaches alone. The evolving threat landscape calls for a proactive strategy that focuses on resilience across five key areas: data protection, data recovery, threat detection and investigation, application resilience, and data risk posture optimization. Equally important is the adoption of automated response and recovery solutions, which help minimize downtime, limit operational and financial impact, and enable businesses to bounce back swiftly and confidently when cyberattacks occur.