Is your identity security ready?
This article is authored by Nitin Varma, senior vice president and managing director, India and SAARC, Saviynt.
According to a report by Data Security Council of India (DSCI), India recorded nearly one million ransomware incidents in 2024, part of a broader spike of 370 million malware attacks across over eight million devices, averaging 702 detections per minute. This staggering volume underscores not only the growing scale of the threat but also the urgent need to modernise cybersecurity postures across sectors.
India now ranks as the second most targeted country globally for cyberattacks, placing critical sectors such as financial institutions, health care systems, energy infrastructure, and public services at heightened risk. A notable case is the ICICI Bank data breach, where the BASHE ransomware group allegedly exposed sensitive customer data and revealed vulnerabilities within even the most secure systems.
As ransomware tactics become more advanced, employing supply‑chain compromises, AI‑powered phishing, and double‑extortion, organisations must shift from reactive cybersecurity to proactive resilience. Central to this shift is identity security: with CISA reporting that 90 % of initial access in critical‑infrastructure breaches comes from identity compromise, robust identity controls and privilege management are essential. Adopting zero-trust principles, multi‑factor authentication, and comprehensive Identity Threat Detection and Response (ITDR) not only curtails the initial foothold but also limits ransomware’s lateral movement through interconnected systems
As more organisations adopt multi-cloud architectures, managing identities across multiple platforms has become increasingly challenging. With the explosion of both human and non-human identities, organisations are recognising the critical need to centralise control, seeking a converged solution that secures every workload and every user, no matter where they operate.
Mitigating unauthorised access is a critical component of multi-cloud identity management, especially when dealing with compromised credentials. Traditional login and password-based solutions are no longer adequate, as ransomware gangs increasingly obtain credentials through phishing attacks or dark web marketplaces. To address this, current identity solutions utilise machine learning to evaluate user behaviour in real time, detecting anomalies such as login attempts from unusual locations or unfamiliar devices and quickly reporting or restricting access, even if the credentials appear to be valid.
Also, Adaptive Multi-Factor Authentication (MFA) is changing how the organisation validates the user by assessing the risk level of each login attempt, considering factors such as the device health, user location, and access time. This ensures a balance between robust security and user convenience, tailoring authentication for the risk posed by each session.
Zero-trust is emerging as a major component of enterprise cybersecurity. Unlike traditional perimeter-based security, zero-trust believes that any person, device, and application can be hacked. Access is granted based on least privilege, and all actions are constantly validated.
Gartner strongly advocates the use of zero-trust to reduce lateral movement, a method frequently used by ransomware criminals to expand via internal networks once they have gained a foothold. According to the 2025 Cyberthreat Protection Predictions and Trends study, 81% of firms worldwide have adopted zero-trust as a key component of their cybersecurity strategy.
The digital infrastructure of modern organisations no longer has a stable collection of servers and endpoints. IOT (Internet of Things), OT, and DevOps create highly dynamic settings requiring real-time monitoring in pipelines.
This is where continuous compliance becomes essential. Instead of relying solely on periodic audits, organisations are shifting to adaptive, real-time compliance models that continuously monitor systems, identities, and access permissions to ensure adherence to regulatory and internal security policies 24/7.
But more than just meeting compliance requirements, this shift reflects a broader move toward proactive identity security. Organisations are increasingly adopting modern Identity Security Posture Management (ISPM) solutions like Saviynt’s, which offer continuous visibility, risk insights, and automated controls, not just to check a compliance box, but to strengthen their security posture against emerging threats.
As the number of ransomware attacks increases, traditional cybersecurity models are proving ineffective. Modern identity security providers leverage AI-driven behavioural monitoring, Zero Trust principles, adaptive authentication, and compliance methods to proactively prevent these threats.
To compete with the next wave of ransomware attacks, businesses must prioritize identity-centric security. This involves recognising the dangers, controlling the lateral movement and responding quickly to suspicious activities. By strengthening identity and access restrictions, businesses can significantly reduce the surface and contain breaches before they completely turn into ransomware attacks.
Investing in strong identity security is not only an IT choice but rather a corporate need in a time when infrastructure is under constant attack and data is a currency.
This article is authored by Nitin Varma, senior vice president and managing director, India and SAARC, Saviynt.
One Subscription.
Get 360° coverage—from daily headlines
to 100 year archives.
HT App & Website
