MUMBAI: Globally, companies on an average take 7 days (162 hours) to respond to cybersecurity breaches while Indian companies’ average response time is 9 days (222 hours). Two days of delay is a very long time in cybersecurity. And that makes India Inc among the worst performers when it comes to dealing with attacks on their IT systems. And Indian IT security teams’ biggest worry? Attacks from China.The revealing data comes from a study by US cyber tech firm CrowdStrike . The firm covered around 300 senior IT decision-makers and IT security professionals from India as part of a survey of 1,900 professionals across countries.While up to 97% of the Indian professionals surveyed said that cyberattacks sponsored by malicious and unfriendly countries posed a clear danger to companies, 43% of senior IT decision makers from India said China was the country that most worried them when it came to the potential origin of a nation state-sponsored cyberattack. The global average for respondents pegging China as a potential origin of attack was lower, at 35%.Typically, organisations across the world, in the event of a cyberattack, are able to discover the identity of a ‘threat actor’ half way through their investigation. Indian organisations, however, are able to zero down on the identity of the attacker only after 75% of the investigation process is completed, showing a lack of preparedness in dealing with online attacks, which is increasingly becoming a norm globally.“Organisations are challenged to achieve the kind of speed required to match sophisticated nation state and eCrime adversaries known to be targeting organisations, from governments to enterprises,” said Thomas Etheridge, vice president of CrowdStrike Services . The study comes at a time when India is witnessing a spate of cyberattacks on its institutions. The Nuclear Power Corporation of India Ltd (NPCIL) in October said that its nuclear plant in Kudankulam in Tamil Nadu was subject to a cyber breach with a malware found in its systems. Cyber attackers also targeted Indian Space Research Organisation ahead of its Chandrayaan-2 mission to the moon.CrowdStrike said its recommendations to organisations is that they need to strive to meet the 1-10-60 rule — detect within one minute, triage in 10 minutes and contain and remediate within 60 minutes. Nine out of ten global respondents said that they could not meet the timeline in addressing potential cyberattacks.The survey, the company said, investigated the attitudes and beliefs of those in charge of cybersecurity across organisations, and tracked how they were faring against sophisticated and well-equipped nation state attackers.