New Delhi, Oct 23 (IANS): Startups and small and medium-sized enterprises (SMEs) remain the most vulnerable segment in India when it comes to cyberattacks, said a new eBook report.

Most common types of cyberattacks faced by startups and SME's are ransomware, cyptojacking, phishing, password targeting attacks and advanced persistent threat (APT) attacks, as per the findings in the recent handbook, titled 'Cybersecurity for SMEs & Startups' by CyberPeace Foundation (CPF), a leading civil society organisation.

The eBook not only reveals key findings of cybersecurity vulnerabilities in the Indian startup & SME ecosystem but also recommends best practices to avoid the same.

"To know how to defend yourselves or your organisation, it is important to understand how the attacks happen and what methodology do cyber predators use to harm organisations," National Cyber Security Coordinator Rajesh Pant said while launching the eBook on Thursday.

The most common forms of cybersecurity challenges faced by startups are negligence by employees and employee mobility, according to the report.

The most common forms of employee negligence which lead to cyberattacks including data breaches are accidental loss of the device containing confidential data, leaving the workstation unprotected or unattended, sharing confidential information such as passwords via paper notes and remote working using an unsecured or public network connection.

Moreover, the report noted that most employees tend to use personal unsecured devices to do work which results in data breach.

"On one hand India is the third largest startup nation in the world while on the other hand majority of Indian startups and SMEs routinely disregard cybersecurity," said Vineet Kumar, Founder and President, CyberPeace Foundations.

"The challenge is exacerbated by SMEs who may not have the knowledge or understanding of cybersecurity.