India’s cybersecurity inflection point: How AI, resilience and talent redefined defence in 2025

As India’s digital economy accelerates, 2025 has emerged as a defining year for cybersecurity—marked by a sharp escalation in threat sophistication and a growing recognition that resilience, not just protection, is the new benchmark of preparedness.

According to Harish Soni, Resiliency and Security Practice Leader at Kyndryl India, the country’s cybersecurity landscape is grappling with a widening gap between rapidly evolving, AI-driven threats and organisational readiness. Insights from the Kyndryl Readiness Report 2025 underline this reality: while 88% of Indian organisations have already experienced a cyber-related outage, only 35% believe they are fully prepared to handle future risks.

The rise of AI-driven and supply-chain attacks

The threat environment in 2025 has been defined by three dominant patterns. First, cybercriminals are increasingly leveraging AI to automate malware, execute deepfake-enabled phishing campaigns, and exploit supply-chain vulnerabilities at scale. These attacks have been particularly damaging for high-value sectors such as government, healthcare, BFSI, and critical infrastructure.

Second, ransomware continues to evolve beyond simple data encryption. Attackers are combining data theft, system lockouts, and high-stakes extortion, turning operational disruption into a strategic weapon. Third, vulnerabilities across cloud environments and digital supply chains—ranging from misconfigured APIs to compromised hardware—have opened stealthy pathways for attackers to infiltrate mission-critical systems.

In response, enterprises are shifting away from fragmented tools toward integrated security platforms that provide unified visibility and control. Customers are prioritising Zero Trust Network Access (ZTNA), governance, risk and compliance platforms, and API security as they seek to modernise their cyber defence architecture.

Cyber resilience takes centre stage

For organisations managing complex, mission-critical IT environments, prevention alone is no longer sufficient. Kyndryl’s approach increasingly centres on cyber resilience—embedding AI and machine learning into security architectures to predict threats, detect anomalies in real time, and act before damage occurs.

Platforms such as Kyndryl Bridge play a pivotal role by unifying telemetry across environments, enabling early anomaly detection and predictive security at scale. This is reinforced by a Zero Trust framework that continuously validates every access request, regardless of origin.

Attack Surface Management (ASM) has also become central to enterprise defence strategies, allowing organisations to continuously identify, assess, and reduce vulnerabilities across networks, applications, cloud environments, endpoints, and even human risk factors.

Zero Trust: Progress and persistent misconceptions
Zero Trust gained renewed urgency in 2025, driven by hybrid cloud adoption, remote work, and regulatory requirements such as India’s Digital Personal Data Protection Act (DPDPA). While many Indian enterprises have initiated Zero Trust journeys, adoption remains uneven.

A common misconception, Soni notes, is viewing Zero Trust as a single product rather than a comprehensive framework. Implementations such as ZTNA without strong identity and access management foundations often fail to deliver meaningful security. Mature adoption requires a top-down approach—starting with critical business applications and applying Zero Trust principles end to end.

Sectoral divergence in cyber maturity

Cybersecurity priorities varied significantly across industries in 2025, closely mirroring the pace of digital transformation. BFSI led the adoption curve, moving beyond perimeter security to focus on continuous control monitoring, API security, and advanced governance and compliance frameworks.

Manufacturing, retail, and healthcare followed, with many organisations transitioning from traditional perimeter-based defences to strengthening internal security controls as digitisation deepened. While progress is visible, several sectors are still in the early stages of cybersecurity maturity.

Addressing India’s cyber skills gap

Despite technological advancements, skills remain India’s most pressing cybersecurity bottleneck. To address this, Kyndryl has partnered with government and industry bodies on large-scale skilling initiatives.

The Cyber Rakshak programme, in collaboration with Common Services Centres under the Ministry of Electronics & IT, aims to train 100,000 rural women as Cyber Security Ambassadors. To date, over 73,400 women across 18 states and 144 districts have been trained, creating both awareness and economic opportunity.

Meanwhile, Cyber Sainik—launched with the Data Security Council of India (DSCI)—focuses on building cyber awareness among school students, training 25,000 learners from grades 6 to 12 on online safety and cyber threats. Together, these initiatives are laying the foundation for a broader, more inclusive cybersecurity talent pipeline.

Strategic investments and responsible AI

In August 2025, Kyndryl announced a $2.25 billion investment in India over three years to modernise critical infrastructure, develop future-ready talent, and establish an AI Innovation Lab. This investment is closely tied to responsible AI governance, overseen by Kyndryl’s AI Governance Committee, which ensures transparency, fairness, and compliance across all internal AI applications.

Additional milestones include the launch of a dedicated cybersecurity skilling facility in Mumbai by the Kyndryl Foundation and DSCI, aimed at empowering underserved youth with hands-on training.

Looking ahead: The 2026 cyber outlook

As organisations look toward 2026, the next wave of cyber risks is expected to stem from deeper AI integration—ranging from advanced social engineering and automated supply-chain attacks to data poisoning of AI models themselves. Expanding cloud environments, IoT proliferation, and geopolitical tensions will further enlarge the attack surface.

Yet, there is cautious optimism. Accelerated IT modernisation, growing collaboration between government, industry, and academia, and a stronger emphasis on ethical AI and automation are equipping India to build a more adaptive and resilient cyber defence ecosystem.

For enterprises still struggling to modernise, the priorities are clear: strengthen secure access, network security, and endpoint protection—while recognising that cyber resilience is as much about people, processes, and governance as it is about technology.