Strengthening cloud security in India: Reducing cyber risk at internet exchanges

By Sudhir Kunder, Chief Business Officer, DE-CIX India

Picture a traveller rushing through a station concourse after stepping out of a taxi, hurrying toward the platform in the hope that the train will still be waiting. As anyone would, they reach for their phone to pull up the ticket app, only to find that it simply will not load. It is not a mobile network issue, since the signal is strong and steady, yet the digital ticket refuses to appear. Without that ticket, there is no seat reservation and no real-time update on the journey, and a last-minute platform change slips by unnoticed, leaving the traveller stranded on the wrong side of the station. What begins as a glitch in the digital world quickly becomes very real stress and disruption in the physical one.

Sudhir Kunder

Scenarios like this are becoming far more common as cyberattacks increasingly target the online services we depend on every day. A notable example occurred in early 2026, when a large-scale Distributed Denial-of-Service (DDoS) attack disrupted digital services operated by Germany’s national railway company, temporarily knocking out customer-facing applications and websites. This was not an isolated case, and in recent years similar large-scale DDoS attacks have repeatedly struck transportation providers, financial institutions, and public-sector organisations across the world. During an attack of this kind, thousands of compromised devices act in unison, flooding applications and websites with overwhelming volumes of traffic until the service buckles under the strain and legitimate users are simply locked out.

Digital infrastructure as the foundation of modern business

Streaming a film, reading the news, or buying a train ticket online are only the visible, everyday signs of a society that has quietly built itself on top of Internet connectivity. Beneath that surface, factories, offices, logistics networks, and financial systems all depend just as heavily on uninterrupted digital communication, and the research bears this out. The Internet Resilience Report 2025 makes clear that Internet and network outages carry immediate operational and financial consequences, with more than half of the companies surveyed reporting losses exceeding one million US dollars per month due to disruptions or degraded network performance.

India offers a particularly striking illustration of this dependency. With more than 950 million Internet users and one of the fastest-growing digital economies anywhere in the world, the country’s businesses are leaning ever more heavily on cloud platforms, digital payments, and online services to function. The success of the Unified Payments Interface, which now processes billions of transactions every month, shows just how deeply digital infrastructure has become woven into everyday economic life. Any disruption to connectivity, even a brief one, can therefore ripple outward with consequences that are both immediate and far-reaching.

Private connectivity for cloud-driven enterprises

Whatever the specific threat facing publicly accessible systems at any given moment, organisations whose applications, data, and core business processes depend on Internet connectivity would be wise to strengthen their infrastructure before a crisis forces their hand.

Cloud environments illustrate this point well. As enterprise workloads continue to migrate into third-party data centres and hyperscale cloud platforms, relying solely on the public Internet for connectivity introduces challenges that are easy to underestimate. Connections must be secured through VPNs, IPSec tunnels, and encryption technologies that demand constant administration, consume processing resources, and can end up limiting available bandwidth. At the same time, organisations have only limited control over the routes their traffic actually takes across the public Internet, and when data packets get forced onto inefficient paths, latency creeps up, performance suffers, and applications start to feel unreliable.

A few seconds of delay might be perfectly tolerable while streaming a video, but the same delay can have serious consequences for real-time business processes. Today’s cloud-based business models are built on the assumption of predictable performance, highly available connectivity, and robust security, and anything that slows down the flow of data has a way of slowing down the business itself.

Internet Exchanges enable secure data flows between enterprises and clouds

Internet Exchanges offer a compelling answer to these challenges. By acting as central meeting points where cloud providers, networks, and enterprises can connect, they make it possible for participants to exchange traffic directly with one another rather than routing everything through the open Internet.

When organisations exchange data privately through an Internet Exchange, they bypass the public Internet altogether, and this single shift significantly reduces latency while enhancing both security and control. Direct connectivity of this kind minimises exposure to the unpredictable routing decisions and external threats that can affect the public Internet at any moment.

For organisations running multi-cloud or hybrid-cloud environments, a software-defined routing service makes it possible to exchange data directly and securely between different cloud providers. Built on a private architecture that sits entirely apart from the public Internet, this kind of platform substantially reduces the risks associated with route hijacking, DDoS attacks aimed at transport paths, and man-in-the-middle attacks, regardless of geographical region, cloud provider, or the existing network infrastructure already in place.

SLA-based connectivity across multiple cloud environments

Organisations that adopt this approach can interconnect their cloud environments through a single platform, with traffic remaining private across infrastructure that is neutral to both carriers and data centres. This allows companies to retain full control over their routing paths while still benefiting from service-level-agreement commitments around bandwidth, availability, and latency.

Rather than juggling multiple individual cloud connections separately, enterprises can manage them centrally through one unified interface, which makes routing, monitoring, troubleshooting, and day-to-day operational management considerably more efficient. It also gives organisations real visibility into the data flowing between their cloud environments, so they can see exactly which systems are communicating with one another and how much traffic passes between them.

Crucially, none of this ties a business to specific providers or data centres. Companies can build flexible multi-cloud and hybrid-cloud architectures free from vendor lock-in and without being constrained by deployment location, since the platform connects to all the major global hyperscalers alongside a wide range of regional and specialised service providers.

Lower costs, greater control, and improved cyber resilience

Whether the driving force is regulatory compliance, industry-specific requirements, data sovereignty concerns, or broader geopolitical considerations, organisations increasingly want transparency over the exact paths their data takes between applications and cloud environments.

Internet Exchanges and virtual routing services provide a practical way to deliver that transparency. Organisations can define precisely which networks should carry their traffic and ensure that sensitive workloads stay within selected national or regional infrastructure whenever that is required, a level of control that has become increasingly relevant in markets like India, where data localisation requirements and ongoing discussions around digital sovereignty continue to shape technology strategy.

There is also a clear cost advantage to this approach, since moving data privately between cloud providers can help organisations reduce cloud egress charges, which often make up a significant share of operational expense in large-scale cloud deployments.

For many cloud users, the prospect of cutting costs while simultaneously strengthening cybersecurity and improving network performance presents a genuinely compelling value proposition. As PwC’s 2025 EMEA Cloud Business Survey points out, cloud adoption has reached critical mass across organisations, reinforcing its position as a foundation for business transformation and competitiveness in the years ahead.

CloudDE-CIX Indiasecurity
Comments (0)
Add Comment