With government continued emphasis on e-governance and digitalisation, India’s digital economy is expanding faster than almost any in the world. But beneath that success story lies a quieter, more complex race — not just to innovate, but to stay safe while doing so. As cyberattacks grow in frequency and sophistication, executives across sectors agree that cybersecurity has become less a technical matter and more a test of national and corporate discipline.
“In today’s hyperconnected business environment, cybersecurity is no longer just an IT concern, it is a core business imperative,” said Jayesh Shah, Director, Orient Technologies. For him, the challenge is not just about fixing vulnerabilities but about instilling “awareness and proactive defence,” where companies “stay one step ahead in a world that never stops evolving.”
That idea — that security is an evolving state rather than a static checklist — recurs across industries. Each operates with different risks, yet the conversations converge on the same concern: that India’s rapid digitalisation, unless matched by maturity in cyber governance, could make its progress fragile.
From hospitals to payments, trust is the new currency
Few sectors reveal this tension more starkly than healthcare. Arvind Vaishnav, Head of Philips Innovation Campus, said patient data has become “one of the most valuable assets in today’s digital economy”, yet hospitals remain prime targets for cyberattacks. “A single breach can disrupt hospital operations, attract regulatory fines, erode public trust and most importantly compromise patient safety,” he said.
Healthcare’s interconnectivity — from AI diagnostics to connected devices — mirrors what is happening across finance and e-governance: systems built for access are now tested for resilience.
Sameer Goyal, Senior Director, Acuity Knowledge Partners draws a parallel with banking. India’s financial platforms, he said, operate “in a real-time, API-driven world of instant payments, open platforms and expanding third-party integrations”. This speed widens the attack surface, demanding what he calls “trust as currency”.
“In digital life, trust is our currency,” Goyal said. His point: digital progress depends less on how fast systems can transact and more on how securely they can. Like Philips’ focus on secure-by-design healthcare devices, banks are now using zero-trust frameworks and behavioural analytics to monitor anomalies in real time — not because compliance requires it, but because customer confidence does.
Both sectors illustrate a common paradox. The same technologies that connect billions also multiply vulnerabilities. Pratik Shah, Managing Director, India & SAARC, F5 said that adversaries are “no longer knocking at the perimeter — they’re already inside the applications and APIs that run our digital economy.”
According to him, as generative AI enables more sophisticated attacks, the contest between defenders and intruders is becoming a contest of intelligence itself.
AI’s promise and peril for cybersecurity
If digital trust is the currency, AI has become both the mint and the counterfeiter. It powers prediction and automation but also drives synthetic fraud, deepfakes and manipulated content.
Venkatesh Subramaniam, Chief Information Security Officer (CISO) at Mindsprint, said, “As AI blurs the lines between innovation and risk, and penetrates into every business function, cybersecurity can no longer remain a reactive function — it must evolve into a predictive discipline.”
That evolution is visible in corporate investment patterns. Firms are embedding AI into detection and response systems, yet are also racing to govern its risks. Ashish Biji, Partner for Cybersecurity at BDO India, warns that the “open doors to new types of risks” — from unintentional data exposure to manipulated algorithms — make risk management about accountability, not restriction. Frameworks like NIST‘s AI Risk Management and ISO 42001, he said, can help “build confidence in AI while safekeeping people, systems and data”.
But Biji’s other caution is human: “No matter how advanced systems become, humans still play the most important role in cybersecurity.” He pointed out that attackers are already using AI to clone voices and create fake videos, turning social engineering into a precision craft.
“Practices like using strong passwords, updating software, and enabling multi-factor authentication are small but powerful steps,” he said. “Security isn’t only the IT team’s job anymore — it involves everyone’s behaviour.”
Culture of vigilance
If there is one thread tying together insights from sectors as varied as healthcare, finance, and cloud computing, it is the sense that cybersecurity must be embedded, not added. Vasanthi Ramesh, Vice President of Engineering and Site Leader, NetApp India calls this “hardwiring intelligence into enterprise data infrastructure.”
Her company’s State of Cyber-Resiliency report found a 500 per cent rise in incidents over the past decade and persistent gaps in recovery. The solution, she argues, lies in automation: embedding AI-driven detection “at the storage layer” so that defences become systemic, not reactive.
Rohan Vaidya, Area Vice President at CyberArk, frames the challenge differently. As automation spreads, “machine identities now far outnumber human ones, yet they remain severely under-protected.”
His concern is not just access, but oversight — that invisible credentials and expired certificates could trigger large-scale outages. “Even minor missteps,” he said, “can lead to major breaches.”
Across these views runs a shared conviction that cybersecurity awareness months, while symbolic, are reminders of unfinished work. Amit Luthra, Managing Director, Lenovo ISG India put it bluntly: “The conversation on cybersecurity can no longer sit at the margins of strategy.” His argument, echoed by others, is that resilience must precede innovation, not follow it. “The real test for enterprises is not how fast they can react, but how well they can anticipate,” he said.
In practice, that means treating security as infrastructure, not insurance. It means seeing employees not as weak links but as the front line and recognising that in an interconnected economy, no sector can be secure in isolation.
As Golok Kumar Simli, President for Technology and Innovation, BLS International rightly put it: “In an economy where billions of digital identities already interact each second, the challenge is not just to defend networks but to defend trust itself.”
