India's Cyber Experts Agree: Threat Is Moving Faster Than Response

Experts at GovSec 2026 assert that prevention alone is insufficient; resilience has become the new standard.

MITSloan ME Editorial

Topics

  • News

    1. India's Cyber Experts Agree: Threat Is Moving Faster Than Response

    2. Google Unveils AI Chips for Training and Inference

    3. India Sets New Rules for Online Gaming

    4. Infosys Teams With OpenAI to Scale Enterprise AI

    5. India Moves to Build Military AI at Home: Report

    6. SpaceX Wins Option to Buy Cursor for $60 Billion Before IPO

    • Attackers are moving faster than ever—and defenders have less time to react. In 2025, the average “breakout time,” or the gap between an initial breach and lateral movement within a system, dropped to just 29 minutes—a 65% acceleration from the previous year. At the extreme, the fastest recorded breakout took only 27 seconds, underscoring how quickly intrusions can escalate, according to a CrowdStrike report.

    As technology enhances human and machine capabilities, it also expands the threat landscape. 

    Much like other economies, India’s digital transformation is accelerating at an unprecedented pace. It is being powered by citizen services moving online, public infrastructure becoming interconnected, and government data systems scaling to serve the masses.

    With this ambition comes threats, and eventually, responsibility.

    On April 23, the Data Security Council of India, along with the Ministry of Electronics and Information Technology, the Ministry of Statistics and Program Implementation, NCIIPC, Aadhaar, and the National Informatics Center, organized GovSec 2026 to bring together senior officials, CISOs, policymakers, and technology leaders for a strategic dialogue on securing India’s digital future.

    Four themes stood at the center of conversations: the security challenges of digitizing public services at scale; building government capacity to withstand emerging threats; creating trusted, resilient digital infrastructure; and the changing role of the CISO in an increasingly complex threat landscape.

    Building Government-Citizen Trust

    As of early 2026, 19 Indian states and UTs have fully digitized land records, enabling citizens to download digitally signed, valid documents. Manipur is among the states currently building credibility from the ground up. “We want to ensure that the people trust us with their documents, so that the credibility of the government is not lost. Once credibility is lost, it’s very difficult to retain,” said Somorjit Salam, IT Secretary, Govt. of Manipur.

    According to the Digital India Land Records Modernization Program, Chandigarh emerged as the top performer, achieving 100% completion of core digital components. Other notable performers included Tripura, Tamil Nadu, Andhra Pradesh, and Gujarat. 

    When the government rolled out DigiLocker and Aadhaar, the primary goal was accessibility and mass adoption—what Padma Jaiswal, IAS, Special Secretary (Administrative Reforms), GNCTD, calls “phase one” of digitalization.

    “As we move into phase two of digitalization, the focus is shifting from reach to trust. The infrastructure has been adopted at scale, and the next imperative is to build an architecture that embeds trust and is resilient to the cybersecurity challenges of today,” she said. 

    The Criticality of Platformization 

    As government systems become increasingly intricate, the difficulty in ensuring their security likewise intensifies—a challenge well understood by the private sector. Currently, the typical enterprise employs between 45 and 75 security tools concurrently, resulting in fragmented visibility rather than comprehensive protection.

    For Swapna Bapat, MD, Palo Alto Networks, platformization is important today and in the future. “On average, we see 28-plus tools deployed across every customer environment we work with in India. What we have found is that organizations that have embraced platformisation gain something critical—a single place to see everything. Imagine all your signals—from the endpoint, the cloud, the application—converging into one place to give a view of what is happening in your environment.”

    “It is important because all good enterprises assume breach. There is no way you can ever claim that I will never be breached or that I have the best security in the world. When you live in the mindset of assumed breach, you will need to ensure that when the information is coming into one place, it is switched quickly, and your mean time to detect is extremely low,” she added.

    The sentiments are echoed by Rajesh Thapar, CISO, NSE, who attributes much of the private sector’s cybersecurity maturity to government efforts. 

    “Today is the world of platformization and tools consolidation. A single platform in isolation may not be enough—so the question to ask is: where can I consolidate my tools, where can I consolidate my controls, and what legacy technologies am I holding on to that no longer match the risks of today?” he said. 

    Resilience as a Core 

    For Lokesh Garg, Director General, NCIIPC, this is a defining moment. The rapid adoption of artificial intelligence, automation, cloud, and quantum technologies is not just reshaping how we work—it is fundamentally redrawing the boundaries of governance and security.

    “In this environment, cyber resilience is no longer a technical aspiration, but has become a strategic necessity,” he added.

    Governments are rapidly adopting emerging technologies at scale. Simultaneously, the risks are growing in three specific ways—they are moving faster, larger in scope, and harder to see and understand—resulting in a new and more dangerous threat environment.

    How do institutions at large tackle the impending threat? 

    Jaiswal points out the real vulnerability, “We are moving from securing systems to securing data—because it is the data that can be leveraged, sold on the dark web, and monetized. And as Indians, we tend to overshare. We share OTPs without a second thought. That is why awareness and education are critical. We need to become data minimalists, sharing only what is absolutely necessary.”

    “Cybersecurity should be seen as a practice, rather than a tool or a functionality,” noted Vinod Ramakrishnan of Sisa, a global forensics-driven cybersecurity company specializing in payment security.

    As the country shifts from building digital systems to protecting them, the real work goes beyond technology and calls for a mindset, one where citizens think before they share, and governments that plan for the worst even when things seem fine.

    Topics

    About the Author


    View More

    Tags:

    More Like This

    You must to post a comment.

    First time here? : Comment on articles and get access to many more articles.