Cybersecurity News in Asia

Amid rapid digitalization and lagging cybersecurity oversight, India buckles up

By Balasubramanian Swaminathan, IMAWS | Monday, December 22, 2025, 4:50 AM Asia/Singapore

Two native industry observers share their diagnoses and prognoses about inadequate monitoring, weak data controls, and regulatory delays.

While the government of India remains focused on protecting citizens from multiple online scams, including digital arrest and voice-based fraud, cyberattacks on enterprises continue to rise.

The country has faced significant ransomware challenges, with more than 340 victim organizations reported as targets by multiple ransomware groups, according to data from ransomware.live.

This reflects a growing threat landscape in India, with at least 73 distinct ransomware groups active against Indian entities.

Lack of clear stakeholdership

Recent prominent attacks have reportedly affected organizations such as Star Health, Aditya Birla Capital Digital (ABCD) App, Sant Parmanand Hospital (Delhi), NKS Super Specialty Hospital (Delhi), Kolkata Police Cyber Crime Wing, Nippon Life India Asset Management (NAM India), and the Central Bank of India.

Victims span multiple sectors, though the most-affected have been in banking, financial services, and healthcare — highlighting how cybercriminals exploit vulnerabilities across critical infrastructure and enterprises.

One major reason for the increasing enterprise attacks in India appears to be insufficient ownership of cybersecurity responsibilities. According to Balaji S, Director, Vyapini Tech Services, many organizations still assume that cyberattacks only involve ransomware or infrastructure breaches. He noted: “Weak cybersecurity practices can also contribute to broader real-world crimes. With India’s large, diverse population, healthcare data and analytics can be particularly valuable, underscoring the importance of robust security controls to protect sensitive information.”

Cyber regulation lagging behind digitalization

Financial institutions also remain sought-after targets because they store large amounts of confidential information, including customer details and financial data.

The growing use of digital payment systems, online trading, and even crypto investments after the COVID-19 pandemic has broadened the potential attack surface for cybercriminals.

Systems such as the Unified Payments Interface have accelerated digital transactions, but have also introduced new points of vulnerability.

Rapid digital adoption often forces organizations to integrate legacy systems with new cloud or fintech platforms, creating complex environments with inherent security challenges.

Gaps in monitoring and preparedness

According to Anand V, CEO, Raksha Technologies, many breaches in India can be attributed to inadequate monitoring rather than to any specific sectoral weakness.

While banking and healthcare draw attention, he observed: “All industries in India remain vulnerable. There has been a case involving an automotive company that faced serious disruption following a cyberattack. The cyber incident at Jaguar Land Rover had temporarily halted global production and caused significant financial losses.”

When taking such gaps in monitoring and preparedness amid furious post-pandemic digitalization, experts agree that cybersecurity requires organization-wide awareness rather than being limited to the role of the Chief Information Security Officer.

Are these positive measures enough?

One positive step taken by the government in response is the mandatory security audit for Micro, Small, and Medium Enterprises, introduced by the Indian Computer Emergency Response Team to ensure a basic level of defense across this critical sector. The audits fall under Section 70B of the Information Technology Act, 2000.

The government is also turning its attention to the Digital Personal Data Protection Act, expected to reshape India’s digital landscape. Citizens — referred to as Data Principals — will gain rights to have their data deleted or corrected and to control how their consent is used.

Organizations, defined as Data Fiduciaries, will be required to implement strict, verifiable security measures and publish clear privacy statements to ensure that data is processed solely for its intended purpose.

The country’s Data Protection Board will oversee compliance, reinforcing digital accountability as a core legal and business obligation for all entities operating in India.

Are these measures enough, or will the execution and regulatory vigor be enough to sustain positive results? Time will tell.

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

CybersecAsia Voting Placement

Gamification listing or Participate Now

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

Closing the Gap in Email Security:How To Stop The 7 Most SinisterAI-Powered Phishing Threats
Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
2024 Insider Threat Report: Trends, Challenges, and Solutions
Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
AI-Powered Cyber Ops: Redefining Cloud Security for 2025
The future of cybersecurity is a perfect storm: AI-driven attacks, cloud expansion, and the convergence …Download Whitepaper
Data Management in the Age of Cloud and AI
In today’s Asia Pacific business environment, organizations are leaning on hybrid multi-cloud infrastructures and advanced …Download Whitepaper

Middle-sidebar-banner

Case Studies

India’s WazirX strengthens governance and digital asset security
Revamping its custody infrastructure using multi‑party computation tools has improved operational resilience and institutional‑grade safeguardsRead more
Bangladesh LGED modernizes communication while addressing data security concerns
To meet emerging data localization/privacy regulations, the government engineering agency deploys a secure, unified digital …Read more
What AI worries keep members of the Association of Certified Fraud Examiners sleepless?
This case study examines how many anti-fraud professionals reported feeling underprepared to counter rising AI-driven …Read more
Meeting the business resilience challenges of digital transformation
Data proves to be key to driving secure and sustainable digital transformation in Southeast Asia.Read more

Bottom sidebar

Other News

Blackpanda Japan Announces Strategic Partnership with SoftBank to Strengthen Cyber Incident Response in Japan
Wednesday, February 11, 2026
SINGAPORE, Feb. 10, 2026 /PRNewswire/ …Read More »
Cohesity Collaborates with Google Cloud to Deliver Secure Sandbox Capabilities and Comprehensive Threat Insights Designed to Eliminate Hidden Malware
Saturday, February 7, 2026
Embedded Google Threat Intelligence capabilities, …Read More »
Shield AI, Republic of Singapore Air Force, and Defence Science and Technology Agency Expand Partnership to Progressively Field Autonomy Capabilities
Thursday, February 5, 2026
SINGAPORE, Feb. 5, 2026 /PRNewswire/ …Read More »
ICAC Commissioner attends APEC anti-corruption meetings in Guangzhou to foster collaborations in the Asia Pacific region
Thursday, February 5, 2026
HONG KONG, Feb. 4, 2026 …Read More »
VIVOTEK Enhances VORTEX with Generative AI and Safety Detection
Tuesday, February 3, 2026
Expanding the cloud security ecosystem …Read More »

Cybersecurity News in Asia

Featured

Where are financial fraud and AML regulations heading in S E Asia?

Featured

How AI is reshaping dating in Asia

Featured

Emerging third-party cyber risks via agentic AI