Given the country’s massive multifaceted digital divides, is AI integration the timely antidote to correct rushed digitalization and repel AI-driven cyberattacks?
AI integration is now ramping up digital transformation. This can be a double-edged sword offering both benefits and challenges.
Although integrating AI into digitalization brings elevated efficiency, it also attracts threats of sophisticated cyberattacks such as deepfakes, malware, and phishing.
In India, the situation is complicated by the huge scale of the country, the broad divide between micro- and small- and medium- sized enterprises, and the abrupt pace of digitalization necessitated by the COVID-19 pandemic that has led to much-rushed modernization based on shaky foundations.
In the face of AI-driven cyberattacks from criminals around the world, using AI, organizations in the country need to fight back with AI-enabled defenses in 2025, according to Sujata S Iyer, Head, AI Security, ManageEngine.
CybersecAsia:How is cybersecurity taking the upper hand in an AI-powered world?
Sujata S Iyer (SI): Sophisticated cyberattacks can be broadly classified into two types: AI-assisted and AI-powered. Both these classes of attacks are prevalent and cause immense damage to the security posture of organizations.
According to “The Invisible Hand” a report by the Public Response Against Helplessness and Action for Redressal (PRAHAR), India will face cyberattacks at a skyrocketing rate, with the cumulative number of incidents predicted to reach 17 trillion by 2047.
Therefore, cybersecurity is the need of the hour for both individuals and enterprises. Considering the frequency and complexity of cyberattacks, users must realize the need for robust cybersecurity strategies and practices.
Nowadays, scammers often utilize phishing, one of the most exploited types of cyberattacks. Quishing, or QR phishing, is the improved version of these phishing attempts, where an unsuspecting user is fooled by a QR code that redirects the user to a malicious website. Both of these techniques are now extensively used by attackers in India to orchestrate larger malware or ransomware attempts.
Take the recent Kerala Police Scams, where fraudulent imposters attempted to steal sensitive data. Or the multiple instances of voice-based scams that are driven by technology like deep-fakes. Because they can be so convincing, many scam attempts can go completely unnoticed.
CybersecAsia: What are the ways CISOs in India can use AI as the antidote against AI-powered cyberattacks?
SI: As is the case for CISOs around the world, three key ways for AI to be integrated into cybersecurity are:
- Threat detection
Traditional cybersecurity technologies are rigid and bound by static conditions. This hinders organizations from detecting patterns in user behavior that are not noticeably different from the set threshold, but can still have a huge impact on overall security. This can be overcome by AI-powered detection, which is dynamic in nature and can have thresholds that are unique to each use case. Specialized tools — such as user and entity behavior analysis engines and behavior-based AI malware detection systems — detect anomalies and spot potential threats before the latter can infiltrate the network.
- Data analysis and threat intelligence
AI-driven data analytics proves to be efficient in handling huge volumes of data and deriving real-time insights. Leveraging these insights, a user can foresee possible attack attempts and prepare themselves accordingly through enhanced proactive measures. These proactive measures can lead to practices (such as allocation of proper resources, enhancement of existing tools, etc.) and improve cyber resilience.
- Response automation
When ambushed by sophisticated modes of attack, it is important to ensure that the organization’s response and remediation tactics are sufficiently advanced. AI-driven threat response mechanisms are promising, as they automate investigation processes, isolate affected systems, and contribute to reducing the time taken to cater to each aspect. This, in turn, increases the efficiency of cybersecurity teams, allowing them to be more vigilant of threats, and seamlessly mitigate any attempt to exploit vulnerabilities.
CybersecAsia: What do you recommend as AI-powered cybersecurity priorities for India’s enterprises in 2025?
SI: Cybersecurity is no longer just a technological mandate; it has become a business imperative that helps organizations sustain their success amid strong digitally-savvy competitors. Security has been traditionally ruled by static threshold and rules-based systems. Now that attacks are becoming more sophisticated, it is important to use AI to combat dynamic threats, especially in a huge country like India.
A comprehensive cybersecurity strategy does not just elevate the security posture, but also plays a crucial part in improving overall performance by enabling users to streamline their operations.
In addition to the above, a responsible and well-constructed AI-integration strategy for cybersecurity will also improve cost-effectiveness, boost reputation, and help in meeting compliance requirements and regulations.
CybersecAsia thanks Sujata S Iyer for sharing her professional insights with readers.
