The State of digital and cybersecurity risks in India: Breaches, threat trends, and sectoral impact

India’s digital transformation has been among the fastest globally. With over a billion internet users and platforms such as Aadhaar, UPI, DigiLocker, and the rapid adoption of cloud computing, artificial intelligence (AI), and data-driven technologies, India has emerged as a digital-first economy.

Digital public infrastructure has enabled inclusion, efficiency, and innovation at unprecedented scale. However, this speed and scale have also significantly expanded cyber risk. Cybersecurity is no longer a concern limited to IT teams; it has become an enterprise-wide, societal, and national security issue.

This article examines the current state of digital and cybersecurity risks in India, drawing on recent breach incidents, sectoral exposure, and insights from published research, particularly the DSCI-Seqrite India Cyber Threat Reports.

An expanding attack surface

India’s digital economy contributes over 13 per cent of GDP and continues to grow rapidly. Digital payments process billions of transactions every month, while organisations increasingly rely on cloud platforms, SaaS tools, APIs, remote access technologies, and hybrid work models.

Supply chains are digitally integrated, and sectors such as healthcare, manufacturing, and logistics are becoming software-driven. This interconnected ecosystem has dramatically expanded the attack surface.

Threat actors exploit vulnerable endpoints, misconfigured cloud environments, insecure APIs, third-party dependencies, and human weaknesses through phishing, credential theft, and social engineering. The rapid onboarding of vendors often outpaces risk assessment and security controls. As a result, India consistently ranks among the most targeted countries globally for cyberattacks.

Threat landscape: Insights from DSCI-Seqrite

The India Cyber Threat Report 2025 highlights the scale and sophistication of threats. During the reporting period, over 369 million malware detections were recorded across 8.4 million endpoints. Malware accounted for more than 85 per cent of all detections, dominated by trojans, spyware, and downloader malware.

Ransomware attacks continue to rise, particularly in healthcare, education, manufacturing, and MSMEs, where operational disruption can force rapid ransom decisions. The most

targeted States include Maharashtra, Gujarat, Karnataka, Delhi, and Tamil Nadu, reflecting higher digital density and economic activity. Tier-1 cities such as Mumbai, Bengaluru, Delhi, and Kolkata remain persistent hotspots.

Karnataka alone recorded more than 11 million malware detections, including 1.8 million ransomware incidents, underscoring the heightened exposure of technology-intensive regions and the industrialisation of cybercrime targeting India.

Breach and incident trends

• Recent breach history indicates a shift from isolated incidents to recurring, systemic risk.
• 2022-2023 saw major telecom data leaks and widespread phishing campaigns targeting banks and fintech platforms.
• In 2024, ransomware disrupted healthcare operations and multiple government portals reported data exposure due to cloud misconfigurations, while CERT-In noted a sharp rise in incidents.
• By 2025, cybercrime volumes escalated further. Telangana reported over 17,000 ransomware cases, and cities such as Kolkata and Hyderabad disclosed cybercrime losses exceeding INR 200 crore. AI-enabled fraud, including deepfake impersonation, began appearing in high-value scams.

These events demonstrate that cyber threats are persistent business risks with cascading operational, financial, and reputational consequences.

Sector-wise exposure

Certain sectors face disproportionate risk.

• Financial Services remains the most targeted due to high transaction volumes, complex digital ecosystems, and extensive third-party dependencies. The RBI continues to warn institutions on outsourcing and AI-driven risks.
• Healthcare is a prime ransomware target due to legacy systems, sensitive data, and limited tolerance for downtime.
• Education faces high malware exposure driven by open networks and constrained security budgets.
• Manufacturing and Critical Infrastructure face rising risks from IT-OT convergence, supply-chain vulnerabilities, and geopolitical threats.
• Government systems hold vast citizen data repositories, making breaches especially
• damaging to public trust and governance.

Business, regulatory, and governance impact

The average cost of a data breach in India now exceeds INR 200 crore, including remediation, downtime, legal costs, and reputational damage. Organisations also face increased scrutiny under the Digital Personal Data Protection (DPDP) Act, including obligations around consent, breach notification, and accountability.

Cyber risk is now a board-level issue. Directors and senior management are expected to oversee cyber resilience, third-party risk, and incident response readiness. Regulators, insurers, and investors increasingly view cybersecurity maturity as a core component of enterprise risk management and ESG assessments.

Structural challenges and the way forward

Despite rising awareness, challenges persist. Human error remains a leading cause of incidents. Cybersecurity skills shortages constrain detection and response capabilities. Security maturity varies widely across sectors, leaving MSMEs particularly vulnerable.

Rapid AI adoption introduces new risks, including automated fraud, data misuse, and model manipulation. Long-term resilience will require stronger board-level cyber literacy, effective enforcement of data protection laws, sustained skills development, and deeper public-private collaboration. Cybersecurity must be embedded into business strategy rather than treated as a reactive function.

Conclusion

India stands at a critical point in its digital journey. The technologies enabling growth and inclusion are also amplifying cyber risk. Insights from the DSCI-Seqrite reports and real-world breaches make it clear that cybersecurity is now a strategic imperative. How effectively India addresses these risks will shape trust in its digital ecosystem and the sustainability of its digital future.

Writer is a seasoned technology and governance professional with over 37 years of leadership experience across digital transformation, cybersecurity, and business strategy. As a writer, he brings a practitioner’s perspective to complex technology and risk issues, translating them into insightful, boardroom-relevant commentary for business leaders and policymakers.; views are personal