India Is Missing From the AI Security Order — And That Must Change

By Dr. Deepak Kumar Sahu, Founder & CEO- Faceoff Technologies Inc.

On May 11, 2026, two seismic events occurred simultaneously in the global cybersecurity landscape. OpenAI launched Daybreak, its autonomous security research platform, while Google's Global Threat Intelligence Group confirmed the world's first AI-built zero-day exploit discovered in the wild. Quietly operating in the background since April, Anthropic's Claude Mythos Preview had already identified over 10,000 critical vulnerabilities under the classified Project Glasswing initiative. Korean chaebols, NATO member states, and the European Union Agency for Cybersecurity (ENISA) are all named Glasswing partners. India — a G20 economy, the world's third-largest internet user base, and a declared sovereign technology power — appears nowhere on that list. This is not an administrative oversight. It is a structural signal about India's position in the emerging AI security order.

The implications of India's absence are profound and immediate. AI-augmented vulnerability research has fundamentally compressed the timeline from vulnerability discovery to exploitation — what once took skilled human researchers weeks now takes autonomous AI systems minutes to hours. The LiteLLM supply chain breach demonstrated precisely how this new threat landscape operates: attackers didn't break through perimeter defences — they exfiltrated API keys embedded in AI integration layers, exploiting the non-human identity attack surface that most Indian enterprises have never formally audited. Every AI API call, every SDK integration, and every MCP connector in an Indian enterprise is now a potential SANDCLOCK vector — and most security teams don't yet have the vocabulary to describe the risk, let alone detect it.

Indian CISOs must begin with an immediate audit of their AI integration attack surface. The LiteLLM compromise was a masterclass in how modern breaches unfold — not through brute force but through the quiet exfiltration of cloud secrets, GitHub tokens, and AI provider credentials. Non-human identities represent the fastest-growing unmonitored attack surface in Indian enterprises today. Every credential embedded in an AI workflow, every service account with excessive permissions, every orphaned API key is a live vulnerability waiting to be weaponised. Implementing formal NHI governance frameworks is no longer a future-state aspiration — it is an immediate operational necessity.

The threat modelling discipline Indian enterprises have relied upon for a decade is no longer fit for purpose. Traditional security programmes — scan at CI, penetration test before release, patch after disclosure — were designed for a threat environment where human attackers operated at human speed. AI-generated exploits leave distinctive fingerprints: code patterns, structural signatures, and generation artefacts that trained detection systems can identify. SIEMs across Indian enterprises do not yet know how to hunt for these signals. Security leaders must urgently invest in upskilling their threat intelligence functions to recognise and respond to LLM-generated attack patterns before adversaries capitalise on this detection blindspot.

India urgently needs its own sovereign Glasswing equivalent — an AI-augmented vulnerability disclosure programme built on Indian-origin models, operated under DPDPA jurisdiction, and explicitly covering Indian critical infrastructure sectors including banking, telecoms, power grids, and government digital services. CERT-In and MeitY must be engaged immediately to architect this programme. The argument for sovereignty is not ideological — it is strategic. A nation that depends on foreign AI security infrastructure to protect its own critical systems has outsourced a foundational element of national security. India has the technical talent, the regulatory framework, and the institutional capacity to build this. What has been missing is urgency.

The Indian enterprise does not have a technology deficit — it has a sovereignty deficit. The global AI security order is being constructed right now, and the architectural decisions being made today will determine which nations have genuine agency over their own digital futures. India's absence from Project Glasswing must serve as a catalyst, not a footnote. Every day that Indian enterprises continue treating AI security tools as optional procurement decisions rather than mission-critical infrastructure is a day the gap widens. The old playbook is broken. The new one requires sovereign AI security capability, NHI governance, AI-native threat detection, and the political will to demand India's rightful place at the table of global AI security leadership.