As India enters an AI-first era in 2026, enterprise security readiness has become a boardroom priority. With AI embedded across operations, cloud, data, and digital infrastructure, organisations face rising risks from cyber threats, deepfakes, and regulatory pressure –
Moving into 2026, we find the stakes for enterprise security becoming higher than ever. Organizations are increasingly recognizing that AI adoption brings not only transformative opportunities but also new and sophisticated threats.
As a result, enterprise security readiness has moved to the top of the boardroom agenda, with leaders focusing on strategies that combine advanced threat detection, adaptive defenses, and compliance frameworks. Protecting critical data, digital assets, and operational continuity in an AI-driven environment is no longer just an IT responsibility, but has become a strategic business imperative that demands executive oversight and cross-functional collaboration.
Microsoft’s 2025 Threat Intelligence report points out that AI-assisted cyberattacks have increased across at least four government-backed actors with entities automating their attacks and exploiting cloud systems faster than humans can respond. The Ponemon Institute meanwhile, reports that downtime for large enterprises can cost up to $9,000 per minute, which can add up to significant losses.
SECURITY TRENDS TO LOOK OUT FOR IN 2026
According to Grant Bourzikas - CSO, Cloudflare, in 2026, AI will shift from an attacker's “helper” to an autonomous force multiplier, fundamentally rewiring how cyberattacks work. While the past year was filled with AI’s contributions to basic malicious activities like social engineering, deepfakes, business email compromise and more, 2026 will see a continuation of these activities, but on a larger scale.
In other words, 2026 will be the year of real AI attacks. Threat actors will predominantly shift to launch malicious campaigns through vibe coding – exacerbating the speed and delivery of execution. They will increasingly use AI as a teacher or trainer to help them do reconnaissance, but not because they don't know how to launch a low-level attack.
Grant further adds that in 2026, one of the largest barriers to securing an organization will be wasted on tech that is old and antiquated. For most organizations, negotiating the renewal of security vendors is increasingly expensive, and one of the biggest headaches that CISOs face. Software inflation is at an all-time high, which now points towards hefty increases in renewal rates for 2026.
But are the tools we renew even necessary to combat today’s threat actors? As the attack surface grows – with novel vulnerabilities discovered daily, alongside emerging threat actor groups, tactics and malware – CISOs must focus on eliminating tools that pose risks vs. adding additional tools to address risks.
Another area of concern is the compliance and the regulatory landscape. Regulatory pressures, like with the recently enacted Digital Personal Data Protection Act, 2023 (DPDP Act) in India mandates consent-based processing, data minimization, 72-hour breach notification, and strict compliance by 2026-2027, with penalties up to ₹250 crores. Enterprises and corporate houses are compelled to face strict, enforceable accountability for data fiduciaries, including mandatory breach reporting and, in many cases, localized data storage.
Having said that, enterprises therefore want a security foundation that allows them to innovate rapidly without creating new compliance concerns.
----------------------------------------------------------------------------------------------------------------------------------------
Security: AI to supercharge cyber threats across APAC
REUBEN KOH
DIRECTOR OF SECURITY TECHNOLOGY & STRATEGY AT AKAMAI
“AI is fundamentally changing the economics of cyberattacks in APAC. Adversaries are no longer scaling through manpower, but rather through automation. Leaders can’t rely on human-paced defenses in a machine- paced threat environment. In 2026, security teams need to operate at the same velocity as the attackers by detecting, analyzing, and containing threats in real time. This starts with modernizing API governance, investing in automated threat containment, and strengthening resilience across supply chains. Organizations that make this shift early will be the ones to better protect customer trust and maintain business continuity in
an evolving AI-driven threat landscape.”
COMPRESSED ATTACK TIMELINES DUE TO AUTONOMOUS AI
We anticipate a fundamental shift in how cyberattacks unfold in APAC in 2026 with faster, more automated and increasingly self- directed threats powered by AI. Attackers will leverage both generative AI and autonomous AI capabilities that can scan for weakness, test entry points and launch exploits with minimal human involvement. This machine-driven model compresses the timelines of breaches that once unfolded over weeks to within hours, raising risk across high-value digital markets such as Singapore, Korea and Japan.
THE FULL DEMOCRATIZATION OF RANSOMWARE
Ransomware will become fully commoditized in 2026, transforming into a mass-scale cybercrime economy. With off-the-shelf Ransomware-as-a-Service subscriptions, AI-powered “vibe-hacking,” and growing collaboration between cybercriminals, hacktivists, and state-aligned actors, launching an extortion campaign will require far less expertise than before.”
-----------------------------------------------------------------------------------------------------------------------------------------
Building a stronger security ecosystem through OEM–Partner synergy
MANISH ALSHI
SENIOR DIRECTOR, CHANNELS & ALLIANCES, CHECK POINT SOFTWARE TECHNOLOGIES INDIA & SOUTH ASIA
“Our approach for 2026 is firmly built around a prevention-first, AI-powered security model that can operate at the scale and complexity Indian organisations face today. At Check Point Software, AI is embedded across all of our solutions, powered by ThreatCloud AI, which uses more than 55 AI and machine-learning engines to analyse global threat telemetry and make billions of security decisions daily.
For CIOs and CISOs managing hybrid data centres, multi-cloud environments, large branch networks, and OT/IoT deployments, we are focusing on automation and consolidation — reducing tool sprawl while delivering consistent protection across network, cloud, email, endpoints, and collaboration platforms. For partners, this evolution creates opportunities to deliver simplified architectures, managed security services, and AI-driven SOC capabilities, helping customers modernize security without adding operational burden.
CHALLENGES & LIMITATIONS
One of the biggest gaps in India today is the difference between alert-driven security and outcome-driven security. Many enterprises still operate tools that generate large volumes of alerts but lack the automation and orchestration needed to respond at machine speed. Another major gap is operational complexity. Large Indian organisations often run dozens of disconnected security products across legacy infrastructure and modern cloud platforms. Finally, customers are demanding stronger alignment with local regulatory and governance requirements, including India’s DPDP Act, as well as clearer guidance on responsible AI usage. Enterprises want security solutions that are not only AI-powered, but also transparent, compliant, and partner-enabled. This is where OEMs and partners must work together — combining technology, local expertise, and services.”
----------------------------------------------------------------------------------------------------------------------------------------
Identity Resilience emerges as the backbone of AI-Driven Enterprises
BALAJI RAO
AREA VICE PRESIDENT, INDIA & SAARC, COMMVAULT
“As Indian enterprises accelerate toward an AI-first future, security readiness is emerging as a leadership priority rather than a purely technical concern. In the Agentic Future, where humans and AI act with greater autonomy and intention, security must extend beyond systems to the integrity of data, decisions, and outcomes. Concurrently, conversational AI is transforming how resilience is designed and executed. Teams can now assess recovery readiness, enforce policy, and manage protection across cloud, SaaS, and hybrid environments through intuitive, real-time interaction rather than manual orchestration. At the same time, protected data is being activated as a strategic AI asset, accessed through governed data environments that enable secure, compliant, and trustworthy AI adoption at scale. In India, this transformation is shaped by rapid cloud adoption and the Digital Personal Data Protection Act, where explicit control over data location, access, and recoverability is foundational to enterprise trust. This has prompted organisations to fundamentally rethink how recovery success is defined. At Commvault, we deliver this balance through Commvault Cloud capabilities, including Cleanroom Recovery, ThreatWise, and Cloud Rewind, enabling AI-driven threat detection, clean recovery validation, and policy-based data controls across cloud, SaaS, and hybrid environments.
CONTINUITY AND SECURITY IN AN AI-FIRST WORLD
Looking ahead, resilience, sovereignty, and quantum readiness are converging into an architectural foundation for long-term trust. As AI becomes deeply embedded across business processes, identity resilience will become central to continuity and security, ensuring that trusted users, machines, and autonomous agents remain verifiable throughout recovery and operational workflows. Preparing encryption and recovery architectures for a post-quantum future will be essential for organisations that aim to govern complexity, sustain confidence, and lead responsibly in an increasingly cloud-first economy.”
--------------------------------------------------------------------------------------------------------------------------------------------
India entering an era dominated by AI agents and a complex digital workforce
ROHAN VAIDYA
AREA VICE PRESIDENT, INDIA & SAARC, CYBERARK
"Identity security will be central to the conflict between human adaptability and technological advancement in 2026. India is entering an era dominated by AI agents, shrinking certificate lifespans, hardware scarcity, and an increasingly complex digital workforce. In this new reality, trust will be just as important as innovation for building resilience. The first major shift will come from shorter certificate lifecycles. Starting in March 2026, the maximum validity for digital certificates will drop from 398 to 200 days, and Indian businesses will struggle to adapt as many are still manually managing certificate lifecycles. This will result in outages driven by expired certificates or unmanaged machine identities.
Autonomous AI agents will become a standard part of business workflows. As Indian companies adopt frameworks like the Model Context Protocol, identity will become the main control point. It will be the only reliable "kill switch" when an AI agent acts unpredictably or gets compromised. The benefits of AI won't be available to everyone. Limited access to advanced chips, rising cloud costs, and data center limitations will strengthen the dominance of major tech companies. For many Indian organisations, scaling AI will be a privilege, not a standard capability. Human behavior will also be a key factor. Economic pressures will likely increase financially motivated insider threats. The use of unauthorized "shadow AI" tools will grow faster than companies can create rules to manage them. It will become harder to spot false information and social engineering attacks as AI-generated content becomes common.”
-------------------------------------------------------------------------------------------------------------------------------------------
AI solutions becoming more Agentic to strengthen Security Operations
AJAY KUMAR JOSHI
COUNTRY HEAD, ESET INDIA AND THE SAARC REGION
“Cybercriminals are increasingly using automation and intelligent tools to scale their operations, making threats faster, more targeted, and harder to identify. In response, we are continuing to develop and refine our AI capabilities, with a focus on becoming more agentic over time to better support security teams. ESET is making major investments in advanced threat research and telemetry, and this helps the company to identify new attack methods early on and use that information in all of its products and makes it possible to respond to new threats more quickly. Our system still heavily relies on human expertise in addition to automation. ESET
helps businesses improve their security posture against increasingly complex and automated cyber threats via deep research, ongoing monitoring and adaptive detection.
With the goal to help businesses to accept new technologies and adapt to growing breaches without impeding innovation, we incorporate security into the very foundation of our solutions. In order to help customers, accomplish compliance goals and confidently report on their security posture, we also link our solutions with known industry standards and regulatory regulations. With scalability being the primary focus, our solutions can be deployed across small, medium and large businesses while maintaining performance.
MEETING CUSTOMER EXPECTATIONS IN AN AI-DRIVEN ERA
Simplicity and clarity are two major areas where OEM security capabilities and customer expectations differ. Customers expect instant threat visibility and precise instructions on how to react. There has also been a growing need for uniform security across cloud workloads, hybrid workflows and endpoints. Businesses find it difficult to gain a comprehensive understanding of risk when security functions in divisions.”
--------------------------------------------------------------------------------------------------------------------------------------------
Dependence on Fragmented, Legacy Security Solutions is no longer the option
PRATIK SHAH
MANAGING DIRECTOR – INDIA & SAARC, F5
“As we stand in 2026, the AI-led transformation is no longer a future concept for Indian enterprises; it's a reality that is fundamentally reshaping their digital landscape. This has created a new battleground where both innovation and threats operate at machine speed, primarily targeting the applications and APIs that power these new services.
The era of relying on siloed, legacy security tools is over. They simply cannot provide the necessary context, performance, or consistent policy enforcement required to protect today's distributed, AI-driven architectures.
At F5, we believe that security must be as agile and intelligent as the applications it protects. Our approach is to provide a unified platform that integrates high-performance traffic management with advanced web and API protection, bot defense, and AI-aware controls. This enables Indian enterprises to embed security and performance into the very core of their digital services, allowing them to innovate confidently, meet compliance demands, and scale securely to maintain digital trust and drive growth”.
---------------------------------------------------------------------------------------------------------------------------------------
Cybercrime’s new era: Automated, Intelligent, Scaled
VIVEK SRIVASTAVA
COUNTRY MANAGER, INDIA & SAARC AT FORTINET
“To combat the escalating threat of AI-driven cybercrime—including malware and deepfakes generated by tools like FraudGPT and ElevenLabs—Fortinet has launched expanded AI-powered solutions to empower organizations to stay ahead of threat actors and insider risks while ensuring users, data, and productivity remain secure. Fortinet Secure AI Data Center solution is the industry’s first end-to-end framework purpose-built to protect AI infrastructures. Designed to secure the full AI stack—from data center infrastructure to applications and large language models (LLMs)—the solution delivers advanced AI threat defense with ultra-low latency.
The Fortinet Secure AI Data Center solution offers protection for AI workflows and GPU clusters, utilizing ASIC acceleration and quantum-safe security. This framework unifies segmentation, LLM guardrails, and granular application defense under a single management plane, aiming to prevent data leakage and ensure compliance while maintaining performance and operational simplicity.
THE INDUSTRIALIZATION OF CYBERCRIME
Cybercrime is entering its industrial age, defined by automation, AI agents, and unprecedented scale. Defenders will now face adversaries organized for scale and speed. The challenge will no longer be simply detecting or blocking individual attacks, it will be to keep pace with an ecosystem that operates as an industry. To respond effectively, security programs must apply the same level of operational discipline, automation, and coordination that adversaries use to scale their offense. AI and automation will not replace defenders but will redefine their roles. Analysts will need to operate as system architects and decision-makers, guiding machine-speed operations through context, intuition, and oversight.”
----------------------------------------------------------------------------------------------------------------------------------------
THANGARAJ PETCHIAPPAN----------------------------------------------------------------------------------------------------------------------------------------------
VIKASH YADAV------------------------------------------------------------------------------------------------------------------------------------------
PRAVEEN PATIL KULKARNI
HUZEFA MOTIWALA,----------------------------------------------------------------------------------------------------------------------------------------
Moving beyond Reactive Monitoring towards Proactive and Resilient Security
DIPESH KAURA
COUNTRY DIRECTOR- INDIA & SAARC, SECURONIX
“At Securonix, AI has been central to our security operations for more than a decade, well before generative AI entered the mainstream. We have long applied machine learning and behavioral analytics to help organizations detect threats that traditional, rule-based approaches often miss. What is changing today is the role AI plays. As attackers increasingly use AI to move faster and evade controls, security teams can no longer rely on AI only to assist with detection. The focus is shifting toward greater autonomy, where AI helps anticipate risk, reduce manual effort, and act at machine speed, while keeping humans firmly in control.
Looking toward 2026, Securonix is evolving from AI-augmented detection to agentic AI–driven security operations through our Unified Defense SIEM. This is supported by a native cloud data lake with a full year of hot, searchable data, providing visibility before, during, and after an incident. The result is a shift from reactive monitoring to proactive, resilient security operations.
CHALLENGES & GAPS
OEMs typically secure their own environments effectively, but that level of control does not always extend to third-party vendors that operate independently. This creates gaps in the supply chain, where a single weak link can expose the broader OEM ecosystem to risk. There is also a growing expectation for unified, single-pane-of-glass visibility across the full environment. In addition, while customers expect tools that support investigation and response, several OEM offerings stop at alert generation, leaving security teams to manually piece together context and take action.”
-----------------------------------------------------------------------------------------------------------------------------------------
SUNIL KR. SHARMA,----------------------------------------------------------------------------------------------------------------------------------------
HARIKRISHNA PRABHU-----------------------------------------------------------------------------------------------------------------------------------------
GANESH IYER--------------------------------------------------------------------------------------------------------------------------------------------
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
