SecurityBrief India - Technology news for CISOs & cybersecurity decision-makers
India

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Indian it professionals monitoring digital cloud shield cybersecurity
#
Data Protection
#
Ransomware
#
Cloud Security

AI & cloud security top Indian cyber spend as risks rise

Wed, 19th Nov 2025
Author image
By Shannon Williams, News Editor

Artificial intelligence and cloud security have emerged as the principal focus areas for cybersecurity investment among Indian organisations over the next year, according to a new industry survey. Businesses are increasing spending on digital defences as they confront a broadening spectrum of cyber risks and persistent skills shortages.

Cautious budget growth

The majority of surveyed Indian organisations, 87%, expect to increase their cybersecurity budgets in the coming 12 months. Nearly one-third anticipate a rise of more than 10%. While this reflects a slight decrease from the previous year, when 93% planned to grow their budgets, it underlines ongoing concerns about the digital threat environment. Just over one-third (38%) envision budget increases between 6% and 10% for the period.

AI investment priorities

Within emerging investment areas, AI technologies top the list. Fifty-six percent of executives identified AI as their highest budget priority, ahead of cloud security at 33%. Managed cyber services (28%) and data protection (26%) also remain key areas of focus. As AI adoption accelerates, more than half (60%) of respondents report focusing on AI threat hunting capabilities, with nearly half prioritising other AI applications such as agentic AI.

Cost of cyber incidents

The rise in spending comes as Indian enterprises grapple with increasingly costly cyber breaches. Almost a quarter of businesses (25%) have lost over USD $1 million from their most significant data breach in the past three years. Exposure is highest among the largest enterprises, where 45% reported such losses. Organisations are now more likely to quantify these risks financially, with half of all respondents using cyber risk quantification to measure the potential business impact of attacks or incidents.

Resilience challenges

Despite the investment uptick, less than half of organisations said they feel 'very capable' when addressing key threats such as weak access controls, vulnerable network architecture, and legacy IT systems. Only 49% felt confident in managing connected product risks, and 45% saw legacy systems as an area of weakness. These findings suggest that core infrastructure remains an area of vulnerability even as firms expand their cyber toolkits.

Skills shortages

Cybersecurity talent deficits remain a major hurdle for Indian organisations. Over half of respondents cited insufficient knowledge in applying AI for cyber defence (60%) and relevant skills gaps (50%) as key internal challenges. Skills shortages extend beyond AI, with 55% of leaders reporting a lack of qualified personnel for securing operational technology (OT) and the industrial internet of things (IIoT) systems.

Businesses are responding by prioritising talent-related strategies: 61% plan to invest in AI and machine learning tools, 51% in cyber tool consolidation, and 49% in security automation and skills development through upskilling or reskilling their teams.

Quantum risks

Advances in quantum technologies present additional challenges. Quantum threats rank among the top issues for which organisations feel least prepared, following concerns over third-party breaches, ransomware, and cloud attacks. Nearly 40% of respondents have yet to consider or begin implementing quantum-resistant security measures, citing limited awareness of these risks and resource constraints.

"India's cybersecurity posture is evolving rapidly, driven by executive alignment and a growing recognition that cyber is central to business strategy. With 72% of organisations prioritising cyber risk at the board level, the shift from reactive defence to intelligence-led resilience is well underway. AI, cloud security, and managed services are now core to India's cyber investment agenda. However, resilience demands foresight. Organisations remain underprepared to tackle third-party breaches and quantum threats, two of the most pressing risks in today's digital ecosystem. The persistent talent gap further complicates execution, especially in areas like AI-enabled defence and quantum cryptography. Looking ahead, the organisations that will lead are those embedding cybersecurity into core decision-making, aligning budgets to emerging risks, and building teams capable of anticipating not just reacting to threats. Resilience will come from foresight, not hindsight," said Sundareshwar Krishamurthy, Partner and India Cyber Leader, PwC India.
Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Phishing services drive 389% surge in account breaches
isVerified launches AI voice deepfake defence for execs
SEON posts rapid growth & raises USD $80m Series C
ChatGPT drives bulk of enterprise generative AI data risk
BioCatch warns AI agents will supercharge online fraud

Top stories

Executive-level CISO titles surge amid rising scope strain
Asimily boosts Cisco ISE with new device microsegmentation
Cyb3r Operations raises $5.4m to tackle cyber risk
Deepfake boom fuels relentless wave of celebrity scams
Visionplatform.ai adds AI agents to Milestone XProtect