According to a Cyberint report, a Check Point company, India ranked among the top 10 countries globally affected by ransomware in 2024, with 99 documented cases. Balasubramanian stated, “Ransomware attackers are no longer just encrypting data — they’re stealing it and threatening to release it unless their demands are met.” Attackers are increasingly focusing on companies with cyber insurance, customizing ransoms according to their coverage limits.
He further noted that edge devices, including routers and VPNs, have emerged as primary entry points, particularly as hybrid work becomes more established. Targeted sectors such as healthcare, education, and government are facing repeated attacks, leading to urgent calls for enhanced cyber hygiene and preparedness.
A Snapshot of India’s Cybersecurity Landscape
| Key Concern | Details |
|---|---|
| Ransomware Surge | 99 attacks in 2024; India in top 10 globally (Cyberint report). |
| Deepfake Exploitation | Voice and video deepfakes available for as little as ₹8. |
| Sectors at Risk | Education, healthcare, government. |
| Women in Cybersecurity | Only 11% of the workforce; Check Point’s FIRE programme reports 50% in executive roles. |
| AI-Driven Security | Threat Cloud AI executes 2B decisions/day; AI Copilot automates 90% of tasks. |
Discussing AI’s impact on cybersecurity, Balasubramanian referred to it as “a double-edged sword.” While AI assists attackers in scaling their operations, defenders are also leveraging it to develop quicker and more efficient response mechanisms. “We utilize AI for cybersecurity, but we also require cybersecurity for AI,” he emphasized, noting that “Generative AI has rendered phishing campaigns more personalized and difficult to identify. Voice clones and deepfakes can now be generated for as little as ₹8.”
Check Point has been integrating AI into its security framework since 2014. Its Threat Cloud AI now powers over 40 AI engines and makes two billion security decisions daily. “These resources enable immediate detection and response, even in low-resource settings,” Balasubramanian remarked.
Looking ahead, predictive security will be pivotal. Although this concept isn’t new, AI has accelerated the speed and precision with which threats can be identified. “AI enhances our capability to cluster data, detect anomalies, and recognize attacks sooner,” he mentioned, stressing that it isn’t a “flawless forecasting tool,” but an essential element of a comprehensive cyber defense strategy.
Balasubramanian also highlighted India’s significant digital divide and the risks posed by AI illiteracy. “Cybercriminals are exploiting knowledge gaps. There’s an urgent necessity to enhance cyber awareness — particularly among new digital users.” He advocated for collaborative public-private initiatives to educate citizens on phishing, identity theft, and deepfakes.
Addressing the misuse of deepfake technology, he stated, “These tools are being weaponized. We’ve observed their use in impersonating individuals, conducting financial scams, and influencing elections.” He suggested a combination of public education and AI-powered detection mechanisms to counter these threats. Check Point’s AI Infinity Bundle, for instance, facilitates autonomous security operations and behavioral analysis to identify manipulated content before it spreads.
Women are significantly underrepresented in the cybersecurity sector, making up only 11% of the workforce. Balasubramanian believes mentorship is crucial in changing this trend. “Many women exit early due to a lack of support or perceived conflicts with personal ambitions,” he noted. Check Point’s programs like FIRE (Females in Roles Everywhere) and the mentorship initiative have increased female representation in executive positions to almost 50%, he added.
On emerging technologies such as IoT and quantum computing, Balasubramanian asserted that India’s cybersecurity approach must be proactive. “IoT devices often lack adequate security, while quantum computing poses a threat to conventional encryption.” He emphasized the necessity for “zero trust models, quantum-safe encryption standards, and secure device onboarding.”
As cybercriminals continue to exploit AI, Balasubramanian argues that organizations must adopt a balanced, hybrid strategy. “Understanding when to deploy AI and when to depend on human oversight or rule-based controls is critical,” he said. He recommended that Indian enterprises, particularly SMEs, consider subscribing to AI-led security services or utilizing virtual CISOs for strategic advice.
“Responsible AI adoption is not solely about deploying advanced tools; it’s about embedding trust, transparency, and oversight throughout every security layer,” Balasubramanian concluded.
His remarks reflect broader industry concerns: India must now integrate awareness, automation, and inclusive policies to keep pace with rapidly evolving cyber threats.
