India was among the top 10 countries globally affected by ransomware in 2024, according to a report by Cyberint, a Check Point company, which recorded 99 known cases. Balasubramanian said, “Ransomware attackers are no longer just encrypting data — they’re stealing it and threatening to release it unless demands are met.” Increasingly, attackers are targeting companies with cyber insurance, demanding ransoms tailored to their coverage limits.
Edge devices such as routers and VPNs have become prime entry points, he added, especially as hybrid work becomes more entrenched. Sectors like healthcare, education, and government are being repeatedly targeted, prompting urgent calls for improved cyber hygiene and preparedness.
India’s cybersecurity landscape at a glance
| Key Concern | Details |
|---|---|
| Ransomware Surge | 99 attacks in 2024; India in top 10 globally (Cyberint report). |
| Deepfake Exploitation | Voice and video deepfakes created for as little as ₹8. |
| Sectors at Risk | Education, healthcare, government. |
| Women in Cybersecurity | Just 11% workforce share; Check Point’s FIRE programme sees 50% in exec roles. |
| AI-ZDriven Security | Threat Cloud AI executes 2B decisions/day; AI Copilot automates 90% of tasks. |
On AI’s role in cybersecurity, Balasubramanian described it as “a double-edged sword.” While AI helps attackers scale their operations, defenders are also using it to build faster and more effective response systems. “We have AI for cybersecurity, but we also need cybersecurity for AI,” he said. “Generative AI has made phishing campaigns more personalised and harder to detect. Voice clones and deepfakes can now be produced for as little as ₹8.”
Check Point has been embedding AI in its security architecture since 2014. Its Threat Cloud AI today powers over 40 AI engines and executes two billion security decisions each day. “These tools enable real-time detection and response, even in low-resource environments,” Balasubramanian said.
Looking ahead, predictive security will play a central role. Although not new, AI has advanced the speed and accuracy with which threats can be identified. “AI improves our ability to cluster data, detect anomalies, and recognise attacks earlier,” he said, adding that it’s not a “flawless forecasting tool,” but a critical part of a broader cyber defence strategy.
Balasubramanian also addressed India’s deep digital divide and the exploitation of AI illiteracy. “Cybercriminals are targeting knowledge gaps. There’s an urgent need to scale cyber awareness — especially among new digital users.” He called for joint public-private initiatives to educate citizens about phishing, identity theft, and deepfakes.
On deepfake misuse, he said, “These technologies are being weaponised. We’ve seen them used to impersonate individuals, conduct financial scams, and influence elections.” He recommended a mix of public education and AI-powered detection tools to counter these threats. Check Point’s AI Infinity Bundle, for instance, enables autonomous security operations and behavioural analysis to spot manipulated content before it spreads.
Women remain significantly underrepresented in the cybersecurity workforce, comprising just 11%. Balasubramanian believes mentorship is key to reversing this trend. “Many women leave early because of a lack of support or perceived conflict with personal goals,” he said. Check Point’s programmes such as FIRE (Females in Roles Everywhere) and the women mentoring programme have increased female representation in executive roles to nearly 50%, he added.
On emerging technologies like IoT and quantum computing, Balasubramanian said India’s cybersecurity response must be proactive. “IoT devices are often poorly secured, while quantum computing threatens traditional encryption.” He stressed the need for “zero trust models, quantum-safe encryption standards, and secure onboarding of devices.”
As cybercriminals continue to leverage AI, Balasubramanian believes organisations must take a measured, hybrid approach. “Knowing when to use AI, and when to rely on human oversight or rule-based controls, is vital,” he said. For Indian enterprises, especially SMEs, he recommended subscribing to AI-led security services or engaging virtual CISOs for strategic guidance.
“Responsible AI adoption is not just about deploying advanced tools. It’s about embedding trust, transparency, and oversight into every layer of security,” Balasubramanian concluded.
Balasubramanian’s comments reflect the broader industry concern: India must now blend awareness, automation, and inclusive policies to keep pace with rapidly evolving cyber threats.
