As artificial intelligence reshapes the way enterprises operate across India, it is also fundamentally rewriting the rules of cybersecurity. From banking and telecom to manufacturing and public infrastructure, AI-driven automation is creating new attack surfaces and accelerating the speed at which threats evolve. In an exclusive interaction with Elets CIO, Rishi Aurora, Managing Partner, IBM Consulting India & South Asia, offers a strategic lens on the shifting cyber risk landscape, the limitations of generic security approaches, and why boards and CEOs must treat cybersecurity as a core business discipline, not an afterthought.

Q1. With AI becoming central to business operations, how is it reshaping the cyber risk landscape in India, and where are enterprises most exposed today?

As Indian enterprises become AI-first and scale agentic capabilities, cybersecurity risk is no longer just a technology issue—it becomes fundamental to our nation’s digital sovereignty. Today, AI systems sit at the core of business decisions, data flows, and customer interactions, often spanning cloud environments, partners, and national borders. This changes the risk equation.

The IBM X‑Force Threat Intelligence Index 2026 makes it clear that attackers are not relying on highly sophisticated techniques – they are exploiting well‑known access points more effectively. The exploitation of public-facing applications continues to be a leading entry vector, accounting for 40% of the cases, reflecting the growing exposure created by digital scale. At the same time, the misuse of valid accounts accounted for nearly a third of investigated cases, even though it is no longer the top initial access method.

As AI becomes increasingly embedded across India’s sectors like financial services, manufacturing, telecom, healthcare and public infrastructure, managing these risks is central to protecting business resilience and national digital trust, not just enterprise security.

Q2. As AI adoption varies across sectors like banking, manufacturing, telecom, and retail, what unique security challenges are emerging, and why does this demand a more tailored approach?

With AI adoption accelerating across industries, the security challenges we’re seeing are less about the individual sectors and more about shared patterns of exposure at scale.

The difference lies in the impact. In high-scale sectors like banking, telecom and retail, even a single breach can undermine customer trust and service continuity across millions of users. Whereas in manufacturing, healthcare and public infrastructure, similar attacks threaten operational resilience and, in some cases, public safety.

AI systems amplify this risk by increasing automation, scale and interconnectivity, allowing attackers to move faster once access is gained. IBM’s X-Force Threat Intelligence Index 2026 also highlights a rise in extortion-led attacks, where disruption and data theft are used to pressure enterprises rather than exploit a single vulnerability.

This is why the approaches to secure AI and agentic capabilities cannot be generic. Enterprises need strategies that focus on data protection, identity protection, resilience and visibility, tailored to how widely and deeply AI is embedded across their operations and risk exposure—not just the industry they operate in.

Q3. With cyberattacks becoming faster and more autonomous, how should enterprises evolve their security strategies to keep pace?

As cyberattacks become faster and more autonomous with the advent of AI, enterprises must get ahead of the attack cycle with proactive risk reduction. This includes securing data and identities, fixing exposed applications faster, and shrinking the time between vulnerability discovery and remediation.

It is equally important to use AI to defend at AI speed, which means greater automation across detection and response, because manual security operations can’t keep up with machine-driven threats. This is where approaches such as IBM Cyber Threat Management Services help—combining threat intelligence, AI-driven monitoring and automated response to improve speed, visibility and consistency across the security lifecycle.

But speed without control creates new risks. That’s why strong governance and responsible AI practices, viz., clear oversight, trusted data and accountable decision-making are critical.

Finally, enterprises must invest in continuous talent development, ensuring skilled security teams are augmented by AI to interpret signals and respond decisively as threats evolve.

Also Read: Parminder Singh Appointed CEO of Reliance Enterprise Intelligence Limited to Lead India’s Enterprise AI Push

Q4. In the age of AI, how can boards and CEOs shift their view of cybersecurity from a compliance function to a core business priority?

In the agentic AI era, cybersecurity needs to be treated as a strategic business discipline, not as a compliance checkbox. As AI systems increasingly act autonomously, cyber risk directly impacts enterprise trust, regulatory confidence and business continuity.

IBM X-Force insights reveal that attackers exploit common weaknesses at speed, turning cyber-attacks into enterprise-level disruptions rather than isolated incidents. For leadership, this shifts the focus to ownership and governance—treating cyber risk as part of enterprise risk management, with clear accountability, measurable outcomes and responsible AI oversight.

When cybersecurity is embedded into AI and business strategy, it becomes a driver of resilience, credibility and long-term competitiveness—not just a cost of protection.

Q5. How is IBM Consulting enabling enterprises to strengthen cybersecurity, and what AI-led capabilities are you bringing into this space?

At IBM Consulting, we help enterprises strengthen cybersecurity by bringing together AI, deep domain expertise and integrated services to address risk across the full security lifecycle. With IBM Enterprise Advantage, enterprises can build and scale AI-driven workflows in a secure, governed environment, ensuring that AI adoption does not outpace trust, control or resilience.

At the governance layer, IBM Governance, Risk and Compliance (GRC) services provide enterprise-wide visibility into cyber risk, compliance and accountability – critical as AI systems become more autonomous and interconnected. Further, IBM CyberDefend brings security directly into transformation journeys, strengthening identity, data, cloud and application security rather than treating it as an add-on.

Most recently, IBM globally announced IBM Autonomous Security, which uses coordinated AI agents to detect, analyse, and respond to threats at machine speed – helping enterprises confront a new class of agentic attacks with greater resilience and confidence. 

Be a part of Elets Collaborative Initiatives. Join Us for Upcoming Events and explore business opportunities. Like us on Facebook , connect with us on LinkedIn and follow us on Twitter.

"Exciting news! Elets technomedia is now on WhatsApp Channels Subscribe today by clicking the link and stay updated with the latest insights!" Click here!