Technologies such as Artificial Intelligence (AI) immensely help organisations enhance their decision-making process, but they also come up with newer and more complex risks in the form of AI-powered cyber attacks and unethical deployment of AI. According to a latest Accenture report, 92% of the country’s organisations "are not adequately prepared to secure their AI-driven future”. It further states that 81% of Indian companies are in the ‘exposed zone’, indicating they lack a cohesive cybersecurity strategy and the necessary technical capabilities. Only 19% of these have the essential data and AI security practices needed to protect critical business models, data pipelines and cloud infrastructure. “In India’s fast-evolving digital economy, the AI revolution is rewriting the rules of cybersecurity. As generative AI accelerates innovation, it also amplifies risks—making cyber resilience a strategic priority, not (just) a technical afterthought.
Companies must embed security into the foundation of every AI initiative to not only safeguard trust but to lead with confidence in a rapidly shifting threat landscape,” said Gautam Kapoor, Managing Director and Lead–Cybersecurity, Accenture India. Despite soaring trends of AI enterprise adoption, only 19% of Indian organisations have implemented clear policies and training for GenAI use. Also, only a few maintain a comprehensive inventory of AI systems, which is crucial for managing supply chain risks.
The research identified three distinct security maturity zones based on an organisation’s cybersecurity strategy and technical capabilities. While the top group: the ‘Reinvention Ready Zone’, comprising only 8% of Indian organisations in India, has an “adaptive resilient security posture” that continuously evolves to counter emerging threats; the middle 11% resides in the ‘Progressing Zone’, showing some strength “but struggles with defining strategic direction or implementing defences”. The most at-risk group, in the ‘Exposed Zone’, makes up 81% of the organisations, characterised by “limited cyber readiness and a reactive posture to threats”. It says reinvention-ready companies, however, are 69% less likely to face advanced attacks and are 1.5 times more effective at blocking them.