Indian Businesses Confront Escalating AI-Powered Cybersecurity Threats
Hyderabad: Indian enterprises are facing a significant surge in sophisticated cyberattacks driven by artificial intelligence, with deepfake technology emerging as a particularly alarming threat vector, according to the comprehensive 2026 Thales Data Threat Report. The findings underscore a critical juncture for corporate security as organizations increasingly integrate AI into their core operations.
Deepfake Incidents and AI Attack Concerns Skyrocket
The report reveals that a substantial 65% of surveyed companies across India have already experienced security incidents involving deepfakes. Furthermore, 64% of Indian organizations now rank AI-enabled attacks as their foremost data security risk. This figure aligns closely with the global average of 70%, indicating that India's cybersecurity challenges mirror worldwide trends in this rapidly evolving threat landscape.
Research Methodology and Enterprise AI Integration Risks
The survey, conducted by S&P Global 451 Research on behalf of global cybersecurity firm Thales, gathered responses from 3,120 organizations worldwide. The report highlights growing concerns about the extensive access privileges granted to AI systems within corporate environments. As companies embed AI technologies into diverse workflows—including analytics, customer service, and software development—these systems often receive authorization to access vast volumes of sensitive enterprise data.
Thales experts warn that security controls for AI systems frequently prove weaker than those applied to human users, creating substantial risks for potential misuse or compromise. Ankur Kanaglekar, Vice President for India at Thales, emphasized that inadequate identity governance frameworks, lax access policies, and insufficient encryption protocols could enable AI to dramatically amplify existing vulnerabilities across corporate networks.
Critical Data Management and Visibility Deficiencies
The report identifies major gaps in how companies monitor and manage their data assets. Only 35% of Indian organizations reported having complete visibility into where all their data resides, while merely 36% claimed they could fully classify their data according to sensitivity levels. Globally, the situation appears equally concerning, with nearly half of all sensitive cloud data remaining unencrypted. This presents formidable challenges for securing information as AI systems increasingly ingest and process data across cloud and software-as-a-service environments.
Identity-Based Attacks and Cloud Infrastructure Vulnerabilities
Identity-focused attacks are becoming a primary concern for cybersecurity teams. Credential theft has been identified as the leading attack technique against cloud infrastructure, cited by 68% of Indian organizations that experienced cloud-based attacks. This figure corresponds closely with the global statistic of 67%, demonstrating the universal nature of this threat vector.
Additionally, 44% of Indian respondents ranked secrets management among their top application security challenges, reflecting the growing complexity of overseeing machine identities, API keys, and authentication tokens in modern IT environments.
AI-Generated Misinformation and Human Error Factors
The report indicates that 55% of Indian companies have reported damage resulting from AI-generated misinformation or impersonation campaigns, surpassing the global average of 48%. Human error continues to contribute significantly to security breaches, accounting for 26% of incidents in India. Researchers caution that automation could potentially magnify the consequences of even minor mistakes, creating disproportionate impacts.
Security Budget Allocation and Strategic Recommendations
While 30% of Indian organizations have established dedicated AI security budgets, 53% still rely on existing security spending to address these emerging threats. Eric Hanselman, Chief Analyst at S&P Global 451 Research, emphasized that continuous data visibility and robust protection mechanisms must become central components of enterprise innovation strategies as AI becomes more deeply embedded in operational processes.
The comprehensive findings from the 2026 Thales Data Threat Report serve as a critical warning for Indian businesses to strengthen their cybersecurity postures, enhance data governance frameworks, and develop specialized strategies to counter the unique challenges posed by AI-powered threats and deepfake technologies.
