BENGALURU: Cybersecurity leader Fortinet has revealed alarming new findings from an IDC survey highlighting a dramatic rise in artificial intelligence (AI)-enabled cyber threats across India. The report paints a sobering picture: 72% of Indian organizations experienced AI-powered cyberattacks in the past year, with many struggling to detect or defend against these increasingly stealthy and complex intrusions.

The survey, which covered 550 IT and cybersecurity leaders across 11 Asia-Pacific markets, shows that AI is rapidly becoming a preferred tool for attackers - allowing them to launch faster, more targeted, and harder-to-detect assaults. Nearly 70% of Indian organizations reported a 2X surge in AI-driven threats, and 12% observed a 3X increase.

These AI-powered attacks exploit human behavior, configuration errors, and identity systems. The top threats identified include:

Yet only 14% of organizations said they were “very confident” in their ability to defend against these threats. Shockingly, 21% admitted they have no ability to track AI-powered threats at all.

The findings indicate a shift from episodic security incidents to constant exposure. The most commonly reported threats were:

While phishing and traditional malware attacks still grow by ~10%, AI-driven and insider threats, cloud misconfigurations, and IoT/OT vulnerabilities are expanding much faster—exposing critical gaps in visibility, governance, and team preparedness.

The survey underscores a resourcing crisis in cybersecurity teams. On average, just 0.91 cybersecurity professionals are available per 100 employees. Only 15% of companies in India have a standalone Chief Information Security Officer (CISO), and a mere 6% have specialized teams for threat hunting or security operations.

Top challenges include:

While 80% of organizations reported budget increases for cybersecurity, most of the hikes remain under 10%. On average, just 1.4% of revenue is allocated to security—underscoring a mismatch between risk and investment.

Top security investment areas include:

Notably, areas like OT/IoT security, DevSecOps, and security training continue to lag behind in funding.

Encouragingly, the survey indicates strong momentum toward security-platform convergence. Around 88% of Indian firms are either consolidating or actively evaluating unified security platforms. The top benefits cited were:

“AI is both the challenge and the frontline defence,” said Vivek Srivastava, Country Manager, India & SAARC, Fortinet. “As threats grow more coordinated, Fortinet is helping organizations shift from fragmented tools to AI-powered security platforms that prioritize speed, simplicity, and resilience.”

Simon Piff, VP at IDC Asia-Pacific, added, “Reactive security is no longer enough. Intelligence-driven, integrated models are now critical for organizations to stay ahead of AI-enabled cybercrime.”

The full findings are published in the IDC Info Snapshot titled "State of Cybersecurity in Asia-Pacific: From Constant Risk to Platform-Driven Resilience", sponsored by Fortinet (May 2025, IDC Doc #AP249601X).