INDIA Trends and Developments Contributed by: Probir Roy Chowdhury and Shivani Bhatnagar, JSA
Conclusion India’s cybersecurity landscape in 2025 pre - sents a dual narrative of progress and vulner - ability. Advancements such as a 26% reduction in cybersecurity incidents and India’s Tier-1 ranking in the GCI highlight strides in policy and technical capabilities. Legislative frame - works and the operational efficiency of CERT- In reflect institutional efforts to align with global standards. These measures have strengthened incident response, particularly in critical sectors such as finance and healthcare, where manda - tory reporting protocols have been put in place. However, emerging threats – particularly AI-driv - en attacks – continue to challenge this progress. The rise of adaptive malware (eg, BlackMamba), AI-generated phishing campaigns, and data- centric ransomware underscores the ability of adversaries to exploit technological advance - ments. Sectors such as healthcare (targeted in 21.8% of attacks) with limited cybersecurity infrastructure remain disproportionately vulner - able. Geopolitical tensions and state-sponsored attacks further strain cybersecurity defences, as seen in incidents targeting critical infrastructure during national events. The path forwards hinges on systemic collabo - ration. While CERT-In’s incident management framework and international partnerships dem - onstrate proactive governance, gaps persist. Bridging these gaps requires scaling capacity- building initiatives, enforcing regulatory man - dates such as the DPDPA, and integrating AI- driven threat detection into national strategies. India’s cybersecurity future will depend on bal - ancing innovation with equitable resilience to ensure that its digital ambitions are not derailed by evolving risks.
incidents. Upon receiving a notification, the agency typically acknowledges the incident promptly and provides a detailed response within 24 hours, thereby ensuring timely action. In certain cases, CERT-In officials often directly reach out to the reporting entity to gather addi - tional information or offer immediate guidance. Clearly, the agency’s support is comprehen - sive and multifaceted, encompassing technical assistance, remedial measures, and follow-up actions. By way of example, CERT-In provides technical expertise to help organisations con - tain and mitigate the impact of cyber-incidents. This includes identifying vulnerabilities, recom - mending patches, and guiding recovery efforts to restore normal operations. Additionally, CERT-In issues specific recommen - dations to address incidents and prevent their recurrence. This was demonstrated during the 2017 WannaCry ransomware attack, where the agency played a pivotal role in co-ordinating the response and issuing advisories to affected organisations. Multi-stakeholder co-ordination To tackle cybercrimes effectively, CERT-In often works closely with law enforcement agencies to investigate incidents and take down malicious phishing websites. Additionally, CERT-In col - laborates with sector-specific regulators, par - ticularly in critical infrastructure sectors such as banking, healthcare, and energy. Beyond national borders, CERT-In actively engages in international co-operation. It has signed memoranda of understanding (MoUs) with agencies in countries such as Singapore, Japan, and the UK.
126 CHAMBERS.COM
Powered by FlippingBook