Frightening Lack Of Cybersecurity Readiness In India Even As AI Raises Threat Levels: Cisco Study

Cybersecurity readiness in Indian organisations remains alarmingly low and only 7% of organisations have achieved the 'Mature' level of readiness required to counter today's cybersecurity threats, according to Cisco's 2025 Cybersecurity Readiness Index. 

While this is a slight improvement from last year's Index — in which 4% were designated as Mature — cybersecurity preparedness still remains low as hyperconnectivity and artificial intelligence introduce new complexities.

AI is escalating threat levels, with 95% of organisations facing AI-related security incidents last year. However, only 66% of respondents are confident their employees fully understand AI-related threats, and 63% believe their teams fully grasp how malicious actors are using AI to execute sophisticated attacks. 

AI is compounding an already challenging threat landscape. In the last year, 57% of organisations suffered cyberattacks, according to Cisco data. Respondents view external threats like malicious actors and state-affiliated groups (46%) as more significant to their organisations than internal threats (54%), underscoring the need for defence. 

The lack of cybersecurity readiness in India is alarming as 81% of respondents anticipate business disruptions from cyber incidents within the next 12–24 months. Other findings include:

• Gen AI Deployment Risks: Gen AI tools are widely adopted, with 46% of employees using approved third-party tools. However, 28% have unrestricted access to public gen AI and 43% of IT teams are unaware that employees use gen AI, underscoring major oversight challenges.

• Shadow AI Concerns: Almost half (45%) of organisations lack confidence in detecting unregulated AI deployments or shadow AI, posing cybersecurity and data privacy risks.

• Unmanaged Device Vulnerability: Within hybrid work models, 90% of organisations face increased security risks as employees access networks from unmanaged devices.

• Investment Priorities Shift: While 98% of organisations plan to upgrade their IT infrastructure, only 54% allocate more than 10% of their IT budget to cybersecurity (down 7% year-over-year), emphasising the need for more focused investment.

• Complex Security Postures: Around 84% of organisations say their complex security infrastructures, with over 10-point security solutions, are preventing them from responding swiftly and effectively to threats.

• Talent Shortage: A staggering 92% of respondents cited shortage of cybersecurity professionals as a major challenge, with 65% reporting more than ten positions to fill.

• AI's Expanding Role In Cybersecurity: At the same time, 96% of organisations use AI to understand threats better, 88% for threat detection, and 77% for response and recovery.