Indian companies are tightening their AI defenses as cybercrime becomes more sophisticated

Sophisticated cyberattacks leveraging AI-powered deepfakes, phishing, data manipulation and malware are on the rise. To combat these complex threats, Indian companies are looking to improve their security infrastructure, experts said.

Cybersecurity attacks, which began around the 1980s, have evolved over the last forty years or so. Where once it was just a matter of damaging individual devices with viruses, today it can lead to the crippling of an entire organization and even an entire country.

“Cyber ​​attacks currently belong to the 5th or 6th generation of so-called multi-vector attacks. These not only target your endpoints, but also your networks, data centers, cloud, etc. All of this happens in parallel, which makes it much more complex, sophisticated and harder to prevent,” said Devroop Dhar, co-founder of the consultancy Primus Partners.

Multi-vector attacks are sophisticated cyber threats that exploit multiple vulnerabilities simultaneously to breach an organization’s defenses. A typical example is a distributed denial of service (DDoS) attack, which combines multiple techniques such as network flooding and system overload to maximize disruption.

KI: A double-edged sword

When combined with other advanced technologies like machine learning, artificial intelligence (AI) can be both a blessing and a curse depending on who uses it. Many cybercriminals use AI technology to intensify their attacks. On the other hand, companies are using AI to build advanced cybercrime protection systems.

“AI is a double-edged sword. “It is both a tool for companies to prevent and respond to attacks and a tool for cyber attackers to increase the intensity of their attacks,” Dhar emphasized.

Companies are using AI tools to sift through massive amounts of data to identify unusual patterns and detect cyberattacks, he added.

As for cybercriminals, they are making extensive use of AI to generate sophisticated attacks using technologies such as deepfake.

“Previously, algorithmic attacks were mostly numerical, so attackers would write scripts to go through millions of combinations of passwords and attack a user ID. But now, with AI, the ability to create attacks like deepfakes is much higher and the ability to automate them is much higher,” said Ajay Trehan, CEO of authentication company Authbridge, which helps companies manage identity. He added that he understands that this trend will continue to strengthen in 2025.

Cybercrime is becoming more and more of a problem for companies. In PwC’s 2024 Global Economic Crime Survey India Outlook, the consultancy found that 33% of executives surveyed in India cited cybercrime as one of the top problems faced by companies.

Tata Consultancy Services Ltd, the country’s largest software services company, has flagged cyber threats posed by Gen AI.

“GenAI improves operational efficiency, but organizations must prepare to defend against cyber threats. It is imperative for organizations to leverage these advances and implement GenAI-powered threat detection and response systems to stay ahead of the curve,” said Ganesa Subramanian Vaikuntam, global head of cybersecurity at TCS, at the TCS release on the 10th 2025 Cybersecurity Outlook December.

“GenAI is changing organizational processes, but is also being exploited by cybercriminals for complex attacks such as deepfakes, phishing, data manipulation and new malware. In response, organizations must fight fire with fire by deploying GenAI-powered threat detection and response systems,” the TCS report continued.

Ransomware attacks, supply chain disruptions, and executive identity theft are the top threats. Companies are striving to build a security system capable of countering the advanced attacks posed by AI and other advanced technologies.

“Companies are taking steps to counter these cyber threats, particularly supply chain attacks. There is an increased focus on third-party security and governance. The third parties also connect to the company’s proprietary technology through APIs, so API security is also increased,” said Siddharth Vishwanath, partner at PwC.

APIs, or application programming interfaces, are sets of defined rules that allow different software systems, applications, or services to communicate with each other. They enable these systems to exchange data, carry out actions or request services in a standardized and secure manner.

As companies seek to eliminate these cyber threats, IT services companies have expanded their cybersecurity offerings to customers using AI.

Accenture Plc, the world’s largest technology services company, launched four new cybersecurity services on November 19. These services would detect cyber vulnerabilities and deepfakes in an AI system, provide solutions and help customers develop strategies around their cyber programs.

Domestic software services companies have also expanded their cybersecurity offerings.

TCS expanded its partnership with Google Cloud on September 3 by launching two AI-powered cybersecurity solutions – TCS Managed Detection and Response and TCS Secure Cloud Foundation. These solutions would reduce the time it takes for TCS customers to detect and respond to threats and also strengthen cloud security through the use of AI, machine learning and automation.

Almost two months later, on December 2, Noida-based HCL Technologies Ltd announced a similar collaboration with Google Cloud to provide AI-driven Managed Detection and Response (MDR) solutions to help customers detect and respond to to support cyber threats.

A day later, Wipro Ltd announced a partnership with Netskope, a US-based cybersecurity company, to provide enterprises with an integrated service that analyzes the customer’s current cybersecurity and infrastructure investments, provides consolidation guidelines and delivers cost-optimized methodologies