
New Delhi, India — The Ministry of Electronics and Information Technology has released the second edition of the Digital Threat Report 2025–26, outlining emerging cybersecurity risks affecting India’s banking, financial services, insurance and digital-payments ecosystem.
The report was launched on July 13, 2026, in collaboration with the Indian Computer Emergency Response Team, the Computer Security Incident Response Team in Finance and cybersecurity company SISA. It is intended to help financial institutions, regulators and cybersecurity leaders evaluate changing attack methods and strengthen their preparedness against digital threats.
The report draws on digital-forensics and incident-response research, observations from CERT-In and CSIRT-Fin, and analysis of adversarial uses of artificial intelligence. It found that six of the seven forward-looking threat predictions included in the previous edition have already developed into established risks.
According to the assessment, social engineering, credential theft, supply-chain attacks and exploitation of cloud environments are no longer isolated or emerging incidents. These techniques are increasingly being used as regular attack methods against financial institutions and their wider technology ecosystems.
The report warns that modern attacks may appear as legitimate user sessions, approved transactions, routine workflows or normal customer activity. This can make malicious actions difficult to identify until financial loss, data compromise or operational disruption has already occurred.
Artificial intelligence asymmetry has been identified as a major concern. AI tools can allow threat actors with comparatively limited resources to automate reconnaissance, impersonation, social engineering and other sophisticated attacks at machine speed. The report notes that offensive capabilities are advancing faster than some existing defence and regulatory mechanisms.
MeitY Secretary S. Krishnan said cybersecurity and operational resilience must receive adequate importance within India’s digital and AI governance frameworks. He called on organisations to develop software and hardware systems capable of continuing essential operations even when exposed to cyberattacks.
Krishnan also emphasised the need to strengthen identity and access management, improve cybersecurity awareness and develop domestic capabilities across AI models, data, infrastructure and security technologies. He said cybersecurity should be treated as an organisation-wide business risk rather than only as a technical function.
CERT-In Director General Sanjay Bahl said cyber resilience must be treated as a shared responsibility across financial institutions, regulators and the broader digital supply chain as India’s financial ecosystem becomes more interconnected and technology-driven.
The report sets out an 18-month roadmap for financial institutions. It recommends beginning with stronger foundational controls, followed by the development of continuous security capabilities and more resilient enterprise architectures.
The findings are particularly relevant as Indian banks, insurers, fintech companies and payment platforms expand their use of cloud infrastructure, APIs, artificial intelligence and real-time digital transactions.




