Home > Blog

Blog / 14 Jul 2026

Digital Threat Report 2025–26 | CERT-In & CSIRT-Fin

Context:

Recently, The Ministry of Electronics and Information Technology (MeitY), in collaboration with CERT-In, CSIRT-Fin, and cybersecurity firm SISA, has released the second edition of the Digital Threat Report 2025–26. The report assesses emerging cyber threats facing India's Banking, Financial Services, Insurance (BFSI), and Digital Payments ecosystem, and provides strategic guidance to financial institutions, regulators, and cybersecurity professionals.

About the Digital Threat Report 2025–26

The report is based on:

      • Digital forensic and incident response research.
      • Observations from CERT-In and CSIRT-Fin.
      • Analysis of adversarial Artificial Intelligence (AI).
      • Real-world cyber incidents affecting the financial sector.

Major Findings:

Faster Evolution of Cyber Threats: The gap between the discovery of cyber vulnerabilities and their exploitation has reduced from years to months or even weeks.

Sophisticated Attack Techniques: Threats such as:

      • Social engineering
      • Credential theft
      • Supply-chain compromise
      • Cloud exploitation

have become mainstream attack methods rather than emerging risks.

Rise of AI-Enabled Cyber Attacks: The report identifies "AI Asymmetry" as a major risk. Artificial Intelligence enables attackers with limited resources to launch sophisticated cyberattacks at machine speed, while defensive and regulatory systems struggle to keep pace.

Harder-to-Detect Attacks: Modern cyberattacks often appear as:

      • Legitimate user sessions
      • Authorized payment transactions
      • Normal workflow activities

Making detection difficult until financial or operational damage has occurred.

Four-Layer Cyber Failure Framework:

The report introduces the "Anatomy of Cyber Failure" Framework, which explains how cyber breaches escalate through interconnected weaknesses in:

      • System design
      • Security control implementation
      • Detection mechanisms
      • Institutional response

The framework helps organizations identify systemic vulnerabilities and prioritize cybersecurity investments.

18-Month Cyber Resilience Roadmap:

The report recommends that financial institutions:

      • Strengthen foundational security controls.
      • Conduct continuous risk assessments.
      • Enhance information sharing among institutions and regulators.
      • Build advanced cyber resilience capabilities.
      • Develop robust and adaptive security architectures.

Importance for India:

      • Strengthens the cybersecurity of India's rapidly growing digital financial ecosystem.
      • Protects public trust in digital banking and payment systems.
      • Supports Digital India and financial inclusion initiatives.
      • Enhances operational resilience against evolving cyber threats.
      • Promotes collaboration between government, regulators, and the private sector.

About CERT-In:

CERT-In (Indian Computer Emergency Response Team) is the national nodal agency for responding to cyber security incidents in India. It functions under MeitY and is designated under the Information Technology (Amendment) Act, 2008.

Key Functions:

      • Monitors and analyses cyber incidents.
      • Issues cyber security alerts, advisories, and vulnerability notes.
      • Coordinates national cyber incident response.
      • Recommends preventive and emergency security measures.

About CSIRT-Fin:

CSIRT-Fin (Computer Security Incident Response Team–Finance) is the sectoral cyber security agency for India's financial sector. It supports banks, insurance companies, securities markets, pension funds, and payment systems.

Key Functions:

      • Prevents and responds to cyber incidents.
      • Issues alerts and security advisories.
      • Coordinates cyber response across financial institutions.
      • Promotes cyber resilience and awareness.

Conclusion:

The Digital Threat Report 2025–26 highlights that cyber security is vital for India's digital economy. Strengthening AI-based defence, continuous risk assessment, and coordinated institutional efforts are essential to protect the country's digital financial infrastructure and maintain public trust.

 

Aliganj Gomti Nagar Prayagraj