Context:
Recently, The Ministry of Electronics and Information Technology (MeitY), in collaboration with CERT-In, CSIRT-Fin, and cybersecurity firm SISA, has released the second edition of the Digital Threat Report 2025–26. The report assesses emerging cyber threats facing India's Banking, Financial Services, Insurance (BFSI), and Digital Payments ecosystem, and provides strategic guidance to financial institutions, regulators, and cybersecurity professionals.
About the Digital Threat Report 2025–26
The report is based on:
-
-
- Digital forensic and incident response research.
- Observations from CERT-In and CSIRT-Fin.
- Analysis of adversarial Artificial Intelligence (AI).
- Real-world cyber incidents affecting the financial sector.
- Digital forensic and incident response research.
-
Major Findings:
Faster Evolution of Cyber Threats: The gap between the discovery of cyber vulnerabilities and their exploitation has reduced from years to months or even weeks.
Sophisticated Attack Techniques: Threats such as:
-
-
- Social engineering
- Credential theft
- Supply-chain compromise
- Cloud exploitation
- Social engineering
-
have become mainstream attack methods rather than emerging risks.
Rise of AI-Enabled Cyber Attacks: The report identifies "AI Asymmetry" as a major risk. Artificial Intelligence enables attackers with limited resources to launch sophisticated cyberattacks at machine speed, while defensive and regulatory systems struggle to keep pace.
Harder-to-Detect Attacks: Modern cyberattacks often appear as:
-
-
- Legitimate user sessions
- Authorized payment transactions
- Normal workflow activities
- Legitimate user sessions
-
Making detection difficult until financial or operational damage has occurred.
Four-Layer Cyber Failure Framework:
The report introduces the "Anatomy of Cyber Failure" Framework, which explains how cyber breaches escalate through interconnected weaknesses in:
-
-
- System design
- Security control implementation
- Detection mechanisms
- Institutional response
- System design
-
The framework helps organizations identify systemic vulnerabilities and prioritize cybersecurity investments.
18-Month Cyber Resilience Roadmap:
The report recommends that financial institutions:
-
-
- Strengthen foundational security controls.
- Conduct continuous risk assessments.
- Enhance information sharing among institutions and regulators.
- Build advanced cyber resilience capabilities.
- Develop robust and adaptive security architectures.
- Strengthen foundational security controls.
-
Importance for India:
-
-
- Strengthens the cybersecurity of India's rapidly growing digital financial ecosystem.
- Protects public trust in digital banking and payment systems.
- Supports Digital India and financial inclusion initiatives.
- Enhances operational resilience against evolving cyber threats.
- Promotes collaboration between government, regulators, and the private sector.
- Strengthens the cybersecurity of India's rapidly growing digital financial ecosystem.
-
About CERT-In:
CERT-In (Indian Computer Emergency Response Team) is the national nodal agency for responding to cyber security incidents in India. It functions under MeitY and is designated under the Information Technology (Amendment) Act, 2008.
Key Functions:
-
-
- Monitors and analyses cyber incidents.
- Issues cyber security alerts, advisories, and vulnerability notes.
- Coordinates national cyber incident response.
- Recommends preventive and emergency security measures.
- Monitors and analyses cyber incidents.
-
About CSIRT-Fin:
CSIRT-Fin (Computer Security Incident Response Team–Finance) is the sectoral cyber security agency for India's financial sector. It supports banks, insurance companies, securities markets, pension funds, and payment systems.
Key Functions:
-
-
- Prevents and responds to cyber incidents.
- Issues alerts and security advisories.
- Coordinates cyber response across financial institutions.
- Promotes cyber resilience and awareness.
- Prevents and responds to cyber incidents.
-
Conclusion:
The Digital Threat Report 2025–26 highlights that cyber security is vital for India's digital economy. Strengthening AI-based defence, continuous risk assessment, and coordinated institutional efforts are essential to protect the country's digital financial infrastructure and maintain public trust.
