India leads AI-first cybersecurity transformation – 94% of enterprises already deploying AI for detection and response: IDC-Fortinet Report
Indian enterprises are progressing rapidly from basic AI-assisted detection to more advanced applications such as automated response, predictive threat modeling, AI-driven incident response, and behavioural analytics.
Bangalore, November 5: Artificial Intelligence (AI) has firmly moved from experimentation to mainstream adoption in India’s cybersecurity landscape, according to a new IDC survey commissioned by Fortinet. The 2025 study reveals that 94% of organizations in India are already using AI within their security environments — marking a decisive shift from reactive to predictive defence strategies.
AI reshaping defence and offence
The study highlights that AI is transforming both defenders’ and attackers’ playbooks. Nearly 72% of Indian organizations reported encountering AI-powered cyberattacks in the past year, with 70% witnessing a twofold increase in threat volume and 12% a threefold surge. These attacks, often leveraging automation and adaptive learning, are proving harder to detect and counter, exposing critical gaps in visibility and governance.
Beyond detection: the next phase of AI use
Indian enterprises are progressing rapidly from basic AI-assisted detection to more advanced applications such as automated response, predictive threat modeling, AI-driven incident response, and behavioural analytics. While Generative AI (GenAI) is being used for low-risk tasks like rule updates, playbook management, and social engineering detection, autonomous remediation is still in its early “co-pilot” phase.
Workforce and investments evolving
AI adoption is also reshaping cybersecurity roles. The top emerging positions include AI security engineers, threat intelligence analysts, and AI-focused incident response specialists. However, despite growing reliance on AI, cybersecurity teams remain stretched — only 6% of total organizational staff are dedicated to IT, with just 13% of them in security roles, and less than 16% of organizations have a full-time CISO.
Budget growth remains modest, with 82% reporting increased spending, but most under 5% year-on-year. Investment priorities are shifting toward identity security, SASE/Zero Trust, cloud-native protection, and cyber resilience, rather than infrastructure-heavy spending.
Convergence and consolidation on the rise
As cyber complexity increases, 88% of enterprises are pursuing converged security-networking architectures, and 74% are considering vendor consolidation to simplify management, improve integration, and strengthen overall security posture.
Simon Piff, Research Vice-President at IDC Asia-Pacific, noted that India is entering a new era where “AI is being embedded across detection, incident response, and team design—ushering in smarter and faster security operations.”
Vivek Srivastava, Country Manager, India & SAARC, Fortinet, added: “CISOs in India are now designing cybersecurity strategies around AI—aligning budgets, teams, and architectures for intelligent, adaptive, and converged defence models.”
The IDC study surveyed 550 IT and security leaders across 11 Asia-Pacific markets between February and April 2025, underscoring how India is leading the regional shift toward AI-first cybersecurity.
