“…25 per cent of businesses say their most damaging data breach in the past three years cost their organisation at least USD 1 million, with exposure highest among enterprises generating USD 5 billion or more in revenue (45 per cent)”
New Delhi: Nearly a quarter of Indian enterprises surveyed reported losses exceeding USD 1 million (about Rs 8.8 crore) from cyber breaches over the past three years, with the risk particularly high among companies earning USD 5 billion or more in annual revenue.
Cyber budgets are rising, albeit at a cautious pace, with 87 per cent of organisations in India planning to increase their cybersecurity spending over the next 12 months, according to a PwC report.
The PwC 2026 Global Digital Trust Insights survey, based on responses from 138 Indian business and technology executives, found that investment in AI tops budget priorities at 46 per cent, followed by cloud security at 33 per cent.
“…25 per cent of businesses say their most damaging data breach in the past three years cost their organisation at least USD 1 million, with exposure highest among enterprises generating USD 5 billion or more in revenue (45 per cent).
“This year, 87 per cent of leaders of Indian organisations expect their cyber budgets to grow in the coming year, and nearly one-third of them plan to boost spending by more than 10 per cent—a slight dip from last year’s 93 per cent, yet a strong signal of sustained investment. Notably, just over one-third (38 per cent) of these said their budgets would likely increase 6-10 per cent,” the report noted.
More than half (60 per cent) of security leaders are prioritising AI threat-hunting capabilities, while nearly 47 per cent are focusing on other AI-driven functions such as agentic AI.
Cybersecurity workforce shortages continue to impede progress as organisations operationalise AI, secure complex environments, and prepare for the next generation of threats. Nearly 60 per cent of respondents cited limited expertise in using AI for cyber defence, while 50 per cent flagged insufficient skills as the primary internal obstacle to adopting AI for cybersecurity over the past year.
Despite these challenges, organisations are taking action by prioritising AI and machine learning investments (61 per cent), consolidating security tools (51 per cent), deploying automation solutions (49 per cent), and upskilling or reskilling staff (49 per cent).
Meanwhile, around 90 per cent of Indian organisations plan to hire dedicated professionals in the next 12 months to manage and enhance digital identity management, infrastructure, and security, according to a report by Rubrik Zero Labs released on Sunday.
According to the statement, AI wave is translating into an increase of AI agents in the workplace, which equates to a surge of both non-human identities and agentic identities.
This is resulting in an urgent focus for CIOs and CISOs on identity threats and recovery, the report — Identity Crisis: Understanding & Building Resilience Against Identity-Driven Threats — stated.
The survey was conducted by Wakefield Research among 1,625 IT security decision-makers at companies with 500 or more employees with a 50/50 split of directors/VPs and CIOs/CISOs, it said.
“Attackers are now frequently targeting both human and non-human identities. It’s the fastest route to critical systems and data, fundamentally changing the face of Indian cyber defense,” Ashish Gupta, Managing Director, India & Head of Engineering at Rubrik said in the statement.
The research was conducted in the US, EMEA (the UK, France, Germany, Italy, the Netherlands), and APAC (Japan, Australia, Singapore, India), from September 18-29, 2025.