Prasanna Kumar, head of cyber solutions for India at Aon, said, “We are witnessing India adopt AI at a rapid pace, which brings a host of new risks. Data poisoning attacks can compromise the integrity of critical AI systems and deepfake technology is now being used to craft convincing malicious content — making social engineering attacks more sophisticated than ever.”
Mumbai: Aon plc has released the India findings from its 2025 Cyber Risk Report on Wednesday.
Prasanna Kumar, head of cyber solutions for India at Aon, said, “We are witnessing India adopt AI at a rapid pace, which brings a host of new risks. Data poisoning attacks can compromise the integrity of critical AI systems and deepfake technology is now being used to craft convincing malicious content — making social engineering attacks more sophisticated than ever.”
While AI has certainly introduced more complexity to the cyber attacks Indian businesses face, it has also enhanced their ability to detect and respond to threats.
“In response to the evolving challenges, businesses must take significant steps to strengthen controls within the organisation. Regular audits, comprehensive employee training programs and advanced threat monitoring systems must become an integral part of businesses’ security posture,” Kumar added.
Cyber insurers in India are increasingly requiring businesses to demonstrate a baseline of cybersecurity measures to qualify for coverage or to secure lower premiums and comprehensive coverages.
Underwriting has shifted from basic checklists to in-depth security architecture reviews.
However, insurers are now willing to accept security roadmaps (versus full compliance upfront), encouraging control implementation over time.
Trends In India as seen by Aon:
-Threat actors are introducing malicious files into enterprise systems, establishing connections to malicious IP addresses, facilitating unauthorised remote access and control.
-Threat actors are leveraging stolen data to demand ransom and are threatening to publish sensitive information on the dark web if their demands are not met.
-Access keys stored on corporate-issued devices are being exploited to breach virtual servers hosted in cloud environments, underscoring the importance of secure credential management.
-Once inside a network, attackers are navigating between production and non-production environments, increasing the scope and impact of their intrusion.