 "Strengthening cybersecurity is critical to India's digital backbone: PwC")
Indian companies are grappling with the same cybersecurity challenges as their global peers, as the country emerges as a leader in digital innovation, according to top PWC executives.
There has been a 46 per cent rise in ransomware attacks globally last year, with 67 per cent of affected companies paying ransoms averaging $4.8 million, said Sean M Joyce, Partner, Global Cybersecurity and Privacy Leader, PWC, emphasising that this is a global phenomenon.
“India is not unique in that. That is a problem in every country,” Joyce, who earlier worked with the US Federal Bureau of Investigation, said.
Joyce said Indian companies should be focusing on foundational cybersecurity principles. He acknowledged India’s advancements in digital innovation, calling the country a “leader” in the field, but warned that the increasing reliance on digital systems exposes vulnerabilities that could threaten economic stability, national security, and critical infrastructure.
“The central nervous system of every company is a digital backbone. If you do not protect that, you’re putting your economy and national security at risk,” he said.
Small and medium-sized enterprises (SMEs) are particularly vulnerable to cyber hacking and frauds due to limited resources. Joyce underscored the importance of ensuring cybersecurity readiness across all business sizes.
Also Read
“There’s an expectation, regardless of whether you’re a small business, a medium business, or a large enterprise, that foundational elements of cybersecurity must be in place,” he said, adding that in the US, subsidies are being considered to help SMEs achieve baseline security measures.
Joyce also stressed the importance of collaboration between governments and private companies. The private sector has most of the information on cybersecurity unlike 10 to 15 years ago when governments held more of it. Public-private partnerships are crucial for transparency on criminal and nation-state threats, he said.
“The adversary, like the ransomware gangs, they’re looking for the weakest link, so unless we all come together, like non-profit agencies and others that are helping the broader ecosystem, that’s where I think we’ve got to help each other and make sure we have a good foundational element of a cybersecurity program,” said Joyce.
India stands out globally in addressing cyber fraud, with the Ministry of Electronics and Information Technology (MeitY) and the Reserve Bank of India (RBI) implementing measures for money transfer traceability, according to Sivarama Krishnan, Partner and Leader, Cyber Security, PwC India.
This system has enabled a recovery rate of over 35 per cent in phishing fraud cases, far higher than the global average.
Indian companies however still grapple with key cybersecurity challenges, including cloud misconfigurations as they transition between on-premise and cloud systems. Supply chain vulnerabilities, such as unsecured critical dependencies and data, expose them to attacks.
The growing threat of deepfakes enables voice cloning scams and fraud, while inadequate security in operational technology leaves critical infrastructure in sectors like manufacturing and utilities at risk.
Joyce also highlighted the potential impact of US President Donald Trump’s initiatives on the global cybersecurity landscape.
Speaking about Trump’s recent $500 billion push for artificial intelligence (AI) and infrastructure development, he said “I think he understands, especially based on some individuals he has around him, like Elon Musk and David Sacks, that are playing roles in his administration, and with the recent attacks on the telecom companies in the United States, I think he truly realises the importance of cyber security.”
The integration of AI and energy infrastructure into the cybersecurity framework, Joyce noted, represents both opportunities and challenges.