India’s cybersecurity ecosystem has reached a significant milestone, now valued at $20 billion, according to Dr. Sanjay Bahl, Director General of the Indian Computer Emergency Response Team (CERT-In).

With over 400 active start-ups and a skilled workforce of 6.5 lakh professionals, India is swiftly consolidating its position as a global cybersecurity powerhouse. This growth underscores the country’s commitment to safeguarding its expanding digital economy amid rising cyber threats.

The innovation ecosystem within India’s cybersecurity sector is robust and indigenous. Start-up's are focusing on cutting-edge areas such as AI-powered threat detection, cyber forensics, encryption systems, and real-time monitoring solutions. These ventures are helping to reduce dependence on foreign technologies while promoting sovereign digital infrastructure development.

A central factor behind this expansion is the growing pool of expert professionals. With over 650,000 specialists, India’s talent base ranks among the world’s largest in cybersecurity. Programmes initiated by CERT-In and various technical institutions are actively building capacity through certification courses and advanced training in cyber resilience, incident response, and digital forensics.

Artificial Intelligence plays a pivotal dual role in this domain. CERT-In leverages AI-enabled analytics for instant threat detection and automated response mechanisms, significantly reducing the response time to cyber incidents. Such systems helped mitigate the impact of 147 ransomware cases reported in 2024.

However, AI also empowers adversaries to conduct more sophisticated operations, including voice cloning and automated phishing attacks, necessitating continuous investment in counter-AI research.

India’s regulatory progress complements this technological thrust. The Digital Personal Data Protection (DPDP) Act, 2023 forms the legal backbone of the nation’s privacy and data governance regime. It introduces a rights-based framework focusing on consent, transparency, and accountability in data processing.

The Act mandates entities to ensure strong data protection measures and immediate breach notifications to the Data Protection Board and affected individuals.

Although the DPDP Act has been enacted, its enforcement is unfolding in stages as the Draft Rules are being finalised. Businesses face stringent compliance obligations, with penalties for security lapses reaching up to ₹250 crores. This framework is expected to significantly elevate adherence to security protocols and promote trust in India’s digital infrastructure.

Collectively, these developments mark a transformative phase in India’s cybersecurity journey. With rapid market expansion, an indigenous innovation base, AI integration, and a strengthening legislative framework, the country is charting a clear course toward becoming a secure digital hub of global significance.

Based On IANS Report